2026 CRS, FATCA & CARF Crypto Reporting

In this guide

Quick answer

What is FATCA/CRS reporting? - An international information exchange framework requiring Indian financial institutions to identify and report accounts held by tax residents of other countries. FATCA (India-USA IGA) covers US persons; CRS covers residents of 100+ participating jurisdictions.
Who must report? - Reporting Financial Institutions (RFIs): banks, depository institutions, custodial institutions, certain insurance companies, and investment entities. Defined under Rule 238 (old Rule 114F).
What form is used? - Form 61B, filed electronically with DSC by 31 May following the calendar year.
What are the new Rules 241-244? - Entirely new provisions under Section 509 of the IT Act, 2025 implementing CRS 2.0: reporting obligations for crypto-asset service providers, e-money product issuers, and entities dealing in central bank digital currencies (CBDCs). Form 167 for annual reporting.
What due diligence is required? - Self-certification collection, residence address verification, indicia search (US/foreign addresses, telephone numbers, standing instructions), enhanced review for high-value accounts (> USD 1 million), and entity classification for passive NFEs.
What is the penalty? - Rs 500/day for late filing; Rs 1,000/day post-notice; Rs 50,000 for inaccurate information; Rs 5,000 additional for inaccuracy caused by account holder’s false data.

India’s participation in the global automatic exchange of financial account information (AEOI) means that if you hold a bank account, mutual fund, insurance policy, or investment account in India while being a tax resident of another country, the Indian financial institution maintaining your account is required by law to report your account details to the Indian Income Tax Department-which then shares this information with your home country’s tax authority.

This two-way information highway operates through two parallel frameworks: FATCA (the Foreign Account Tax Compliance Act, implemented through the India-USA Intergovernmental Agreement signed on 9 July 2015) and CRS (the Common Reporting Standard, adopted by the OECD in 2014 and implemented by India for 100+ participating jurisdictions). From 2026, a third layer-CRS 2.0-extends the framework to crypto-assets, electronic money products, and central bank digital currencies.

Under the Draft Income Tax Rules, 2026, the FATCA/CRS framework is codified in Rules 238-240 (carrying forward old Rules 114F-114H), while the CRS 2.0 crypto/digital asset framework is introduced through entirely new Rules 241-244 under Section 509 of the IT Act, 2025. This guide covers who must report, what accounts are reportable, the due diligence procedures, the new crypto reporting obligations, and the penalty framework. For NRIs and global Indians managing income tax return filing (know more) in India, understanding FATCA/CRS is critical-your account data is being shared internationally regardless of whether you file.

Rules 238-244: Complete Mapping

New Rule	Old Rule	Subject	Governing Section	Status
238	114F	Definitions (RFI, reportable account, reportable person, financial account, etc.)	Section 285BA	Carried forward
239	114G	Information to be maintained and reported in Form 61B	Section 285BA	Carried forward
240	114H	Due diligence requirements (preexisting/new accounts, individual/entity, low/high value)	Section 285BA	Carried forward
241	New	Definitions for CRS 2.0 (crypto-assets, e-money, CBDC, relevant crypto-asset service provider)	Section 509	NEW
242	New	Obligation for reporting under Section 509 (who must report, what to report)	Section 509	NEW
243	New	Reporting requirements under Section 509 (Form 167, annual filing, data elements)	Section 509	NEW
244	New	Due diligence procedures under Section 509 (self-certification, TIN validation, change-in-circumstances)	Section 509	NEW

Who is a Reporting Financial Institution (Rule 238)?

Rule 238 (formerly Rule 114F) defines the entities that bear the reporting obligation:

Depository institutions: Banks (including cooperative banks and branches of foreign banks in India) that accept deposits in the ordinary course of banking.
Custodial institutions: Entities that hold, as a substantial portion of their business, financial assets for the account of others (e.g., custodian banks, securities depositories like NSDL/CDSL).
Investment entities: Entities that primarily conduct the business of trading in money market instruments, foreign exchange, securities, commodity futures; individual and collective portfolio management; or investing, administering, or managing financial assets or money on behalf of others (e.g., mutual fund houses, PMS providers, AIFs).
Specified insurance companies: Companies that issue or are obligated to make payments with respect to a cash value insurance contract or an annuity contract.

Certain entities are excluded: government entities, international organisations, central banks, broad participation retirement funds, narrow participation retirement funds, and certain pension funds. For entities using tax audit services (know more), determining RFI status is the critical first step-if you qualify as an RFI, the entire due diligence and reporting framework applies.

What is a Reportable Account?

