The recent directive from the Indian government mandates that all cryptocurrency exchanges, custodians, and intermediaries must undergo cybersecurity audits by auditors accredited by the Indian Computer Emergency Response Team (Cert-In) to enhance the security framework in the wake of increasing cybercrimes associated with virtual digital assets (VDAs), which now account for a significant portion of cybercrime in the country. This requirement aligns VDAs with the compliance standards of traditional financial institutions under the Prevention of Money Laundering Act, 2002, thereby reinforcing the regulatory framework for the cryptocurrency sector. The move is particularly timely given the surge in crypto-related thefts, as these audits aim to address security vulnerabilities, especially regarding the protection of private keys, which are crucial for safeguarding users’ assets. Moreover, the Financial Intelligence Unit’s (FIU) recent changes, including the introduction of a ‘Partner Accreditation for Compliance & Trust’ certificate, aim to tighten the compliance landscape, ensuring that crypto entities adhere to rigorous standards to prevent money laundering and facilitate better tracing of illicit funds. This comprehensive approach by the government not only seeks to regulate the growing cryptocurrency market but also underscores its commitment to strengthening the cybersecurity infrastructure necessary for protecting the digital economy, potentially leading to a more robust and trustworthy financial ecosystem in India.