India Mandates Cybersecurity Audits for Crypto Exchanges Amid Record Surge in Hacks

India tightens crypto oversight with mandatory cybersecurity audits for exchanges amid rising hacks. | Credit: Getty Images.

Key Takeaways

India makes cybersecurity audits mandatory for all registered crypto exchanges and service providers. Platforms must hire CERT-In–approved auditors for periodic checks. Crypto-related crimes now account for up to 25% of all cybercrime cases in the country.

India is tightening its grip on the crypto industry with a sweeping new rule: all registered exchanges, custodians, and virtual digital asset (VDA) service providers must now undergo regular cybersecurity audits.

The mandate, issued in a Financial Intelligence Unit (FIU-IND) letter dated Sept. 15, comes as crypto-related crimes swell, accounting for nearly a quarter of all cybercrime cases in the country.

FIU Order Demands Certified Auditors

Under the new directive, crypto platforms are required to hire cybersecurity auditors approved by the Indian Computer Emergency Response Team (CERT-In).

The audits must be periodic and meet international standards.

The FIU has instructed designated directors, principal officers, and chief compliance officers to begin compliance immediately.

While aimed at bolstering investor trust, the costs of such audits could weigh heavily on smaller players, potentially driving further consolidation in India’s crowded exchange market.

Currently, about 55 VDA providers are registered under India’s Prevention of Money Laundering Act, 2002, which places them under the same compliance regime as banks.

Crypto Hacks Push Government Into Action

The urgency stems from a string of high-profile breaches that have rattled the country’s crypto industry.

In July, CoinDCX fell victim to a $46 million hack after attackers compromised an internal account.

In 2024, rival exchange WazirX suffered a $230 million breach that forced it into a court-led restructuring in Singapore. A year later, many affected users are still waiting to recover funds.

Authorities say such incidents underscore systemic weaknesses in the sector’s defenses.

With crypto crimes making up 20–25% of cybercrime cases nationwide, regulators are moving to impose stricter safeguards and curb money laundering risks.

The move also signals India’s determination to keep pace with global standards for crypto oversight—even as broader questions about the country’s long-delayed digital asset regulations remain unresolved.

The post India Mandates Cybersecurity Audits for Crypto Exchanges Amid Record Surge in Hacks appeared first on ccn.com.

View Comments