Synopsis: India’s PMLA rules classify crypto service providers as reporting entities. Self-custody wallets offer regulatory advantages while platforms face strict compliance requirements and enforcement actions. Let’s dive into the specifics.
India’s cryptocurrency landscape shifted dramatically when the government classified virtual digital asset service providers as “reporting entities” in March 2023. The Prevention of Money Laundering Act now governs how crypto platforms operate, creating new compliance obligations across the industry.
Regulators moved from passive observation to active enforcement, targeting both domestic and offshore exchanges. On the other hand, individual crypto holders using self-custody wallets navigate this evolving regulatory framework.
PMLA Framework For Virtual Asset Services
The Ministry of Finance’s notification marked a transformative moment for India’s virtual asset sector. Five specific activities now fall under regulatory purview when conducted for another person. These include exchanging virtual assets with fiat currencies, transferring digital assets between different forms, and safekeeping virtual holdings.
The Financial Intelligence Unit-India enforces these rules through comprehensive monitoring. Platforms must register as reporting entities and implement anti-money laundering controls. However, the framework creates ambiguity around decentralized finance protocols. Regulators focus on activities rather than technical structures or corporate labels.
Enforcement actions demonstrate the government’s commitment to compliance. Authorities issued show-cause notices to nine major offshore exchanges in December 2023. Following this, platforms faced URL blocking and restricted access for Indian users. Binance received detailed penalties in June 2024 for operating without registration.
Control and Custody Under New Rules
The PMLA’s activity-based approach examines who exercises control over user assets. Regulators evaluate whether entities provide services “for or on behalf of” others. This distinction becomes crucial when assessing different wallet types and protocol designs.
Additionally, the presence of administrative keys signals centralized control mechanisms. Projects with upgrade authority or parameter-setting capabilities attract regulatory scrutiny. Even protocols claiming decentralization face evaluation based on practical control elements.
Custodial arrangements exist on a spectrum within decentralized finance. Smart contract escrows temporarily hold user assets under predefined conditions. Liquidity pools aggregate deposits for trading purposes. Staking services reallocate control to validators. These arrangements often constitute “safekeeping or administration” despite lacking traditional custodians.
Self-Custody Wallets Offer Regulatory Advantages
Non-custodial wallets remain outside direct PMLA reporting requirements. Users controlling their private keys avoid classification as service providers. This approach shields individuals from platform-related compliance obligations.
However, interactions with regulated exchanges still trigger compliance checks. Platforms monitor transactions involving self-hosted wallets as high-risk activities. Users must complete KYC verification when converting between fiat and crypto.
India’s enforcement targets entities with identifiable control points. Centralized exchanges clearly meet VASP definitions through their custodial operations. Moreover, they execute transfers through internal ledgers and routing engines. Operator privileges to freeze withdrawals or adjust fees demonstrate functional custody.
Risk Factors and Compliance Considerations
Several elements increase regulatory exposure for crypto platforms. Administrative keys represent the highest-risk factor for protocol operators. These credentials enable smart contract upgrades, operation pauses, and parameter adjustments.
Front-end interfaces create another vulnerability point. Entities controlling user-facing websites may face compliance obligations. Therefore, some projects implement geo-blocking or open-source their interface code.
Off-chain infrastructure introduces additional centralization risks. Price oracles, API providers, and hosting services exercise influence over user outcomes. Furthermore, a compromised oracle feed can liquidate loans across lending protocols.
Progressive decentralization offers a pathway to reduced regulatory exposure. Projects should map control levers including admin rights and treasury management. Credible roadmaps demonstrating gradual power relinquishment prove more persuasive than decentralization claims alone.
The regulatory framework continues evolving as authorities develop enforcement approaches. Self-custody users should maintain transaction records for tax reporting purposes. Platforms require originator and beneficiary information regardless of transfer amounts. India’s crypto ecosystem balances innovation with anti-money laundering objectives through activity-focused regulation.
Written By Fazal Ul Vahab C H
