HomeAnalyticsAlertsAnti-Money Laundering Updates in India: Compliance Obligations for Companies

Anti-Money Laundering Updates in India: Compliance Obligations for Companies

India's anti-money laundering regime is tightening at pace. Regulators – the Reserve Bank of India (RBI) and the Securities and Exchange Board of India (SEBI) – have issued a series of directives that expand the scope of AML obligations and sharpen enforcement. International companies doing business in India now face stricter Know Your Customer (KYC) requirements, new beneficial owner disclosure rules, and tighter timelines for compliance. Failing to act promptly carries material risk: accounts can be frozen, credit facilities suspended, and regulatory licences revoked.

India's updated AML obligations under anti-money laundering legislation impose enhanced KYC, beneficial owner identification, and transaction monitoring duties on a broad range of entities. Companies incorporated under the Companies Act 2013 framework and financial intermediaries regulated by the RBI and SEBI are directly in scope. Affected businesses should complete internal gap assessments and remediate customer records within the compliance windows set out in the relevant directives, which in several cases are already running.

This alert outlines the core regulatory changes, identifies the business categories most immediately affected, and sets out five concrete steps international companies operating in India should take now.

What has changed and when it takes effect

India's anti-money laundering legislative regime has been reinforced through a combination of amendments to primary AML legislation and a new set of regulatory directions issued by the RBI and SEBI. The changes cluster around four themes.

Expanded beneficial owner thresholds. The threshold for declaring a beneficial owner has been lowered. Previously, only individuals holding a significant majority stake in a company were required to be registered. Under the revised rules, a smaller ownership share now triggers the disclosure obligation. This affects holding structures, joint ventures, and companies with dispersed shareholdings where no single party previously crossed the former threshold.

Enhanced KYC re-verification obligations. Financial intermediaries – banks, non-banking financial companies, and securities brokers – must re-verify customer KYC records on a shorter cycle than before. The re-verification requirement now applies to both new and existing customers. Entities that completed KYC under prior standards are not automatically compliant. They must update records to meet the current standard within the period stipulated by the relevant regulator.

Correspondent banking and transaction monitoring. Banks maintaining correspondent banking relationships with foreign institutions face new due diligence requirements. They must document the AML controls of their counterparty institutions and obtain senior management sign-off. This directly affects Indian subsidiaries of international banks and foreign companies that route payments through Indian correspondent accounts.

Reporting timelines compressed. The window for filing suspicious transaction reports has been shortened. Obligated entities must report within a tighter timeframe from the date they form a suspicion. Delays previously treated as administrative shortcomings are now treated as substantive breaches, attracting higher penalties.

For companies navigating the broader regulatory environment, our analysis of banking and finance law in India provides additional context on the interaction between AML obligations and banking regulation.

Who is affected and what the threshold criteria require

The updated AML rules in India apply across a wide range of entity types. Understanding whether your business falls within scope is the first compliance step.

Companies incorporated under Companies Act 2013. Any company registered under corporate legislation in India. whether a wholly owned subsidiary, a joint venture, or a branch of a foreign entity. must maintain accurate beneficial owner registers. Companies with complex ownership chains involving trusts, foundations, or intermediate holding companies face the highest scrutiny. The National Company Law Tribunal (NCLT) has jurisdiction over corporate compliance disputes arising from these obligations.

RBI-regulated financial institutions. Banks, non-banking financial companies, and payment service providers regulated by the RBI are subject to the enhanced KYC and correspondent banking requirements in full. Foreign banks operating in India through branch structures must apply the rules to their India-facing operations regardless of the standards applied in their home jurisdiction.

SEBI-registered intermediaries. Brokers, portfolio managers, investment advisers, and collective investment scheme operators registered with SEBI must apply the updated AML controls to their client onboarding and ongoing monitoring processes. This includes re-screening existing clients against updated beneficial owner criteria.

Companies seeking bank account opening or credit facilities. Any company. domestic or foreign-incorporated. seeking to open a bank account in India or obtain a credit facility from an Indian bank will face the full updated KYC process at the point of application. Submissions that do not meet the current standard will be rejected, causing delays to market entry or expansion plans.

Entities involved in arbitration and cross-border disputes. Companies involved in proceedings under the Arbitration and Conciliation Act (India's principal legislation governing domestic and international commercial arbitration) may be required to demonstrate clean AML status when seeking interim relief or enforcement of awards involving Indian financial institutions.

To receive an expert assessment of your AML compliance exposure in India, contact us at info@ferrazwhitmore.com.

Immediate actions for international companies

The following five steps reflect the most time-critical compliance priorities under the updated AML rules.

  • Conduct a beneficial owner audit. Map all direct and indirect ownership chains for your India-incorporated entities. Identify any individual who now crosses the revised beneficial owner threshold. Update the statutory register and file any required disclosures with the Registrar of Companies within the applicable deadline. Failure to file is a continuing offence under corporate legislation.
  • Re-verify KYC records for all regulated relationships. Review every customer and counterparty record held by your India-regulated entity against the current KYC standard. Identify records that were collected under prior – now superseded – requirements. Prioritise re-verification for high-risk categories: politically exposed persons, non-resident entities, and customers in sectors flagged by regulators as elevated-risk.
  • Review correspondent banking documentation. If your Indian entity maintains accounts with foreign banks or is itself a correspondent banking counterparty, obtain updated AML policy documentation from those institutions. Prepare a due diligence file with senior management sign-off as required by the RBI directive. This documentation should be ready for regulatory inspection at short notice.
  • Update suspicious transaction reporting protocols. Review your internal escalation and reporting procedures against the compressed filing timeline. Assign clear responsibility within your compliance team for identifying triggers and initiating reports. Train relevant staff on the new timeline; the shortened window leaves no room for internal delays.
  • Assess capital markets exposure with SEBI-regulated intermediaries. If your business engages SEBI-registered brokers, investment advisers, or fund managers, confirm that those intermediaries have updated their AML procedures. Your own onboarding documentation with those intermediaries may require refreshing. For listed entities or those considering a listing, the updated rules interact directly with disclosure obligations under capital markets legislation – see our overview of capital markets law in India for the regulatory interface.

International companies with multi-jurisdiction AML programmes should note that India's updated requirements diverge in several material respects from the standards applied in other jurisdictions. A comparison of approaches across markets is available in our alert on AML developments in the UAE.

About Ferraz & Whitmore

Ferraz & Whitmore is an international law firm based in Lisbon, advising business clients across 46 jurisdictions. Our banking and finance practice supports international companies managing AML compliance, KYC obligations, and regulatory relationships in India and across Asia-Pacific markets. As a law firm in India-facing matters, we work with foreign subsidiaries, financial institutions, and in-house legal teams who need practical, results-oriented counsel. Our team includes practitioners with experience before Indian regulators and in cross-border AML enforcement matters spanning both civil law and common law systems. Engaging a lawyer in India with cross-border AML experience at an early stage is consistently the most cost-effective approach to compliance risk. To discuss your situation, contact us at info@ferrazwhitmore.com.

Disclaimer: This publication is provided for informational purposes only and does not constitute legal advice. The information herein should not be relied upon as a substitute for professional legal counsel tailored to your specific circumstances. Ferraz & Whitmore assumes no liability for actions taken or not taken based on the contents of this material. For advice regarding your particular situation, please contact info@ferrazwhitmore.com.