IFSCA imposes binding cyber controls on IFSC regulated entities for frontier-AI attack risks

On 4 June 2026, IFSCA issued a binding circular (in force immediately, under the IFSCA Act 2019) requiring all Regulated Entities in IFSCs to strengthen cyber controls against frontier-AI-driven attacks. Mandatory measures include presuming critical vulnerabilities are exploitable within hours, treating frontier AI as a defined scenario in Board-reviewed risk assessments, maintaining an SBOM and API inventory with throttling and whitelisting, requiring critical service providers to evidence preparedness, and ensuring human oversight of AI-generated code.

IFSCA's circular responds to frontier AI models that can find vulnerabilities and produce working exploits fast enough to shrink the disclosure-to-exploitation window from weeks to hours. It is binding on all Regulated Entities in the IFSCs with immediate effect and supplements, without diluting, IFSCA's existing cyber guidelines for Regulated Entities and Market Infrastructure Institutions. Annexure A's mandatory obligations require Regulated Entities to presume newly disclosed critical vulnerabilities are exploitable within hours and prepare for compressed patch waves; to incorporate frontier-AI capabilities as a defined scenario within cyber-security risk assessments, reviewed periodically and placed before the Board, and before the Standing Committee on Technology for Market Infrastructure Institutions; to maintain a Software Bill of Materials including open-source components; to maintain a comprehensive API inventory with rate-limiting, throttling and whitelisted connectivity; to require critical service providers to assess frontier-AI risk and provide evidence of preparedness, and to remediate third-party vulnerabilities; to strengthen monitoring and detection of AI-driven attack patterns; to control any transmission of source code, configurations, logs or regulated data to AI models; and to ensure human oversight and rigorous security testing of AI-generated or AI-remediated code before production. Additional measures — phishing-resistant multi-factor authentication, patch prioritisation, rapid credential-compromise response and adoption of AI-assisted detection tools — are encouraged but not mandated.