September 2023 Newsletter

Direct Tax

Circulars / Notifications / Press Release

Clarification regarding applicability of TDS on lease rent or supplemental lease rent to a unit of an International Financial Service Centre (IFSC).

The Central Government has specified that no deduction of tax shall be made under section 194-I of the Income-tax Act on payment in the nature of lease rent or supplemental lease rent made to IFSC subject to receipt of statement-cum-declaration in Form No.1 furnished by lessor.

Extension of the applicability of Safe Harbour rules: CBDT Notification

CBDT vide notification dated 9th August 23 has extended the applicability of Safe Harbour rules to the AY 2023-24.

Case Laws

Income cannot be taxed until it is received even though TDS is deducted on it.

Assessee, a UAE entity had leased a helicopter to an Indian entity for which payment was yet to be received due to dispute between the parties. However, lessee has deducted the TDS and amount was reflecting in Form 26AS.Assessing Officer had treated said sum as royalty income of the assessee purely based on amount shown in Form 26AS.
Matter reaches to ITAT wherein stated that in the aforesaid scenario, it cannot be said that the assessee has received any royalty income, either under the domestic law or under the treaty provisions and hence it cannot be added on notional basis and assessing officer was directed to delete the said addition.

International Transaction (royalty) cannot be clubbed with other transaction: Pune ITAT

Assessee-company aggregated all transactions of ‘manufacturing activity’ and ‘trading activity’ for demonstrating them at Arm’s Length Price. Transfer Pricing officer (TPO) held that held that the aggregation of the ‘manufacturing activity’ with the ‘trading activity’ was not acceptable.
The TPO focused only on royalty payment paid by the assessee to its Associated Enterprise (AE) for technical know-how and he segregated this transaction from the ‘manufacturing segment’ and the ALP of the royalty-payment transaction was separately determined under ‘other method’ as prescribed under rule 10AB.
Matter reaches to ITAT wherein ITAT stated that where the transactions are not closely linked, their ALP needs to be determined separately and such determination of the ALP of an international transaction as per section 92C(1) should be done as per the most appropriate method.
Transaction of payment of Royalty for use of technical know-how provided by the AE and other international transactions under the manufacturing segment are not under any package deal nor is there any such understanding or any inextricable link between these transactions as one not surviving without the other.
ITAT held that royalty should be computed under rule 10AB separately and cannot be aggregated with others

GST litigation Update

Indirect Litigation update

Service Tax

Mere delivery of services through electronic medium does not amount to OIDAR services – Bombay High Court  

The petitioner had entered into an agreementagreed with Emirates Defence Industries Co (EDIC), located outside India, to provide Satellite-derived 3D model services. To fulfil this agreement, the petitioner imported high-resolution satellite images, processed them, and transmitted the results via file transfer protocol. GST authorities contended that the services offered by the petitioner would be categorized as Online Information Database Access or Retrieval (OIDAR) services. Since the petitioner was unable to establish that the place of supply for these services was outside India, a GST refund on the export of services was denied. 

The High Court held the agreement explicitly states that the services are intended for supply to EDIC, a non-Indian entity. Furthermore, the services involve specialized work in providing 3D city models, which are not readily available on the internet and they do not fall within the category of services defined as OIDAR services. The Court further noted that if the Department’s interpretation is to be accepted then it would lead to an absurd outcome, as it would imply that any form of information communication or service provision via email or electronic data transfer should be considered OIDAR, which is certainly not the purport and meaning of OIDAR services. The Court finally concluded that merely because the petitioner has secured data from different source so as to create the services to be supplied to EDIC, it would not amount to the petitioner falling within the definition of OIDAR services.    

Support services provided to the foreign affiliates do not amount to intermediary services – Delhi High Court 

The petitioner, in this case, offers bookkeeping, payroll, and accounting services using cloud technology to its affiliated entity based in the UK. GST authorities contended that the petitioner is providing intermediary services, and as a result, they are not eligible for a refund, as the place of supply would be in India. 

The High Court held that the petitioner does not qualify as an intermediary because the petitioner neither facilitates the provision of services by a third party nor acts as a middleman in procuring such services for its affiliate. The petitioner is contracted to provide the services and is, in essence, the principal service provider in this context. 

