Even after you close your Coinbase account, your personal data — including identity documents and transaction records — may be kept for five or more years due to financial regulatory requirements.
Expanded retention justifications to explicitly include dispute resolution and agreement enforcement, added specific mention of KYC obligations, and changed framing from collection purposes to Privacy Policy purposes.
View full change record →Closing your Coinbase account does not result in deletion of your identity documents, transaction history, or financial data — these are retained for a minimum of five years under AML regulatory requirements, limiting your practical ability to exercise deletion rights.
How other platforms handle this
We keep your personal information to enable your continued use of Amazon services, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, as may be required by law such as for tax and accounting purposes, or as otherwise communicated to you.
Another program develops insights by analyzing de-identified customer information and reporting on aggregate behaviors.
We retain your personal information for as long as necessary to provide our services and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, de...
Many users assume closing an account means their data is deleted; Coinbase's regulatory obligations under AML/KYC laws mean your most sensitive financial and identity data persists for years after account closure.
(1) REGULATORY FRAMEWORK: Retention obligations are driven by BSA/FinCEN record-keeping requirements (31 CFR §1020.410, five-year retention for identity and transaction records), IRS reporting (26 U.S.C. §6050W), OFAC sanctions screening records, and state money transmission laws. GDPR Art. 17(3)(b) provides an exception to erasure rights where retention is necessary for compliance with a legal obligation. CCPA §1798.105(d) similarly exempts deletion where retention is required by law. Enforcement: FinCEN, IRS, state financial regulators. (2)
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.