All about Crypto Trading Company Crypto License in India
Table of Contents
Crypto Exchange or Crypto Trading Company Crypto License in India
The Union Budget 2022 start make clarity on the cryptocurrency’s taxation. Earlier in the year 2022, there was no taxation cryptocurrencies on cryptocurrencies. Under the below contains, we will provide the details about how to start a cryptocurrency business in India.
Crypto License in India
There are no specific requirements that must be followed to launch a crypto business in India before the draught law is passed. The 2013 Companies Law must initially be followed, whether you are a domestic or international business owner. Establishing a cryptocurrency company in India presents both challenges and potentially lucrative opportunities.
While the legal standing of cryptocurrencies in India remains uncertain, it’s important to note that the Crypto companies are not explicitly prohibited in India as evident by growing crypto ecosystem in India. To operate in this space, potential cryptocurrency firms in India must navigate a series of steps:
Obtaining Necessary Licenses:
REGISTERING FOR A CRYPTO EXCHANGE OR CRYPTO TRADING COMPANY AS PRIVATE LIMITED COMPANY
- This includes securing approvals from various government authorities, as well as ensuring compliance with AML & Know Your Customer Further that, you must perform several formalities in addition to paying the taxes that apply to Virtual Digital Assets, including you must also complete several formalities, among which:
- In India, a Pvt Ltd is an entity that is held by businesses. For a Pvt Ltd Company, a bare minimum of 2 Members is required, although the number of members can be extended up to 200 at once. The Pvt Ltd Company restricts their shareholder liability to the limit of their shares, the total number of shareholders can stretch up to 300.
STEPS FOR REGISTRATION OF CRYPTO EXCHANGE PRIVATE LIMITED COMPANY
- DSC – Digital Signature Certificate
For registration of a private limited company a DSC has to be obtained from certifying agency recognized by the government. The DSC is required at the time of filing the forms related to the company registration. The company registration process is online thus making the requirement for a valid digital signature.
- DIN- Director Identification Number
The proposed director of the company has to obtain a Director Identification Number, it is mandatory for the registration of the company. There is a method through which Director Identification Number can be obtained:
A Director Identification Number is issued to the proposed director of the company after Registrar of Companies filing SPICe or INC-32. The Director Identification Number will be issued to only those directors who previously have not taken a Director Identification Number.
- Company Name Selection
To mark the individual existence, it is required to select a unique name. The selected name is not against any government compliance against names. The name of the company must end with Pvt Ltd in it. The name should be unique and not identical or show resemblance to an already registered company.
- Registrar of Companies filing of forms SPICe+ or INC-32
These forms are required to be filed for the following:
- Allotment of DIN
- Reserving the name of the company
- Incorporation of a new company
- Applying for Permanent Account Number and Tax Deduction and Collection Account Number
- INC-33 & INC-34
These forms are for Memorandum of Association & Articles of Association. The Memorandum of Association is responsible for representing the charter of the company. The Articles of Association is responsible for containing the rules and regulations of the company.
- An application for Permanent Account Number and Tax Deduction and Collection Account Number
An application for a Personal Account Number and Tax Account Number should be filed through form SPICe+ or INC-32. Under SPICe+ form 49A is for PAN and form 49B is for TAN.
DOCUMENTS REQUIRED FOR A PRIVATE LIMITED COMPANY REGISTRATION
FOR INDIAN NATIONALS
- The members and shareholders have to give an affidavit on stamp paper.
- Proof of office address, rent agreement if the office is rented.
- Passport size photo of the directors
- Identity proof of the directors, i.e., Passport, Driver’s License, or Voter ID card.
- Self-declaration of the proposed director of the company.
- Aadhar Card.
- PAN Card.
- Email And Mobile No of Director & shareholders
FOR FOREIGN NATIONALS
- Passport of the Directors and Members of the company.
- An address proof of the directors and members of the company.
- Email And Mobile No of Director & shareholders
B Other registration required.
- After obtaining Company Registration in India. You are also required to take other few registration for Crpto Trading or Exchange related activity
- Obtain a PAN.
- apply for a TAN.
- obtain a GSTIN.
- Take Virtual Digital Assets or Crypto service providers the Financial Intelligence Unit (FIU) registration in India.
- Legal Entity Identifier registration with Reserve Bank of India is required to be taken in case – All single payment transactions of INR 50 crore & above undertaken by entities (non-individuals) should include remitter and beneficiary LEI information. This is applicable to transactions undertaken through the NEFT and RTGS payment systems
All single payment transactions of INR 50 crore and above undertaken by entities (non-individuals) should include remitter and beneficiary LEI information. This is applicable to transactions undertaken through the NEFT and RTGS payment systems
Apart from these, applying for the crypto license in India may become mandatory for certain activities, such as the issuance and trading of various Virtual Delivery Assets.
