Administrative Measures for the Customer Due Diligence Investigation and Retention of Customer Identity Information and Transaction Records by Financial Institutions
Administrative Measures for the Customer Due Diligence Investigation and Retention of Customer Identity Information and Transaction Records by Financial Institutions
Administrative Measures for the Customer Due Diligence Investigation and Retention of Customer Identity Information and Transaction Records by Financial Institutions
Order of the People's Bank of China, the China Banking and Insurance Regulatory Commission and the China Securities Regulatory Commission [2022] No.1
January 19, 2022
The Administrative Measures for the Customer Due Diligence Investigation and Retention of Customer Identity Information and Transaction Records by Financial Institutions, which were deliberated and adopted at the tenth executive meeting of the People's Bank of China ("PBC") in 2021 on October 29, 2021 and reviewed and signed by the China Banking and Insurance Regulatory Commission ("CBIRC") and the China Securities Regulatory Commission ("CSRC"), are hereby promulgated and shall come into force as of March 1, 2022.
Yi Gang, Governor of the People's Bank of China
Guo Shuqing, Chairman of the China Banking and Insurance Regulatory Commission
Yi Huiman, Chairman of the China Securities Regulatory Commission
Administrative Measures for the Customer Due Diligence Investigation and Retention of Customer Identity Information and Transaction Records by Financial Institutions
Chapter I General Provisions
Article 1 The Measures are hereby formulated in accordance with the Anti-money Laundering Law of the People's Republic of China, the Anti-terrorism Law of the People's Republic of China and other laws and administrative regulations to prevent and constrain money-laundering and terrorism-financing activities, standardize the customer due diligence investigation and retention of customer identity information and transaction records by financial institutions, and maintain national security and financial order.
Article 2 The Measures shall apply to the following financial institutions duly incorporated within the territory of the People's Republic of China:
1. development-oriented financial institutions, policy banks, commercial banks, rural cooperative banks, rural credit cooperatives and rural banks;
2. securities companies, futures companies, and securities investment fund management companies;
3. insurance companies and insurance asset management companies;
4. trust companies, financial asset management companies, finance companies of enterprise groups, financial leasing companies, automobile finance companies, consumer finance companies, money brokerage companies, loan companies, and wealth management companies; and
5. other institutions engaged in financial business as determined and announced by the PBC.
Where non-bank payment institutions, bank card clearing institutions, fund clearing centers, and institutions engaged in foreign exchange business, fund sales, and insurance professional agency and insurance brokerage business perform their obligations of customer due diligence investigation and retention of customer identity information and transaction records, the provisions on financial institutions herein shall apply.
Article 3 A financial institution shall act with due diligence, comply with the principle of "getting to know your customers", identify and check the identities of customers and their beneficial owners, and take corresponding due diligence investigation measures for customers, business relationships or transactions with different money laundering or terrorist financing risk characteristics.
A financial institution shall take continuous due diligence investigation measures during the existence of business relationships with customers. For any circumstance with high money laundering or terrorist financing risks, a financial institution shall take corresponding enhanced due diligence investigation measures, and when necessary, shall refuse to establish any business relationship or handle business, or terminate any established business relationship.
Article 4 A financial institution shall, in compliance with the principles of security, accuracy, completeness and confidentiality, properly retain its customer identity information and transaction records and ensure that every transaction can be adequately reproduced, so as to provide the necessary information for conducting customer due diligence investigations, monitoring and analysis of their transactions, investigating suspicious transactions, and investigating and punishing money laundering and terrorist financing cases.
Article 5 A financial institution shall, in accordance with the Measures and the provisions of laws relating to anti-money laundering and anti-terrorism financing, and in light of the money laundering and terrorist financing risks faced by it, establish and improve internal control systems for customer due diligence investigation and retention of customer identity information and transaction records, regularly audit and evaluate whether the internal control systems are sound and effective, and revise and improve relevant systems in a timely manner.
