At present, India does not have a dedicated law or regulation that governs cryptoassets. However, the term ‘virtual digital assets’ (VDAs) has been broadly defined under Section 2 (47A) of the (Indian) Income Tax Act, 1961 (Income Tax Act) (which is the central legislation on income tax in India), to mean “any information or code or number or token (not being Indian currency or foreign currency), generated through cryptographic means or otherwise, by whatever name called, providing a digital representation of value exchanged with or without consideration, with the promise or representation of having inherent value, or functions as a store of value or a unit of account including its use in any financial transaction or investment, but not limited to investment scheme; and which can be transferred, stored or traded electronically.”

The definition of VDAs under the Income Tax Act also includes non-fungible tokens (NFTs) or other tokens of a similar nature and any other digital assets that may be notified by the Government in the future.

In India, there is no dedicated law that regulates cryptoassets. That said, there have been proposals in the past to introduce legislation (namely, the Banning of Cryptocurrency & Regulation of Official Digital Currency Bill, 2019 (2019 Crypto Bill) and the Cryptocurrency and Regulation of Official Digital Currency Bill, 2021 (2021 Crypto Bill)) to ban all private cryptocurrencies in India and put in place a facilitative framework for creation of an official digital currency issued by the Reserve Bank of India (RBI). However, both the 2019 Crypto Bill as well as the 2021 Crypto Bill have not, to date, been tabled before the Indian Parliament.

Having said that, certain existing laws have been amended to regulate activities or provision of any services related to VDAs. These include:

• Prevention of Money Laundering Act, 2002 (PMLA) and Prevention of Money Laundering (Maintenance of Records Rules), 2005 (PML Rules) read with Financial Intelligence Unit – India’s (FIU-IND) Anti-Money Laundering (AML) and Countering Financing of Terrorism (CFT) Guidelines. The PMLA is the core legislative framework in India to combat money laundering activities. The PMLA read with the PML Rules impose obligations on ‘reporting entities’ to verify the identity of their clients, maintain records and furnish information to the FIU-IND, amongst other things. The Ministry of Finance issued a notification dated March 07, 2023 (PMLA Notification) pursuant to which it has categorised VDA service providers as ‘reporting entity(ies)’. As a result, VDA service providers are now required to fulfil the key obligations of a ‘reporting entity’ envisaged under the PMLA and the PML Rules. See Question 6, below, for further information. 
• CERT-In (Indian Computer Emergency Response Team) Guidelines. CERT-In is a national nodal agency established under the Information Technology Act, 2000 (IT Act) to deal with cyber security incidents. On April 28, 2022, CERT-In issued certain directions to service providers, intermediaries, bodies corporate, virtual asset service providers, virtual asset exchange providers, custodian wallet providers etc., relating to information security practices, procedures, prevention, response and reporting of cyber incidents for a “safe & trusted internet”. Apart from mandating the reporting of certain specified cyber incidents to CERT-In, these directions also require service providers, intermediaries and bodies corporate to mandatorily maintain and retain logs of all their information and communications technology systems for a rolling period of 180 days within India. Subsequently, clarifications to these directions were issued by CERT-In by way of frequently asked questions on May 18, 2022 (FAQs). These FAQs clarified that the information and communications technology systems logs can be stored outside India as long as a copy is retained within India. 
• Advertising Standards Council of India (ASCI) Advertising Guidelines (ASCI Guidelines). On February 23, 2022, ASCI issued guidelines for advertising and promotion of VDAs and related services which are applicable to all VDA related advertisements released on or after April 01, 2022. The ASCI Guidelines require advertisers and media owners to ensure that any earlier advertisements that are in non-compliance with these guidelines do not appear in the public domain after April 15, 2022. The ASCI Guidelines, amongst other things, prescribe certain disclaimer related requirements for all advertisements for VDA products and VDA exchanges, or for featuring VDAs, which vary depending on the medium of advertisement. The following disclaimer is to be used for all such advertisements: “Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions.” This disclaimer is to be made in a manner that it is prominent and unmissable by an average consumer and also be in the dominant language of the advertisement, meeting the minimum requirements laid down under the ASCI Guidelines. Depending on the medium of the advertisement (print or static, video, audio, social media posts, etc.) the disclaimer will vary. For celebrities or prominent personalities who appear in VDA advertisements, the ASCI Guidelines prescribe for requisite due diligence to be undertaken for statements and claims made in such advertisements, to ensure that the consumer is not misled.
• Amendment to the Income Tax Act. The Government of India, through the Finance Act, 2022, amended the Income Tax Act to include the concept of VDAs (which, as highlighted in Question 1 above, includes NFTs). By virtue of this amendment, any income earned from the transfer of VDAs has been taxed at a flat rate of 30%. By way of another amendment to the Income Tax Act, the Finance Act, 2022 also introduced 1% withholding (at 1% of the consideration payable) on a person responsible for paying to any resident any sum by way of consideration for transfer of a VDA, with effect from July 01, 2022.
• Schedule III of the Companies Act, 2013. The Ministry of Corporate Affairs, through its notification dated March 24, 2021, mandated all companies to disclose details regarding their trade or investments in cryptocurrencies or virtual currencies in its financial statements from April 01, 2021. These details include disclosing any profit or loss made on transactions involving cryptocurrencies or virtual currencies, amount of cryptocurrencies or virtual currencies held, and any deposits or advances from any person for the purpose of trading or investing in cryptocurrencies or virtual currencies.