Financial Intelligence Unit (FIU) Registration Process
- Compliance, under the Prevention of Money Laundering Act, demands reporting entities’ registration and adherence to regulatory norms like Know Your Customer , transaction records, and reporting of suspicious activities. as many as Virtual Delivery Assets or crypto service providers have registered themselves with India’s FIU
- Finance Ministry mandated that crypto businesses will have to register with the Financial Intelligence Unit (FIU), the country’s anti-money laundering unit, and comply with other processes under the Prevention of Money Laundering Act. This meant crypto businesses became legally obligated to perform verification processes such as Know Your Customer.
Requirement of registration of crypto-businesses with the FIU-IND
- The Ministry of Finance, via its notification dated July 4, 2024 (“July Notification”) has mandated that all Virtual Delivery Assets service providers shall be required to register with the FIU-IND. As per the Ministry of Finance notification, the Virtual Delivery Assets service providers are required to comply with various provisions of Prevention of Money Laundering Act & Rules and the Anti-Money Laundering and Combating the Financing of Terrorism Guidelines, prior to approaching the Finance Intelligence Unit-India for registration.
- Rules 7(3) of the Prevention of Money Laundering Rules empowers the Finance Intelligence Unit-India (“FIU-IND”) to issues guidelines as regards any transactions (being conducted by reporting entities) and to keep track of those transactions as laid down under the Prevention of Money Laundering Rules. In pursuance of this provision, the FIU-IND issued the guidelines termed as the ‘Anti-Money Laundering and Combating the Financing of Terrorism Guidelines For Reporting Entities Providing Services Related To Virtual Digital Assets’ (“Anti-Money Laundering and Combating the Financing of Terrorism Guidelines”) on March 10, 2023. These guidelines list out the entire detailed scope of compliances for reporting entities engaged in offering services related to Virtual Delivery Assets.
- Compliance to Prevention of Money Laundering Act is of utmost importance as the safety and financial integrity of Indians is at risk. Our citizens, unfortunately, when they deal with such non-registered platforms run the risk of dealing with nefarious and malicious actors; thereby jeopardizing their current and future finances.
Documents Required for FIU-IND Registration
The following necessary documents required for registering under the Financial Intelligence Unit India:
Individual
- One recent photograph
- Any identification necessary papers
- One certified copy of an officially valid necessary paper containing identity and address details.
- Such other necessary papers, including in respect of nature of business and financial status of the client as maybe required by the reporting entity
Company
- Certificate of Incorporation (COI)/ Memorandum of Association and Articles of Association of Company
- Officially valid necessary paper for managers, officers or employees holding an attorney to transact on its behalf.
- Resolution from BOD and POA granted to its managers, officers or employees to transact on its behalf
Partnership Firm
- Partnership Deed
- Registration Certificate
- An officially valid necessary paper for the person holding an attorney to transact on its behalf.
Trust
- Trust Deed
- Registration Certificate
- An officially valid necessary paper in respect of the person holding an attorney to transact on its behalf.
UIB/BOI
- POA granted to him to transact on its behalf
- An officially valid necessary paper in respect of the person holding an attorney to transact on its behalf
- Resolution of the managing body of such association or body of individuals
- Such information as may be required by reporting entity to collectively establish the legal existence of such association or Body of Individual (BOI).
FIU-IND Registration Procedure
Two entities need to be registered with Financial Intelligence Unit India (FIU-IND) i.e. the reporting entities and the Principal Officer. The detailed procedure for the same is described below-
Reporting Entity Registration
- After this, the applicant needs to submit the application with the necessary papers.
- The first step is to file the application for registration with the Financial Intelligence Unit India (FIU-IND) by the reporting Agency
- Finally, the applicant will receive the certificate of registration issued by the authority only after the verification of the application.
Principal Officer Registration
- Next, the applicant needs to submit the application with the necessary papers for scrutiny of the necessary papers by the authority.
- The registration of the principal officer can be done only after the registration of the reporting entity.
- For this registration, the applicant needs to file the application with the details of the principal officer.
- The authority will issue the certificate of registration after being satisfied with the Paper works.
Consequences of non-compliances of registration with the FIU-IND
- It is pertinent to note that in case a Virtual Delivery Assets service provider fails to register with Financial Intelligence Unit India as a reporting entity, such an omission would fall under non-compliance with the provisions of Prevention of Money Laundering Act and could attract action U/s13(2) of the Prevention of Money Laundering Act. The actions could include the following:
- Issuance of a direction to a reporting entity to comply with the specific instructions
- thereafter Issuance of a warning
- Issuance of a direction to a reporting entity to send reports at specified intervals as regards measures being taken to observe compliance.
