Govt to scrutinise bank accounts with over Rs100 million transactions from July 1

The federal government will start scrutinising bank account holders from July 1 whose deposits or withdrawals exceed Rs100 million during any six-month reporting period of a financial year, under a new mechanism introduced through the Finance Act 2026. 

Business Recorder reported that the measure is aimed at cross-matching banking and tax data to identify under-reporting of sales, overstatement of expenses and non-reporting of information.

The Finance Act 2026 has inserted a new Section 165AB, titled Reporting of financial transaction data by banking companies and financial institutions, into the Income Tax Ordinance, 2001.

Under the new provision, every banking company and Electronic Money Institution (EMI) will be required to electronically upload specified financial transaction information to the Central Data Hub for algorithmic cross-matching of tax and banking data.

The requirement will apply notwithstanding other laws, including the Banking Companies Ordinance, 1962, the State Bank of Pakistan Act, 1956, and the Protection of Economic Reforms Act, 1992.

The data to be shared will include details of account holders whose deposits or withdrawals exceed Rs100 million during a reporting period in any or all bank accounts.

The information will cover particulars of deposits and withdrawals, opening and closing balances, peak credits and total credits.

According to the Finance Act 2026, the shared information will be processed digitally and will not be accessible to the Income Tax Authorities during the cross-matching process.

Where a significant mismatch is detected, the Federal Board of Revenue’s digital system will transfer the information to the Compliance Risk Management (CRM) system for further proceedings through the National Faceless Centre.

The FBR will be required to ensure the strict confidentiality of information provided by banks and prevent disclosure or misuse except as allowed under the law.

The reporting periods will run from July 1 to December 31 and from January 1 to June 30. Banks and EMIs will be required to report the data by January 31 and July 31, respectively.

The State Bank of Pakistan (SBP) may establish, operate and maintain a secure centralised virtual repository of banking data, including records and financial transactions of persons maintained by scheduled banks on the basis of unique identifiers prescribed by the Board.

The law defines accounts as current, call, saving, fixed, term deposits and other forms of bank deposits. Peak credits refer to the highest credit balance in all accounts of an account holder during the reporting period.

The Central Data Hub means the virtual data repository maintained by the Board through PRAL, while Compliance Risk Management refers to a computer-based system used to identify and communicate compliance risks.