I4C Under PMLA: Strengthening India’s Cybercrime and Financial Crime Interface

• In April 2025, the Government of India brought the Indian Cyber Crime Coordination Centre (I4C) under the ambit of the Prevention of Money Laundering Act (PMLA), 2002.
• This move allows information sharing between I4C and the Enforcement Directorate (ED) to jointly tackle cyber-enabled financial crimes.

Background

• Launched: 2020 by the Ministry of Home Affairs.
• Purpose: To combat the rising menace of cybercrimes in India in a coordinated, multi-tiered manner.

Multi-Tiered Structure

• National Level: Provides policy support, coordination, forensic tools.
• State Level: Funds cyber police stations and labs.
• District Level: Supports investigation, victim assistance, and awareness.

Key Functions

• Tracks and analyzes nationwide fraud trends.
• Trains over 1.5 lakh police personnel in cyber forensics.
• Offers tools to trace mobile-based and crypto transactions.
• Coordinates field operations in hotspot regions like:
  • Jamtara (Jharkhand)
  • Mewat (Haryana)
  • Ahmedabad, Hyderabad, Chandigarh, Guwahati, and Visakhapatnam

To understand this, one has to look at the blurring lines between cybercrime and financial fraud. Today's online scam is no longer just about stealing data or hacking emails—it's about laundering vast sums of money using fake identities, crypto wallets, mule accounts, and shell companies.

The Rationale Behind the Move

1. Real-time tracking of money trails: Cybercrime often involves rapid transfer of stolen funds across accounts or platforms. I4C’s digital tools, paired with ED’s powers under PMLA, create a potent mechanism to trace and freeze assets.
2. Combating transnational crime: Many of these operations are run from abroad, with sophisticated laundering pathways. PMLA’s legal reach, aided by I4C’s forensic support, helps in tackling international frauds.
3. Breaking silos: Until now, cybercrime and money laundering were treated in isolation. This decision bridges that gap.

The Enforcement Directorate (ED), under the Ministry of Finance, is the nodal agency for investigating violations under:

• The Prevention of Money Laundering Act (PMLA), 2002.
• The Foreign Exchange Management Act (FEMA), 1999.
• The Fugitive Economic Offenders Act (FEOA), 2018.

By working with I4C, the ED can now:

• Get early warnings of cyber-enabled frauds,
• Access digital forensics to support prosecution, and
• Launch coordinated investigations against laundering networks.

This is especially useful in tracking crypto Ponzi schemes, phishing-as-a-service models, and social media fraud rings.

This integration brings together the reactive strength of ED (freezing assets, prosecuting culprits) with the preventive intelligence and tech-support model of I4C.

Imagine a scenario where a victim reports a UPI scam within minutes:

• I4C tracks the IP address, device ID, and wallet address.
• The ED follows the money trail across layers of transactions.
• Together, they ensure the fraud doesn’t just get registered—it gets disrupted, reversed, and punished.

India isn’t alone in this strategy. Countries around the world are adopting hybrid models to deal with the dual challenge of cyber and financial crimes.

Global Examples

• USA: The FBI Cyber Division collaborates with FinCEN to detect laundering via crypto.
• Europe: Europol's Cybercrime Centre works alongside financial regulators.
• Singapore: Integrates digital fraud analysis within central monetary surveillance.

Legal Safeguards and Concerns

Surveillance powers must be checked by data privacy safeguards. The I4C-PMLA synergy should not lead to overreach or compromise individual rights.

Constitutionally,

• Article 21 ensures the right to privacy,
• Article 20(3) protects against self-incrimination,
• and Article 22 guarantees fair procedure upon arrest.

The need of the hour is a robust data protection law that complements enforcement powers with accountability.

While this integration is a step forward, certain bottlenecks remain:

• Tech readiness gap: Many state police forces lack advanced tools to trace crypto or anonymized digital trails.
• Jurisdictional overlaps: With multiple agencies like CERT-In, NCIIPC, and FIU in the mix, seamless coordination is often missing.
• Outdated legal frameworks: The IT Act, 2000 no longer suffices. The pending Digital India Act must address new-age crimes, surveillance ethics, and enforcement powers.

By bringing I4C under the PMLA framework, India has effectively created a cyber-financial enforcement grid—a structure that can not only track a fraud as it happens but also dismantle the ecosystem behind it.

But a grid is only as strong as its nodes. The real test lies in capacity building, legal clarity, and ethical enforcement. If implemented well, this synergy could be a model for the rest of the world in tackling the future of crime—where code, currency, and crime are all deeply intertwined.