FIU-IND Anti-Money Laundering Rules for Crypto Exchanges
The mandatory registration and reporting requirements imposed by the Financial Intelligence Unit (FIU-IND) on both domestic and offshore virtual asset service providers.
The Mandate of FIU-IND in the VDA Landscape
The Financial Intelligence Unit – India (FIU-IND), established by the Government of India, serves as the central national agency responsible for receiving, processing, analyzing, and disseminating information relating to suspicious financial transactions. Its core mandate is to combat money laundering and terror financing. The regulatory landscape for Virtual Digital Assets (VDAs) in India has significantly evolved, bringing VDA activities and service providers under the purview of the Prevention of Money Laundering Act, 2002 (PMLA). This crucial development directly impacts both domestic and offshore VDA exchanges facilitating transactions for Indian users.
Offshore Exchanges as Reporting Entities under PMLA
On March 07, 2023, the Ministry of Finance issued a notification officially bringing "Virtual Digital Assets" under the ambit of the PMLA. This notification designates specific VDA activities as "financial activities" and VDA service providers as "reporting entities" under PMLA. Crucially, this extends to offshore VDA exchanges that cater to Indian residents, even without a physical presence in India. The determinant factor is the offering of VDA services to Indian users, thereby qualifying such entities as "doing business in India" for PMLA compliance purposes. This includes activities such as exchange between VDAs and fiat currencies, exchange between one or more forms of VDAs, transfer of VDAs, safekeeping or administration of VDAs or instruments enabling control over VDAs, and participation in and provision of financial services related to an issuer’s offer and sale of a VDA.
Defining "Doing Business in India" for VDA Services
For offshore VDA service providers, the mere accessibility of their platform to Indian residents or the facilitation of VDA transactions for individuals residing in India can constitute "doing business in India." This interpretation necessitates compliance with Indian anti-money laundering (AML) and counter-financing of terrorism (CFT) regulations, irrespective of the exchange's operational base. The regulatory intent is to ensure a comprehensive oversight mechanism for all VDA activities impacting the Indian financial ecosystem.
Mandatory Registration with FIU-IND
Any offshore VDA service provider facilitating services to Indian users is required to register with FIU-IND as a reporting entity. This registration is a prerequisite for legal operation within the Indian regulatory framework concerning AML/CFT. Failure to register can lead to severe regulatory actions and penalties under the PMLA. The registration process typically involves submitting specific organizational and operational details to FIU-IND, demonstrating an understanding and commitment to adhere to the prescribed AML/CFT standards.
Core Compliance Obligations for Offshore VDA Service Providers
Once registered, offshore VDA exchanges are subject to a stringent set of compliance obligations mirroring those applicable to other financial institutions in India.
Customer Due Diligence (CDD) and Know Your Customer (KYC) Standards
Reporting entities must implement robust CDD procedures. This includes identifying and verifying the identity of all customers, both existing and new, and beneficial owners. Enhanced due diligence (EDD) is mandated for high-risk customers or transactions. This requires collecting and verifying identification documents, address proofs, and understanding the nature of the customer's VDA activities. For Indian residents, this typically involves Aadhaar, PAN, and other prescribed documentation.
Record Keeping Requirements
Reporting entities are obligated to maintain records of all transactions, identification data of customers, and other relevant information for a period of ten years from the date of the transaction or the end of the business relationship. These records must be readily accessible for inspection by FIU-IND or other competent authorities.
Reporting Framework: STRs and CBWTRs
Offshore VDA exchanges must adhere to specific reporting requirements:
- Suspicious Transaction Reports (STRs): Any transaction or series of transactions that, to a reporting entity, gives rise to a reasonable suspicion that it may involve proceeds of crime, or be intended for financing terrorism, regardless of the amount, must be reported to FIU-IND. This requires continuous monitoring of customer accounts and transactions.
- Cross-Border Wire Transfer Reports (CBWTRs): While traditional "wire transfers" may not directly apply to VDA movements, any cross-border VDA transactions or remittances exceeding specified thresholds, or otherwise deemed relevant by FIU-IND for surveillance, would fall under reporting obligations designed to capture international financial flows. The underlying principle is to track movement of value across borders.
Appointment of Principal Officer
Every reporting entity must designate a Principal Officer who serves as the primary point of contact with FIU-IND. The Principal Officer is responsible for overseeing the implementation of AML/CFT measures, ensuring compliance with reporting obligations, and acting as the liaison for all communications and information requests from FIU-IND.
Anti-Money Laundering (AML) and Counter-Terrorism Financing (CFT) Programs
Offshore exchanges must develop and implement comprehensive internal policies, procedures, and controls for AML/CFT. This includes risk assessment frameworks, employee training programs, and independent audit functions to periodically review the effectiveness of these measures. The program must be dynamic, adapting to evolving risks and regulatory updates.
Intersection with Foreign Exchange Management Act (FEMA)
While FIU-IND compliance primarily falls under PMLA, transactions facilitated by offshore exchanges involving Indian residents may also intersect with the Foreign Exchange Management Act, 1999 (FEMA). Cross-border remittances and dealings in foreign exchange, even if facilitated through VDAs, could attract scrutiny under FEMA provisions. Users engaging in VDA transactions with offshore platforms bear the responsibility for compliance with FEMA regulations concerning international financial transactions and asset holdings. This underlines the broader regulatory environment in which VDA activities occur for Indian participants.
Consequences of Non-Compliance
Failure to adhere to FIU-IND regulations can result in significant penalties under the PMLA. These include monetary fines, potential freezing of assets, and even prosecution of individuals associated with the non-compliant entity. For offshore exchanges, non-compliance could also lead to restrictions or outright bans on their operations within India, including potential blocking of access to their platforms for Indian users. Furthermore, regulatory non-compliance could trigger reputational damage and impact the exchange's ability to operate in other jurisdictions with similar AML/CFT frameworks. The stringent enforcement signals India's commitment to mitigating risks associated with VDAs.