India Mandates Cybersecurity Audits for Crypto Exchanges Amid Record Surge in Hacks

Core Insights - India is implementing mandatory cybersecurity audits for all registered crypto exchanges and service providers to enhance oversight amid rising cybercrime incidents [1][7]. Regulatory Changes - The Financial Intelligence Unit (FIU-IND) issued a directive on September 15, mandating that all crypto platforms must undergo regular cybersecurity audits due to the increase in crypto-related crimes, which now account for nearly 25% of all cybercrime cases in India [2][6]. Compliance Requirements - Crypto platforms are required to hire cybersecurity auditors approved by the Indian Computer Emergency Response Team (CERT-In) for periodic audits that meet international standards. Compliance is expected to begin immediately for designated directors and compliance officers [3][4]. Industry Impact - The costs associated with these audits may disproportionately affect smaller crypto players, potentially leading to further consolidation in India's competitive exchange market, which currently has about 55 registered virtual digital asset (VDA) providers [4][5]. Cybersecurity Concerns - Recent high-profile hacks, including a $46 million breach at CoinDCX and a $230 million breach at WazirX, have highlighted systemic weaknesses in the sector's defenses, prompting regulatory action to impose stricter safeguards [5][6].