/images/ppid_59c68470-image-176803002815694354.webp)
Under the revised framework, VDA companies must undergo mandatory cybersecurity audits conducted by auditors accredited by the Indian Computer Emergency Response Team (CERT-In).
The guidelines also require firms to strengthen Know Your Customer (KYC) processes and enhance transaction monitoring in line with the Travel Rule to improve traceability of digital asset transfers.
FIU-IND has made registration with the agency a mandatory prerequisite for entities seeking to commence or continue VDA-related operations in India. The move aims to increase regulatory oversight and align the sector more closely with India’s broader AML and counter-terrorist financing (CFT) framework.
The updated guidelines also place greater emphasis on governance and accountability. VDA firms must appoint a Designated Director responsible for ensuring compliance with AML and CFT obligations.
The rules mandate board-level oversight of compliance functions, integrating risk management and regulatory adherence into business strategy.
Industry participants said the guidelines provide clarity on compliance expectations.
Vimal Sagar Tiwari, Co-founder at CoinSwitch, said the requirement for FIU registration strengthens oversight and accountability across the ecosystem. He added that the AML and CFT guidelines establish uniform compliance standards, which could help build trust and create a level playing field for VDA companies. Tiwari also noted that the focus on senior management and board-level responsibility reinforces governance and risk management practices.
FIU-IND’s updated norms mark a step toward formalising the virtual digital asset sector, as regulators seek to balance innovation with financial stability and safeguards against misuse.
/images/ppid_a911dc6a-image-176802922657281484.webp)
/images/ppid_a911dc6a-image-176802855209591398.webp)
/images/ppid_59c68470-image-176802753548374348.webp)
/images/ppid_59c68470-image-176802753479018458.webp)
