Record keeping procedures
7.1 Each Service Area conducting relevant business must maintain records of:-
- client identification evidence obtained
- details of all relevant business transactions carried out for clients
for at least five years. This is to meet the requirements of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (Regulation 40) and may be used as evidence in any subsequent investigation/inspection by the relevant supervising body.
7.2 The precise nature of the records is not prescribed by law, however, they must be capable of providing an audit trail during any subsequent investigation, e.g., distinguishing the client and the relevant transaction and record in what form funds were received or paid.
7.3 In practice, the Service Areas will be routinely making records of work carried out for clients in the course of normal business and these should suffice in this regard.
7.4 Each Service Area of the council conducting regulated business must monitor, on an ongoing basis, their business relationships in terms of scrutinising transactions undertaken throughout the course of the relationship (including, where necessary, the source of funds) to ensure that the transactions are consistent with their knowledge of the client, its business and risk profile.
7.5 Any record keeping should be in line with GDPR and the originating departments Privacy Statement.