How regulation is shaping a sustainable crypto assets sector in India

For a sector that once faced a de facto ban, the crypto asset industry of India is on a sustainable path, largely due to an interplay of sovereign and self-regulation. Over the past three years, the government has rolled out tax regimes, disclosure mandates, cybersecurity duties, and full anti-money laundering coverage for the sector. Working in tandem, the compliant end of the industry has adopted self-regulatory rulebooks that raise standards on listings, trading conduct, and user protection. The result is a framework that aims to curb money laundering, terrorism financing, hacks, market abuse, and fraud without shutting the door on innovation.

 

The sovereign rulebook

 

Since 2022, India taxes gains from “virtual digital assets” at a flat 30 per cent. On top of that, buyers must withhold 1 per cent as TDS on payments made for most crypto transfers. This tax regime has created transparency and deterred speculative runs in this highly volatile sector. At the same time, it does not deter serious investors who believe in the potential of Bitcoin (and a few other crypto assets) to turn into digital gold in the future and are ready to be invested in this asset class in the long term.

 

Since April 1, 2021, corporates are required to report crypto holdings and related profits or losses in their financial statements. Thereafter, in April 2022, India’s computer emergency response agency, CERT-In, issued binding directions requiring crypto exchanges and custodian wallet providers to maintain KYC and transaction records for five years and meet strict incident-reporting and log-retention standards. Both these measures seek to enhance transparency and pierce through the pseudonymity inherent to crypto assets.

 

In March 2023, India notified service providers involved in issuance, transfer, and safekeeping of crypto assets as obliged entities under the Prevention of Money Laundering Act (PMLA), with the Financial Intelligence Unit-India (FIU-IND) as the regulator for the purpose of PMLA compliance. FIU-IND has since enforced the regime, including through an order imposing a ₹18.82-crore penalty on the offshore exchange Binance in June 2024. Binance settled the penalty and registered with FIU-IND, demonstrating that the rules have teeth.

 

The FATF — global arbiter of AML/CFT standards — acknowledged the strides made by FIU-IND by observing in India’s mutual evaluation, adopted in 2024, that “FIU-IND engages very closely with the sector providing guidance, developing red-flag indications, engaging in offsite and onsite inspections, providing feedback on STRs, and outreach and training.” AML obligations in line with FATF’s standards have helped shrink anonymity and create auditable trails in India, even as FATF warns many jurisdictions still lag in implementing these standards.

 

The industry’s second line of defence

 

In parallel, the dominant industry body in India — the Bharat Web3 Association (BWA) — has published public guidelines that seek to diffuse best practice across exchanges and service providers. While these are not law, BWA members set a common standard of safety and integrity by implementing them. Its consumer protection guidelines prescribe grievance redressal systems, complaint handling, and other mechanisms to protect retail users. Its cybersecurity guidelines, which were released after the WazirX hack, specify cyber hygiene measures, custody controls, data-protection practices, and external audits to protect investors’ coins.

 

BWA has also released fair trading guidelines that prohibit trading against users and lay down controls against wash trading, spoofing, front-running, and pump-and-dump. These guidelines prescribe conflict-of-interest disclosure, surveillance, and periodic self-evaluation or audits, which will help reduce market manipulation risk.

 

BWA’s token-listing guidelines provide a framework for exchanges to risk-score crypto assets listed by them, thus introducing a de facto whitelisting of crypto assets in India. Whitelisting helps filter out ponzi schemes and investment frauds masquerading as crypto assets to defraud gullible investors. BWA has even run a 100-day “Crypto S.A.F.E.” campaign with events and public messaging on phishing, rug-pull red flags, and “guaranteed returns” — a counterweight to crypto ponzi schemes.

 

“Ban, contain, or regulate” — and India’s choice

 

Some policy analysts have decried the lack of regulations on crypto assets in India. They are amnesiac to the regulations already introduced in the past few years and effectively implemented. They also forget that India led the debate on crypto regulations by pushing for a global regulatory framework under its G20 presidency in 2023. These analysts cite recent regulations by jurisdictions whose risks and context are not the same as India, to argue that India has been left behind.

 

The reality is that every country’s response will (and should) differ depending on the country context and risks arising from crypto assets. Contextual factors include foreign exchange rules, monetary policy, market structure, and law-enforcement capacity. In early 2023, the Bank for International Settlements (BIS) concluded that policymakers have three equally fair options: ban certain activities, contain crypto’s links to the real economy, or regulate it akin to traditional finance. What path a country takes depends on its specific jurisdictional context. India’s current efforts appear to be a mix of containment and regulation.

 

At the same time, the strengths of Indian responses cannot be understated. Sovereign responses are proactive and dynamically reviewed. Working in tandem, the industry’s self-regulation has ensured the sustainability of the sector. India’s multi-pronged actions, and the industry’s willingness to publish rules it can be held to, already amount to a mature response to a fast-moving innovation. This is the foundation for sustainable growth of the sector.

 

The author is director of AML/CFT policy in the Department of Revenue and co-chair of FATF’s working group on risk. Views are personal. Industry examples are not endorsements. 

Disclaimer: These are personal views of the writer. They do not necessarily reflect the opinion of www.business-standard.com or the Business Standard newspaper