Investment advisory services provided to the group companies located outside India qualifies for export of services – Delhi High Court

The petitioner, under a support service agreement, provides investment advisory services to an overseas entity for investing in Indian target companies. GST authorities contended that these services fall under the definition of intermediary services since the petitioner facilitates investment by the foreign entity in target companies. 

The High Court held that the agreement clearly establishes the petitioner as an independent service provider, operating on a principal-to-principal basis. The agreement explicitly states that the petitioner is not intended to act as an agent of the principal. Given these facts, the services provided by the petitioner involve only two parties (supplier and recipient) and do not meet the requirement of three parties for intermediary services. Therefore, the services rendered by the petitioner cannot be classified as intermediary services.  

Constitutional validity of section 16(2) of CGST Act upheld, ITC can be recovered from buyer if the tax collected by the supplier is not paid to the Government – Patna High Court 

The petitioner in this case filed a writ petition questioning whether the Input Tax Credit (ITC) can be availed when all conditions outlined in Section 16(2) have been met, except for the payment of tax collected by the supplier to the government. Additionally, the concern expressed was whether recovering the tax from the purchaser who claimed ITC would result in double taxation, considering that the law provides mechanisms for recovering taxes from defaulting sellers. 

The High Court held that a purchaser is eligible to claim ITC only when all conditions specified under Section 16(2) are satisfied collectively, not in isolation. Therefore, merely producing documents showing payment and the movement of goods will not entitle the purchaser to claim ITC. The issue of double taxation for the purchaser does not arise, as ITC is denied only when the supplier fails to remit the tax to the government. In cases where the supplier does not remit the tax to the government, it becomes the responsibility of the purchaser, who claimed the ITC, to recover the tax amount from the non-compliant supplier.  

ITC is available on demo cars purchased for test drives if there is a further supply of such demo cars after a period of time – Telangana AAR

The applicant in this case is a dealer in automobiles who is required to purchase cars for demo purposes. These cars are either used as replacement vehicles after 2 years or sold to customers. The applicant has capitalized these motor vehicles in their accounting books and sought clarification regarding the availability of Input Tax Credit (ITC) on such motor vehicles. 

Tamil Nadu AAR has held that capitalizing a motor vehicle, which was purchased, does not render the tax paid on the acquisition ineligible for ITC if there is a subsequent supply of these motor vehicles, as defined within the scope of Section 7 of the Central GST Act. Therefore, if the applicant intends to sell the motor vehicle after 2 years, they are eligible to claim ITC. 

Service Tax not payable by the assessee under RCM on foreign bank’s charges – Chennai Tribunal  

The appellant, an exporter in this case, received export proceeds in their Indian bank account after the deduction of the foreign bank’s charges. The dispute revolved around whether the appellant is liable to pay service tax on these charges under the reverse charge mechanism as import of service from foreign banks. 

The Chennai Tribunal held that the Indian bank has merely recovered these charges from the appellant as reimbursement for the service charges they bore. In this transaction, the foreign bank is regarded as the service provider, and the Indian bank, located in India, is the actual service recipient liable to pay service tax under the reverse charge mechanism. Even if it is assumed that the appellant received any service, it would have been solely from the Indian bank. Therefore, according to the forward charge mechanism, the Indian bank is responsible for service tax payment in such cases.  

Singapore Updates

Latest Updates

Monetary Authority Of Singapore

MAS Announces New Regulatory Framework for Stablecoins

On 15 th August 2023, the Monetary Authority of Singapore (“MAS“) released the finalized regulatory framework for stablecoins regulated in Singapore in its “Response to Public Consultation on Proposed Regulatory Approach for Stablecoin-related Activities” (“Response“) where MAS responded to feedback received on MAS’ earlier public consultation (“Consultation“) which was published in October 2022 where MAS first set out its proposals for the new regulatory framework. Stablecoins are digital tokens designed to maintain a constant value against one or more specified fiat currencies.  MAS had previously identified that an innovative and responsible digital asset ecosystem needs credible and reliable mediums of exchange to facilitate transactions. MAS noted the potential for stablecoins to function as such mediums of exchange where they are well-regulated and give a high degree of assurance of value stability, and the new regulatory framework seeks to support the development of such stablecoins.    

