Concerned over the rising instances of cyber fraud and identity misuse, the Chartered Accountants Association of Surat (CAAS) has urged the Institute of Chartered Accountants of India (ICAI) to immediately discontinue publication of members’ directories — whether in printed format or freely accessible digital mode.
According to the Association, these directories carry highly sensitive personal and professional details such as photographs, residential and office addresses, mobile numbers, email IDs, membership numbers and dates of birth — information that, in today’s AI-driven ecosystem, has become a key target for data scraping, impersonation and automated cyber frauds.
Risk Outweighs Utility, Says Association
In its letter, CAAS acknowledged that member directories were historically introduced for professional networking and easy reference, but stressed that the risk profile has drastically changed.
The Association observed:
“In the era of Artificial Intelligence and automated systems, the publication of Members’ Directories is no longer a matter of administrative convenience but a significant institutional risk.”
It warned that any compromise of consolidated member data could harm not only individual professionals but also erode public confidence in the accounting profession as a whole.
CA Profession Becoming a Soft Target
The letter underlined that Chartered Accountants enjoy high levels of trust in financial, corporate and compliance matters. Misuse of directory data, it said, enables scammers to orchestrate:
- Fake calls and messages
- Spoofed emails
- Fraudulent investment pitches
- Misleading verification requests
Such attacks, the Association cautioned, can deceive both members and the public at large, leading to serious financial and reputational damage.
Call for ‘Institutional Data Custody’
CAAS has requested ICAI to adopt a strict framework of institutional data custody, under which all personal member information remains exclusively within ICAI’s secured systems.
It has specifically urged that:
- Sensitive personal data should not be publicly displayed or distributed.
- Member information must not be shared with third parties, including marketing and advertising agencies.
- Any professional networking facility should be provided only through authenticated, access-controlled digital platforms.
This, CAAS believes, will enable monitoring, accountability and protection against unauthorized data extraction.
Limited Disclosure for Public Verification
Recognising the need for public verification of CA credentials, CAAS suggested that ICAI provide a restricted search tool on its official website.
Such a tool should display only:
- Minimal, non-sensitive information
- Strictly limited to verification purposes
This approach, it said, would strike a balance between transparency and data privacy.
‘Stopping Directories Is Now an Institutional Necessity’
Reiterating its position, CAAS stated:
“Discontinuance of Members’ Directories is no longer a matter of preference but an institutional necessity in the contemporary AI-driven environment.”
It emphasised that ICAI, as the custodian of the profession, is uniquely placed to establish clear and uniform data protection standards across the country.
Growing Cybersecurity Worries
The Association pointed to the rising trend of:
- Data scraping
- Fake professional profiles
- Deepfake identity misuse
- Sophisticated social engineering attacks
These incidents, it said, increasingly rely on publicly available personal data, making consolidated directories particularly vulnerable.
Failure to adopt preventive measures could jeopardise:
- Personal safety of members
- Reputation of the CA profession
- Public trust in regulated financial systems
What CAAS Expects Next
The Association has urged ICAI to:
- Immediately discontinue publication and circulation of Member Directories
- Issue a comprehensive data access policy
- Frame clear cybersecurity guidelines for handling member information
The objective, it said, is to ensure that Chartered Accountants operate in a secure, responsible and technologically aware professional ecosystem.
