Prevention of Money Laundering Act, 2002

PMLA was enacted in 2002 to prevent the use of the financial system for money‑laundering and to combat the financing of terrorism. The Act defines "money laundering" as any process or activity that involves the proceeds of crime and aims to conceal their illicit origin.

For portfolio managers, the Act is enforced by the Financial Intelligence Unit‑India (FIU‑India) under the Ministry of Finance, while SEBI incorporates PMLA provisions into its regulations for PMS distributors. Non‑compliance can trigger both criminal prosecution under the Act and administrative action by SEBI.

In the NISM exam, questions often test the candidate’s ability to link PMLA concepts with SEBI’s Code of Conduct for PMS distributors, especially around client onboarding and transaction monitoring.

• Key term – Beneficial Owner: the natural person who ultimately owns or controls a client.
• Key term – Designated Non‑Financial Business and Professions (DNFBPs): entities like PMS distributors that must comply with PMLA.

Portfolio managers must implement a robust Anti‑Money‑Laundering (AML) policy approved by the board. The policy should cover client risk profiling, transaction monitoring, and escalation procedures for suspicious activities.

Every client onboarding must be preceded by Customer Due Diligence (CDD). The CDD process includes verification of identity documents, PAN, Aadhaar, and, where applicable, the source of funds. Enhanced Due Diligence (EDD) is mandatory for politically exposed persons (PEPs) and high‑risk jurisdictions.

Failure to adhere to these obligations can lead to the FIU‑India issuing a notice, and SEBI may impose penalties, suspend the distributor’s registration, or even order de‑registration. The exam frequently asks which step is mandatory before opening a PMS account – the answer is CDD.

CDD is the process of collecting and verifying client information to assess money‑laundering risk. SEBI mandates three levels of CDD: Simplified, Standard, and Enhanced. The level chosen depends on the client’s risk profile, transaction size, and nature of the investment strategy.

Standard CDD requires proof of identity (PAN, Aadhaar), address proof, and a declaration of the source of funds. Enhanced CDD adds verification of the client’s business activities, background checks on directors, and, where relevant, screening against global sanctions lists.

For the exam, remember the sequence: KYC (identity) → CDD (risk assessment) → Ongoing Monitoring. A common mistake is to treat KYC and CDD as interchangeable; they are distinct steps with different documentation requirements.

• Document – Know Your Customer (KYC) Form: basic identity details.
• Document – CDD Checklist: risk rating, source of wealth, and EDD triggers.

When a transaction appears unusual or exceeds the prescribed threshold, the portfolio manager must file a Suspicious Transaction Report (STR) with FIU‑India within 30 days of detection. The threshold for cash transactions is currently Rs 10 lakh in a single day, but the rule also covers non‑cash transactions that are structurally suspicious.

The STR must contain client details, transaction description, amount, and the reason for suspicion. It should be filed electronically through the FIU‑India portal, and the reporting entity must retain a copy for five years.

Exam questions often present a scenario with a large cash inflow and ask whether an STR is required. The decisive factor is the amount (≥ Rs 10 lakh) or the presence of red‑flag indicators such as rapid movement of funds across accounts.

All AML‑related records, including client KYC documents, CDD assessments, transaction logs, and STR copies, must be retained for a minimum of five years from the date of the transaction or the filing of the STR, whichever is later.

Records must be stored in a manner that allows easy retrieval for inspection by FIU‑India or SEBI. Electronic storage is permissible provided data integrity and confidentiality are maintained through encryption and access controls.

During the exam, a question may ask for the minimum retention period for AML records. The correct answer is five years, and candidates often confuse it with the three‑year period for general client records under SEBI.

Violations of PMLA can attract both civil and criminal penalties. For PMS distributors, SEBI may impose monetary fines up to 5% of the annual turnover, suspend the distributor’s registration for up to six months, or order permanent de‑registration for repeated breaches.

Under the PMLA itself, individuals can face imprisonment of up to seven years and fines ranging from Rs 1 lakh to Rs 10 crore, depending on the severity and nature of the offence.

Exam candidates should remember that the severity of the penalty is linked to the nature of the breach – procedural lapses (e.g., delayed STR) attract lower fines, whereas willful facilitation of money laundering leads to the highest punishments.