6.1 Cryptocurrency and Criminal Activity
While the vast majority of cryptocurrency transactions are legitimate, the pseudonymous nature of blockchain transactions has attracted criminal exploitation. Understanding the intersection of crypto and crime is essential for technology lawyers advising clients on compliance and defense matters.
Categories of Crypto-Related Crimes
| Category | Description | Applicable Laws |
|---|---|---|
| Money Laundering | Using crypto to disguise proceeds of crime | PMLA, 2002 |
| Terror Financing | Funding terrorist activities through crypto | UAPA, 1967; PMLA |
| Fraud/Cheating | Ponzi schemes, rug pulls, fake ICOs | IPC S.420; IT Act |
| Ransomware | Demanding crypto for data decryption | IT Act S.66; IPC S.384 |
| Darknet Markets | Illegal goods/services purchases | NDPS Act; Arms Act; etc. |
| Tax Evasion | Hiding crypto gains from authorities | Income Tax Act; Black Money Act |
| FEMA Violations | Unauthorized cross-border transfers | FEMA, 1999 |
6.2 Prevention of Money Laundering Act (PMLA), 2002
The PMLA is the primary legislation addressing money laundering in India and has been actively applied to cryptocurrency-related offenses.
Key Provisions Applicable to Crypto
Whosoever directly or indirectly attempts to indulge or knowingly assists or knowingly is a party or is actually involved in any process or activity connected with the proceeds of crime including its concealment, possession, acquisition or use and projecting or claiming it as untainted property shall be guilty of offence of money-laundering.
Proceeds of Crime - Section 2(1)(u)
Includes "any property derived or obtained, directly or indirectly, by any person as a result of criminal activity relating to a scheduled offence." Cryptocurrencies obtained through predicate offenses constitute proceeds of crime.
Scheduled Offences Relevant to Crypto
- Part A: Offences under NDPS Act (drug trafficking)
- Part B: Offences under various laws including IPC sections on cheating, fraud, forgery
- Part C: Cross-border implications, FEMA violations
2023 Amendment: Virtual digital assets and related activities were brought under the PMLA framework, requiring crypto exchanges to register as reporting entities with FIU-IND and comply with KYC/AML obligations.
Reporting Entity Obligations
Crypto exchanges registered with FIU-IND must:
- Maintain KYC records for all customers
- Verify identity documents against government databases
- Monitor transactions for suspicious activity
- File Suspicious Transaction Reports (STRs) within 7 days
- File Cash Transaction Reports (CTRs) for large transactions
- Maintain records for 5 years post-relationship
- Appoint a Principal Officer for PMLA compliance
6.3 Enforcement Directorate (ED) Actions
The Enforcement Directorate has been increasingly active in crypto-related investigations and seizures.
ED Powers Under PMLA
| Power | Section | Application to Crypto |
|---|---|---|
| Search & Seizure | S.17 | Seizure of hardware wallets, devices, exchange accounts |
| Attachment | S.5 | Provisional attachment of crypto assets |
| Arrest | S.19 | Arrest of persons involved in money laundering |
| Summons | S.50 | Compel appearance and document production |
| Confiscation | S.8 | Permanent confiscation after adjudication |
WazirX Investigation (2022):
- ED attached assets worth Rs. 64.67 crore in connection with Chinese loan app fraud
- Alleged that WazirX was used to launder proceeds of crime
- Raised questions about exchange due diligence obligations
Vauld India Case (2022):
- ED conducted searches at multiple locations
- Investigation into alleged FEMA and PMLA violations
- Highlighted cross-border compliance challenges
Challenges in Crypto Seizure
- Private Key Access: Crypto cannot be seized without private keys
- Self-Custody: Hardware wallets may be encrypted or hidden
- Mixers/Tumblers: Obfuscation techniques complicate tracing
- Cross-Border Holdings: Assets on foreign exchanges
- Valuation: Volatility creates valuation challenges for attachment
6.4 Ransomware and Cyber Extortion
Ransomware attacks demanding cryptocurrency payments have emerged as a significant cybersecurity threat, with Indian organizations increasingly targeted.
Legal Framework for Ransomware
| Offence | Provision | Punishment |
|---|---|---|
| Computer System Damage | IT Act S.66 | Up to 3 years imprisonment + fine |
| Cyber Terrorism | IT Act S.66F | Imprisonment up to life |
| Extortion | IPC S.384 | Up to 3 years imprisonment |
| Criminal Intimidation | IPC S.503 | Up to 2 years imprisonment |
Payment Dilemma: Paying ransomware demands may expose organizations to PMLA liability if the payment funds a scheduled offence. It may also violate sanctions if the attacker is on designated lists. Legal counsel should be consulted before making any payment decisions.
