Evidence vault

AML evidence vault — every client record, always audit-ready

Certivus keeps all AML evidence — identity documents, screening results, risk decisions, notes, and timestamps — organised around each client. One click exports everything HMRC needs to see.

Includes 2 free checks - no credit card required

Answer-first summary

What is an AML evidence vault?

An AML evidence vault is a secure, organised store of compliance records for every client — including identity documents, KYC results, PEP and sanctions screening outcomes, risk ratings, review notes, and decision timestamps. Under The Money Laundering Regulations 2017, UK accountants must retain this evidence for a minimum of five years after the client relationship ends. Certivus structures this storage so it is always retrievable and exportable.

  • All client AML evidence in one place — no more scattered emails and shared drives
  • Tamper-evident timestamps on every document and decision
  • One-click PDF export for HMRC AML supervision visits
  • Five-year retention tracking built into the workflow

TL;DR — Quick Summary

  • AML regulations require 5-year evidence retention for every client
  • Certivus stores identity documents, screening results, risk decisions, and notes per client
  • Timestamped and exportable — ready for HMRC at any time
  • Replaces scattered emails, shared drives, and paper files
WORKFLOW

What the evidence vault stores

Identity and KYC documents

Passports, driving licences, proof of address, selfie liveness results, and any supporting documents — stored securely per client.

Screening and risk records

PEP and sanctions screening outcomes, risk ratings (Low/Medium/High/EDD), review notes, and the rationale behind every compliance decision.

Audit-ready export

Generate a timestamped, comprehensive PDF of the full client evidence trail. Download and share it when HMRC or your professional body asks.

PRACTICE VALUE

Why evidence organisation matters

HMRC inspectors want evidence, not explanations

During an AML supervision visit, inspectors ask to see records — not verbal summaries. Having everything retrievable in seconds changes the experience.

Scattered files create exposure

Evidence split across email, shared drives, and paper increases the risk of missing records. A central vault eliminates that risk.

Five years is a long time

The five-year retention requirement means records from clients you onboard today need to be retrievable until 2031. A structured vault makes that manageable.

NEXT STEPS

Continue the buying journey

Product features

See the full Certivus AML workflow.

Continue

Pricing

Compare plans by client volume and team needs.

Continue

Security

Review controls for sensitive AML data.

Continue
FAQ

Common questions

How long must UK accountants keep AML records?

Under The Money Laundering Regulations 2017, UK accountants must retain AML records — including customer due diligence evidence, screening results, risk assessments, and transaction records — for a minimum of five years after the end of the client relationship or the completion of the transaction. Certivus tracks this retention requirement per client so records are not deleted prematurely.

What AML evidence must be kept?

The records required include: a copy of (or reference to) the evidence obtained during customer due diligence; the supporting documentation used to verify identity; the results of any PEP and sanctions screening; risk assessment decisions and the rationale behind them; records of any transaction monitoring or suspicious activity; and the identity of staff who carried out the checks. Certivus structures storage around these categories.

Is the Certivus evidence vault GDPR compliant?

Certivus processes personal data in line with UK GDPR and the Data Protection Act 2018. Client data is stored on UK servers. The evidence vault is designed to support the lawful processing of personal data for AML compliance purposes, which constitutes a legitimate legal obligation under Article 6(1)(c) of UK GDPR.

Can I export evidence for an HMRC inspection?

Yes. Certivus generates a timestamped PDF export for any client record — covering identity documents, screening results, risk decisions, and review notes. This can be downloaded in seconds and shared with HMRC inspectors, your professional body, or internal compliance reviewers.

Related reading

AML compliance for accountants

What UK accountants must evidence and retain under the Money Laundering Regulations 2017.

HMRC audit checklist

Step-by-step preparation for an HMRC AML supervision visit — what they look for.

AML checklist workflow

Structure every client's AML process with a trackable checklist and owner assignment.

AML software for MLROs

Give your MLRO visibility over every evidence record across the practice.

Ready to make AML workflows easier to evidence?

Certivus supports AML evidence workflows; it does not replace professional judgement.