India's FIU-IND Tightens Crypto Rules, Mandates Cybersecurity Audits

CRYPTO
Whalesbook Logo
AuthorIshaan Verma|Published at:
India's FIU-IND Tightens Crypto Rules, Mandates Cybersecurity Audits
Overview

India's Financial Intelligence Unit (FIU-IND) has rolled out stringent updated guidelines for virtual digital asset (VDA) entities. The new directives impose mandatory cybersecurity audits by CERT-In accredited auditors, stricter Know Your Customer (KYC) procedures, and enhanced transaction tracking under Travel Rules. This move signals a significant step towards formalizing the crypto sector and bolstering financial stability.

Instant Stock Alerts on WhatsApp

Used by 10,000+ active investors

1

Add Stocks

Select the stocks you want to track in real time.

2

Get Alerts on WhatsApp

Receive instant updates directly to WhatsApp.

  • Quarterly Results
  • Concall Announcements
  • New Orders & Big Deals
  • Capex Announcements
  • Bulk Deals
  • And much more
Add StocksGet it on Google PlayDownload on the App Store

New Regulatory Framework for Virtual Digital Assets

The Financial Intelligence Unit of India (FIU-IND) has released updated operational guidelines for companies dealing in virtual digital assets (VDAs). This initiative aims to formalize the burgeoning crypto sector by enforcing stricter business practices, cybersecurity disclosures, and Know Your Customer (KYC) standards for all VDA entities registering within India.

Appointment of Principal Officer

A key update focuses on the appointment and responsibilities of a Principal Officer (PO). This individual will be directly accountable for anti-money laundering (AML), Countering the Financing of Terrorism (CFT), and Counter-Proliferation Financing (CPF) activities. The PO is mandated to report directly to the company's board or a designated committee, with their tenure subject to annual board review, ensuring continuous oversight.

Cybersecurity Mandate Intensified

Cybersecurity and data protection are now paramount. All VDA entities must obtain a Cybersecurity Audit Certificate from an auditor empaneled by the Indian Computer Emergency Response Team (CERT-In). This certification validates compliance with established cybersecurity frameworks and CERT-In directions, affirming that the audited environment is secure enough for VDA operations.

The comprehensive audit will scrutinize governance, risk management, access controls, infrastructure security, application and AML systems security, including wallet and cryptographic controls, as well as third-party and API risks. Incident detection and response readiness, including CERT-In reporting, will also be assessed.

Enhanced Travel Rule Compliance

The updated guidelines also clarify requirements for Virtual Digital Asset Service Providers (VDASPs) under the Travel Rules. These rules necessitate VDASPs to meticulously record and maintain originator and beneficiary details for all VDA transfers. This includes conducting client due diligence and sanction screening on counterparties to prevent engagement with illicit actors.

Furthermore, the guidelines address the tracking of anonymous unhosted wallets during peer-to-peer crypto transactions. Reporting entities must collect and assess data from these transfers, applying enhanced measures where necessary to mitigate risks associated with such transactions.

Industry Applauds Clarity

Industry stakeholders have largely welcomed the move. Sumit Gupta, Co-founder of CoinDCX, described the guidelines as a "strategic signal" that India is pursuing a balanced approach between innovation and financial stability. He stated that these oversight measures transform VDA platforms into accountable entities, providing the necessary "structural guardrails" for a secure digital asset market and helping to weed out unscrupulous players.

Vikram Subburaj, Co-founder and CEO of Giottus, noted that while best practices were already in place, FIU-IND's codification provides concrete definitions for roles like the PO and detailed procedures for data processing under the Travel Rules. This clarity is seen as vital for sanitizing the ecosystem.

Get stock alerts instantly on WhatsApp

Quarterly results, bulk deals, concall updates and major announcements delivered in real time.

Add Stocks
Disclaimer:This content is for educational and informational purposes only and does not constitute investment, financial, or trading advice, nor a recommendation to buy or sell any securities. Readers should consult a SEBI-registered advisor before making investment decisions, as markets involve risk and past performance does not guarantee future results. The publisher and authors accept no liability for any losses. Some content may be AI-generated and may contain errors; accuracy and completeness are not guaranteed. Views expressed do not reflect the publication’s editorial stance.