GIFT City July 2026 Updates

04 June 2026: IFSCA Issues Advisory on Rising Cyber Threats from Advanced AI Models

The International Financial Services Centres Authority (IFSCA) has issued a fresh advisory urging all regulated entities operating in IFSCs to strengthen their cyber security frameworks amid the rapid advancement of frontier artificial intelligence (AI) models.

The advisory, issued on June 4, 2026, builds on IFSCA’s existing cyber security and cyber resilience guidelines introduced in March 2025 and subsequently updated in March and April 2026. The regulator clarified that the latest advisory should be read alongside these guidelines and does not alter or dilute any existing compliance obligations.

According to IFSCA, recent breakthroughs in frontier AI models have significantly enhanced offensive cyber capabilities. These advanced systems are now capable of analysing complex software code, identifying both known and previously undiscovered (zero-day) vulnerabilities, assessing their exploitability, and even generating functional exploits with remarkable speed and accuracy.

The regulator cautioned that these developments have drastically shortened the window between the public disclosure of a software vulnerability and its exploitation by malicious actors-from several weeks to potentially just a few hours. This evolution is expected to lower the technical barriers for sophisticated cyberattacks, enabling attackers to operate at greater speed, scale, and lower cost.

While access to the most advanced AI models remains relatively restricted today, IFSCA noted that such capabilities are likely to become more widely available over time. In anticipation of this shift, the regulator has advised all regulated entities to proactively reassess their cyber risk exposure, strengthen their security posture, and implement appropriate mitigating controls based on the size, complexity, and risk profile of their operations.

IFSCA has also encouraged regulated entities to adopt the measures outlined in Annexure A of the advisory to enhance cyber resilience against emerging AI-driven threats.

The advisory has been issued under Sections 12 and 13 of the International Financial Services Centres Authority Act, 2019, and has come into effect immediately.

05 June 2026: IFSCA Standardises Annual Compliance Audit Framework for Capital Market Intermediaries

The International Financial Services Centres Authority (IFSCA) has introduced a uniform reporting framework for the Annual Compliance Audit of Capital Market Intermediaries (CMIs), strengthening regulatory oversight and promoting greater consistency across entities operating in IFSCs.

Under the new framework, all CMIs will be required to submit an Annual Compliance Audit Report (ACAR) along with a standardized Annual Compliance Audit Checklist (ACAC) by 30 September each year for the preceding financial year. The checklist will comprise a common section applicable to all intermediaries and a category-specific section based on the nature of their registration or authorization.

Broker Dealers, Clearing Members and Depository Participants will have an additional compliance obligation of submitting the audit report to their respective Market Infrastructure Institutions (MIIs), while MIIs have been directed to prescribe their own compliance checklist covering exchange, clearing corporation and depository regulations. These MII-specific requirements will form Part C of the audit checklist and will also be reported to IFSCA. MIIs, in turn, must submit a consolidated compliance report to the regulator by 30 November every year.

To streamline compliance, IFSCA has also integrated the annual audit requirements applicable to Global Access Providers (GAPs) and Introducing Brokers into the same reporting framework. Their Global Access compliance audit will now be reported through the ACAR format, replacing the need for a separate reporting process.

The circular further introduces governance norms for appointing Compliance Auditors. Audits may be conducted by eligible professionals from ICAI, ICSI, ICMAI or authorized foreign auditors, provided they are independent and free from conflicts of interest. Indian professionals must also be peer-reviewed. To preserve auditor independence, appointments have been capped at a maximum of three consecutive years, followed by a mandatory two-year cooling-off period before reappointment.

IFSCA has clarified that the revised reporting framework will also apply to the FY2025-26 compliance cycle. The Authority may update the audit checklist from time to time, requiring intermediaries to use the latest version available on the IFSCA website. The circular has come into effect immediately.

05 June 2026: IFSCA Consolidates Trading & Clearing Regulations into Single Master Circular

The International Financial Services Centres Authority (IFSCA) has issued a comprehensive Master Circular consolidating all regulatory instructions governing Stock Exchanges, Clearing Corporations and related market participants operating in GIFT IFSC. Effective immediately, the circular replaces 15 IFSCA circulars issued between 2021 and 2025, along with applicable pre-October 2020 SEBI circulars, creating a unified regulatory framework aimed at improving ease of doing business and regulatory clarity.

The Master Circular standardizes regulations across the entire market infrastructure ecosystem, covering recognition of exchanges, trading and settlement, risk management, technology, governance, surveillance and periodic reporting. It also introduces a single reference document for Stock Exchanges, Clearing Corporations, Broker Dealers, Clearing Members and Depositories operating in GIFT IFSC.