- Imposition of a monetary penalty on the reporting entity.
- In addition to this, the Financial Intelligence Unit India can also direct the Ministry of Electronics and Information Technology (MeitY) to block the URLs and mobile applications of non-compliant reporting entities. In fact, it was reported in the month of January 2024 that show cause notices had been issued to 9 off shore Virtual Delivery Assets service providers owing to alleged non-compliance with the provisions of the Prevention of Money Laundering Act & Rules and guidelines prescribed by the Financial Intelligence Unit India.
Monthly reporting under Financial Intelligence Unit India in compliances of registration with the FIU-IND :
Collection of Information: FIU Registration Act as the central reception point for receiving Cash Transaction reports (CTRs), Reports on Purchase or Sale of Immovable Property (IPRs), Cross Border Wire Transfer Reports (CBWTRs), Non-Profit Organization Transaction Report (NTRs), and Suspicious Transaction Reports (STRs) from various reporting entities.
S. No | Financial Intelligence Unit India Report | Description | Due Date |
1 | Cash Transaction reports | INR 10,00,000/- or more | 15th day of succeeding month |
2 | Counterfeit Currency Report | Forged or Counterfeit currency | 15th day of succeeding month |
3 | Non-Profit Organisation Transaction Report | All transaction involving receipts by Non-Profit Organisation of value more than INR 10,00,000/- or more | 15th day of succeeding month |
4 | Cross Border Wire Transfer Reports | Cross-Border Transfer INR 5,00,000/- or more | 15th day of succeeding month |
5 | Immovable property | Sale purchase of Immovable property value exceeding INR 50,00,000/- or more | 15th day of the month succeeding the quarter |
6 | Suspicious Transaction Reports | All suspicious transaction whether or not made in cash | Not later than 7 working days onbeing satisfied that the transactionis suspicious |
FIU Unit after collection of information, Analysis of Information, Sharing of Information, Act as Central Repository, Coordination & strengthen collection and sharing of financial intelligence through an effective national, regional and global network to combat money laundering and related crimes. & Monitor and identify strategic key areas on money laundering trends, typologies and development.
About Legal Entity Identifier
- What is Purpose Legal Entity Identifier
- The Legal Entity Identifier is a 20-character alpha-numeric code used to uniquely identify parties to financial transactions worldwide. It has been implemented to improve the quality and accuracy of financial data reporting systems for better risk management.
- It is used to create a global reference data system that uniquely identifies every legal entity in any jurisdiction that is party to a financial transaction. It can be obtained from any of the LOUs accredited by the GLEIF, the body tasked to support the implementation and use of Legal Entity Identifier In India,
- Legal Entity Identifier can be obtained from Legal Entity Identifier India Ltd. (LEIL) (https://www.ccilindia-lei.co.in/), which is also recognised as an issuer of Legal Entity Identifier by the RBI.
- Transactions should include Legal Entity Identifier information
- All single payment transactions of INR 50 crore and above undertaken by entities (non-individuals) should include remitter and beneficiary Legal Entity Identifier information. This is applicable to transactions undertaken through the NEFT and RTGS payment systems.
- In case of RTGS, both customer payment & inter-bank transactions meeting the above criterion should include Legal Entity Identifier information.
- Legal Entity Identifier required for individual customer transactions.
- The Legal Entity Identifier is not required for customer transactions where both remitter and beneficiary are individuals. For transactions, where either or both parties are non-individual/s, Legal Entity Identifier will be required.
- All single payment transactions of ₹50 crore and above of Government Undertakings and Corporations, through NEFT / RTGS, shall include remitter and beneficiary Legal Entity Identifier information.
- The remitting bank should ensure that Legal Entity Identifier information for both sender and beneficiary is captured. Any inward transaction with inappropriate or no Legal Entity Identifier should not be rejected by beneficiary bank. However, post-credit, both remitting and beneficiary banks should maintain valid and verified LEI information for all payment transactions of ₹50 crore and above.
- Types of accounts for which Legal Entity Identifier should be recorded
- Legal Entity Identifier shall be recorded for all non-individual NEFT / RTGS messages / transactions. An indicative list of entity types is given by LEIL at https://www.ccilindia-lei.co.in/Documents/FAQs.pdf.