A financial institution shall reasonably design its business processes and operation standards to ensure the effective implementation of the systems for customer due diligence investigation and retention of customer identity information and transaction records.
Article 6 A financial institution shall make unified arrangements for customer due diligence investigation and retention of customer identity information and transaction records at the headquarter level, and formulate anti-money laundering and anti-terrorist financing information sharing systems and procedures to ensure the effective implementation of customer due diligence investigation and money laundering and terrorist financing risk management.
A financial institution shall supervise and administrate the implementation of the customer due diligence investigation system and the retention system of customer identity information and transaction records by its branches.
A financial institution shall require its overseas branches and subsidiaries to implement the relevant requirements hereof to the extent permitted by the laws and regulations of the country or region where they are located; if the country or region where they are located has stricter requirements, such requirements shall prevail. If the requirements hereof are stricter than the relevant provisions of the country or region where they are located, but the laws of the country or region where they are located prohibit or restrict the overseas branches and subsidiaries from implementing the Measures, the financial institution shall take appropriate measures to deal with money laundering and terrorist financing risks and report the same to the PBC.
Chapter II Customer Due Diligence Investigation
Section 1 General Provisions
Article 7 During the period when a financial institution establishes a business relationship, handles a one-off transaction above the specified amount, or maintains a business relationship with a customer, if it suspects that the customer and its transaction are involved in money laundering or terrorist financing, or has doubt about the authenticity, validity or completeness of the previously obtained customer identity information, it shall carry out a customer due diligence investigation and take the following due diligence investigation measures:
1. identifying the customer and verifying the customer's identity through well-sourced and independent proof materials, data or information;
2. understanding the purpose and nature of the customer's business relationship and transaction, and obtain relevant information according to the risk status;
3. for any circumstance with high money laundering or terrorist financing risks, understanding the source and purpose of the customer's funds, and taking enhanced due diligence investigation measures according to the risk status;
4. during the existence of the business relationship, taking continuous due diligence investigation measures for the customer and reviewing the status of the customer and its transactions to confirm that the services and transactions provided for the customer are in line with the financial institution's understanding of the customer's identity background, business needs, risk status and source and purpose of funds; and
5. if the customer is a legal person or an unincorporated organization, identify and taking reasonable measures to verify the beneficial owner of the customer.
A financial institution shall determine the extent and specific methods of customer due diligence investigation measures based on differences in risk status, shall not take due diligence investigation measures that are obviously inconsistent with risk status, and shall maintain a good balance between risk prevention and service optimization.
Article 8 No financial institution shall provide services for or conduct transactions with unidentified customers, open anonymous or pseudonymous accounts for customers, or open accounts for customers who pretend to be others.
Article 9 A development-oriented financial institution, policy bank, commercial bank, rural cooperative bank, rural credit cooperative, rural bank or any other financial institution or any institution engaged in foreign exchange business shall conduct customer due diligence investigations, register the basic identity information of the customer, and keep copies or photocopies of the customer's valid identity certificate or other identity documents when it:
1. establishes a business relationship with the customer by opening an account or through other agreements; or
2. provides a cash remittance, cash exchange, payment of negotiable instruments, trading of physical precious metal, sales of financial products or other one-off transactions for a customer who does not open an account with it, with the amount involved in a single transaction exceeding CNY50,000 or in any foreign currency equivalent to more than USD1,000.
Article 10 Where a commercial bank, rural cooperative bank, rural credit cooperative, rural bank or other financial institution handles for any of its natural person customers a single transaction of cash depositing and withdrawing in an amount of more than CNY50,000 or in any foreign currency equivalent to more than USD10,000, it shall identify and check his identity and understand and register the source or use of funds.
Article 11 When a financial institution provides safe deposit box services, it shall identify the actual users of safe deposit boxes, register their name, contact information, and type, number and period of validity of their valid identity certificate or other identity documents, and keep copies or photocopies of the actual user's valid identity certificate or other identity documents.