A reportable account is any financial account maintained by an RFI that is identified, through the prescribed due diligence procedures, as being held by:

A reportable person: A person who is a tax resident of a reportable jurisdiction (for CRS: any participating jurisdiction other than India; for FATCA: a US person including US citizens, green card holders, and US tax residents).
A passive Non-Financial Entity (NFE) with one or more controlling persons who are reportable persons: Even if the entity itself is not a reportable person, if its controlling persons (typically 25%+ beneficial owners) are tax residents of reportable jurisdictions, the account is reportable.

Financial accounts include: depository accounts (savings, current, FD), custodial accounts (holding financial assets like shares, bonds, MF units), equity and debt interests in investment entities, and cash value insurance/annuity contracts.

Due Diligence Procedures (Rule 240)

Rule 240 (formerly Rule 114H) prescribes differentiated due diligence based on account type:

Preexisting Individual Accounts (opened before 1 July 2014)

Lower-value accounts (< USD 1 million): RFIs may rely on residence address in their records. If the address is in a reportable jurisdiction, the account is reportable. Electronic record search for indicia (foreign address, telephone number, standing instructions to transfer funds abroad) is required.
High-value accounts (≥ USD 1 million): Enhanced review required. In addition to electronic search, the relationship manager must be queried for actual knowledge. Paper records must be reviewed if electronic records are insufficient. If any indicia are found, the account is treated as reportable unless a self-certification or documentary evidence establishes non-reportable status.

New Individual Accounts (opened on or after 1 July 2014)

For all new individual accounts, the RFI must obtain a self-certification from the account holder at the time of account opening, confirming their tax residency and providing their Tax Identification Number (TIN). The reasonableness of the self-certification must be validated against documentation collected under KYC/AML procedures.

Preexisting Entity Accounts

Accounts ≤ USD 250,000: Not required to be reviewed unless the RFI elects to do so.
Accounts > USD 250,000: Must be reviewed. The RFI must determine whether the entity is a reportable person, an active NFE, or a passive NFE. For passive NFEs, the controlling persons must be identified and their tax residency determined.

New Entity Accounts

All new entity accounts must be reviewed. Self-certification is mandatory. The entity must confirm its status (active NFE, passive NFE, RFI, etc.) and provide details of controlling persons if it is a passive NFE. For companies registered through company registration (know more), the self-certification process during account opening now includes FATCA/CRS declarations-failure to provide a valid self-certification may result in the account being treated as a US/reportable account by default.

CRS 2.0: New Rules 241-244 - Crypto, E-Money & CBDC Reporting

This is the most significant change in the 2026 framework. Rules 241-244 are entirely new provisions that do not exist in the current rules. They implement the OECD’s Crypto-Asset Reporting Framework (CARF) and updated CRS 2.0 standards under Section 509 of the IT Act, 2025.

Rule 241: Definitions

Introduces definitions for: crypto-assets (including stablecoins and NFTs with payment/investment functions), electronic money products (prepaid cards, digital wallets), central bank digital currencies (CBDCs like the e-Rupee), and relevant crypto-asset service providers (CASPs-exchanges, custodians, brokers facilitating crypto transactions for Indian and non-resident users).

Rule 242: Reporting Obligation

CASPs, e-money product issuers, and entities dealing in CBDCs must report transactions involving non-resident users/customers. The obligation extends to identifying whether the user is a tax resident of a reportable jurisdiction and reporting the aggregate value of transactions during the calendar year.

Rule 243: Reporting Requirements (Form 167)

CASPs must file Form 167 annually, reporting: user identification details (name, address, TIN, date of birth), the type and value of crypto-assets/e-money/CBDC transacted, aggregate transaction values (purchases, sales, exchanges), and the jurisdiction of tax residency. The form is filed electronically with DSC.

Rule 244: Due Diligence Procedures

CASPs must: collect self-certifications from users at onboarding confirming tax residency and TIN, validate TINs against prescribed formats, apply change-in-circumstances monitoring (if a user relocates to a different jurisdiction, re-certification is required), and maintain records of all due diligence steps for a prescribed period. The due diligence standards are aligned with FATF anti-money laundering recommendations.

For entities providing professional accounting services (know more) to crypto exchanges and fintech platforms, the CRS 2.0 compliance requirement under Rules 241-244 represents a substantial new advisory opportunity.

