✅ Core AML Requirements for Credit Card Issuers

1️⃣ Customer Due Diligence (CDD)

Before issuing a card, banks must verify:

✔ Identity (PAN mandatory)
✔ Address proof
✔ Income source
✔ Risk profile of customer

This happens through full KYC verification.

---

2️⃣ Risk Categorization of Customers

Banks classify customers into:

🟢 Low risk → salaried individuals
🟡 Medium risk → business owners
🔴 High risk → politically exposed persons, high cash activity

High-risk customers face stricter monitoring.

---

3️⃣ Transaction Monitoring

Banks track unusual credit card behavior such as:

⚠ Very high spending suddenly
⚠ Repeated refunds or reversals
⚠ International transactions without pattern
⚠ Large payments followed by cash withdrawal
⚠ Multiple cards used for same merchant

If detected → bank may block the card temporarily.

---

4️⃣ Reporting Suspicious Transactions

Banks must report suspicious activity to:

👉 Financial Intelligence Unit (FIU-IND)

Examples reported:

• Fake merchant payments
• Structuring transactions to avoid detection
• Identity misuse

---

5️⃣ Record Maintenance

Banks must keep records of:

✔ Customer identity documents
✔ Transaction history
✔ Card usage data

These records must be stored for at least 5 years after account closure.

---

6️⃣ Limits on Cash-like Transactions

To reduce laundering risk, banks control:

• Cash withdrawals from credit card
• Wallet loading using credit card
• Gambling or high-risk merchant payments

Some transactions may be blocked automatically.