Regulatory Alerts2026-05-20
Gibraltar Financial Services Commission AML/CFT/CPF Guidance Notes 9 Record Keeping
The Gibraltar Financial Services Commission mandates that regulated entities maintain comprehensive documentary evidence of Customer Due Diligence and transaction monitoring to ensure compliance with the Proceeds of Crime Act 2015. The guidance specifies detailed record-keeping requirements for various risk scenarios, including simplified and enhanced due diligence, non-face-to-face relationships, and Politically Exposed Persons, while also outlining sector-specific obligations for correspondent banking and life assurance providers. All relevant records must be retained for a minimum of five years from the conclusion of transactions or business relationships, with strict protocols governing data deletion, third-party reliance, and the intersection with data protection regulations.