Among the key provisions, the framework strengthens market access for global investors through the Segregated Nominee Account Structure, expands the operational framework for Direct Market Access (DMA) and Sponsored Access, formalizes governance standards for Market Infrastructure Institutions, enhances technology and cybersecurity requirements, and prescribes comprehensive business continuity and disaster recovery norms. It also standardizes client code management, margin trading, liquidity enhancement mechanisms, proprietary trading disclosures and risk management practices.

The circular requires all Market Infrastructure Institutions to ensure compliance by their management, regulatory committees and market participants, while preserving the validity of actions taken under the superseded circulars. Overall, the move is expected to simplify compliance, reduce regulatory fragmentation and strengthen GIFT IFSC’s position as a globally competitive international financial centre.

15 June 2026: IFSCA has significantly eased the import framework for gold and silver through the India International Bullion Exchange (IIBX), broadening access for jewellery exporters and simplifying eligibility norms.

Under the latest amendments, SEZ jewellery exporters are no longer required to meet the earlier minimum net worth criteria to qualify for bullion imports. Additionally, entities holding a valid Registration-cum-Membership Certificate (RCMC) from the Gem & Jewellery Export Promotion Council (GJEPC) are now eligible to apply as Qualified Jewellers, expanding the pool of eligible importers.

The regulator has also aligned the framework with recent DGFT notifications governing silver imports. SEZ units with a valid Letter of Approval for jewellery exports can now import silver bars (ITC(HS) 71069221) directly through IIBX without obtaining Qualified Jeweller status, while imports under ITC(HS) Codes 71069110 and 71069120 will require a valid DGFT Import Authorisation. The revised framework is intended to improve transparency, simplify bullion procurement for exporters, and strengthen the competitiveness of India’s gems and jewellery sector through easier access to precious metals via IIBX.

19 June 2026: IFSCA Tightens Fund Flow Rules for Exempt Financial Institutions

The International Financial Services Centres Authority (IFSCA) has amended its AML/CFT exemption framework, strengthening the manner in which financial transactions are routed by regulated entities operating in GIFT IFSC.

Under the revised circular, all Financial Institutions, including those that are otherwise exempt from the applicability of the IFSCA Anti-Money Laundering, Counter-Terrorist Financing and Know Your Customer (AML/CFT/KYC) Guidelines, 2022, must ensure that all monetary consideration arising from business transactions-such as fees, funds and other payments-is routed exclusively through an IFSC Banking Unit (IBU) account or a Special Non-Resident Rupee (SNRR) account.

The amendment replaces Clause 3 of the earlier exemption circular issued on November 18, 2024, while all other provisions remain unchanged. The revised framework has come into effect immediately.

The move is aimed at strengthening transparency, auditability and regulatory oversight of fund flows within the IFSC ecosystem, while preserving the existing AML/CFT exemptions for eligible entities and activities.

30 June 2026: IFSCA Extends Internet Banking Compliance Deadline for IFSC Banking Units; Eases Select Requirements

The International Financial Services Centres Authority (IFSCA) has amended its framework governing internet banking services offered by IFSC Banking Units (IBUs), providing banks with additional time to comply with the revised cybersecurity and customer protection requirements introduced in December 2025.

Under the revised circular, IBUs that commenced operations before the issuance of the December 29, 2025 circular will now have until July 31, 2026 to implement the prescribed requirements. Earlier, banks faced an earlier compliance timeline.

However, IFSCA has clarified that any IBU failing to meet the requirements by the revised deadline will be prohibited from onboarding new customers for those liability products that remain non-compliant from August 1, 2026, until the deficiencies are addressed.

In addition to extending the implementation timeline, the regulator has issued important operational clarifications to remove ambiguities in the earlier framework.

The Authority clarified that the term “all linked accounts” refers to every account held by a customer with the IBU, including both deposit and loan accounts. It also explained that “whitelisting” refers to a facility that enables customers to maintain a predefined list of approved beneficiaries for fund transfers, strengthening transaction security while improving customer convenience.

In another key relaxation, IFSCA has made the requirement prescribed under Paragraph 8.i.b of the December 2025 circular non-mandatory, offering greater operational flexibility to IBUs while retaining the broader security framework.

All other provisions of the earlier internet banking guidelines will continue to remain in force.

The latest amendments reflect IFSCA’s continued effort to balance robust digital banking safeguards with practical implementation challenges faced by IFSC Banking Units, while ensuring that customer protection and cybersecurity standards remain aligned with evolving digital banking practices.

Leave a Reply

Your email address will not be published. Required fields are marked *

Let's Discuss Your Requirements