In the Consultation, MAS noted that stablecoins are currently treated as digital payment tokens (“DPTs”) under the Payment Services Act 2019 (“PS Act“). In the Consultation, MAS proposed to introduce a new regulated activity of “Stablecoin Issuance Service” under the PS Act to regulate Single-Currency Pegged Stablecoins (“SCS“) pegged to the Singapore dollar or Group of Ten (G10) currencies issued in Singapore under the new regulatory framework (“SCS Framework“). 

Other types of stablecoins, including SCS issued outside of Singapore or pegged to other currencies or assets, will not be prohibited from being issued, used or circulated within Singapore. These stablecoins will continue to be subject to the existing DPT regulatory regime. MAS stated it will continue to monitor developments in the stablecoin landscape, and will bring other types of tokens into the SCS Framework if necessary.   

MAS’ stablecoin regulatory framework will apply to single-currency stablecoins (SCS) pegged to the Singapore Dollar or any G10 currency, that are is issued in Singapore. Issuers of such SCS will have to fulfil key requirements relating to: 

Value stability: SCS reserve assets will be subject to requirements relating to their composition, valuation, custody and audit, to give a high degree of assurance of value stability.

Capital: Issuers must maintain minimum base capital and liquid assets to reduce the risk of insolvency and enable an orderly wind-down of business if necessary.

Redemption at Par: Issuers must return the par value of SCS to holders within five business days from a redemption request.

Disclosure: Issuers must provide appropriate disclosures to users, including information on the SCS’ value stabilising mechanism, rights of SCS holders, as well as the audit results of reserve assets.

https://www.mas.gov.sg/news/media-releases/2023/mas-finalises-stablecoin-regulatory-framework 

MAS Proposed Framework for Single Family Offices

The Monetary Authority of Singapore (MAS) has proposed a new exemption framework for single single-family offices (SFOs) operating in Singapore. The framework introduces qualifying criteria to exempt SFOs from fund management licensing requirements. These criteria aim to subject SFOs to anti-money laundering checks by MAS-regulated financial institutions and corporate beneficial ownership reporting. MAS’s move responds to the increasing prominence of SFOs, intending to curb potential money laundering risks associated with their growth. 

Under the proposed framework, SFOs must meet specific conditions to qualify for the exemption, including being a Singapore-incorporated company wholly owned by a single family. The SFO’s fund management business must cater exclusively to family members, closely related corporations, express trusts, or charities funded solely by these entities. The SFO must maintain business relations with MAS-regulated financial institutions and have a resident employee as a point of contact with MAS. 

Notably, MAS emphasises that it won’t grant case-by-case exemptions to SFOs failing to meet the specified criteria. The proposed framework also mandates reporting requirements, necessitating new SFOs to submit commencement notifications and annual returns to MAS, disclosing their assets and financial relationships. 

For existing SFOs, a six-month transitional period is proposed to align with the exemption framework. During this period, existing SFOs must submit a commencement notification, and their previously relied–upon licensing exemptions will be withdrawn once the notification is filed or at the end of the six-month period months. 

https://www.mas.gov.sg/-/media/mas/news-and-publications/consultation-papers/2023-consultation-paper-on-proposed-framework-for-single-family-offices/consultation-paper-on-proposed-framework-for-single-family-offices.pdf 

MAS to Strengthen Defense Against Money Laundering Risks in Single Family Offices 

The Monetary Authority of Singapore (MAS) has launched a public consultation on a revised framework to strengthen surveillance and defence against money laundering (ML) risks in Singapore’s Single-Family Office (SFO) sector. The revised framework will introduce a harmonised class exemption for SFOs with specific requirements to ensure that all SFOs are subject to anti-money laundering controls.   

Currently, as SFOs do not manage third-party assets, they can either rely on existing class exemptions from licensing requirements under the Securities and Futures Act or apply to MAS for case-by-case exemptions. To strengthen surveillance and defence against ML risks in the SFO sector, MAS proposes to harmonise the exemption criteria for all SFOs operating in Singapore.   

Specifically, to qualify for the class exemption, SFOs must: 

be incorporated in Singapore; 
notify MAS and confirm that it is in compliancecomplies with the qualifying criteria under the class exemption when they commence operations in Singapore; 
report annually on total assets managed after the end of each calendar year; and 
maintain a business relationship with an MAS-regulated financial institution that will perform anti-money laundering checks on these SFOs.

