On January 8, India’s Financial Intelligence Unit (FIU-IND) updated rules for companies handling virtual digital assets like cryptocurrencies. Exchanges must now collect detailed user information, including identity, contact details, occupation, income range, a selfie with liveliness detection, and precise geo-location with timestamps and IP addresses. Bank accounts will be verified using the penny drop method to confirm ownership. High-risk clients face stricter checks and must update KYC every six months, while others do so yearly. The guidelines strongly discourage Initial Coin Offerings (ICO) and Initial Token Offerings (ITO). Exchanges cannot support anonymous privacy coins or mixers that hide crypto transactions. Centralized exchanges in India already follow KYC to fight illegal activities. For instance, WazirX founder Nischal Shetty confirmed that their processes meet global standards with live selfie checks, geo-tagging, and DigiLocker integration. CoinDCX and ZebPay also use similar stringent verification methods. Despite some security breaches in 2024 and 2025, these platforms emphasize user safety and compliance. However, decentralized exchanges (DEXs) remain less regulated and offer anonymity, attracting both privacy-focused users and potential criminals. India’s updated rules are a step toward regulating crypto but do not drastically change the existing KYC framework. In India, cryptocurrencies are taxed but lack strong investor protections. The government’s regulatory approach remains cautious compared to other regions, leaving many traders seeking clearer rules. These new guidelines aim to boost transparency and curb misuse of virtual digital assets in the country.