India Introduces Stronger KYC and AML Rules for Crypto Platforms

TLDR

• Crypto platforms must now use live selfie verification for all users.
• Bank accounts require penny-drop tests to confirm ownership.
• High-risk users face KYC updates every six months.
• Privacy coins and mixers are blocked under new rules.
• Exchanges must store records 5+ years and monitor suspicious activity

India has implemented stricter Know Your Customer (KYC) and Anti-Money Laundering (AML) rules for crypto platforms. The Financial Intelligence Unit (FIU) issued the new guidelines, effective January 8, to enhance identity verification. The updated rules aim to reduce illegal activities and improve compliance across the cryptocurrency sector.

Crypto platforms must now require live selfies with movement verification software during onboarding. Users must also submit additional government-issued IDs, such as passports, Aadhaar or voter IDs. Mobile numbers and email addresses must undergo one-time password verification to confirm ownership.

Bank account verification has also tightened under the new KYC and AML rules. Exchanges must perform a penny-drop test to ensure account ownership. Platforms must record IP addresses, geolocation, timestamps, and device metadata at account creation.

Enhanced Verification for High-Risk Users

High-risk clients will follow more frequent KYC updates every six months. Low-risk users must complete KYC updates annually. Risk classification considers user jurisdiction, profile, and transaction activity to identify potential threats.

The new rules apply to politically exposed persons, users from FATF grey or blacklisted countries, and non-profits. Platforms must retain records for at least five years or longer during investigations. Exchanges will also monitor high-risk transactions and implement additional due diligence measures.

Platforms must block transactions using privacy-focused cryptocurrencies, mixers, or tumblers. Tokens designed to conceal ownership and transaction origins are treated as high-risk. The rules also discourage participation in Initial Coin Offerings and Initial Token Offerings.

Background and Industry Impact

India classified Virtual Digital Asset service providers under the Prevention of Money Laundering Act in 2023. Registered exchanges must comply to offer services to Indian users legally. Offshore and domestic platforms failing compliance have faced fines, restricted access, or bans.

Major exchanges like Binance, Coinbase and KuCoin re-entered India after completing registration and KYC compliance. Previously, platforms only required basic documents, but the new rules address identity and fraud risks. The FIU aims to reduce hacks, illegal transactions, and regulatory gaps in crypto operations.

The updates follow security breaches at WazirX and CoinDCX in 2024 and 2025. These incidents exposed weaknesses in KYC and monitoring processes. Regulators now enforce uniform standards to protect the financial system and customer data.

Exchanges must adopt software to detect anonymity-enhancing services and block suspicious transactions. PAN verification is mandatory before any crypto-related activity. Technical identifiers, including wallet addresses and transaction hashes, are collected to support risk monitoring and compliance.

The post India Introduces Stronger KYC and AML Rules for Crypto Platforms appeared first on CoinCentral.