The Securities and Exchange Board of India vide circular no. SEBI/HO/ ITD-1/ITD_CSC_EXT/P/CIR/2025/119 clarified that the cybersecurity and cyber resilience framework (CSCRF) applies only to systems used exclusively for its regulated activities. Shared infrastructure will also be audited if not already covered by the RBI or another regulator. Please refer the circular for more details.