FATCA vs CRS: Key Differences

Parameter	FATCA (India-USA IGA)	CRS (OECD Standard)
Legal basis	India-USA IGA signed 9 July 2015; Section 285BA + Rules 238-240	OECD CRS adopted 2014; Section 285BA + Rules 238-240; CRS 2.0 under Section 509 + Rules 241-244
Scope	US persons only (citizens, green card holders, US tax residents)	Tax residents of 100+ participating jurisdictions (not India)
Reporting form	Form 61B	Form 61B (CRS 1.0); Form 167 (CRS 2.0 crypto/e-money)
Reporting to	Indian IT Department → IRS (via competent authority exchange)	Indian IT Department → respective foreign tax authority
Due diligence	Indicia-based (US address, phone, standing instructions); self-certification for new accounts	Same indicia-based approach; self-certification mandatory for all new accounts; TIN validation under CRS 2.0
Threshold for entities	USD 250,000 for preexisting entity accounts	USD 250,000 for preexisting entity accounts (same)
High-value individual	USD 1 million (enhanced review)	USD 1 million (enhanced review, same)
Crypto/digital assets	Not covered under FATCA 1.0	Covered under CRS 2.0 (Rules 241-244), effective 1 Jan 2026
Withholding penalty	30% withholding on US-source income for non-compliant FFIs	No withholding; domestic penalties (Rs 500-1,000/day; Rs 50,000 inaccuracy)

Penalty Framework

Default	Penalty
Late filing of Form 61B (after 31 May)	Rs 500/day during which the failure continues (Section 271FA)
Failure to file after 30-day notice from IT authority	Rs 1,000/day from the day after the notice deadline
Filing inaccurate information in Form 61B	Rs 50,000 per statement (Section 271FAA)
Inaccuracy due to false/inaccurate info by account holder	Rs 5,000 additional on the RFI (recoverable from account holder)
Non-compliance with due diligence (Section 285BA(7))	Rs 50,000 penalty + potential loss of FATCA-compliant status (triggering 30% US withholding)
Failure to file Form 167 (CRS 2.0 crypto reporting)	Same penalty structure as Form 61B (Rs 500/1,000 per day)

Common Mistakes to Avoid

Mistake 1: Not identifying all account holders’ tax residency. The most common compliance failure is not asking the right questions at account opening. Every new account must have a self-certification confirming tax residency and TIN. Relying solely on KYC nationality without checking tax residency leads to under-reporting.

Mistake 2: Ignoring passive NFEs and their controlling persons. An entity account may not itself be a reportable account, but if it is a passive NFE (no active income), the controlling persons (beneficial owners with 25%+ stake) must be identified. If any controlling person is a tax resident of a reportable jurisdiction, the account is reportable.

Mistake 3: Not performing enhanced review for high-value accounts. Accounts exceeding USD 1 million require enhanced due diligence including relationship manager inquiry and paper record review. Treating all accounts with the same low-value procedure is a due diligence failure.

Mistake 4: Missing change-in-circumstances triggers. If an account holder relocates to a reportable jurisdiction (new address, phone number, or transfer instructions), the RFI must re-validate the self-certification within 90 days. Failing to detect changes means the account may no longer be correctly classified.

Mistake 5: Not preparing for CRS 2.0 crypto obligations. From 1 January 2026, crypto-asset service providers must comply with Rules 241-244. This includes collecting self-certifications from all users, validating TINs, and filing Form 167 annually. Many crypto platforms are not yet ready for this compliance layer.

Key Takeaways

The FATCA/CRS reporting framework under Rules 238-240 (old Rules 114F-114H) requires Reporting Financial Institutions to identify reportable accounts through prescribed due diligence procedures and report them in Form 61B by 31 May annually. The due diligence is differentiated by account type (preexisting vs new, individual vs entity, low-value vs high-value) and requires self-certification, indicia search, and enhanced review for high-value accounts.

Rules 241-244 are entirely new provisions under Section 509 of the IT Act, 2025, implementing CRS 2.0 for crypto-assets, electronic money products, and CBDCs. Crypto-asset service providers must file Form 167 annually, collect self-certifications, validate TINs, and monitor change-in-circumstances-the same due diligence discipline that banks have followed since 2015 now applies to crypto platforms.

The penalty framework is steep: Rs 500-1,000/day for late filing, Rs 50,000 for inaccuracy, and potential loss of FATCA-compliant status (triggering 30% US withholding on US-source income). For reporting entities, compliance is not a one-time filing exercise-it is an ongoing operational discipline embedded in account opening, monitoring, and annual reporting.

Need Help with FATCA/CRS Compliance?

FATCA/CRS compliance requires ongoing due diligence, accurate self-certification collection, entity classification, controlling person identification, TIN validation, and annual Form 61B filing-all within a framework that carries Rs 500-1,000/day penalties for delay and Rs 50,000 for inaccuracy. With CRS 2.0 extending to crypto and digital assets under Rules 241-244, the compliance landscape has expanded significantly.

