AML & CFT Guidelines for Reporting Entities Providing Services Related to Virtual Digital Assets in India

In March 2023, the Ministry of Finance issued a notification to expand the scope of the Prevention of Money Laundering Act 2002 to virtual assets by bringing the entities providing services related to Virtual Digital Assets under the purview of “Reporting Entities”. In this context, to lay down a clear set of principles for such virtual digital assets (VDA) providers, the Financial Intelligence Unit, India (FIU-IND) issued a guideline – AML and CFT Guideline for Reporting Entities Providing Services related to Virtual Digital Assets.

Applicability of the AML and CFT Guidelines for Virtual Digital Assets

The Guidelines list the VDA-related activities that shall make the service provider a Reporting Entity under PMLA. This list is as under:

  1. exchanging virtual digital assets to fiat currencies and vice versa
  2. exchanging one form of virtual digital assets to another
  3. transferring virtual digital assets
  4. safekeeping or administration of virtual digital assets or instruments enabling control over virtual digital assets
  5. participating or providing financial services related to an issuer’s offer and sale of a virtual digital asset

when conducted for or on behalf of another person in the ordinary course of business.

Key AML/CFT obligations of Virtual Digital Assets service providers

The AML/CFT obligations imposed on service providers related to VDA are as under:

  1. Getting registered as a “Reporting Entity” with the FIU-IND
  2. Conducting overall Enterprise-Wide Risk Assessment (EWRA)
  3. Designing and implementing senior management-approved policies, procedures, and controls for AML/CFT and Combatting Proliferation Financing (CPF)
  4. Appointing Designated Director and a Principal Officer
  5. Imparting adequate AML training to employees to manage the AML/CFT/CPF compliances
  6. Establishing an internal audit function to monitor the AML policies and compliances regularly
  7. Developing and implementing “Customer Due Diligence” procedures and controls, which will include the “Know Your Customer” process, Sanctions screening compliance, customer risk classification, applying Enhanced Due Diligence measures for high-risk customers and transactions
  8. Adopting adequate policies and controls for Counterparty Due Diligence
  9. Implementing robust ongoing transaction monitoring system and controls
  10. Timely reporting of necessary reports with FIU-IND, which includes filing of Suspicious Transaction Reports (STR) and reporting receipts by Non-Profit Organizations (NPO) by filing Non-Profit Organization Transaction Reports (NTR)
  11. Filing information about the NPO wallets or accounts with the DARPAN Portal of NITI Aayog
  12. Maintaining adequate AML/CFT records related to VDA for at least years
  13. Complying with FATF Travel Rule to immediately exchange information about the beneficiary and the originator between the service providers involved in VDA transfer.

Entities providing VDA-related services are now considered Reporting Entities under PMLA 2002 and would be subject to AML/CFT/CPF compliance obligations.