Article 12 A securities company, futures company, securities investment fund management company or any other institution engaged in fund sales business shall conduct customer due diligence investigations, register the basic identity information of customers, and keep copies or photocopies of customers' valid identity certificates or other identity documents when it:
1.
......
Order of the People's Bank of China, the China Banking and Insurance Regulatory Commission and the China Securities Regulatory Commission [2022] No.1
January 19, 2022
The Administrative Measures for the Customer Due Diligence Investigation and Retention of Customer Identity Information and Transaction Records by Financial Institutions, which were deliberated and adopted at the tenth executive meeting of the People's Bank of China ("PBC") in 2021 on October 29, 2021 and reviewed and signed by the China Banking and Insurance Regulatory Commission ("CBIRC") and the China Securities Regulatory Commission ("CSRC"), are hereby promulgated and shall come into force as of March 1, 2022.
Yi Gang, Governor of the People's Bank of China
Guo Shuqing, Chairman of the China Banking and Insurance Regulatory Commission
Yi Huiman, Chairman of the China Securities Regulatory Commission
Administrative Measures for the Customer Due Diligence Investigation and Retention of Customer Identity Information and Transaction Records by Financial Institutions
Chapter I General Provisions
Article 1 The Measures are hereby formulated in accordance with the Anti-money Laundering Law of the People's Republic of China, the Anti-terrorism Law of the People's Republic of China and other laws and administrative regulations to prevent and constrain money-laundering and terrorism-financing activities, standardize the customer due diligence investigation and retention of customer identity information and transaction records by financial institutions, and maintain national security and financial order.
Article 2 The Measures shall apply to the following financial institutions duly incorporated within the territory of the People's Republic of China:
1. development-oriented financial institutions, policy banks, commercial banks, rural cooperative banks, rural credit cooperatives and rural banks;
2. securities companies, futures companies, and securities investment fund management companies;
3. insurance companies and insurance asset management companies;
4. trust companies, financial asset management companies, finance companies of enterprise groups, financial leasing companies, automobile finance companies, consumer finance companies, money brokerage companies, loan companies, and wealth management companies; and
5. other institutions engaged in financial business as determined and announced by the PBC.
Where non-bank payment institutions, bank card clearing institutions, fund clearing centers, and institutions engaged in foreign exchange business, fund sales, and insurance professional agency and insurance brokerage business perform their obligations of customer due diligence investigation and retention of customer identity information and transaction records, the provisions on financial institutions herein shall apply.
Article 3 A financial institution shall act with due diligence, comply with the principle of "getting to know your customers", identify and check the identities of customers and their beneficial owners, and take corresponding due diligence investigation measures for customers, business relationships or transactions with different money laundering or terrorist financing risk characteristics.
A financial institution shall take continuous due diligence investigation measures during the existence of business relationships with customers. For any circumstance with high money laundering or terrorist financing risks, a financial institution shall take corresponding enhanced due diligence investigation measures, and when necessary, shall refuse to establish any business relationship or handle business, or terminate any established business relationship.
Article 4 A financial institution shall, in compliance with the principles of security, accuracy, completeness and confidentiality, properly retain its customer identity information and transaction records and ensure that every transaction can be adequately reproduced, so as to provide the necessary information for conducting customer due diligence investigations, monitoring and analysis of their transactions, investigating suspicious transactions, and investigating and punishing money laundering and terrorist financing cases.
Article 5 A financial institution shall, in accordance with the Measures and the provisions of laws relating to anti-money laundering and anti-terrorism financing, and in light of the money laundering and terrorist financing risks faced by it, establish and improve internal control systems for customer due diligence investigation and retention of customer identity information and transaction records, regularly audit and evaluate whether the internal control systems are sound and effective, and revise and improve relevant systems in a timely manner.
A financial institution shall reasonably design its business processes and operation standards to ensure the effective implementation of the systems for customer due diligence investigation and retention of customer identity information and transaction records.