These measures will allow MAS to better monitor SFOs operating in Singapore and address any ML risks in the sector. 

https://www.mas.gov.sg/news/media-releases/2023/mas-to-strengthen-defence-against-money-laundering-risks-in-single-family-offices 

Legal Updates

1. Introduction of the Digital Personal Data Protection Act, 2023

The Digital Personal Data Protection Bill, 2023 received the assent of the Hon’ble President of India on 11 August 2023 to become the Digital Personal Data Protection Act, 2023 (“Act”). While the Act received Presidential assent on 11th August 2023, the provisions will come into force as and when the Central Government notifies the date of enforcement in the Official Gazette. The key provisions of the Act are discussed below: 

Applicability: The Act governs the processing of “digital” personal data within India in two scenarios: (i) where such data is collected from data principals in digital format; or (ii) when data is initially collected in non-digital form and subsequently digitized. The Act also applies to the processing of digital personal data outside India if it pertains to the provision of goods or services to data principals located within India.

Notice and Consent: The Act requires a data fiduciary to provide notice and obtain consent from the data principal on or before processing personal data. Further, it is clarified that the consent given should be free, specific, informed and unambiguous, with clear affirmative action.

Obligations of Data Fiduciary: The Data fiduciaries are defined as persons who determine the purpose and means of processing personal data. The Act mandates certain duties to be adhered to by data fiduciaries to protect the security of personal data which includes: (i) complying with the provisions of the Act; (ii) appointing a data processor on its behalf for any activity related to the offering of goods or services to data principals only under a valid contract; (iii) making reasonable efforts to process accurate, complete and consistent personal data; (iv) implementing appropriate technical and organizational measures to ensure effective observance of the provisions of this Act; (v) keeping security safeguards in place to avoid breach of personal data; (vi) notifying instances of data breaches to the regulatory body, the data protection board of India and the affected data principal; (vi) erasure of personal data upon withdrawal of consent from data principal, unless necessary for compliance with any law; (vii) publishing the business contact information of a data protection officer or a person who is able to answer on behalf of the data fiduciary, the questions raised by the data principal; and (viii) establishing an effective mechanism to redress the grievances of data principals.

Processing of personal data of children: Under the Act, data fiduciaries are barred from tracking or behaviorally monitoring children or directing targeted advertising at them. They are also not permitted to undertake processing of personal data that is likely to cause any detrimental effect on the well-being of a child.

Rights of Data Principal: A data principal is defined under the Act to mean an individual to whom the personal data relates. The Act grants data principals’ various rights, including right of grievance redressal, right of access, correction, updating and erasure of their personal data. Further, the Act has introduced the concept of “consent managers” who shall act as a single point of contact to enable data principals to give, manage, review, and withdraw their consent through an accessible, transparent and interoperable platform.

Data Protection Board: The Act establishes and provides for the composition of the Data Protection Board (“Board”). The Board shall be a body corporate having perpetual succession, a common seal, and consisting of a chairperson and such number of other members, as may be notified by the Central Government.

Penalties: The Act provides for a levy of penalties of up to INR 250 Crores for certain offensesoffences, including failure to prevent a personal data breach. The Act does not enable affected data principals to seek compensation for breaches by data fiduciaries, instead, the Board can now levy penalties of up to INR 10,000/- for data principals not fulfilling their duties. A penalty of up to INR 50 Crores may be levied in case of a breach in observing the obligation of data fiduciary to take reasonable security safeguards to prevent personal data breach.

https://egazette.gov.in/WriteReadData/2023/248045.pdf   

2. The Jan Vishwas (Amendment of Provisions) Act, 2023

The Ministry of Law and Justice, on 11th August 2023, has published the Jan Vishwas (Amendment of Provisions) Act, 2023 (“Amendment Act”), to amend certain enactments and to decriminalize and rationalize certain offences thereunder. The Amendment Act will come in force as and when the Central Government may notify.  

