Crypto Law Profile
India PMLA regime treats VDA service providers as FIU-IND reporting entities for AML/CFT/CPF, covering exchange, transfer, custody, issuer services, KYC, records, reporting and Travel Rule controls.
India PMLA VDA Service Provider AML/CFT Regime is India’s anti-money laundering and counter-terrorist financing framework for virtual digital asset service providers under the Prevention of Money Laundering Act, 2002 (PMLA). The core crypto-specific measure is Ministry of Finance Notification S.O. 1072(E), dated Mar. 7, 2023, which brought specified VDA service activities within the PMLA category of designated business or profession. As of June 5, 2026, the regime is in force and should be read with the Prevention of Money-laundering (Maintenance of Records) Rules, 2005 and FIU-IND’s VDA AML/CFT guidelines, which FIU-IND lists as updated on Jan. 8, 2026.
The Mar. 7, 2023 Gazette notification applies when specified activities are carried out for or on behalf of another natural or legal person in the course of business. The covered activities are exchange between VDAs and fiat currencies; exchange between one or more forms of VDAs; transfer of VDAs; safekeeping or administration of VDAs or instruments enabling control over VDAs; and participation in, or provision of financial services related to, an issuer’s offer and sale of a VDA. The notification uses the Income-tax Act definition of “virtual digital asset.”
Once a VDA service provider falls within the notified activities, it is treated as a reporting entity for PMLA purposes. PMLA section 12 requires reporting entities to maintain records that enable reconstruction of individual transactions, furnish prescribed transaction information to the Director, and maintain client and beneficial-owner identity records. The statute also sets five-year retention periods for transaction and client-identity records.
The PML Rules add operational detail. They require records for suspicious transactions, cash thresholds, nonprofit receipts, cross-border wire transfers, and other prescribed transaction categories. They also require principal officers to furnish monthly transaction information and promptly report suspicious transactions, while maintaining confidentiality around reporting.
FIU-IND’s original VDA AML/CFT guidelines took effect on Mar. 10, 2023. They require service providers to register as reporting entities with FIU-IND, disclose relevant bank and financial-institution account details, maintain AML/CFT/CPF programs, appoint a designated director and principal officer, implement KYC, CDD and EDD controls, train staff, and maintain internal audit and control processes. FIU’s downloads page lists an updated VDA AML/CFT guideline dated Jan. 8, 2026 and a third revised registration circular dated Sept. 15, 2025.
The VDA guidance also treats VDA transfers as analogous to wire transfers for AML purposes. It addresses intermediary service providers, record retention where technical limitations prevent information from travelling with a transfer, high-risk transfers to or from unhosted wallets, and Travel Rule information such as originator and beneficiary names, PAN or national identity number, wallet addresses, and geographic address or birth details.
The regime is activity-based. PIB’s Dec. 28, 2023 release stated that onshore and offshore VDA service providers operating in India and engaged in covered activities must register with FIU-IND as reporting entities, and that obligations are not contingent on physical presence in India. FIU-IND issued show-cause notices to nine offshore VDA service providers in December 2023, then issued notices to 25 more offshore VDA service providers in October 2025. PIB’s October 2025 release said 50 VDA SPs had registered with FIU-IND by that date.
The Ministry of Finance later told the Lok Sabha that, as of Mar. 9, 2026, 54 VDA SPs had registered with FIU-IND as reporting entities and that FIU-IND had directed takedown of applications and URLs of 53 VDA SPs found to be operating without complying with PMLA. The same answer said FIU-IND does not publish the registered VDA SP list, partly to avoid creating an impression that registration is a licence, approval, or user-protection guarantee.
This is an India national AML/CFT regime profile. It is not a full crypto licensing statute, securities classification regime, payments law, or tax profile. Its main relevance is to exchanges, custodians, transfer services, issuer-related VDA service providers, offshore platforms serving Indian users, and compliance teams tracking FIU-IND reporting-entity obligations under PMLA.
Covers VDA-fiat exchange, VDA-VDA exchange, transfer, safekeeping/control, and issuer-offer financial services when done for another person in business.
VDA SPs engaged in notified activities must register with FIU-IND as reporting entities and comply with PMLA obligations.
Reporting entities must identify clients and beneficial owners, apply CDD/EDD and keep identity, account and business correspondence records.
Requires transaction records, prescribed reports to the Director, suspicious-transaction reporting, confidentiality, and five-year record retention.
FIU guidance describes internal policies, senior-management sign-off, designated director, principal officer, training, controls and audit expectations.
Originating and beneficiary service providers must obtain, hold, transmit and make available required originator and beneficiary information for VDA transfers.
FIU guidance categorises transfers to or from unhosted wallets as high risk where one wallet is not hosted by an obliged entity.
The Director may issue warnings, directions, reporting requirements or monetary penalties for reporting-entity failures under Chapter IV.
Ministry of Finance issued S.O. 1072(E), bringing specified VDA service activities into PMLA.
FIU-IND AML/CFT guidelines for VDA-related service providers took effect immediately.
FIU-IND issued a circular on registration of VDA SPs as reporting entities.
FIU-IND issued PMLA Section 13 show-cause notices to nine offshore VDA SPs.
FIU-IND listed a third revised circular for VDA SP registration as reporting entities.
FIU-IND issued notices for non-compliance to 25 offshore VDA service providers.
FIU-IND listed updated AML/CFT guidelines for VDA-related reporting entities.
Ministry of Finance reported 54 registered VDA SPs and 53 takedown directions.
Department of Revenue, Financial Intelligence Unit India, Government of India, Ministry of Finance
Crypto assets, Non-fungible tokens, Virtual assets, Virtual Digital Assets
This profile covers India’s PMLA AML/CFT regime for VDA service providers. FIU registration should not be presented as a general crypto licence, approval, investor-protection guarantee, or token classification regime.
