The Prevention of Money Laundering Act, 2002 (PMLA) is a crucial legislation in India aimed at preventing money laundering and terrorist financing. The PMLA mandates financial institutions, banking companies, and intermediaries to maintain records of their client's transactions and conduct due diligence to prevent money laundering. On 7th March 2023, the Ministry of Finance, Department of Revenue, Government of India introduced the Prevention of Money Laundering (Maintenance of Records) Amendment Rules, 20231, to enhance the existing rules and regulations on client due diligence and record keeping.


The Amendment Rules introduced a new definition of "Group,"2 which includes entities belonging to a multinational enterprise group or a group required to prepare consolidated financial statements under any law or regulation. This definition is consistent with Section 286(9)(e) of the Income Tax Act, 1961. The inclusion of this definition is necessary as it provides clarity on entities considered part of a group for anti-money laundering efforts.

It is important to note that the previous version of the Prevention of Money Laundering Act, 2002 (PMLA) mandated parent entities to prepare a consolidated financial statement if any of its enterprises had equity shares listed on a stock exchange in the country or territory where the parent entity is resident. This requirement remained unchanged in the new amendment rules issued by the Ministry of Finance, Department of Revenue, Government of India.

However, it is crucial for parent entities to be aware of their obligations under the PMLA and other relevant laws and regulations related to financial reporting. Compliance with these regulations not only promotes transparency and accountability in financial reporting practices but also contributes to the efforts to prevent money laundering and terrorist financing.

Politically Exposed Persons

The Amendment Rules also introduced a revised definition of "PEPs" or politically exposed persons, which clarifies the individuals that qualify as PEPs, including foreign PEPs. PEPs are individuals holding significant public positions or with close associations to such individuals. Such individuals are considered high-risk clients due to their susceptibility to corruption or bribery.

The identification and monitoring of PEPs is a vital element of the overall Anti-Money Laundering (AML) and Combating Financing of Terrorism (CFT) framework. The amended provisions will enable reporting entities to evaluate the risk associated with PEPs and implement necessary measures to prevent money laundering and terrorist financing.

To effectively identify and monitor PEPs, reporting entities can implement the following practical measures:

Conduct a risk assessment: Reporting entities should conduct a risk assessment to identify the level of risk associated with a customer. PEPs are considered high-risk customers and require additional scrutiny.

Enhanced due diligence: Reporting entities should conduct enhanced due diligence (EDD) measures for PEPs. This includes obtaining additional information about the customer, such as the source of funds, the nature of the business relationship, and the purpose of the transaction.

Screening: Reporting entities should screen their customers against a PEP list. This list can be obtained from regulatory authorities or other reliable sources. Any matches should be investigated further.

Ongoing monitoring: Reporting entities should monitor the transactions and activities of PEPs on an ongoing basis. This includes reviewing the customer's account activity, transactions, and source of funds.

Training: Reporting entities should provide regular training to their staff to enhance their understanding of PEPs and the risks associated with them.

Client Due Diligence:

The Amendment Rules extended the documentation requirements for client due diligence (CDD) beyond basic KYCs, such as registration certificates and PAN copies. The clients must now provide more detailed information such as the names of persons holding senior management positions, partners, beneficiaries, trustees, settlers, and authors, depending on the legal form of organization. Clients must also provide details on their registered office address and principal place of business to financial institutions, banking companies, or intermediaries.

Developing and implementing written policies and procedures that establish guidelines for CDD could be a thoughtful step. This includes identifying the types of information and documentation required, the process for verifying the identity of customers, and the frequency of updates. Assign responsibility for CDD to a specific team or individual within the firm. This will ensure that CDD is conducted consistently and in accordance with the firm's policies and procedures.

Darpan Portal

According to the amended rules, reporting entities are required to upload the KYC data and related documents of their customers on the DARPAN portal within three days of the establishment of a business relationship or the conduct of a transaction. This requirement will facilitate the secure and efficient exchange of KYC data between reporting entities and the Department of Posts, while also reducing the burden of paperwork and streamlining the KYC process.

