top of page
Search

AML, CFT & KYC Compliance in GIFT City IFSC: 2026 FAQs for Regulated Entities

  • Writer: GIFT CFO
    GIFT CFO
  • Jul 17, 2025
  • 4 min read

Updated: Mar 23


Introduction: Why AML-CFT-KYC Compliance Is Critical in GIFT City IFSC


Understanding AML, CFT, and KYC compliance in GIFT City IFSC is essential for any regulated entity looking to operate smoothly and avoid regulatory risks. Whether you are a bank, fintech company, fund manager, or insurance entity, staying compliant with evolving IFSCA guidelines is not just a legal requirement but a critical business necessity.


This guide answers the most important FAQs around AML, CFT, and KYC compliance in GIFT IFSC for 2026, while also helping you understand how to implement these regulations practically in your day-to-day operations.



Fintech professionals analyze risk data on a digital compliance dashboard, highlighting KYC profiles and AML alerts, set against a backdrop of GIFT City buildings
Fintech professionals analyze risk data on a digital compliance dashboard, highlighting KYC profiles and AML alerts, set against a backdrop of GIFT City buildings


Q1. Who must comply with IFSCA's AML-CFT-KYC Guidelines?

All Regulated Entities (REs) licensed, registered, or authorized by IFSCA, including:

  • Fund Management Entities (FMEs)

  • Finance Companies (FCs) and Finance Units (FUs)

  • Banking Units

  • Brokers, Insurers, Exchanges, etc.

These guidelines also apply to the Financial Group of an RE.

Q2. Who can be the Designated Director and Principal Officer?

  • Designated Director: Head of the IFSC entity (must be a natural person)

  • Principal Officer (PO): Senior official with authority; must be independent of internal audit or business lines

One person cannot hold both roles

Q3. Can the Designated Director or PO be from the Indian parent company?

No. They must be based in the IFSC unit and possess the authority within the RE itself.

Q4. Is a separate AML-CFT-KYC policy required?

Yes — every RE must have a policy approved by its Governing Body, which could be:

  • Board of Directors (company)

  • Partners (LLP or firm)

  • Trustees (trust)

  • Branch-level committee (authorized by parent)

Existing AML policies must be updated to reflect IFSCA Guidelines

Q5. What is required under FIU-IND registration?

REs must register on the FIU-IND FINGate 2.0 portal, including:

  • Entity registration

  • Designated Director & Principal Officer registration

Even branches or REs with multiple licenses must register separately.

Select “IFSC” in ‘RE type’ and “IFSCA” as the regulator.

Q6. What reports must be filed with FIU-IND?

REs must report:

  • Suspicious Transactions (STR)

  • Cross-border wire transfers over ₹5 lakh (or equivalent FX)

  • Immovable property transactions over ₹50 lakh

  • Non-profit organization receipts above ₹10 lakh

The PO is responsible for timely submission.

Q7. What counts as a cross-border transaction?

Any transaction where either:

  • Sender or receiver is in GIFT-IFSC, and

  • The counterparty is outside IFSC

is treated as a cross-border transfer, regardless of being within India.

Q8. What are acceptable methods for Customer Due Diligence (CDD)?

IFSCA allows:

  1. Offline Verification — including certification by lawyers, public accountants, notaries, banks, and embassies outside India

  2. Video-based Customer Identification (V-CIP) — only for Indian nationals

  3. Third-party verification or databases (with conditions for low/medium-risk clients)

Q9. What documents are valid as address proof?

For Low-Risk Customers:

  • Utility bills (≤ 2 months old)

  • Property or municipal tax receipts

  • Pension orders

  • Bank/postal statements

  • Accommodation letters from employers

For High-Risk Customers (foreign nationals):

Only:

  • Documents from foreign government departments

  • Letters from foreign embassies/missions in India

Bank statements are NOT valid address proof for high-risk foreign clients

Q10. Can a foreign lawyer certify documents?

Yes. Lawyers based outside India can certify documents such as passports and identity proofs.

Q11. What’s required from AIFs and FMEs?

  • FMEs must conduct risk assessments for AIFs they manage

  • CDD can be outsourced to third parties (as per Clause 6.1)

  • Audit functions for AML/KYC can be outsourced

  • FMEs must handle customer risk grading directly — not delegable

Q12. How is a Suspicious Transaction Report (STR) filed?

  • Must be filed by the Principal Officer

  • No fixed timeframe — file as soon as suspicion is confirmed

  • Submit to:

Q13. What if a customer matches a sanctions list?

If a customer matches the UAPA or WMD sanctions lists:

  • Immediately inform:

    • Central Nodal Officer

    • IFSCA

    • FIU-IND

    • State Nodal Officer

  • Freeze all accounts/assets within 24 hours

  • Prevent all financial transactions

Q14. How to unfreeze wrongly frozen accounts?

If someone is wrongly flagged:

  • Submit an application with evidence to RE, IFSCA, or Nodal Officer

  • RE must forward it to the Chief Nodal Officer (CNO) within 2 days

  • CNO investigates and issues an unfreezing order

If the applicant is delisted by the UN or verified to be wrongly blocked, CNO must unfreeze without delay.


How to Implement AML KYC Compliance in GIFT IFSC

To simplify compliance, regulated entities in GIFT IFSC can follow a structured approach:

  1. Customer Onboarding: Collect and verify identity documents

  2. Risk Profiling: Classify customers based on risk levels (low, medium, high)

  3. KYC Verification: Complete document validation and background checks

  4. Ongoing Monitoring: Track transactions for unusual patterns

  5. Reporting: File Suspicious Transaction Reports (STRs) when required

This step-by-step approach helps businesses stay compliant while reducing operational risks.


AML KYC Compliance Checklist for GIFT IFSC Entities

  • Customer identity verification completed

  • Risk categorization implemented

  • Politically Exposed Person screening done

  • Transaction monitoring system is active

  • Suspicious transactions reporting mechanism in place

  • Regular compliance audits are conducted

This checklist ensures that your organization meets the core compliance requirements under IFSCA regulations.

Common AML KYC Compliance Mistakes to Avoid

  • Incomplete or outdated KYC documentation

  • Ignoring ongoing transaction monitoring

  • Weak risk assessment frameworks

  • timely reporting of suspicious activities

  • Lack of staff training on compliance procedures

Avoiding these mistakes can significantly reduce regulatory risks and penalties.


What Happens if You Fail AML KYC Compliance in GIFT IFSC?

Non-compliance with AML, CFT, and KYC regulations can lead to:

  • Heavy financial penalties

  • Regulatory restrictions or license suspension

  • Reputational damage

  • Increased scrutiny from authorities

For regulated entities, compliance is not optional—it is critical for long-term sustainability.


Conclusion: IFSCA’s AML-CFT-KYC Framework Ensures Global-Grade Compliance

AML, CFT, and KYC compliance in GIFT City IFSC is a critical responsibility for all regulated entities. With increasing regulatory focus and global scrutiny, businesses must go beyond basic compliance and adopt a proactive approach.


By understanding requirements, implementing structured processes, and avoiding common mistakes, organizations can not only remain compliant but also build trust and credibility within the global financial ecosystem.


If you are planning to set up or operate in GIFT IFSC, ensuring strong compliance from day one can give your business a long-term strategic advantage.

 
 
 

Comments

bottom of page