Listen to this post
FIU-IND’s Annual Report 2024-25: Trends and Takeaways for India’s Digital Assets Industry

Introduction

The Financial-Intelligence Unit – India (“FIU-IND”), India’s nodal enforcement agency for anti-money laundering and combatting the financing of terrorism (“AML/CFT”), has released its Annual Report (“Report”) for FY 2024-25.[1] The Report signals two clear trends: one, the continued expansion of India’s digital assets industry, with a focus on bringing offshore virtual digital asset service providers (“VDASP”) within the regulatory ambit; and two, the FIU-IND’s emphasis on data-driven information sharing for enforcement. This FIG Paper explores key areas of the FIU-IND’s focus in the previous year and offers insights into the future of digital assets regulation in the new year.

A. Enforcement Trends

As noted in our previous FIG Paper (No. 51 – VDA Series 7),[2] there is growing enforcement focus on offshore VDASPs. FIU‑IND has been periodically taking enforcement actions for: (i) failure to implement AML/CFT controls; and (ii) non-registration with the FIU-IND.

After the FIU-IND issued its first set of show cause notices to nine offshore exchanges in December 2023, notices were issued to 25 offshore VDASPs on October 1, 2025.[3] Actions typically include monetary penalty and corrective directions from the FIU-IND and platform/ mobile application blocking orders by the Ministry of Electronics and Information Technology (“MeitY”).

Monetary penalties have ranged from INR 34.5 lakh (~USD 38,500) to INR 18.82 crore (~USD 2.1 million). The level of transparency and cooperation displayed by a VDASP has a bearing on the penalty imposed, wherein good faith engagement has resulted in a VDASP being issued only a warning[4] and no monetary sanction.

B. Greater Scrutiny in Registration Process

Recent changes to the VDASP registration process, introduced in circular dated September 15, 2025, now include stringent verification requirements, including in-person meetings, live walkthrough/ demonstration of compliance processes and systems, Computer Emergency Response Team – India (CERT-In) cybersecurity audits and Partner Accreditation for Compliance and Trust (PACT) certificate to be obtained from registered VDASP partners.

VDASPs are required to make live demonstration of tools/ systems related to know-your customer (KYC), sanctions screening, transaction monitoring, blockchain analysis, and ‘Travel Rule’ compliance, moving beyond paper policies to practical evidencing of infrastructure and controls. Creating clear process flows and hands-on demonstrations by capable senior personnel will be essential for new entrants.

C. Co-ordination across Regulators

The FIU‑IND has formalised co-operation and collaboration with other regulators and LEAs through Memorandums of Understanding (“MoU”). Notably, a MoU has also been executed with the Reserve Bank of India (“RBI”), enabling data sharing and co-operation on supervision between the two.[5] With the RBI’s recent observations on the opportunities and systemic risks of stablecoins in its December 2025 Financial Stability Report, it is expected that stablecoin products (e.g., on-chain payments and cross-border settlement solutions) will see heightened scrutiny and cross-reporting.[6]

A major development is that FIU-IND registered VDASPs have also been asked to register with the Indian Cybercrime Coordination Centre (I4C) portal to report cybercrimes and cyber-related frauds to strengthen retail user protection in the digital assets space, which currently lacks a dedicated redressal mechanism.

The FIU‑IND has also signed 51 MoUs with FIUs worldwide. Further, as a member of the Egmont Group, it exchanges information with other Financial Intelligence Units across 182 jurisdictions. Offshore VDASPs entering India may expect the FIU-IND to verify their operations and compliance status in other jurisdictions as part of the registration process.

With India adopting the Organisation for Economic Co-operation and Development (OECD) Crypto Asset Reporting Framework (“CARF”), VDASPs (especially offshore entities) will be required to report user transactions and corresponding disclosures by April 2027.[7] Coupled with tax authorities identifying undisclosed VDA-related incomes of approximately INR 888.82 crore (~USD 98.5 million),[8] the FIU-IND will play a significant role in enforcement of CARF standards. Offshore VDASPs will have to instil reporting hygiene and ensure tax compliance by their Indian users once the implementation guidelines are notified.

D. Data-Driven Enforcement

FIU-IND’s primary role is processing cash transaction reports and suspicious transaction reports (“STR”) of reporting entities and coordinating with law enforcement agencies (“LEA”), intelligence agencies (“IA”) and sectoral regulators on AML/ CFT efforts.

The Report states that FIU-IND is actively analysing STRs filed by VDASPs to understand typologies and threat patterns emerging from the use of Virtual Digital Assets (“VDA”). Data is being used to indicate red flags, geographic concentration of criminal activities and the use of VDAs for serious criminal activity. The FIU-IND’s supervision is moving beyond mere record keeping to creating actionable enforcement outcomes.

Notably, the Report highlights a case wherein a priority STR filed by a VDASP helped LEAs uncover a crypto-laundering scheme involving spoofed exchange accounts and unauthorised transfers. With growing collaboration and integrated data-sharing between regulators (as mentioned above),investigative processes are likely to be swifter, backed by data and inter-agency co-operation.

Outlook for 2026

The Report indicates that the FIU-IND is maturing as a regulator of the digital assets space. Tech-driven collaboration and real-time information sharing with other regulators and LEAs means that the FIU-IND is not operating in vacuum – VDASPs operating in India must be able to demonstrate their compliance culture through timely reporting and compliance mechanisms, especially if they intend to expand their India footprint to other regulated sectors.

[1] Annual Report for FY 2024-25 published by the FIU-IND (available here)

[2] FIG Paper No. 51 (VDA Series 7) on Stablecoins: Recent Indian and Global Regulatory Trends (available here)

[3] Press Release titled ‘Financial Intelligence Unit (FIU IND) issues notices for non-compliance to 25 offshore Virtual Digital Assets Service providers (VDA SPs) under Section 13 of the Prevention of Money Laundering Act (PML) Act, 2002’ issued by the Ministry of Finance dated October 01, 2025 (available here)

[4] Order No. 16/DIR/FIU-IND/2024 issued by the FIU-IND dated March 06, 2025 (available here)

[5] Press Release announcing the MoU between the RBI and the FIU-IND, issued by the FIU-IND dated April 17, 2025 (available here)

[6] Financial Stability Report – December 2025 issued by the RBI (available here)

[7] News report on the adoption of CARF by India dated July 19, 2025 (available here)

[8] Answers given by Shri Pankaj Chaudhary (Minister of State in the Ministry of Finance) in the Lok Sabha on questions pertaining to Black Money in Crypto Currency dated December 08, 2025 (available here)