At present, there is no authorisation or licensing regime for cryptoasset issuers, providers or exchanges in India. That said, pursuant to the PMLA Notification, VDA service providers are now required to register themselves with the FIU-IND as ‘reporting entities’ under the PMLA. This entails the requirement of VDA service providers to, amongst other things, undertake enhanced due diligence prior to the commencement of any transaction, maintain records of transactions for a period of five years from the date of transaction, report suspicious transactions to the FIU-IND, and so on. See Question 6, below, for further information.

The promotion of cryptoassets to investors is not regulated in India, hence there is no requirement to publish white papers or provide other information for such financial promotion. That said, the promotion of cryptoassets (and any services provided in relation to cryptoassets) to consumers in the form of promotional advertisements is regulated in India by the ASCI Guidelines (see Question 2, above).

In India, the legality and enforceability of a contract is primarily governed under the Indian Contract Act, 1872 (ICA). The ICA, amongst other things, identifies the essentials of a valid and legally enforceable contract (under Section 10 of the ICA), which includes a legitimate offer, proper acceptance, free consent of the contracting parties, lawful consideration and a lawful objective. Further, the IT Act, and amendments made to it have also bestowed legal validity to contracts that are formulated and expressed in electronic forms or by means of electronic records. Further, in Trimex International Fze v. Vedanta Aluminium Limited, the Hon’ble Supreme Court of India ruled on the validity of an unregistered and unsigned contract discussed by email, confirming the legal enforceability of contract via email.

Hence, it can be said that smart contracts in relation to cryptoassets executed between two freely consenting persons competent to enter into contractual relationships for a lawful object and lawful consideration are legally enforceable in India.

However, with regard to the consideration in such smart contracts, it may be pertinent to note that the ICA prescribes essentials of lawful consideration, which are, it is not forbidden by law, it does not undermine the requirements of any law if permitted, it is not fraudulent or involving injury to an individual or property, and it is not immoral or opposed to public policy. So, in the event there is any legislative intervention in the future deeming cryptoassets or certain kinds of cryptoassets to be illegal, it could consequently make smart contracts for such transactions illegal and therefore unenforceable.

The substantive and procedural criminal laws in India do not specifically carve out provisions in relation to crypto frauds. That said, victims of crypto fraud have taken recourse under existing offences that have been defined under the Indian Penal Code, 1860 (IPC) (the substantive legislation in India pertaining to criminal offences), read with the relevant provisions of the IT Act. For instance, recently a person who was lured into a crypto investment scam lost INR 43 lakh. Based on the complaint made by that person and a subsequent inquiry into the matter, the police authorities registered the case as an offence of cheating under the IPC along with supporting provisions under the IT Act.