Particle.news
Download on the App Store
4 ARTICLES
·
2d ago

India Mandates CERT-In Cybersecurity Audits for Crypto Exchanges and VDA Providers

An FIU directive now ties registration to periodic third-party security checks to harden defenses after major exchange breaches.

Image
Image
Image
India mandates cybersecurity audits for crypto firms under fiu’s directive

Overview

  • An FIU-IND letter dated September 15 instructs designated directors, principal officers and chief compliance officers at registered VDA entities to comply immediately.
  • Platforms must secure periodic cybersecurity certificates from auditors empanelled by CERT-In, with evaluations expected to meet international standards.
  • The communique replaces the previous “Fit & Proper” sign-off with a Partner Accreditation for Compliance & Trust (PACT) requirement for new applicants.
  • Under the PMLA framework, the FIU can deny or cancel registrations for violations, and roughly 55 exchanges, custodians and intermediaries fall under these obligations.
  • Authorities point to rising crypto-related crime and recent hacks at CoinDCX and WazirX, while experts warn of higher compliance costs and stress CERT-In logging and data-retention rules that can aid investigations.