Article 6 A financial institution shall make unified arrangements for customer due diligence investigation and retention of customer identity information and transaction records at the headquarter level, and formulate anti-money laundering and anti-terrorist financing information sharing systems and procedures to ensure the effective implementation of customer due diligence investigation and money laundering and terrorist financing risk management.
A financial institution shall supervise and administrate the implementation of the customer due diligence investigation system and the retention system of customer identity information and transaction records by its branches.
A financial institution shall require its overseas branches and subsidiaries to implement the relevant requirements hereof to the extent permitted by the laws and regulations of the country or region where they are located; if the country or region where they are located has stricter requirements, such requirements shall prevail. If the requirements hereof are stricter than the relevant provisions of the country or region where they are located, but the laws of the country or region where they are located prohibit or restrict the overseas branches and subsidiaries from implementing the Measures, the financial institution shall take appropriate measures to deal with money laundering and terrorist financing risks and report the same to the PBC.
Chapter II Customer Due Diligence Investigation
Section 1 General Provisions
Article 7 During the period when a financial institution establishes a business relationship, handles a one-off transaction above the specified amount, or maintains a business relationship with a customer, if it suspects that the customer and its transaction are involved in money laundering or terrorist financing, or has doubt about the authenticity, validity or completeness of the previously obtained customer identity information, it shall carry out a customer due diligence investigation and take the following due diligence investigation measures:
1. identifying the customer and verifying the customer's identity through well-sourced and independent proof materials, data or information;
2. understanding the purpose and nature of the customer's business relationship and transaction, and obtain relevant information according to the risk status;
3. for any circumstance with high money laundering or terrorist financing risks, understanding the source and purpose of the customer's funds, and taking enhanced due diligence investigation measures according to the risk status;
4. during the existence of the business relationship, taking continuous due diligence investigation measures for the customer and reviewing the status of the customer and its transactions to confirm that the services and transactions provided for the customer are in line with the financial institution's understanding of the customer's identity background, business needs, risk status and source and purpose of funds; and
5. if the customer is a legal person or an unincorporated organization, identify and taking reasonable measures to verify the beneficial owner of the customer.
A financial institution shall determine the extent and specific methods of customer due diligence investigation measures based on differences in risk status, shall not take due diligence investigation measures that are obviously inconsistent with risk status, and shall maintain a good balance between risk prevention and service optimization.
Article 8 No financial institution shall provide services for or conduct transactions with unidentified customers, open anonymous or pseudonymous accounts for customers, or open accounts for customers who pretend to be others.
Article 9 A development-oriented financial institution, policy bank, commercial bank, rural cooperative bank, rural credit cooperative, rural bank or any other financial institution or any institution engaged in foreign exchange business shall conduct customer due diligence investigations, register the basic identity information of the customer, and keep copies or photocopies of the customer's valid identity certificate or other identity documents when it:
1. establishes a business relationship with the customer by opening an account or through other agreements; or
2. provides a cash remittance, cash exchange, payment of negotiable instruments, trading of physical precious metal, sales of financial products or other one-off transactions for a customer who does not open an account with it, with the amount involved in a single transaction exceeding CNY50,000 or in any foreign currency equivalent to more than USD1,000.
Article 10 Where a commercial bank, rural cooperative bank, rural credit cooperative, rural bank or other financial institution handles for any of its natural person customers a single transaction of cash depositing and withdrawing in an amount of more than CNY50,000 or in any foreign currency equivalent to more than USD10,000, it shall identify and check his identity and understand and register the source or use of funds.
Article 11 When a financial institution provides safe deposit box services, it shall identify the actual users of safe deposit boxes, register their name, contact information, and type, number and period of validity of their valid identity certificate or other identity documents, and keep copies or photocopies of the actual user's valid identity certificate or other identity documents.
Article 12 A securities company, futures company, securities investment fund management company or any other institution engaged in fund sales business shall conduct customer due diligence investigations, register the basic identity information of customers, and keep copies or photocopies of customers' valid identity certificates or other identity documents when it:
1.
......