REGISTRATION OF VDAs WITH FIU-IND

The Central Government vide Notification No. CG-DL-E-07032023-244184 dated March 07, 2023 (“PML Notification”) broadened
the scope of “person carrying on designated business or profession” under Section 2(1)(sa)(vi) of Prevention of Money Laundering
Act, 2002 (“PML Act”) by including the following activities, when carried out for or on behalf of another natural or legal person:
(i) exchange between virtual digital assets1 (“VDA”) and fiat currencies;
(ii) exchange between one or more forms of VDAs;
(iii) transfer of VDAs;
(iv) safekeeping or administration of virtual digital assets or instruments enabling control over VDAs; and
(v) participation in and provision of financial services related to an issuer’s offer and sale of a VDAs.

“Reporting Entity”2 under PMLA Act has been defined to include banking companies, financial institutions, intermediaries, or
individuals engaged in designated businesses or professions, and are required to verify the identity of their clients and their beneficial
owners, maintain transaction records, report suspicious transactions, and adhere to Know Your Customer (KYC) norms.

Consequently, Financial Intelligence Unit- India (“FIU-IND”) in pursuance to Rule 7(3) of the Prevention of Money Laundering
(Maintenance of Records) Rules, 2005 (“PML Rules”) issued ‘AML & CFT Guidelines for Reporting Entities Providing Services
Related To Virtual Digital Assets’ (“Guidelines”) on March 10,2023, further designating VDAs as ‘Service Providers’(“SP”). The
Guidelines detail out the procedures for SPs to ensure compliance with anti-money laundering, countering the financing of terrorism
and combating proliferation financing obligations.

1
As defined under Section 2(47A) of the Income Tax Act, 1961.
2
Section 2(1)(wa) of the PML Act.
Pursuant to Rule 7(3) PML Rules, FIU-IND issued Notification No. F. No. 9-8/2023/COMPL/FIU-IND dated July 04, 2023 (“FIU
Notification”) mandating registration of VDAs in FIU-IND as Reporting Entity, for ensuring compliance with the PML Act, PML
Rules and the Guidelines. The FIU Notification laid down the following registration process:
1. The Designated Director and Principal Officer of the Reporting Entity are required attend an in-person meeting at the FIU-IND
office and furnish the following information:

(i) Brief note explaining:

(a) nature of the SP, and
(b) defining the category and scope of activities of the SP with respect to activities provided in PML Notification;

(ii) Brief note on details of corporate structure and significant Beneficial Ownership of the company;

(iii) Copies of:

(a) Incorporation Documents,
(b) Annual Return,
(c) Balance Sheet and Profit and Loss Account of the company/LLP for the past 3 years,
(d) GST returns for past 3 financial years,
(e) GST registration in all the states where the company is operating,
(f) Income Tax Returns
(g) Form 26Q/26QF/26QE filed with Income Tax Department for TDS on VDA transactions,
(h) Agreement and nature of relationship, in case of arrangement with any entity based in India or outside India with
respect to activities provided in PML Notification;

(iv) Self-declaration to the effect that no proceedings are pending against the company or its directors;
 (v) Any other information/ document intimated to the Reporting Entity or any other information/ document which Reporting
Entity may want to furnish.

2. Registration by VDAs as Reporting Entities was required to be done on immediate basis. The FIU Notification stipulates that
failure to register with FIU-IND may be treated as non-compliance with PML Act further invoking an action under Section 13(2)
of the PML Act may be taken against the company for such non-compliance.

ONLINE REGISTRATION PROCESS:

1. Account Creation:
The applicant needs to go to the FINGate 2.0 portal at https://www.fingate.gov.in/, and fill basic details in the ‘Self Enrolment
Form’, available on sub-head ‘Sign up for Enrolment’ under the head ‘FINGate 2.0 Links’. The form shall be filled by the
primary person since certain features of the portal are accessible only on one smartphone.

2. Upon successful completion of the said form, the applicant will receive an email with the Link and Temporary Password to enroll
for soft token/ access management. The applicant is required to sign in by entering the existing Email Id and the Temporary
Password on the provided link, followed by setting up two Security Questions and their answers, and re-entering the Temporary
Password. On clicking on the “Continue” button the applicant will be redirected to the Change password screen, where a New
Password is required to be entered.
The New Password shall:
(a) Password is case sensitive.
(b) Be at least 8 characters long.
(c) include at least 1 letter.
 (d) include at least 1 number.
(e) have at least 1 symbol (non-letter or number) character.
(f) have at least 1 lowercase letter.
(g) have at least 1 uppercase letter.
(h) not include part of your name or username.
(i) have at least 2 types of the following characters:
(i) Uppercase (A-Z) ii.
(ii) Lowercase (a-z) iii.
(iii) Number (0-9)
(iv) Symbol (!, #, $, etc.)
(v) Other language characters not listed above

3. Registering a Device:
When the New Password is submitted, the applicant will be rerouted to a success message box. Applicant will proceed by
clicking the "continue" button, which will then direct them to the FINGate portal. From there, they'll need to select the “Login
to FINGate 2.0” and enter the User ID or the Email ID and the New Password to login. The applicant upon login will have to
register their smart device3 by either scanning the QR code or entering the generated key. Applicant shall download an
appropriate Authenticator application from the play store and enter the generated code from the Authenticator application as
the next step. For receiving an OTP, the applicant shall choose either Email provided or SMS on the primary phone number
and enter the OTP received to finish up device registration process.

4. Login to FINGate Portal:

3
At a given time, only 1 smart device can be registered for the user.
 The applicant needs to login using the username and password on the abovementioned “Login to FINGate 2.0” portal,
followed by entering the code from the Authenticator Application, and further clicking on “Validate Click Button and entering
the OTP. On successful validation, the user will be redirected to the ‘Home’ page.

5. Enrolment of Reporting Entity:

5.1 The Primary User/Principal Officer will have to initiate the creation of the first-time password, as outlined above.
5.2 The Primary User/Principal Officer will proceed to update the RE details, upload required documents, input Principal
Officer & Designated Director information, and submit the enrolment.
5.3 The FINGate system conducts validation checks on the submitted details and documents.
5.4 Following the validation process, if any discrepancies are found, the Primary User/Principal Officer will receive
notifications prompting corrections, along with a requirement to upload a self-declaration affirming the accuracy of the
provided details. Upon completion, the RE enrolment request will be approved in the FINGate system. The self-
declaration must be printed on the RE's letterhead and stamped with the RE's seal.
5.5 The Principal Officer and Designated Director are required to log into the portal, update their information, upload
necessary documents, and submit their enrolment.
5.6 The FINGate system verifies the uploaded details provided by the Principal Officer and Designated Director. If any
discrepancies arise during validation, the Principal Officer /Designated Director will receive notifications instructing
corrections and requesting a self-declaration affirming the accuracy of the details. Upon completion, the PO/DD
enrolment request will be approved in the FINGate system.
5.7 The RE enrolment process concludes upon successful enrolment of both the Principal Officer and Designated Director.