The market regulator has once again extended the deadline for registered entities (REs) to adopt Cybersecurity and Cyber Resilience Framework (CSCRF), except for market infrastructure institutions (MIIs), KYC Registration Agencies (KRAs) and Qualified Registrars to an Issue and Share Transfer Agents (QRTAs).
In a circular issued on March 28, the Securities and Exchange Board of India (SEBI) has said that the compliance timelines have been extended till June 30, 2025.
The circular said, "SEBI had received multiple requests for CSCRF compliance timelines extension to ensure ease of compliance for them."
SEBI had introduced the CSCRF through a directive issued on August 20, 2024, "recognising the need for robust cybersecurity measures and protection of data and IT infrastructure."
Through a December 2024 circular, SEBI had extended the deadline once before from January 1, 2025, to March 31, 2025. It had given " regulatory forbearance" till that date. This directive had said that the date of compliance for KRAs and Depository Participants had been moved to April 1, 2025.
Through the latest circular, the regulator has further extended the deadline for many REs.
Stock Exchanges/ Depositories have been directed to Bring the provisions of the circulars to the notice of their members/ participants and also disseminate the same on their websites.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
