India has tightened its regulatory grip on the cryptocurrency market with the introduction of more stringent Know Your Customer (KYC) and Anti-Money Laundering (AML) protocols for crypto exchanges. The Financial Intelligence Unit (FIU), operating under the Union Finance Ministry, issued the updated guidelines on January 8, mandating enhanced due diligence measures for onboarding new users to virtual digital asset (VDA) service providers.
The new regulations necessitate crypto exchanges to implement mandatory liveness detection and geographical tracking during the user onboarding process. This means new users must take a "live selfie" using software capable of verifying their presence through actions like blinking or head movements to prevent the use of static photos or deepfakes. Furthermore, exchanges are now required to record the exact latitude and longitude, date, timestamp, and IP address from which a user initiates account creation.
In addition to these measures, the updated KYC requirements include the "penny-drop" method, which involves processing a nominal Re 1 transaction to verify the bank account's activity and ownership. Users must also provide their Permanent Account Number (PAN) and a secondary ID such as a Passport, Aadhaar, or Voter ID, along with OTP verification for their email ID and phone number. These measures ensure that the individual providing the credentials during onboarding is the same person accessing the application and initiating the account creation process.
The FIU's updated guidelines also address the risks associated with Initial Coin Offerings (ICOs) and Initial Token Offerings (ITOs), expressing strong discouragement due to their lack of economic justification and high risk. The agency has also prohibited the use of anonymous tokens and crypto mixers that conceal the origin of funds.
These updated guidelines, which come three years after the initial rules in March 2023, require all crypto exchanges operating in India to register with the FIU as reporting entities. They must also submit regular reports on suspicious transactions and maintain detailed records of their customers to combat illicit funding and proliferation financing risks associated with crypto assets. Exchanges are required to conduct KYC updates every six months for high-risk clients and annually for all other users.
With these measures, India's FIU aims to create a more secure and transparent cryptocurrency ecosystem, preventing money laundering, terrorism financing, and other illegal activities within the digital asset market.
