Record keeping
Record keeping is the legal obligation under MLR 2017 to retain CDD evidence, risk assessments, screening results, transaction records, policies, training records, and suspicious activity decision logs for a minimum of five years after the client relationship ends. Records must be retrievable and suitable for inspection.
keeping records in email folders or paper files is technically compliant but difficult to retrieve under inspection pressure. Dedicated AML software that timestamps and stores evidence provides a cleaner audit trail.
Other terms that go with Record keeping
A supervisory authority is the body responsible for overseeing AML compliance within a particular sector. For accountants not belonging to a professional body, the supervisory authority is HMRC. Members of recognised professional bodies (ICAEW, ACCA, CIMA, and others) are supervised by those bodies instead. For law firms in England and Wales, the supervisory authority is the Solicitors Regulation Authority (SRA), with parallel regulators in Scotland and Northern Ireland. Supervisory authorities set standards, conduct reviews, and can impose sanctions.
Ongoing monitoring is the continuous obligation to scrutinise transactions and client activity throughout a business relationship and to keep CDD records up to date. It requires watching for transactions or behaviour that is inconsistent with the stated purpose of the relationship or the expected risk profile.
Put Record keeping into practice with Certivus
Knowing the term is the first step. Certivus gives you the workflows — client intake, CDD, EDD, PEP and sanctions screening, audit-ready records — to apply it across every client.
Back to the full glossary