CERT-In Reporting Requirements
Under the CERT-In Directions 2022, organizations must:
- Report ransomware incidents within 6 hours of detection
- Maintain logs of ICT systems for 180 days
- Synchronize system clocks with NIC/NPL time servers
- Register with CERT-In as a service provider
6.5 Blockchain Forensics and Investigation
Despite the pseudonymous nature of blockchain, advanced forensic techniques enable tracing of illicit transactions.
Blockchain Analysis Techniques
- Cluster Analysis: Grouping addresses controlled by same entity
- Transaction Graph Analysis: Mapping flow of funds
- Heuristic Analysis: Identifying patterns indicating common ownership
- Exchange Attribution: Identifying known exchange addresses
- Mixer Detection: Identifying transactions through mixing services
- Time-Based Analysis: Correlating transaction timing with activities
Tools Used by Investigators
| Tool | Provider | Capabilities |
|---|---|---|
| Chainalysis Reactor | Chainalysis | Investigation platform, attribution, visualization |
| Elliptic | Elliptic | Risk scoring, sanctions screening, tracing |
| CipherTrace | Mastercard | AML compliance, investigation tools |
| Crystal Blockchain | Bitfury | Analytics, compliance, investigation |
Evidence Collection Best Practices
For Legal Practitioners:
- Document blockchain transaction hashes with timestamps
- Capture screenshots with provable timestamps
- Obtain certified copies of blockchain data where possible
- Chain of custody documentation for any seized devices
- Expert opinion on blockchain analysis methodology
- Section 65B certification for electronic evidence
6.6 Crypto Fraud Schemes
Common Fraud Typologies
- Ponzi/Pyramid Schemes:
- Promise unsustainable returns
- Pay early investors with later investor funds
- Examples: BitConnect, OneCoin, GainBitcoin
- Rug Pulls:
- Developers abandon project after raising funds
- Liquidity removed from DeFi pools
- Common in meme coins and new projects
- Fake ICOs/Token Sales:
- No actual product or development
- Fraudulent white papers and teams
- Phishing and Social Engineering:
- Fake exchange websites
- Wallet draining malware
- Impersonation of support staff
- Pig Butchering:
- Romance scams leading to fake investment platforms
- Victims guided through fake crypto investments
- Large-scale international operations
One of India's largest crypto frauds, allegedly orchestrated by Amit Bhardwaj:
- Promised 10% monthly returns on Bitcoin investments
- Estimated fraud value: Rs. 2,000+ crore
- Multiple FIRs across states
- ED investigations under PMLA
- Accused arrested and cases ongoing
Legal Issues: Prize Chits and Money Circulation Schemes (Banning) Act, IPC sections on cheating and criminal conspiracy, PMLA violations.
6.7 Defense Strategies
For lawyers defending clients accused of crypto-related offenses:
Key Defense Considerations
- Mens Rea: Prove lack of knowledge that funds were proceeds of crime
- Due Diligence: Demonstrate compliance efforts and KYC procedures
- Attribution: Challenge linking of addresses to the accused
- Technical Evidence: Question blockchain analysis methodology
- Proportionality: Challenge excessive attachment/seizure
- Bail: Argue for bail noting investigation cooperation
PMLA Bail Considerations
Section 45 of PMLA creates stringent bail conditions:
- Twin conditions: reasonable grounds to believe not guilty AND unlikely to commit offence
- Public Prosecutor must be given opportunity to oppose
- Conditions apply regardless of punishment quantum
Vijay Madanlal Choudhary v. Union of India (2022): The Supreme Court upheld the constitutional validity of Section 45 but clarified that courts retain discretion and must consider the totality of circumstances. For crypto cases, cooperation with investigation and lack of flight risk may support bail applications.
6.8 Key Takeaways
- Cryptocurrencies used for money laundering trigger PMLA liability
- Crypto exchanges must register with FIU-IND and comply with reporting obligations
- ED has actively pursued crypto seizures using PMLA powers
- Ransomware payments create complex legal considerations including potential PMLA exposure
- Blockchain forensics can trace transactions despite pseudonymity
- Defense strategies should focus on mens rea, attribution challenges, and technical evidence scrutiny