If you’re a crypto fan in India, here’s something significant you need to know: the government just mandated that all crypto exchanges, custodians, and intermediaries conduct cybersecurity audits.
Yep, all platforms that handle virtual digital assets (VDAs) will now need to demonstrate that they can safeguard users’ funds and data.
Why This Matters
The crypto ecosystem in India has been abuzz, but it’s also come under scrutiny. There’s been a series of hacks, phishing attacks, and data breaches in the local and international markets. For regulators, that’s a warning sign.
In light of rising cases of cyber thefts, the government has made it a requirement for all cryptocurrency exchanges and custodians to undergo cybersecurity audits, as per a report published by The Economic Times.
The platforms will be required to have a security auditor who is listed on the Indian Computer Emergency Response Team (Cert-In), which is a nodal agency that handles cases related to cybersecurity incidents.
Joinder with India’s anti-money laundering authority, the Financial Intelligence Unit (FIU), will now obligate all virtual digital asset (VDA) service providers to abide by this requirement.
Per an FIU letter issued on September 15, the designated directors, principal officers, and chief compliance officers at these companies must do so forthwith, the report added.
By making the audit mandatory, the government is signaling in no uncertain terms:
User protection is paramount.
No more taking shortcuts on security.
The audits will be carried out by cybersecurity firms that are officially approved (empanelled) with CERT-In, India’s Computer Emergency Response Team.
What’s Changing for Exchanges
Here’s the short version of the new rules:
Every exchange, wallet provider, and custodian must undergo regular cybersecurity audits.
Weak systems? You’ll need to fix them.
For big exchanges, this is mostly about compliance and reputation. For smaller players, though, the added costs and technical requirements might be a tough pill to swallow.
The Bigger Picture
This move isn’t just about patching systems, it’s about building trust in the crypto community.
- For users: You’ll have more confidence that the platform you’re using isn’t a sitting duck for hackers.
- For the sector: More robust, uniform practices would bring crypto closer to acceptance in India.
- For regulators: It’s an additional means of keeping systemic risk at bay, without venturing into hard crypto law (of which India has been wary).
Final Thoughts
If you’re a crypto user in India, this is ultimately good news, better security, safer exchanges, and more accountability.
If you operate a crypto company, it’s time to get serious about cybersecurity (if you weren’t already). This new regulation isn’t about checking a compliance box, it’s about demonstrating that you can protect the future of Indian digital assets.
You need to login in order to Like
Leave a comment