In addition, the new provisions allow reporting entities to share KYC data with customer consent, provided it is done securely and in compliance with data protection laws. The digitization of the KYC process through the use of the DARPAN portal will help prevent money laundering and terrorist financing by allowing reporting entities to better assess customer risk and conduct enhanced due diligence measures when necessary.3

Illustration: A non-profit organization may receive a substantial donation from an individual or corporation. In accordance with revised regulations, the organization is obligated to perform due diligence on the donor and maintain comprehensive records of the transaction. To fulfill these requirements, the DARPAN portal can be utilized to register the donor and electronically store pertinent details such as their identity, address, source of funds, and the purpose of the donation.

Furthermore, the DARPAN portal is an invaluable tool for identifying Politically Exposed Persons (PEPs) and conducting enhanced due diligence on them. Non-profit organizations can use the portal to verify whether a donor is a PEP and take appropriate measures to reduce the risk of money laundering and terrorist financing. This platform aids in the fulfillment of regulatory obligations while minimizing the risk of non-compliance with financial regulations.

Preventing Misuse of Legal Persons and Arrangements4

Reporting entities are required to take steps to determine the beneficial owner of a customer. The beneficial owner is defined as any natural person who ultimately owns or controls a customer, or any natural person on whose behalf a transaction is conducted. Reporting entities must identify the beneficial owner and take reasonable steps to verify their identity using reliable and independent sources. If the beneficial owner is a legal person or a legal arrangement, reporting entities must identify the natural person(s) who ultimately own or control the legal person or legal arrangement.

The purpose of this provision is to prevent the misuse of legal persons and arrangements for money laundering and terrorist financing. By identifying and verifying the beneficial owner, reporting entities can better assess the risk associated with a customer and take appropriate measures to prevent financial crimes.

Why This Amendment?

The Amendment Rules bring about crucial changes that reinforce anti-money laundering efforts in India by providing more clarity on definitions and documentation requirements. By requiring more detailed information from clients during the due diligence process, financial institutions can better identify high-risk clients involved in money laundering. These changes signify a significant step forward in the battle against money laundering and terrorist financing in India. Moreover, the implementation of the DARPAN portal is a significant step towards the modernization of the KYC process and the efficient exchange of data between reporting entities and the Department of Posts. It will not only reduce the burden of paperwork but also help prevent financial crimes by enabling reporting entities to make informed risk assessments and take appropriate measures.

Crypto and other digital assets service providers: As per the recent amendments to the rules in India, digital asset service providers are classified as Reporting Entities5 and are subject to compliance with all anti-money laundering and counter-terrorist financing measures mentioned in this note.

Since digital asset service providers are now classified as reporting Entities necessary steps must be taken to ensure compliance with the amended rules. This includes appointing a principal officer and designating a director to oversee overall compliance. The designated director and principal officer's name, designation, and address must be communicated to the Financial Intelligence Unit – India ("FIU-IND")6.

The principal officer of the reporting entity7 is responsible for complying with specific requirements under the PML Rules. This includes providing monthly information on all cross-border wire transfers valued at more than INR 5,00,000 (Five lakhs)8 or it's equivalent in foreign currency to the FIU-IND and retaining a copy of the same. The principal officer must also promptly provide information to the FIU-IND on all suspicious transactions within seven working days of being satisfied that the transaction is suspicious. Such transactions include deposits and credits, withdrawals into or from any accounts in any currency, credits or debits into or from any non-monetary accounts, money transfers or remittances in favour of own clients or non-clients from India or abroad and to third-party beneficiaries in India or abroad, loans and advances including credit or loan substitutes, investments, and contingent liability, and collection services in any currency.



2. RULE 2 Sub-rule (1)

3. sub-rule 9-A

4. Rule 9, Sub-rule 3


6. Sec 12 of the The Prevention of Money-Laundering Act, 2002

7. Reporting entity in this particular scenario are Digital asset service providers.

8. Rule 7(2)

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.