REGULATIONS

Crypto Travel Rule Regulations in

India

by

Financial Intelligence Unit-India

🇮🇳
Travel Rule required from
Travel Rule regulation still pending
March 10, 2023
Content last updated

Who is the regulatory authority in [country]?

In India, the supervision of compliance with the Prevention of Money Laundering Act (PMLA) by Virtual Asset Service Providers (VASPs) is carried out by the Financial Intelligence Unit-India (FIU-IND). The FIU-IND operates under the Department of Revenue in the Ministry of Finance. The FIU-IND ensures that VASPs comply with the reporting obligations and other requirements as stipulated under the PMLA to prevent money laundering and related financial crimes.

What is the minimum threshold for the Crypto Travel Rule in [country]?

No threshold applies. In India, the full scope of required information is required for every transaction.

What personally identifiable information must VASPs collect and share for the Crypto Travel Rule in [country]?

lorem ipsum

The rules establish that originator VASPs must obtain and hold originator and  beneficiary information and submit it to beneficiary VASPs immediately and securely,

The originator information that needs to be collected and transmitted is:

  • The Name
  • The account number used to process the transaction, which could mean the “wallet address” of the originator.
  • The Permanent Account Number (PAN) or National Identity Number
  • And in addition,
  • Either the physical (geographical) address or the date and place of birth.

In turn, the required Beneficiary information:

  • The Name and
  • The account number used to process the transaction, which again could mean the “wallet address” of the beneficiary.


source


PARA. 11.3., P.27

The required information, which the ordering SP must obtain and hold, includes:
a. Originator’s Permanent Account Number (PAN) or National Identity Number
b. Originator’s name (i.e., the sending person’s accurate (i.e., verified) full name);
b. Originator’s account number used to process the transaction. In the VDA context, this would mean the “wallet address” of the originator;
c. Originator’s physical (geographical) address that uniquely identifies the originator to the ordering institution, or date and place of birth. Provided that such an address has been verified for accuracy by the originator SP as part of its KYC process.
d. Beneficiary’s name (i.e., the name of the person who is identified by the originator as the receiver of the VDA transfer). This is not required to be verified by the ordering institution for accuracy, but should be reviewed for the purpose of STR monitoring and sanction screening; and
e. Beneficiary account number used to process the transaction. In the VDA context, this could mean the “wallet address” of the beneficiary.

Are there differences in customer PII requirements for cross-border transfers versus transfers within [country]?

No. 

What are the non-custodial or self-hosted wallet requirements in [country]?

The approach to self-hosted wallet transactions in India is not prescriptive. Local regulations mention that transactions with self-hosted wallets are high risk and therefore additional limitations or controls may be put in place for those transactions.

PARA. 11.2.2., P. 26

VDA transfers to / from unhosted wallets are categorised as high risk since either the originating or beneficiary wallet may not be hosted at an SP that is an obliged entity.
This also covers P2P transfers where one of the wallets is not hosted.
In case where the VDA transfer is between two wallets where at least one of them is a hosted wallet, the onus of compliance would be on the obliged entity where the wallet is hosted.
In addition, additional limitations or controls may be put in place on such transfers with unhosted wallets.

Why choose Notabene for crypto Travel Rule Compliance in [country]?




lorem ipsum

References

Notabene's commitment to privacy + security:

Bank-grade security for an insecure world
  • Passed rigorous security reviews by more than 50 institutions, including global banks and top 20 crypto exchanges
  • Annual SOC 2 Type II Audit for Security and Data Privacy Categories
  • Regular penetration testing by security audit leader Cobalt
Industry’s strongest protection for your customer data
  • Industry’s only escrowed exchange of encrypted PII
  • Compliant with EU GDPR, Singapore PDA
  • Plug-and-play Travel Rule end-user data consent component
Enterprise White Glove features
  • 24h/7 days a week uptime
  • Configurable enterprise SLA
  • SOC2 compliant disaster recovery and business continuity plans
Learn more about our commitment to security
related articles
This content is provided for general informational purposes only. By using the content, you agree that the information on this content does not constitute legal, financial or any other form of professional advice. No relationship is created with you, nor any duty of care assumed to you, when you use this content. The content is not a substitute for obtaining any legal, financial or any other form of professional advice from a suitably qualified and licensed advisor. The information on this content may be changed without notice and is not guaranteed to be complete, accurate, correct or up-to-date.

Help us keep this page up to date! Any comments, corrections or suggestions on this page can be sent to
catarina@notabene.id.