India and its cybersecurity nodal agency has directed all ISP’s and crypto exchanges to comply with new KYC record-keeping and data breach reporting directives.
Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology of the Government of India has stated that all cyber breaches must be reported within six hours of detection. This includes the immediate reporting of rug pulls.
With KYC records, exchange providers and custodian wallet providers in India are also required to hold onto those records for at least five years.
“Many times during LEA (Law Enforcement Agency) requests and investigations, we have seen cases of non-storage or availability of data and proper records with intermediaries and service providers. These guidelines will streamline the date records to be maintained and proper reporting of security incidents to CERT-In,” said Jiten Jain, Voyager Infosec director of digital lab in an interview with Financial Express.
India is taking its time with legal crypto framework
Since India doesn’t have an extensive virtual asset framework in place, the response and reporting guidelines for crypto players are currently incorporated into the country’s larger technology and financial practices.
Ishan Arora, Partner at Tykhe Block Ventures, told the Economic Times recently that “[f]iat and crypto being treated in a similar way for law on cyber criminals is not a bad step, as long as it is well thought about, keeping in mind all the stakeholders.”
Yet, a detailed crypto framework is also not expected to come anytime soon, as India’s finance minister has recently made it clear that the government isn’t rushing with the legislation. However, the industry has gone ahead to warn about a crypto “brain drain” of developers and investors due to the legislative delay.
Paul Rogash, CEO & Founder of EarnU, thinks that the government taking its time might be a good step:
“Now the minister is signaling towards informed decision making. We are sure that the government will work towards bringing in regulations, absence of which might divert activities outside the country, or perhaps black market, which will hamper the economy,” he stated to the local paper.
However, the legislative uncertainty has certainly led to India’s CoinSwitch Kuber exchange temporarily halting INR deposits for crypto purchases. While the exchange has now unfrozen the transfer method after two weeks, instant UPI transfers remain unsupported in the country for crypto providers.
Meanwhile, India’s leading banks have also reportedly asked the National Payments Corporation of India (NPCI) to lay out a formal directive for the buying and selling of virtual digital assets (VDAs) in India.
What do you think about this subject? Write to us and tell us!
Disclaimer
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Source: https://beincrypto.com/india-cybersecurity-agency-kyc-data-breach-directives/