The Amendment Act has set out a schedule, wherein certain revised fines and/or penalties have been set out for a list of legislative acts. Further, as per Section 3 of the Amendment Act, after the expiry of every 3 (Three) years from the date of commencement of the Amendment Act, the minimum amounts of fines and/or penalties (as set out in the schedule), will increase by 10% (Ten Percent). The revisions of few significant legislative acts, as per the schedule, are set out below:   

The Drugs and Cosmetics Act, 1940:

The schedule has been amended: (i) Section 29 which penalizes the use of reports generated by a government analyst for the purpose of advertising. As per the Amendment Act, the fine of INR 5,000/- has been revised to a penalty of INR 1,00,000/-; (ii) Section 30(2) stipulates a penalty for subsequent offences. As per the Amendment Act, the imprisonment of 2 years has been repealed and substituted only with a fine which shall be not less than INR 5,00,000/-; (iii) As per the Amendment Act, the offences committed and penalties levied under Section 27 (Penalty for manufacture, sale, etc. of drugs) and Section 27A (Penalty for manufacture, sale, etc. of cosmetics) shall be eligible for compounding.

The Copyright Act, 1957:

The Amendment Act has omitted Section 68 of the Copyright Act, 1957, which provides a penalty for making false statements for the purpose of deceiving or influencing any authority or officer.

The Patents Act, 1970:

The Amendment Act has proposed amendments to the following:

The penalty under Section 120 (Penalty for falsely representing any article being patented in India or such article being the subject of patent application) has been decriminalized and the amount of penalty can be levied to an extent of INR 10,00,000/- and in case of the continuing claim, a further penalty of INR 1,000/- has been set out, for every day, after the first claim continues. Currently, there is no fine in an instance of continuation of the claim.

Section 121 of the Patents Act, 1970 (Wrongful use of words ‘Patent Office’), has been omitted.

Section 122(1)(Refusal by any person to provide information), has been decriminalized and the amount of penalty may be levied to an extent of INR 1,00,000/- and in case of continuing refusal or failure, a further penalty of INR 1,000/- has been set out, for every day, after the first day of such refusal or failure. In Section 122(2), has been decriminalized and the penalty is the sum equal to 0.5% of the total sale/ turnover of the business/ gross receipts, or a sum equal to INR 5,00,00,000/-, whichever is less.

Section 123 (Penalty for practice by non-registered patent agents), which is read together with Section 129 (Restrictions on practice as patent agents) has been decriminalised and a penalty has been levied to an extent of INR 5,00,000/-, and in case of a continuing default, a further penalty of INR 1,000/- has been set out, for every day after the first day if the default continues.

Sections 124A (Adjudication of penalties), Section 124B (Appeal) have been inserted.

In Section 159(2) –the provision for manner of holding an enquiry and appeal procedures have has been inserted.

The Trade Marks Act, 1999:

The Amendment Act has proposed amendments to  the following:

Section 106 of the Trade Marks Act, 1999, (Penalty for removing piece goods, etc., contrary to Section 81) has been omitted in the Amendment Act.

Section 107 of the Trade Marks Act, 1999 (Penalty for falsely representing a trademark as a registered trademark) has been decriminalized and the penalty is levied of the sum equal to 0.5% of the total sale/ turnover of the business/ gross receipts, in the profession, as computed in the audited accounts of such person, or a sum equal to INR 5,00,000/- , whichever is less.

Section 108 (Penalty for improperly describing a place of business as connected with the Trade Marks Office) and Section 109 (Penalty for falsification of entries in the register) have been omitted.

The Amendment Act has further added new Sections, i.e. 112A (Adjudication of penalties) and 112B (Appeal).

Section 140 of the Trade Marks Act, 1999,(Power to require information of imported goods bearing false trade marks) has been substituted to include a timeline of 14 days for the importer to comply with the requirements under this section and failure of which shall incur a penalty  of INR 10,000/- (provided that such amount shall be levied and recovered under the Customs Act, 1962).

In Section 157(2) the provisions for manner of holding enquiry and appeal procedures have been inserted.

The Geographical Indications of Goods (Registration and Protection) Act, 1999: 

The Geographical Indications of Goods (Registration and Protection) Act, 1999 has inserted Section 37A(Adjudication of penalties) and Section 37B (Appeal Provisions).

Section 42(2) (Penalty for falsely representing a geographical indication as registered geographical indication) has been decriminalized and the  penalty has been levied of sum equal to 0.5% of the total sale/ turnover of the business/ gross receipts, in the profession, as computed in the audited accounts of such person, or a sum equal to INR 5,00,000/- , whichever is less.

