Compliance Obligations under IFSCA AML/CFT Guidelines 2022

Compliance Obligations under IFSCA AML/CFT Guidelines 2022

In accordance with the IFSCA guidelines on Anti-money laundering (AML) and Counter-Terrorist Financing (CTF), the regulated entity must frame such policies and adopt systems and controls that protect them from any money laundering and terrorist financing risks. Therefore in the process of framing such policies and maintaining business relationships with the customer and in addition to complying with the provisions of the guidelines, they shall also comply with the compliance obligations under international agreements and domestic laws. The present article will cover the various compliance obligations under IFSCA AML/CFT guidelines 2022.

Requirements or Obligations under International Agreements Communications from International Agencies

The compliance obligations under IFSCA AML or CFT guidelines 2022 require the regulated entity to make sure that they do not have any accounts in the name of individuals or persons appearing in the lists of individuals & entities suspected of having terrorist links, which are approved and periodically updated by the United Nations Security Council. The regulated entity shall need to check the below-mentioned list for the compliance obligations under IFSCA:

1. ISIL (Da’esh) &Al-Qaida Sanctions List: The list includes the name of individuals & entities associated with the AL-Qaida.

2. 1988 Sanctions List: The list includes the name of individuals & entities associated with the Taliban.

Reporting of Accounts: The regulated entity shall report the details of the individual’s accounts mentioned in the above two lists to the FIU-IND (Financial Intelligence Unit- India) apart from taking an advice from the Ministry of Home Affairs in terms of UAPA.

Additional resolutions: In addition to the above list, the regulated entity must check the other UNSC resolutions circulated by IFSCA in reference to any other jurisdictions or entities from time to time as a measure of compliance obligations under IFSCA.

READ  Risk Based Approach and assessment under IFSCA AML/CFT Guidelines 2022

Freezing Of Assets under Section-51A of UAPA 1967

The compliance obligations under IFSCA for freezing of assets take place according to the procedure laid down in UAPA order number 14014/01/2019/CFT dated 2nd February 2021 issued by Counter Terrorism and Counter Radicalization Division of the Ministry of Home Affairs, Govt. of India.

Jurisdictions That Do Not Apply the FATF Recommendations

The compliance obligations under IFSCA in regard to FATF recommendations are:

  • The regulated entity shall need to consider the statements released by the FATF and public information available for the identification of the countries that do not follow the FATF recommendations.
  • The regulated entity shall need to give special attention to those transactions in which the business relationship is maintained with the person, including legal and financial institutions from the countries or jurisdictions which do not apply FATF recommendations or jurisdiction included in the FATF statements.

Exemption:  The regulated entity is not required to preclude itself from having legitimate trade & business transactions with the countries or jurisdictions included in the FATF statement.

Examination of Purpose and Backgrounds: The regulated entity must examine the transaction’s background and purpose with a person from a country or jurisdiction that does not apply FATF recommendations. Further, the regulated entity must keep the findings in writing along with all the documents and make those documents and findings available to the regulatory authority and other authorities on the request.

Sharing of Information and Secrecy Obligations

In addition to compliance obligations under IFSCA, the regulated entity is also entrusted with the secrecy obligation. The provision for secrecy obligation mandates that:

  1. The regulated entity shall maintain secrecy or confidentiality of the customer information that arises out of the contractual relationship between it & the customer.
  2. The information obtained from the customer is confidential and shall not be divulged to anyone without the customer’s consent.
  3. In case of a request for data or information from the government or agencies, the regulated entity shall make sure that the information requested should not be of such a nature that will violate the provision of the laws relating to secrecy.
READ  Internal Policies, Compliance, Audit & Training under IFSCA AML/CFT

Exceptions to the Obligations: There are certain situations under which the above obligations may be exempted from disclosures:

  • Disclosures under compulsion of law.
  • Duty towards the public for the disclosures.
  • Disclosures in the interests of the Regulated entity. 
  • Any disclosure made with the express and implied consent of the customer.

Reporting Requirements under FATCA and CRS

The compliance obligations under IFSCA require that the regulated entity shall comply with the provisions of Income Tax Rules 114F, G, H  in order to determine whether it is a “Reporting Financial Institution” as defined under Rule 114F and if so, the regulated should undertake the following steps for complying with the reporting requirements.

1. The Regulated Entity is required to register itself as the “Reporting Financial Institution” on the E-filing portal of the Income Tax Department.

2. The Regulated Entity is required to submit the reports online, which shall be accompanied by the digital signature of “Designated Director” by either uploading it in the form of “Form 61B” or “NIL” report. 

3. The Regulated Entity is required to develop a framework for information technology for carrying out the procedure of due diligence and recording or maintaining the same in accordance with Rule 114H.

4. The regulated entity shall develop an audit system for IT framework & compliance with Rules 114F, 114G & 114H.

5. The regulated entity must develop a high-level monitoring committee under the “Designated Director” or any other equivalent functionary which will monitor all the compliance processes.

6. The regulated shall comply with the updated instructions, rules, guidance notes, or press releases issued by CBDT from time to time. The entity shall also consider the following:

a. Updated Guidance Notes on FATCA (Foreign Account Tax Compliance Act) and CRS (Common Reporting Standards).

b. Press release on the closure of accounts under Rule 114H.

READ  Code of Conduct for Registered or Associated Distributors under IFSCA

Sharing KYC Information of Indian Residents with Central KYC Records Registry (CKYCR)

The compliance obligations under IFSCA for sharing KYC information of Indian residents require the regulated entity to obtain the customer’s records & upload them on CKYCR within 10 days of establishing a business relationship with the customer and shall ensure that:

1. KYC records are to be uploaded as per KYC template released by CERSAI

2. The KYC identifies generated by CKYCR be communicated to the customer.

3. The performance of the last KYC verification and the updated information concerning the customer to CKYCR.

However, where the customer has deliberately submitted the KYC Identifier to the regulated entity with explicit consent to download records from CYKYCR in that case the regulated entity is allowed to retrieve the KYC records online from CKYCR and the customer is not required to submit the same KYC information unless:

  1. There is a change in the records of customer information as existing in the records of CKYCR
  2. The present address of the customer is verified.
  3. The regulated entity must verify the address or the identity of the customer.
  4. The regulated entity finds it necessary to conduct enhanced due diligence or build an appropriate customer risk profile.

Moreover, it is also pertinent to mention that the regulated entity is not required to submit the KYC records to the Central KYC Records Registry in the case of froing nationals.


The IFSCA[1] is a regulatory body aiming to provide ease of business to the business operating in the IFSC. The IFSCA not only regulates the business in the region of the IFSC but also regulates the functioning of the entities involved in any business transaction. Henceforth, in order to eliminate the risk of money laundering or terrorist financing, the IFSCA requires the regulated entity to comply with the terms and conditions enumerated under the IFSCA guidelines. The compliance obligations under IFSCA enable the regulated entity to maintain a business relationship by acquiring the KYC records of the customer. Moreover, it is also mandated that a regulated entity shall not maintain a relationship with the customer who resides in the jurisdiction or country that does not apply FATF recommendations.

Read Our Article: IFSCA guidelines on Anti-Money Laundering or Counter-Terrorist Financing

Trending Posted