What impact will the new CIO storage rule have on the crypto industry?

In a recent circular, the Ministry of Electronics and Information Technology required all virtual asset service providers to store Know Your Customer (KYC) details and transaction records for their users for a period of five years. Crypto industry experts have cited this as a positive step towards compliance and user safety on crypto platforms. However, some experts have argued that this has led to an increased compliance burden for the exchanges.

New data storage guidelines increase the burden of compliance with exchanges. The high cost of compliance can prompt them to explore new geographies. This will test the resilience of exchanges that are already struggling with low trading volumes, as well as a fictitious ban on banking and payment services,” says Sharat Chandra, Vice President, Research and Strategy, EarthID, blockchain platform.

Kazem Rizvi, founding director of The Dialogue, a public policy think tank, believes that the stated goal of the recent CERT-In directive is to bridge the gap in cyber-impact analytics by accessing more information and data to improve the Internet. Safety.

“The guidelines oblige service providers (VPS, VPN, etc.), intermediaries, data centers and legal entities to synchronize the clocks of ICT systems, retain user data for five years and report cyber incidents. In addition, it requires virtual asset service providers and virtual asset exchange providers Reserve wallet providers will retain all KYC information for a period of five years on a mandatory basis.”

Virtual asset service providers, virtual asset exchange providers, and reserve wallet providers are required to retain all KYC information for five years.

It is important to note that the last rule only affects cryptocurrency exchanges that hold cryptocurrency wallets on behalf of their users. In a custodian wallet, you will not have complete control over your funds, or the ability to sign transactions and manage your private keys yourself.

Dileep Seinberg, founding CEO of MuffinPay, a billing and token payment service, says the move “suggests that the government is positive with respect to cryptocurrencies and needs better controls and regulations similar to those in place for mutual funds, deeds and obligations.”

“This should stimulate stock market investors who are looking for new avenues to invest,” he says.

Razavi explained that this directive has multiple effects at the market level. The first is that when entities are pushed to connect their ICT systems to a National Information Center (NIC) or NTP (Network Time Protocol) server of the National Physical Laboratory (NPL), this will affect service providers, potentially disrupting services and impeding accidents. Response. Second, enforcing the required retention of suppliers on VPN service providers may compromise their trust quotient, and thus affect their business. In addition, VPN hacking will also affect the Indian companies that use VPN.

In addition, KYC requirements are broad and can affect the operations of cloud service providers.

“Customer information required under this requirement is sensitive and can prevent consumers from using cloud services. With the growth of the Indian cloud computing market and we have designated India as a global cloud computing hub, it is imperative that we refrain from imposing additional burdens that may not help CERT-In achieve its objectives, While at the same time it could affect cloud growth in India, Razavi adds.

Gaurav Mehta, founder of Catax, a start-up in crypto taxation, auditing and forensics, said it will help the Financial Intelligence Unit (FIU), CBDT (Central Board of Direct Taxes), NATGRID (National Intelligence Network) and other laws. Law enforcement agencies achieve their goals faster by helping them provide detailed information on crypto investments, wallets, money laundering, evasion and other illicit activities that were previously vulnerable.

Leave a Comment