In this article, we delve into the Delhi High Court's verdict on PayPal Payments Private Limited v. Financial Intelligence Unit – India, analysing the complexities surrounding the definition of 'reporting entities' under the Prevention of Money Laundering Act (PMLA) and its implications for fintechs.

The Delhi High Court's recent judgement in PayPal Payments Private Limited (PayPal) v. Financial Intelligence Unit – India (FIU) has opened up Pandora's box. At its heart? The expansive reading of 'reporting entities' under the Prevention of Money Laundering Act (PMLA), which may rain on the parade of many fintechs.

The Background

The FIU had claimed PayPal was a 'Payment Service Operator' (PSO), an entity that enables payments between remitters and beneficiaries, including clearing, payment or settlement. By extension, PayPal was instructed to register as a 'reporting entity' under the PMLA. Reporting entities are usually financial institutions (including PSOs), dealers in precious metals real estate agents, or other designated businesses or professions. As a reporting entity, PayPal would have a laundry list of know your customer (KYC) and anti-money laundering (AML) compliances under the PMLA, including a mandate to periodically report large or suspicious transactions.

PayPal rejected FIU's directive, claiming that they were not classified as a PSO under the Payment and Settlement Systems Act (PSS Act), but as an Online Payment Gateway Service Provider (OPGSP) instead. As an OPGSP, PayPal operated as a mere technology layer over financial transactions and was not involved in the actual handling of funds. They functioned similarly to Amazon Pay or Google Pay, which were not considered to be PSOs. Since PSOs shared identical definitions under the PMLA and PSS Act, PayPal argued that a contrary reading by the FIU was legally unsupported.

The FIU rejected these arguments and issued a show cause notice to PayPal for non-compliance. After several months of back and forth, the FIU finally imposed a penalty of Rs. 96 lakhs on PayPal. Aggrieved by this order, PayPal appealed to the Delhi High Court.


The Court observed that the intent behind the PMLA and PSS Act are vastly different. The former seeks to address money laundering, while the latter regulates payment systems. Given this, the definition of PSOs (for the purpose of the PMLA) was read widely and included a broad range of entities facilitating transfer of funds. The argument was fortified by noting the usage of equivocal words like "enabling" in defining the role of payment systems under the PMLA. A narrow reading, as was observed, would defeat the very purpose of the statute.

Functionally, PayPal facilitated fund transfers between Indian beneficiaries and foreign remitters. While PayPal did not 'handle' the fund transfers in these circumstances (which occurred through normal banking channels), it collected information that was not passed on to banks. As money laundering involves the obfuscation of funds, the Court observed that authorities under the PMLA should be empowered to analyse transaction data at every step. Effectively, PayPal's role limited the visibility of banks only to transaction endpoints, thereby defeating the ability of the FIU to investigate suspicious transactions meaningfully.

The conclusion? You can still be a PSO under the PMLA even if not classified as one under the PSS Act. You just have to be involved in any stage of a transfer of funds. Enabling the FIU, the Court noted that with the progress of technology, it becomes important that all aspects of transaction related data, including identity information of the beneficiary and the remitter, is shared with authorities expeditiously.

To this end, the Court also highlighted the difference between PayPal and technology layers of UPI transactions (like Amazon Pay and Google Pay). Under the UPI framework, transfers happen through partner banks, where both beneficiary and remitter details are captured, in compliance with extant KYC norms.

Of Actions and Consequences

The Court dismissed the penalty imposed by the FIU, in recognition of the good faith on PayPal's end. The Court observed that PayPal genuinely thought that the FIU's actions were erroneous under law. Despite this, PayPal maintained open lines of communications with the FIU and proposed alternate models of information sharing, signaling their intent to cooperate with the authorities. This has been received positively by the industry as it allows them to take more interpretation-based calls, given the current ambiguities in the payment sector.

On the flipside, it has raised several concerns as already struggling players now potentially have to grapple with additional reporting obligations under the PMLA. However, this may not be an immediate risk. The judgement does not automatically classify all fintechs as reporting entities. So, unless the FIU issues a notification or individually reaches out, we do not believe there is a proactive requirement to register with the FIU.

However, our recommended course of action for participants in the payments space would be to start record keeping and reporting of suspicious transactions, irrespective. As evidenced by the PayPal case, this approach becomes relevant in correspondence with authorities. Recent regulatory and judicial winds are also blowing towards more formal regulation and reporting by erstwhile unregulated fintechs. In the interim, and as with these cases, it can go a long way in establishing good faith through good actions.

This post has been authored by Amit Kiran, Principal Associate and Ayush Verma, Associate

Image credit: Shutterstock

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.