The benefits, risks and what users need to know

Key takeaways

• The Indian FIU has introduced stricter KYC and AML regulations for crypto platforms to combat fraud and money laundering.

• Higher costs and compliance constraints could stifle small platforms and innovation in the sector.

• User onboarding friction could reduce adoption, but it aligns India with global anti-money laundering standards for long-term stability.

India’s crypto market is entering a phase of tighter regulation as authorities work to close long-standing oversight gaps.

In a bid to combat fraud, money laundering and anonymous cryptocurrency activities, the country’s Financial Intelligence Unit (FIU-IND) has introduced a new set of stricter know-your-customer (KYC) and anti-money laundering (AML) rules for crypto platforms.

While regulators say the measures bring India in line with global standards, the changes are already reshaping how stock exchanges operate.

The FIU has released the new KYC norms under the Prevention of Money Laundering Act (PMLA), 2002.

The rules will come into effect on January 8 and will apply to all platforms offering crypto-related services in India.

While building on previous guidance released in March 2023, the new framework introduces significantly more requirements to address the anonymous and near-instant nature of crypto transactions.

Key changes include mandatory live selfie verification with activity detection, geotagging during onboarding to capture latitude, longitude, timestamp, date and IP address, and OTP verification for email and mobile numbers.

Users are now required to provide detailed personal information, including income, occupation, banking details, a permanent account number (PAN) and a secondary identification document, such as an Aadhaar card or passport.

Additionally, exchanges must conduct “low-cost” bank verification, conduct periodic KYC updates every six months for high-risk users and annually for others, and apply stricter due diligence to suspicious accounts.

Beyond the integration, platforms must register with the FIU-IND via the FINGate portal.

They must undergo mandatory cybersecurity audits by CERT-In accredited professionals and appoint a designated director for AML and counter-terrorism financing compliance.

Exchanges should also conduct annual risk assessments and submit monthly suspicious transaction reports to relevant authorities.

The framework discourages exposure to initial coin offerings (ICOs), initial token offerings (ITOs), and anonymity-enhancing tools such as mixers or cups, and requires exchanges to mitigate associated risks.

Customer and transaction records must be kept for at least five years, or longer if an investigation is ongoing.

The introduction of live selfies, geolocation and activity detection significantly minimizes the risk of identity fraud, deepfakes and anonymous transactions that could facilitate money laundering or terrorist financing.

By requiring more user data and periodic updates, the new rules make it more difficult for malicious actors to exploit crypto platforms.

Stricter compliance obligations also signal a move towards a more transparent and regulated environment.

This could help build trust among retail users and attract institutional participation over time.

The alignment of the Indian crypto sector with international anti-money laundering standards supports its commitments under the Financial Action Task Force (FATF).

This could improve the country’s position in global financial transparency.

Clearer rules also eliminate long-standing ambiguity for compliant businesses.

New requirements come with higher compliance costs and operational complexity.

Smaller exchanges and startups may struggle to absorb the expense of advanced verification tools, audits, and reporting infrastructure.

This could lead to consolidation or market exits.

Ongoing obligations such as monthly reporting and annual risk assessments could further strain less capitalized companies and inhibit innovation.

Tighter integration can also create friction for users.

Multi-step verification processes, such as live selfies, geotagging, and additional documentation, could discourage participation, particularly among users in rural areas or those with limited technical access.

These additional frictions could slow user growth and reduce transaction volumes in the near term.

The article India Tightens Crypto KYC Norms: The Benefits, Risks and What Users Should Know appeared first on ccn.com.