In a move that establishes which organization has power over suspicious or unlawful activity in the crypto industry, India identified the country’s Computer Emergency Response Team (CERT) as the national agency for cyber security, including the crypto industry.
To ensure cyber security in the area of payments and financial markets for citizens while protecting their data, fundamental rights, and economic freedom in light of the growth of virtual assets, the move requires crypto businesses, such as virtual asset service providers, to keep know-your-customer (KYC) information and financial transaction records for five years.
While the statement is seen by the industry as a soft step toward regulation before crypto-specific legislation is adopted, the government has made no such claim.
A similar, but much stronger, move was the rule to tax crypto businesses before crypto-specific legislation, announced in February. At the time, a senior finance ministry official said “just…