KYC (Know Your Customer) records of a customer should generally be retained for a period ranging from 5 to 10 years after the closure of the business relationship, depending on the regulatory jurisdiction and specific legal requirements.
Common Retention Periods
- 10 years: Some regulatory frameworks require firms to keep KYC records for 10 years after the business relationship ends to ensure compliance with anti-money laundering (AML) laws and enable audits or investigations if necessary.
- 8 years: In some jurisdictions like India, KYC records are retained for a minimum of 8 years after the closure of the customer relationship as a standard practice by banks and financial institutions.
- 5 years: Many AML regulations, including UK's Money Laundering Regulations and European AML directives, mandate retention of customer due diligence (CDD) and identity documents for at least 5 years after the end of the business relationship or after the last transaction.
Summary by Region Examples
Region/Jurisdiction| Typical KYC Record Retention Period After Closure
---|---
Qatar (QFC rules)| 10 years
India (RBI norms)| 8 years
UK (MLR regulations)| 5 years
Australia (AML/CTF)| 7 years
US (FINRA for brokers)| 5 years
This retention ensures compliance with legal and regulatory requirements to prevent money laundering and fraud, and to properly support investigations or audits long after a relationship has ended. Thus, the retention period varies but 5 to 10 years after closure is the most common standard globally depending on the applicable AML and regulatory rules.