/ FIU-IND

Overview on Recent FIU IND / PMLA 2002 Updates

Financial Intelligence Unit - India (FIU-IND)

Recent Financial Intelligence Unit – India  / the Prevention of Money Laundering Act, 2002 Updates (2023–2025) 

VASPs formally designated as reporting entities, Offshore crypto platforms brought under Financial Intelligence Unit–India oversight, stronger AML/KYC rules for digital asset businesses , notices issued to non‑compliant foreign exchanges, coordination increased with global AML bodies, multiple platforms blocked for non‑registration, and businesses operating without FIU registration risk immediate enforcement.

FIU‑IND Registration Requirements for Crypto (VDA) Service Providers

Mandatory Registration of VDA Service Providers with FIU‑IND : The Ministry of Finance issued a notification making it mandatory for all virtual digital asset service providers to register with the Financial Intelligence Unit – India. This includes Indian crypto exchanges and foreign/offshore VDA platforms serving Indian users. The requirement is “activity‑based,” not location‑based. Even if the exchange has no physical presence in India but services Indian customers, registration is mandatory. As of the latest update, more than 31 VDA service providers have already registered.

Legal Basis for FIU‑IND Oversight

  • Under PMLA & PML Rules : VDA service providers are notified as “Reporting Entities” under the Prevention of Money Laundering Act, Prevention of Money Laundering Rules (PML Rules). They must comply with KYC norms, Transaction monitoring, suspicious transaction reporting (STR), record keeping, and AML/CFT controls.
  • Rule 7(3) – Power of FIU‑IND: Rule 7(3) empowers FIU‑IND to issue guidelines on monitoring transactions, reporting obligations, and compliance frameworks.
  • AML-CFT Guidelines: FIU‑IND issued a full guideline titled “AML-CFT Guidelines for Reporting Entities Providing Services Related to Virtual Digital Assets.” This document outlines the full compliance scope, Customer due diligence, Risk assessment, record retention, ongoing monitoring, STR reporting, and KYC/beneficial ownership norms.
  • Compliance Requirements Before Applying for FIU‑IND Registration: A VDA service provider must complete all PMLA, PML Rules, and AML‑CFT obligations first, then apply for registration. The following documents/information must be submitted:
  • Corporate & Business Profile: Nature of VDA services offered and why they fall under the VDA. Corporate structure and Significant Beneficial Owners (SBOs).
  • Statutory Documents: Incorporation documents, annual returns, balance sheets, P&L statements (last 3 financial years), GST registrations and GST returns (3 years), income tax returns, and TDS forms: 26Q/26QF/26QE (for VDA transactions).
  • Agreements & Arrangements: Copies of contracts with Indian or foreign entities and details of business relationships.
  • Compliance Declarations: Self‑declaration confirming no pending actions from the Enforcement Directorate (ED), Any law enforcement agency, or any criminal cases pending against the entity or its directors/partners.
  • Any Additional Information: FIU‑IND may seek any further documents or clarifications as needed.
  • Registration Process with FIU‑IND :
  • Sign up on FIU‑IND reporting entity portal., Ensure full AML/PML compliance before application., Upload all supporting documents. Then FIU‑IND will scrutinize the application, ask for additional information, and often call the applicant for in‑person meeting/hearing. Finally, upon satisfaction that all compliance requirements are met → FIU‑IND grants registration.

Consequences of Non‑Compliance (Failure to Register) :

  • If a VDA service provider does not register, it is treated as a PMLA violation and can face action under Section 13(2) of PMLA, which includes possible actions: warning, directions to comply, directions to submit periodic compliance reports, and monetary penalty.
  • Serious Enforcement Action : FIU‑IND may direct MeitY (Ministry of Electronics & IT) to block URLs, websites, and mobile apps of the non‑compliant platform. Example: In January 2026, FIU‑IND issued show cause notices to a few offshore crypto exchanges for non‑compliance.

Key Takeaways for Crypto Businesses : Registration with FIU‑IND is mandatory for any crypto/VDA platform serving Indian users. Compliance under PMLA + PML Rules + AML‑CFT Guidelines must be completed before applying. Offshore exchanges cannot escape compliance simply by operating outside India. And FIU‑IND has strong enforcement powers, including monetary penalties and blocking platforms.

SEBI-registered debenture trustees register/re-register on the FINNET 2.0 system of FIU-India

  • The Financial Intelligence Unit – India has introduced FINNET 2.0, a new digital reporting platform to replace the earlier FINNET 1.0 system. Basic Purpose of FINNET 2.0 The system is designed to enable electronic reporting of suspicious transactions, strengthen AML (Anti-Money Laundering) compliance, improve monitoring of financial transactions, and enhance data analytics and intelligence sharing.
  • The SEBI circular mandates that all SEBI-registered debenture trustees must register or re-register on the FINNET 2.0 system of the Financial Intelligence Unit – India. This step is essential for strengthening AML compliance, suspicious transaction reporting, and financial transparency in the securities market. Entities that fail to comply may face regulatory scrutiny or penalties, making timely registration and adherence to reporting obligations critical. It forms a key part of India’s compliance framework following the Financial Action Task Force mutual evaluation process.

Mandatory Registration / Re-Registration Requirement: The Financial Intelligence Unit – India has instructed that

  • Existing Reporting Entities: All Debenture Trustees already registered under FINNET 1.0 must Re-register themselves in FINNET 2.0
  • Unregistered Entities: Entities that have not yet registered with the Financial Intelligence Unit – India must register immediately on FINNET 2.0. This requirement applies to all entities falling under the Debenture Trustee segment.
  • Direction Issued by SEBI: The Securities and Exchange Board of India has directed all SEBI-registered debenture trustees to Register or re-register on the FINNET 2.0 platform and complete the process as soon as possible. This directive ensures compliance with AML and suspicious transaction reporting requirements.
  • Legal Authority for the Circular: The circular has been issued by SEBI under the powers granted by Section 11(1) of the Securities and Exchange Board of India Act, 1992, and Regulation 2A of the SEBI (Debenture Trustees) Regulations, 1993. These provisions empower SEBI to Protect investor interests, regulate the securities market, and ensure compliance with financial crime prevention regulations.
  • Compliance Responsibilities of Debenture Trustees: After registration on FINNET 2.0, Debenture Trustees must monitor transactions for suspicious activity, maintain proper records under PMLA Rules, report suspicious transactions to Financial Intelligence Unit – India, follow AML/CFT compliance procedures, and implement internal controls to detect financial crime.
  • Importance of the FINNET 2.0 System: The migration to FINNET 2.0 helps strengthen India’s AML regulatory framework, improve real-time monitoring of financial transactions, support global AML standards, and enhance cooperation between regulators and reporting entities.

**********************************************************

If this article has helped you in any way, i would appreciate if you could share/like it or leave a comment. Thank you for visiting my blog.

Legal Disclaimer:
The information / articles & any relies to the comments on this blog are provided purely for informational and educational purposes only & are purely based on my understanding / knowledge. They do noy constitute legal advice or legal opinions. The information / articles and any replies to the comments are intended but not promised or guaranteed to be current, complete, or up-to-date and should in no way be taken as a legal advice or an indication of future results. Therefore, i can not take any responsibility for the results or consequences of any attempt to use or adopt any of the information presented on this blog. You are advised not to act or rely on any information / articles contained without first seeking the advice of a practicing professional.

Leave a Reply

Your email address will not be published. Required fields are marked *