Regulatory anti-money laundering enforcement continues to be strict! Since March, over 20 banks have been fined for violations related to "Customer Due Diligence." The implementation of new regulations has highlighted compliance pressures in the first quarter.

If you trade stocks, just look at research reports from the Jinqilin analyst team—authoritative, professional, timely, and comprehensive. Help you uncover promising themes and investment opportunities!

Reporter: Liu JiaKui | Editor: Chen Junjie

Since the start of this year, China’s banking industry has been going through a regulatory storm targeting the compliance of “customer due diligence.” Its intensity and the severity of penalties have been virtually unprecedented. According to a tally by reporters from the Economic Daily, as of March 26, more than 20 banks and their branches had already received penalty notices from regulatory authorities in that month for anti–money laundering violations such as “failing to conduct customer due diligence in accordance with regulations.” The single fine ranges from RMB 114,000 to RMB 41.746 million.

The banking industry has been heavily fined, largely for reasons related to “customer due diligence,” and this closely echoes, in terms of timing, the newly revised “Administrative Measures for Financial Institutions’ Customer Due Diligence and the Management of the Preservation of Customer Identity Data and Transaction Records,” which officially takes effect on January 1, 2026. Regulators are reiterating the seriousness of anti–money laundering as the first line of defense for the entire industry in a “zero tolerance” posture.

Why did “failing to conduct customer due diligence in accordance with regulations” erupt in a concentrated way in March? The reporters’ investigation found that this was not because regulators suddenly tightened the standard. Instead, after the implementation of the revised Anti–Money Laundering Law of the People’s Republic of China and supporting new rules, the enforcement standards and the determination of violations underwent a fundamental change. It is also an inevitable response to the regulatory logic’s transition from “amount thresholds” to “risk tiering.”

The reporter noted that since March, in the administrative penalty information disclosure tables of the People’s Bank of China’s local branches, the category of illegal conduct “failing to conduct customer due diligence in accordance with regulations” has shown a significant increase.

From the timeline, the wave of penalties had already begun to build up in early March. On March 2, CIB’s Guiyang branch was warned and fined RMB 875,000 by the People’s Bank of China’s Guizhou branch for three illegal acts including failing to conduct customer due diligence in accordance with regulations. On the same day, Kaoyang County Rural Credit Cooperative was fined RMB 650,000 for similar violations. The next day, Agricultural Bank’s Hegang branch was fined RMB 250,500 by the People’s Bank of China’s Hegang City branch for a single violation related to customer due diligence. On March 5, Shandong Zhaidian Rural Commercial Bank and Pingxiang Rural Commercial Bank both “made the list” the same day, receiving fines of RMB 802,000 and RMB 994,300 respectively due to the accumulation of multiple violations.

Screenshot source: People’s Bank of China website

By mid-March, both the density and amounts of the penalty notices increased. On March 11, CITIC Bank’s Zhoushan branch and Bank of Communications’ Zhenjiang branch each received penalty notices of RMB 961,000 and RMB 906,000 respectively. March 16 became a “peak day” for penalties that month: Luzhou Bank received a heavy fine of RMB 41.746 million for multiple anti–money laundering violations, and eight related responsible persons were held accountable. Guangfa Bank’s Luoyang branch and Postal Savings Bank’s Kizilsu Kirghiz Autonomous Prefecture branch were also fined RMB 861,600 and RMB 341,000 respectively. The next day, Jiangsu Xinghua Rural Commercial Bank and Agricultural Bank’s Shuanghe Bingtuan branch also received penalty notices, with amounts of RMB 990,000 and RMB 276,000 respectively. On March 25, Hengfeng Bank’s Zigong branch was warned and fined RMB 265,500.

In terms of the types of institutions penalized, there are state-owned big-bank branches such as Agricultural Bank’s Laiwu branch and Hegang branch, Bank of Communications’ Weihai branch, Zhenjiang branch, and Shandong Province branch; there are also joint-stock banks such as CIB’s Guiyang branch and Hengfeng Bank’s Zigong branch; city commercial banks such as Changsha Bank’s Xiangtan branch; and there are also a large number of rural financial institutions, including Shandong Zhaidian Rural Commercial Bank, Hunan Chengbu Rural Commercial Bank, Guizhou Zunyi Huichuan Rural Commercial Bank, Kaoyang County Rural Credit Cooperative, as well as multiple township and village banks such as Guiyang Xiaohong Technology Rural and Township Bank, Lingchuan Shentong Rural and Township Bank, and Chongqing Beibei Chouzhou Rural and Township Bank, among others.