Section 43 (Penalty for improperly describing a place of business as connected with the Geographical Indications Registry) and Section 44 (Penalty for falsification of entries in the register) have been omitted.

In Section 87(2) the provisions for the manner of holding an enquiry and imposing penalty under Section 37A and the appeal procedure as per Section 37B (2) have been inserted.

The Information Technology Act, 2000: 

Section 33(2) of this Information Technology Act, 2000, provides the penalty in an event the Certifying Authority (i.e. a person who has been granted a license to issue an electronic signature certificate) fails to surrender a suspended or revoked license to the Controller of Certifying Authorities. The punishment of imprisonment has been omitted through this Amendment Act, and further, the fine has been increased to an amount of up to INR 5,00,000/-.

Section 44 of the Information Technology Act, 2000, stipulates certain penalties in an event the information is not furnished, or a return has not been filed by a person. The Amendment Act has amended the sub-sections under Section 44, with an increased amount of fine.

Section 45 of the Information Technology Act, 2000 stipulates the residuary penalty. The ambit of contravention under the residuary penalty has been increased, by replacing the words “rules or regulations”, with “rules, regulations, directions or orders”. Further, this Section currently stipulates payment of a fine or compensation. However, the Amendment Act has increased the fine upto INR 1,00,000/-, in addition to the compensation to be given to the person affected by such contravention. Thus, the compensation amount will not exceed (a) INR 10,00,000/- by an intermediary, company or body corporate; or (b) INR 1,00,000/- (Indian Rupees One Lakh only), by any other person.

Section 46(1) of the Information Technology Act, 2000, states the jurisdiction of the adjudicating officer to adjudicate matters in which the claim for injury or damage does not exceed INR 5 Crores. The Amendment Act has omitted the words “injury or”, to restrict the jurisdiction of the adjudicating officer to claims of damage only. However, this Amendment Act has brought the entire Information Technology Act, 2000, under the jurisdiction of the adjudicating officer.

Section 66A (Punishment for sending offensive messages through communication services, etc.) has been omitted.

For Sections 67C(2) and 68(2), the punishment for imprisonment has been omitted and the Sections have been amended to increase the amount of fine, i.e. INR 25,00,000/-.

Section 69B(4) (Penalty in the event of non-compliance by the intermediary to render assistance to relevant authorities), has been revised to state that, the imprisonment may be up to a term of one year; and the fine may extend up to INR 1,00,00,000/-, or with both.

Section 70B (7) casts a duty upon the service providers, intermediaries, data centers centres, and body corporate to adhere to directions, including providing of the relevant information to the relevant authority. The Amendment Act has increased the amount of the fine to INR 1,00,00,000/-.

Section 72 of the Information Technology Act, 2000, provides a penalty for breach of confidentiality and privacy. The Amendment Act has revised the Section by omitting the provision of imprisonment and the amount of fine has been increased to INR 5,00,000/-.

Section 72A of the Information Technology Act, 2000, provides a penalty for disclosure of information in breach of a lawful contract. The Amendment Act has omitted the punishment of imprisonment and the amount of fine has been increased to INR 25,00,000/-.

The Prevention of Money Laundering Act, 2002: 

The Prevention of Money Laundering Act, 2002, has set out a list of offences, [“Scheduled Offence(s)”] categorized in certain parts, which, if related to any proceeds of crime, constitute an offence of money laundering.  
 
The Amendment Act has revised this Schedule, in Paragraph 21, to exclude the offence of ‘Penalty for falsely representing a trademark as registered’ (Section 107 of the Trade Marks Act, 1999), and for Paragraph 22, the offence of ‘Penalty for breach of confidentiality and privacy’ (Section 72) of the Information Technology Act, 2000.  
 
Further, under the Schedule of Prevention of Money Laundering Act, 2002, Paragraph 25 (Offences under the Environment Protection Act, 1986) and Paragraph 27 [Offences under the Air (Prevention and Control of Pollution) Act, 1981] have been omitted.

