NewsStocksFinancial Intelligence Unit tightens AML, cybersecurity norms for virtual digital asset firmsFinancial Intelligence Unit tightens AML, cybersecurity norms for virtual digital asset firms
India's Financial Intelligence Unit has issued comprehensive updated guidelines for virtual digital asset entities, introducing mandatory cybersecurity audits by CERT-In accredited auditors and compulsory FIU registration. The framework enhances KYC processes, transaction monitoring, and requires appointment of Designated Directors with board-level oversight for AML compliance. Industry participants view the guidelines positively, noting they provide clarity and establish uniform compliance standards across the VDA sector.
*this image is generated using AI for illustrative purposes only.
India's Financial Intelligence Unit (FIU-IND) has issued updated guidelines that significantly tighten governance, anti-money laundering (AML), and cybersecurity requirements for virtual digital asset (VDA) entities operating in the country. The revised framework represents a comprehensive approach to regulating the digital asset sector while balancing innovation with financial stability and security concerns.
Mandatory Cybersecurity and Registration Requirements
The updated guidelines introduce several critical compliance requirements for VDA companies. Under the new framework, all VDA entities must undergo mandatory cybersecurity audits conducted by auditors accredited by the Indian Computer Emergency Response Team (CERT-In). Additionally, FIU-IND has made registration with the agency a mandatory prerequisite for entities seeking to commence or continue VDA-related operations in India.
| Requirement | Details |
|---|---|
| Cybersecurity Audits | Mandatory audits by CERT-In accredited auditors |
| Registration | Compulsory FIU-IND registration for all VDA operations |
| KYC Processes | Enhanced Know Your Customer requirements |
| Transaction Monitoring | Improved systems aligned with Travel Rule |
Enhanced AML and Transaction Monitoring
The guidelines require firms to strengthen Know Your Customer (KYC) processes and enhance transaction monitoring systems in line with the Travel Rule to improve traceability of digital asset transfers. This move aims to increase regulatory oversight and align the sector more closely with India's broader AML and counter-terrorist financing (CFT) framework.
Governance and Accountability Measures
The updated guidelines place greater emphasis on governance and accountability at the organizational level. VDA firms must appoint a Designated Director responsible for ensuring compliance with AML and CFT obligations. The rules mandate board-level oversight of compliance functions, integrating risk management and regulatory adherence into business strategy.
| Governance Requirement | Implementation |
|---|---|
| Designated Director | Mandatory appointment for AML/CFT compliance |
| Board Oversight | Board-level supervision of compliance functions |
| Risk Management | Integration into business strategy |
| Accountability | Senior management responsibility framework |
Industry Response
Industry participants have responded positively to the guidelines, noting they provide clarity on compliance expectations. Vimal Sagar Tiwari, Co-founder at CoinSwitch, said the requirement for FIU registration strengthens oversight and accountability across the ecosystem. He added that the AML and CFT guidelines establish uniform compliance standards, which could help build trust and create a level playing field for VDA companies. Tiwari also noted that the focus on senior management and board-level responsibility reinforces governance and risk management practices.
FIU-IND's updated norms mark a step toward formalizing the virtual digital asset sector, as regulators seek to balance innovation with financial stability and safeguards against misuse.
16