After compiling these penalty notices, reporters from the Economic Daily found that “failing to conduct customer due diligence in accordance with regulations” rarely appears as an isolated case. It is often “bundled” together with other violations.

The most typical overlapping violations are “failing to report suspicious transactions as required” and “conducting transactions or providing services to clients whose identities are unclear.” For example, Luzhou Bank’s penalty notice clearly lists multiple items, including “failing to fulfill the client identity identification obligations as required,” “failing to submit large-amount transaction reports or suspicious transaction reports as required,” and “conducting transactions with clients whose identities are unclear,” among others. The violations of Kaoyang County’s rural credit cooperative also include “providing services to clients whose identities are unclear and conducting transactions with them” and “failing to report suspicious transactions as required.” This combination means that banks not only falter at the customer onboarding stage, but also have serious deficiencies in the subsequent stages of ongoing monitoring and risk reporting, leaving accounts effectively exposed to risks from illegal activities such as money laundering.

Screenshot source: People’s Bank of China website

In addition, this type of violation often coexists with vulnerabilities in basic management. In most penalty notices, “violating the regulations on financial statistics management” and “violating the regulations on account management” appear frequently as accompanying issues. This reflects that some institutions—especially certain grass-roots outlets or small and medium-sized banks—have systemic weaknesses in multiple foundational aspects of internal control management. Customer due diligence turning into a mere formality may just be a reflection of their overall lack of compliance culture and the roughness of internal management.

As a result, it is evident that “failing to conduct customer due diligence in accordance with regulations” is usually the starting point of a systemic risk-control loophole, which then spreads backward along a clear chain of logic to the backend.

“The starting point of the violation chain is the formalization of client identity identification, the middle segment is the absence of ongoing due diligence, and the end segment is the failure of risk reporting and handling.” A senior practitioner at a city commercial bank in the western region analyzed for the reporter that the violation combinations shown in the penalty notices have a clear chain of logic: the first step is weak scrutiny of account opening review (violating account management regulations); the core failure is being unable to effectively identify the client’s real identity and background (failing to conduct customer due diligence in accordance with regulations); this then leads to an inability to effectively monitor and report abnormal fund flows (not reporting suspicious transactions); and ultimately, it may become an illegal funds conduit (transactions with clients whose identities are unclear). Regulators’ precise enforcement strikes multiple nodes along this risk transmission path, reflecting the principle of “penalties proportionate to the wrongdoing.”

Why do penalties related to “failing to conduct customer due diligence in accordance with regulations” appear in dense clusters? The most direct regulatory policy background is the newly revised “Administrative Measures for Financial Institutions’ Customer Due Diligence and the Management of the Preservation of Customer Identity Data and Transaction Records” (the “new measures”), which officially takes effect on January 1, 2026.

The new measures are designed to align with the revised Anti–Money Laundering Law that took effect on January 1, 2025. They clearly continue to adjust the long-used “customer identity identification” to “customer due diligence.” Behind this change in terminology is a profound shift in regulatory philosophy—from static management of “verifying identity documents” to full-process management of “knowing your customer” (KYC) in a dynamic way.

Compared with the old rules, one of the most significant changes in the new measures is that they remove the mandatory uniform requirement that “for individuals withdrawing or depositing cash above RMB 50,000, the source or purpose of the funds must be registered.” This requirement has sometimes been misunderstood by part of the public as a “relaxation” by regulators. However, in fact, the regulatory logic has undergone a fundamental change: from the previous fixed-amount “one-size-fits-all” management to “tiered and categorized” management based on customer and transaction risks.

