India’s Enforcement Directorate (ED) has launched a major investigation into alleged violations of the Foreign Exchange Management Act (FEMA), accusing several Bengaluru-based crypto payment companies of facilitating unauthorized cross-border money transfers worth more than ₹2,500 crore.
In an X post on Friday, the agency stated that it conducted searches at six locations on June 17 under FEMA, targeting companies that allegedly used virtual digital assets (VDAs) to move funds across borders without authorization from the Reserve Bank of India (RBI). During the operation, the ED also restrained bank accounts holding around ₹6 crore that it believes were used in the suspected transactions.
ED targets crypto firms over cross-border remittances
The investigation covers several Bengaluru-based companies, including Transak Technology India Pvt. Ltd. (Transak), Carretx Technologies Pvt. Ltd. (Carret), Mokshagna Technologies Pvt. Ltd. (formerly operating as Xpat/Remit2Any), Buyhatke Internet Pvt. Ltd. (Onramp.money), and Abhibha Technologies Pvt. Ltd. (Onmeta).
According to the ED, these firms advertised services allowing customers to quickly convert fiat currencies into cryptocurrencies and back again for international transfers. Authorities allege they provided crypto on-ramp and off-ramp services that enabled cross-border remittances without the approvals required under India’s foreign exchange regulations.
The agency said none of the entities under investigation is authorized by the RBI to operate payment systems for cross-border money transfers.
Authorities outline alleged operating model
The ED claims its investigation uncovered a common transaction pattern across multiple platforms.
According to investigators, customers first deposited Indian rupees into company-controlled bank accounts. The funds were then used to purchase virtual digital assets, primarily stablecoins such as USDT. Those assets were subsequently transferred through crypto platforms, sold via over-the-counter (OTC) transactions, and the proceeds distributed to recipients, effectively bypassing traditional remittance channels governed by FEMA.
Officials further alleged that the firms avoided regulatory requirements applicable to authorized remittance providers, including reporting obligations, purpose codes, and Foreign Inward Remittance Certificates (FIRC).
Individual firms under scrutiny
The ED’s preliminary findings identify different alleged practices among the firms under investigation. In the case of Transak, investigators allege the company converted operational profits into crypto assets and transferred them to its affiliated U.S. entity, Transak Inc., using virtual digital assets rather than conventional banking channels.
For Carret, authorities claim the platform facilitated crypto purchases and sales for retail users while also conducting over-the-counter transactions with overseas remittance applications to move funds into India.
The investigation also focuses on Mokshagna Technologies, where the ED alleges customers in the United States deposited funds that were converted into cryptocurrencies before being transferred to Indian crypto exchanges. The resulting proceeds were reportedly distributed to recipients in India. Authorities further claim the operation was coordinated by an individual residing in the U.S. with assistance from family members based in India.
ED steps up enforcement against crypto-related crimes
The latest FEMA investigation comes amid a broader crackdown by the Enforcement Directorate on crypto-related financial crimes. On June 15, the agency searched multiple locations and arrested an individual in connection with an alleged ₹500 crore cryptocurrency-based Ponzi scheme involving the Korvio Coin (KRO) token, which investigators say affected more than 248,000 investors through a multi-level marketing operation.
The same day, the ED also filed a prosecution complaint in a separate money laundering case linked to a Coinbase phishing operation, alleging that proceeds of crime worth ₹64.55 crore were generated through fake Coinbase websites. The investigation followed the U.S. arrest and subsequent conviction of Indian national Chirag Tomar, who was sentenced to 60 months in prison for stealing more than $20 million from Coinbase users through phishing attacks.
Probe highlights broader compliance concerns
According to the ED, searches uncovered the use of high-volume OTC crypto transactions, shell companies incorporated in tax-friendly jurisdictions, and foreign crypto trading platforms allegedly used to facilitate unauthorized cross-border transfers.
The agency also pointed to public advertisements promoting instant international transfers through cryptocurrencies, including campaigns referencing remittances from the United States to India and crypto-enabled payout services.
The ED emphasized that its findings remain preliminary and that the investigation is ongoing. No enforcement action or findings of liability have been announced against the companies beyond the allegations outlined in the FEMA probe.
Also Read: Jio’s Mega IPO Filed: How This Could Spark India’s Mainstream Crypto Boom
