In a significant move to regulate the trading of cryptocurrency and other virtual digital assets, the Ministry of Finance has issued notification dated March 7, 20231 ("Notification") to bring all transactions involving virtual digital assets ("VDA") within the purview of the Prevention of Money-Laundering Act, 2002 ("PMLA"). The definition of VDA which includes cryptocurrencies would be the same as provided under clause (47A) of section 2 of the Income-tax Act, 1961 (refer our earlier update here2 on the definition of VDA and its recent tax implications). The PMLA authorizes the central government to notify the categories of 'persons engaged in a designated business or profession', who qualify as a 'reporting entity' under PMLA (i.e., a banking company, financial institution, intermediary or a person carrying on a designated business or profession). The above Notification expands the scope of "person carrying on designated business or profession" to include entities engaged in the following activities carried out for or on behalf of another natural or legal person in the course of business:

a. exchange between VDAs and fiat currencies;

b. exchange between one or more forms of VDAs;

c. transfer of VDAs;

d. safekeeping or administration of VDAs or instruments enabling control over VDAs; and

e. participation in and provision of financial services related to an issuer's offer and sale of a VDA.

As a result, all entities dealing in VDAs including crypto exchanges are now recognized as 'reporting entities' under PMLA and subjected to extensive reporting norms and required to undertake other compliances as per the requirements under PMLA and the rules prescribed thereunder. Some of the key provisions applicable to reporting entities under PMLA and the Prevention of Money-laundering (Maintenance of Records) Rules, 2005 ("PML Rules") are discussed below:

1. All reporting entities are required to maintain record of all transactions for a period of 5 (five) years. Rule 3(1) of the PML Rules inter-alia lists out the following transactions whose records must be maintained:

a. all cash transactions above the value of INR 10,00,000 (Indian Rupees Ten Lakhs) or its equivalent in foreign currency;

b. all series of cash transactions integrally connected to each other and which are individually valued at less than INR 10,00,000 (Indian Rupees Ten Lakhs) or its equivalent in foreign currency and the series of transactions has taken place within 1 (one) month, and the monthly aggregate exceeds INR 10,00,000 (Indian Rupees Ten Lakhs) or its equivalent in foreign currency;

c. all transactions involving receipts by non-profit organizations of value more than INR 10,00,000 (Indian Rupees Ten Lakhs) or its equivalent in foreign currency;

d. all cash transactions where forged or counterfeit bank notes have been used as genuine;

e. all suspicious transactions, whether made in cash or otherwise and by means as specified under clause (D) of sub-rule (1) of Rule 3;

f. all cross-border wire transfers with a transactional value of INR 5,00,000 (Indian Rupees Five Lakhs) or the equivalent in foreign currency, where either the origin or destination of fund is in India; and

g. all purchase and sale of immovable property registered with the reporting entity and being valued at INR 50,00,000 (Indian Rupees Fifty Lakhs) or more.

  1. The records are required to be maintained in a manner which allows deconstruction and tracking of each individual transaction. Each record should explicitly state the nature of the transaction, amount transacted (along with the currency used), date on which transaction took place, and the parties to the transaction.
  1. All reporting entities (along with its designated director, officers, and employees) will be responsible for developing an internal mechanism for ensuring that records are maintained according to the standards and regulations released by the Government.
  1. Specific timelines have been provided for reporting entities to furnish information in respect of various transactions and delay of each day in not reporting a transaction or delay of each day in rectifying a mis-reported transaction will constitute a separate violation.
  1. The reporting entities will also be required to maintain record of documents evidencing identity of its clients and beneficial owners as well as account files and business correspondence relating to its clients/investors for a period of 5 (five) years after the business relationship between a client and the reporting entity has ended or the account has been closed, whichever is later.
  1. All reporting entities are required to verify the identity of its clients for the purpose of collecting all necessary information regarding their intended purpose and nature of the business relationship (refer to our earlier update here3, on CERT directions relating to information security practices). Further, every reporting entity must file an electronic copy of their clients' know-your-customer ("KYC") details, with the Central KYC Records Registry under the PML Rules, within 10 (ten) days from commencement of account-based relationship.
  1. Every reporting entity would also be required to conduct ongoing due diligence with respect to the business relationship with every client and closely examine the transactions in order to ensure that they are consistent with their knowledge of the client, its business and risk profile and where necessary, the source of funds.

In view of the Notification, entities involved in VDA transactions will henceforth be required to comply with the aforesaid obligations imposed on reporting entities under the PMLA. Until now, VDAs had remained largely unregulated but looked at with suspicion with many crypto exchanges already under investigation. With the government's recent move to categorize VDA players as 'reporting entities' under PMLA, any financial transgression or non-compliance involving VDAs can be investigated by the enforcement authorities. While some of the crypto exchanges have been self-regulating and complying with the anti-money laundering provisions, the VDA industry at large have expressed concern over the lack of clarity regarding the extent to which the PMLA and its rules would apply on them and the time frame for the compliance. The VDA industry fears loss of investors but sees this as a signal from the government that is will regulate the crypto industry instead of imposing a complete ban as suggested by the Reserve Bank of India. Further from the perspective of compliance, the Notification will allow the authorities to monitor VDA transactions and its investors, efficiently track down any illicit diversion of funds through VDAs and subject such suspicious transactions to similar punishment as other money laundering activities under the provisions of PMLA including confiscation of property earned through illegal proceeds and imprisonment.

Footnotes

1 https://egazette.nic.in/WriteReadData/2023/244184.pdf

2 https://www.mondaq.com/india/fin-tech/1181356/virtual-digital-assets-tax-implications-and-advertisement-guidelines

3 https://lexcounsel.in/newsletters/cert-directions-relating-to-information-security-practices-prevention-and-reporting-of-cyber-incidents-2/

LexCounsel provides this e-update on a complimentary basis solely for informational purposes. It is not intended to constitute, and should not be taken as, legal advice, or a communication intended to solicit or establish any attorney-client relationship between LexCounsel and the reader(s). LexCounsel shall not have any obligations or liabilities towards any acts or omission of any reader(s) consequent to any information contained in this e-newsletter. The readers are advised to consult competent professionals in their own judgment before acting on the basis of any information provided hereby.