The new rules require financial institutions to establish a dynamic risk assessment profile for every client. For clients assessed as low risk (such as ordinary depositors with stable sources of income and regular transaction patterns), simplified measures may be adopted when handling business. Conversely, for “high-risk” situations where systematic monitoring detects abnormal transaction behavior and where it severely does not match the client’s identity or historical patterns, banks must, according to law, initiate “enhanced due diligence,” deeply verify the sources and destinations of funds, and may impose reasonable restrictions on how clients conduct transactions and their scale; and even refuse to handle business or terminate business relationships when risks exceed management capacity.

Senior industry analysts believe that the dense penalty notices in March can be viewed as a “stress test” and “targeted calibration” by regulators after the new rules take effect. This sends a clear message to the market: eliminating the RMB 50,000 registration requirement does not mean that banks can relax or even abandon their responsibility for customer due diligence. On the contrary, banks need to invest more resources to build a more intelligent and precise risk identification and monitoring system in order to achieve the regulatory goal of “effectively intercepting illegal fund flows without adding unnecessary trouble for law-abiding citizens.”

This round of regulatory storm serves as a warning bell for the banking industry—especially the large number of small and medium-sized banks. When the customer due diligence line fails, it will not only lead to economic penalties and reputational losses; it may also make institutions passively drawn into illegal criminal activities such as money laundering and fraud, endangering their own stable and sound operation.

Looking at the distribution by type of penalized institutions, rural commercial banks, rural credit cooperatives, and township and village banks account for a relatively high share. This exposes their widespread shortcomings in compliance investment, technology systems, professional talent, and so on. Compared with national banks, small and medium-sized banks often face greater cost constraints and invest insufficiently in building anti–money laundering monitoring systems and developing big-data risk-control models. They rely more on manual review and judgment based on experience, making it difficult to cope with complex and covert illegal fund activities. At the same time, there may also be gaps in training grass-roots staff’s compliance awareness and professional capabilities.

Even for state-owned large banks, some of their grass-roots branches could not escape. This reflects that even when systems are well established at the head-office level, during the transmission and implementation of policy to front-line outlets, there may be “attenuation.” How to ensure that uniform compliance standards are carried out without compromise at every service endpoint across the country is a long-term governance challenge for large banking institutions.

With the upgrade of regulatory rules and the strengthening of enforcement, the banking industry urgently needs to shift from “passively responding to inspections” to “actively building risk-control systems.”

“For our banking institutions, anti–money laundering compliance has increasingly shifted from a ‘cost item’ that merely satisfies regulatory requirements passively to a ‘core competitive strength’ that concerns the survival and development of the bank.” A senior banking industry source stated that banks must re-examine the positioning of customer due diligence. On the retail side, by optimizing the due diligence process to balance anti–money laundering compliance and the accessibility of financial services, banks should avoid financial exclusion caused by overly strict risk control. On the corporate side, banks should establish standardized procedures for identifying beneficial owners, using cross-verification of business registration data and credit data, rather than relying solely on what clients say.

For rural financial institutions, they urgently need to seek a compliance model of “looking out for each other.” Since a single township and village bank or rural commercial bank may find it difficult to bear the high cost of technical investment and talent, industry insiders suggest that provincial rural credit cooperatives or a lead initiator bank establish a shared anti–money laundering service center to provide centralized services to institutions in their jurisdiction—such as customer risk ratings, suspicious transaction monitoring, and due diligence training—thereby reducing compliance costs for individual institutions.

It is especially important to note that banks should establish a “regulatory sandbox” mindset and proactively conduct compliance self-assessments. Since the new anti–money laundering law has raised the maximum fine to RMB 10 million and allows for a “dual punishment” system (penalizing both institutions and responsible individuals), banks must set up a proactive compliance assessment mechanism: conduct risk screening for existing clients and conduct special audits for high-risk business lines, rather than waiting for regulatory penalties and then making passive rectifications.

Cover image source: Economic Daily media database

		Sina Statement: This message is reposted from a media partner of Sina. Sina.com publishes this article for the purpose of disseminating more information, and does not mean that it agrees with its viewpoints or confirms the descriptions. The content of the article is for reference only and does not constitute investment advice. Investors act at their own risk.

A massive amount of information and precise interpretation—right in the Sina Finance APP

责任编辑：杨赐