Coinbase is legally required to keep your identity and transaction records for at least five years after you close your account, due to anti-money laundering and financial regulations.
Current version specifies a concrete '5-year' minimum retention period and explicitly names categories of retained data (identity verification, transaction records, financial information).
View full change record →Your KYC identity documents, transaction records, and financial information will be retained by Coinbase for a minimum of five years after account closure regardless of any deletion request you make, as required by Bank Secrecy Act and AML regulations.
Cross-platform context
See how other platforms handle Data Retention for AML/KYC Legal Obligations and similar clauses.
Compare across platforms →Even if you close your Coinbase account and request deletion of your data, Coinbase is legally required to retain your identity documents, transaction history, and financial information for at least five years — your data cannot be fully deleted.
REGULATORY FRAMEWORK: Bank Secrecy Act 31 U.S.C. §5311 et seq. and FinCEN regulations 31 CFR §1010.430 require money services businesses to retain records for a minimum of five years; the Customer Due Diligence Rule 31 CFR §1010.230 mandates retention of beneficial ownership and identity records. IRS regulations require retention of tax-related records. GDPR Art. 17(3)(b) permits retention where necessary for compliance with a legal obligation; however, purpose limitation under Art. 5(1)(b) requires that retained data not be used for incompatible purposes. CCPA §1798.105(d)(2) exempts deletion requests where retention is required by law. Enforcement authorities: FinCEN, IRS, FTC, state financial regulators.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.