Risk Assessment & development of Controls in Crypto Trading or Exchange related activities :
Entrepreneurs must carefully evaluate the various risks and challenges associated with the industry, including regulatory ambiguity, market volatility, and the ever-present threat of cyberattacks.
By conducting thorough research and strategic planning to address these challenges, entrepreneurs can increase their chances of successfully launching and operating a cryptocurrency company in India.
Achieving successful regulatory compliance and risk management in cryptoassets requires that your compliance team has a clear understanding of the risks impacting your business, as well as controls in place to mitigate those risks.
Crypto Trading or Exchange Company must develop the following three unit/ dept for mange the control in the company,
- Accounting & Compliance Department- Like GST, Income Tax, Registrar of Companies Compliance and Know Your Customer and other Financial Intelligence Unit India Compliance and related return
- Legal & law related regulatory – case and compliance Department. – Handly of Legal Case and regularly change in India related to Crypto and it implementation in the origination.
- Operational Department – Has to handle the day-to-day trading and payment and received of money or crypto related working.
- Software and related Risk Assessment in the crypto and its security control Dept. – Cryptocurrency risk management requires a systematic approach to identify, analyze, assess, and develop treatment plans for the risks associated with investing in digital assets. Investing in cryptocurrencies involves inherent risks that necessitate careful identification and management by financial institutions. Here’s a general outline of steps you might consider:
- Risk Assessment:
- Identify potential threats: This includes external threats like hacking attempts, phishing, malware, and insider threats.
- Assess vulnerabilities: Identify weaknesses in your systems, processes, or personnel that could be exploited by attackers.
- Determine the likelihood and potential impact of each threat exploiting a vulnerability.
- Security Controls:
- Implement multi-factor authentication (MFA) for access to sensitive systems and accounts.
- Utilize strong encryption methods to protect data both at rest and in transit.
- Regularly update and patch all software to address known vulnerabilities.
- Implement intrusion detection and prevention systems (IDPS) to monitor for and respond to suspicious activity.
- Establish access controls and permissions to limit the exposure of sensitive data and systems to authorized personnel only.
- Conduct regular security awareness training for all employees to educate them about potential threats and how to mitigate them.
- Employ a robust incident response plan to quickly and effectively respond to security incidents.
- Consider utilizing blockchain-based security solutions for added protection.
- Regular Audits and Testing:
- Conduct regular security audits to identify any weaknesses or areas for improvement.
- Perform penetration testing to simulate real-world attacks and identify vulnerabilities that may not be apparent through other means.
- Stay informed about the latest security trends and technologies to continually adapt and improve your security posture.
- Backup and Recovery:
- Implement regular backups of critical data and systems to ensure that they can be restored in the event of a security incident.
- Test your backup and recovery procedures regularly to ensure their effectiveness.
- Compliance and Regulations:
- Ensure compliance with relevant regulations and industry standards, such as GDPR, PCI DSS, or specific crypto-related regulations.
- Stay informed about changes to regulations and standards that may affect your security practices.
- Collaboration and Information Sharing:
- Collaborate with other organizations in the crypto space to share information and best practices for enhancing security.
- Participate in industry groups and forums to stay informed about emerging threats and security trends.
- Continuous Improvement:
- Security is an ongoing process, so continually review and update your security measures to adapt to changing threats and technologies.
- By implementing these measures, you can help safeguard your organization against hacking risks and enhance the security of your crypto assets.
Points to be Take care while starting the Crpto Trading exchange.
- Appropriate & Clear-cut Term and condition for trading activity must be drafted in online agreement signing, or physical agreement sign required from of customer Account.
- Implement the OTP / Adhar Digital verified of customer Account.
- thereafter Implement the Live Video Recording Proof of customer Account.
- Implement the Escrow Account system with customer Account for Transaction with the customer in Crypto
Indian Crypto Exchange Requirements:
It is feasible to establish virtual currency exchanges in India after getting a crypto license, but these entities must publish information about their earnings and losses. Also, about the sums stored in cryptocurrencies, as well as client deposits.
**********************************************************
If this article has helped you in any way, i would appreciate if you could share/like it or leave a comment. Thank you for visiting my blog.
Legal Disclaimer:
The information / articles & any relies to the comments on this blog are provided purely for informational and educational purposes only & are purely based on my understanding / knowledge. They do noy constitute legal advice or legal opinions. The information / articles and any replies to the comments are intended but not promised or guaranteed to be current, complete, or up-to-date and should in no way be taken as a legal advice or an indication of future results. Therefore, i can not take any responsibility for the results or consequences of any attempt to use or adopt any of the information presented on this blog. You are advised not to act or rely on any information / articles contained without first seeking the advice of a practicing professional.