Explore our income tax compliance services (know more) for FATCA/CRS advisory, RFI classification, due diligence implementation, Form 61B filing, and CRS 2.0 readiness assessment.

For queries, reach out at +91 945 945 6700 or WhatsApp us directly.

Common Questions

Frequently Asked Questions

Have a look at the answers to the most asked questions.

What is FATCA reporting in India?

FATCA (Foreign Account Tax Compliance Act) reporting in India requires Indian financial institutions to identify accounts held by US persons (citizens, green card holders, US tax residents) and report their details to the Indian IT Department through Form 61B. India signed an IGA with the USA on 9 July 2015 to implement this. The IT Department then exchanges this information with the IRS under the bilateral agreement.

What is CRS?

The Common Reporting Standard (CRS) is an OECD framework for automatic exchange of financial account information between participating jurisdictions. India participates in CRS with 100+ countries. Indian RFIs must identify accounts held by tax residents of these jurisdictions and report them in Form 61B. CRS is broader than FATCA-it covers all participating jurisdictions, not just the US.

What are Rules 241-244?

Rules 241-244 are entirely new provisions in the Draft IT Rules, 2026 that implement CRS 2.0 under Section 509 of the IT Act, 2025. They extend the AEOI framework to crypto-asset service providers, e-money product issuers, and entities dealing in central bank digital currencies (CBDCs). These entities must collect self-certifications, validate TINs, perform due diligence, and file Form 167 annually.

What is a self-certification?

A self-certification is a form signed by the account holder at the time of account opening declaring their tax residency, country/countries of tax residence, Tax Identification Number (TIN), and date of birth. The RFI uses this to classify the account as reportable or non-reportable. For new accounts, self-certification is mandatory-an account cannot be opened without it.

What is the deadline for Form 61B?

Form 61B must be filed by 31 May following the calendar year for which reporting is done. For example, for accounts reportable during calendar year 2025, Form 61B is due by 31 May 2026. The form is filed electronically on the IT e-filing portal with the Designated Director’s digital signature.

What is the penalty for non-compliance?

Rs 500/day for late filing (Section 271FA); Rs 1,000/day if filed late even after receiving a 30-day notice from the IT authority; Rs 50,000 per statement for filing inaccurate information (Section 271FAA); Rs 5,000 additional for inaccuracy caused by false information provided by the account holder (recoverable from the account holder). Additionally, FATCA non-compliance can result in the institution losing its compliant status, triggering 30% withholding on US-source income.

FATCA aur CRS reporting kya hai India mein?

FATCA aur CRS reporting ke under Indian banks, mutual funds, insurance companies, aur doosre financial institutions ko apne customers ke accounts ki details Income Tax Department ko report karni hoti hai-agar woh customer kisi doosre desh ka tax resident hai. FATCA sirf US persons ke liye hai; CRS 100+ deshon ke tax residents ke liye hai. Form 61B mein report hota hai, 31 May tak file karna hota hai. Late filing par Rs 500/day penalty hai.

CRS 2.0 mein crypto reporting ka kya rule hai?

Naye Rules 241-244 ke under crypto exchanges, e-money platforms, aur CBDC entities ko apne non-resident users ki transactions report karni hogi Form 167 mein. Self-certification lena zaroori hai, TIN validate karna hoga, aur har saal file karna hoga. Yeh CRS 2.0 ka hissa hai jo 1 January 2026 se effective hai. India mein crypto par Rs 4 billion+ ka trading hota hai-ab yeh sab data internationally exchange hoga.

How does FATCA/CRS data affect my tax return?

FATCA/CRS data reported by foreign institutions about your accounts abroad is received by the Indian IT Department through AEOI. This data appears in your Annual Information Statement (AIS) under the “Overseas transactions” section. If you hold foreign bank accounts, investments, or crypto assets abroad and do not disclose them in your ITR (Schedule FA for foreign assets), the Department will detect the mismatch through AEOI data. This can trigger scrutiny, reassessment, penalties under the Black Money Act, and prosecution in severe cases.

What is the difference between Form 61A and Form 61B?

Form 61A is the Statement of Financial Transactions (SFT) used by domestic reporting entities (banks, registrars, companies, mutual funds) to report high-value domestic transactions under Rule 114E. Form 61B is the Statement of Reportable Accounts used by Reporting Financial Institutions to report FATCA/CRS reportable accounts of non-residents under Rules 238-240. Form 61A covers domestic surveillance; Form 61B covers international information exchange.