The Payment and Settlement Systems Act, 2007: 

Section 26(3) of the Payment and Settlement Systems Act, 2007 provides a penalty in an event any person fails to produce any statement, information, returns or other documents under Section 12 (Power to call for returns, documents or other information by the Reserve Bank). Section 26(6) sets out a general penalty for contravention of any provisions of this Act. The Amendment Act has amended the penalty provisions of both of these Sections to state that the penalty will be imposed in accordance with the provisions of Section 30 (Power of the Reserve Bank to impose fines).

As per the Amendment Act, the words of Section 30(1) of the Payment and Settlement Systems Act, 2007, have been revised to state ‘penalties’ instead of ‘fines’. The Section 30(1) has been revised to cross reference ‘sub-section (3) or sub-section (6) of Section 26 (Failure to produce information, general penalty where no specific penalty is provided). Further, the fine has been increased to a threshold of INR 10,00,000/-.

The Legal Metrology Act, 2009 

Section 25, Section 27 to Section 29, Section 31, Section 34 and Section 35 of the Legal Metrology Act, 2009 have been amended. The punishment of imprisonment has been omitted from these Sections and the Amendment Act has now increased the fines under the respective Sections.

In Section 48, which stipulates compounding of offences, Section 41 (Penalty for giving false information or return) has also been included.

Amendment to Legal Metrology (Packaged Commodities) Rules, 2011 

The Ministry of Consumer Affairs, Food and Public Distribution, vide its notification dated 30 th August 2023, has extended the effective date of the Legal Metrology (Packaged Commodities) (Amendment) Rules, 2023, by amending Rule 1(2) [Short Title and Applicability] of the aforementioned Rules. The Rules shall now be effective from 01 October 2023, as against the erstwhile date of 01 September 2023.

https://egazette.gov.in/WriteReadData/2023/248432.pdf 

Cyber security Updates

For security to benefit from AI, companies need to shore up their data

CISOs need to address the structure, management and curation of data as they pursue benefits from generative AI, according to an IDC report.

Artificial intelligence (AI) is becoming a big part of how companies keep their information safe. But some experts think we’re focusing too much on the AI technology itself, instead of the data it uses.

The data that AI relies on is crucial. If the data isn’t good, AI won’t work well. So, it’s like having a strong building, but if the foundation is weak, the building can collapse.

According to IDC analysts, who study this, AI can help with security, but it’s only as good as the data it uses. Frank Dickson from IDC says that data is like the fuel for AI in security. How we handle, manage, and organize this data is what determines whether AI will be successful in protecting us.

Right now, many companies are excited about “generative AI,” which is like a quick energy boost. It helps with specific problems but doesn’t solve everything. On the other hand, “predictive AI” is like a nutritious meal; it helps build a strong foundation for security.

To make AI work well in security, we need to make sure the data we give it is reliable. This is a big challenge because collecting and organizing security data is harder than building the AI itself.

Cybersecurity experts are naturally cautious, which is a good thing. It means they will take their time and not rush into using AI. They’ll ask tough questions and make sure AI actually makes things better.

So, if you’re a company looking to use AI for security, don’t just trust the hype. Ask your AI vendors to prove that it’s making a real difference that you can see and measure. If it can’t be measured, it might not be worth it.

Balancing cybersecurity with convenience and progress

Cybersecurity is getting better, but it’s also getting more complicated. There are more bad guys trying to hack into systems, and companies have a lot more data to protect.

Some good news is that businesses are starting to take cybersecurity seriously. They’re using new technology like generative AI to help. They’re also making sure their employees are trained to handle cybersecurity threats.

But there’s a tricky balance to maintain. Too much security can slow things down, but too little can lead to big problems. It’s like walking on a tightrope.

The biggest threats companies are worried about are things like malware, ransomware, and attacks on their computer systems. When these attacks happen, they can be really bad for business.

There are four important things to consider in cybersecurity:

Product: New technology like generative AI can help, especially in monitoring networks and stopping malware.
People: The biggest challenge is finding people with the right skills. Companies are training their employees and helping them get certifications.
Policy: Companies are using risk management to figure out how to protect their business. Some are good at it, but others still have work to do.
Process: Companies are creating ways to protect themselves, like using a “zero trust” approach. This means not trusting anything or anyone until they’re sure it’s safe.

Cybersecurity is always changing, and companies need to stay on top of it to keep their data safe.