In a decisive move to combat rising cyber fraud in India’s capital markets, SEBI has launched a renewed investor awareness campaign and highlighted new digital payment safety frameworks, including a centralised fee collection system and a mandatory UPI verification protocol. These reforms aim to enhance transparency, safeguard investor funds, and limit the misuse of unregulated platforms and apps.
Digital Fortification: SEBI’s War on Capital Market Cybercrime
In a country where retail investor participation is at an all-time high, the Securities and Exchange Board of India (SEBI) has responded to increasing cyber fraud with a multi-pronged strategy. The regulator has launched a renewed investor awareness campaign focused on safe digital practices, financial literacy, and regulatory-compliant intermediaries.
Key to this strategy is the announcement of CeFCoM (Centralised Fee Collection Mechanism), a little-known but operational system since October 1, 2024. Built in partnership with BSE and MF Utilities India, CeFCoM offers secure payment channels for retail investors engaging with registered Investment Advisers (IAs) and Research Analysts (RAs).
According to SEBI, more than ₹5 crore in advisory fees have already been routed through CeFCoM by June 10, 2025. With multiple payment options, from UPI Autopay to NEFT and even cheque, CeFCoM seeks to minimise fraud-prone, untraceable transactions, especially those involving unregistered advisors on social media or unofficial apps.
FCRF x CERT-In Roll Out National Cyber Crisis Management Course to Prepare India’s Digital Defenders
Strengthening Payment Safety: UPI Verification Goes Live in October
Following the introduction of CeFCoM, SEBI unveiled its next big safeguard, a mandatory UPI verification mechanism for all capital market transactions. The system, scheduled to go live on October 1, 2025, is designed to ensure that every UPI-linked payment made to intermediaries is routed only to verified entities.
SEBI Chairman Tuhin Kanta Pandey explained that the initiative covers nearly 9,000 SEBI-registered intermediaries and will not burden investors but hold intermediaries accountable. The goal is to cut off the financial lifelines of fraudulent actors impersonating advisors, analysts, and broker-dealers through spoofed accounts or cloned apps. The system will work by verifying UPI credentials at the backend, ensuring that the merchant receiving funds is on SEBI’s whitelist. SEBI’s move is expected to raise compliance costs for some intermediaries, but is largely being hailed as a consumer-first initiative.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Cleaning Up the App Stores: Verified-Only Financial Apps to Be Mandated
Fraudulent finance apps masquerading as legitimate trading platforms have been a persistent threat in recent years. SEBI’s campaign now extends to smartphone application ecosystems, with the regulator working closely with both Google Play Store and Apple App Store to allow only validated, whitelisted apps from intermediaries. Only SEBI-approved apps will be accessible for download, thereby eliminating a major vector for phishing and credential theft.
In the meantime, SEBI has urged investors to refer to official exchange websites for a list of verified apps and intermediaries. It has also reiterated warnings against responding to unsolicited advisory messages on social media or joining unregulated Telegram/WhatsApp groups promising “multibagger” stock tips.
The broader regulatory architecture, combined with targeted awareness efforts, is a reflection of SEBI’s shifting role from a passive regulator to a proactive digital watchdog, one that recognizes that trust in the system is inseparable from its technological integrity.
About the author – Prakriti Jha is a student at National Forensic Sciences University, Gandhinagar, currently pursuing B.Sc. LL.B (Hons.) with a keen interest in the intersection of law and data science. She is passionate about exploring how legal frameworks adapt to the evolving challenges of technology and justice.