Relevance in 2026 and Beyond

When the Market Has No Panyadhyaksha

Cryptocurrency hacks, algorithmic manipulation, platform monopolies, modern markets create novel challenges for oversight. Yet Kautilya's principles adapt remarkably well: disclosure prevents fraud, guardians must have teeth, and matsya-nyaya threatens any unregulated space. This lesson explores how ancient market oversight wisdom applies to tomorrow's commercial frontiers.

The ₹2,000 Crore That Vanished

A young investor staring at his emptied cryptocurrency wallet

On July 18, 2024, you might have woken up to find your cryptocurrency savings gone. Completely. Irreversibly.

That's what happened to over 400,000 users of WazirX, India's largest cryptocurrency exchange. Hackers breached the platform's multi-signature wallet and drained approximately ₹2,000 crore ($230 million) in various cryptocurrencies.

The response from WazirX? They froze all withdrawals. Users couldn't access their remaining funds. Customer support went silent. For weeks, investors had no idea if they would ever see their money again.

Now imagine this scenario in a regulated market: SEBI would intervene, investor protection mechanisms would activate, and the exchange would face immediate consequences. But cryptocurrency operates in a regulatory gray zone, no clear Panyadhyaksha, no established consumer protections, no graduated enforcement.

Welcome to markets without guardians. Kautilya warned us about this 2,300 years ago.

The Modern Challenge: Markets Beyond Oversight

The WazirX hack isn't an isolated incident, it's a symptom of a deeper problem: entire market ecosystems have emerged faster than regulatory frameworks can adapt.

Cryptocurrency and Web3: Despite handling billions in Indian investor money, crypto exchanges operated without clear regulatory status until recently. The 2024 Digital Assets Bill is still under discussion. Meanwhile, RBI's Digital Rupee (CBDC) launches as a regulated alternative, but adoption remains minimal.

AI-Driven Manipulation: Algorithmic trading now executes millions of transactions per second. In 2023, SEBI detected sophisticated "spoofing" patterns where AI systems placed and canceled orders to manipulate prices, a form of mulya-nyamana violation that Kautilya's manual inspectors could never have caught.

Platform Economies: Quick commerce apps (Zepto, Blinkit, Instamart) engage in aggressive deep discounting funded by investor capital, a modern version of the predatory pricing Kautilya prohibited. When prices rise 50% after competitors are eliminated, who protects the consumer?

Data as Market Power: When a platform knows your purchase patterns, financial constraints, and willingness to pay, it can practice personalized pricing, charging different customers different prices for identical products. This is mulya-sthapana manipulation at algorithmic scale.

The common thread: markets have outrun their guardians.

The Ancient Insight: Principles That Transcend Technology

Revisiting what we've learned in this chapter, certain Kautilyan principles emerge as technology-agnostic:

1. Markets Without Guardians Enable Matsya-Nyaya

The WazirX hack is textbook "law of the fish." In the absence of regulatory protection, sophisticated actors (hackers, in this case) devoured unsophisticated ones (retail investors). The same dynamic plays out in unregulated crypto lending platforms, DeFi protocols, and NFT marketplaces.

Kautilya's insight: the presence or absence of guardianship, not the technology, determines whether markets serve the many or the few.

2. Disclosure Remains the Primary Defense

WazirX's security practices were opaque. Users didn't know how their funds were stored, what insurance existed, or what happened to their data. In a Kautilyan framework, this dosha-gupti (concealment of defects) would itself be a violation, regardless of whether a hack occurred.

SEBI's 2024 F&O restrictions, limiting retail investors' derivatives exposure, explicitly cited information asymmetry. Retail traders, the regulator noted, were being systematically outmaneuvered by institutional algorithms. The solution: disclosure requirements that level the playing field.

3. Penalties Must Exceed Gains

The WazirX hackers, as of late 2025, remain unidentified and unpunished. The platform faces no meaningful regulatory sanction because no regulator has clear jurisdiction. Compare this to Sahara, where Subrata Roy went to jail.

Kautilya's principle is clear: without penalties that exceed gains, fraud becomes economically rational. Crypto's regulatory vacuum creates exactly this incentive structure.

4. Consumer Protection Requires Infrastructure, Not Just Laws

India's Consumer Protection Act, 2019 applies to cryptocurrency transactions in theory. But in practice: Where does a WazirX victim file? Which forum has jurisdiction over cross-border digital assets? How do you enforce a judgment against a hacker in North Korea?

Kautilya built infrastructure, the Panyadhyaksha's office, the complaint mechanisms, the shreni system. Modern digital markets need equivalent infrastructure: regulated exchanges, certified wallets, dispute resolution mechanisms, and industry accountability.

The Bridge: Applying Ancient Wisdom to Digital Frontiers

For Investors: The New Due Diligence

Kautilya empowered consumers through education and verification. In 2026, this means:

Before investing in any digital asset:

The WazirX investors who lost money trusted a brand. Brand presence is not regulatory protection, a lesson Sahara's investors also learned painfully.

For Entrepreneurs: Building Trustworthy Platforms

Kautilya's framework suggests that ethical businesses should welcome regulation because it distinguishes them from fraudsters. Platforms building in the digital asset space can:

The platforms that thrive long-term will be those that treated consumer protection as a feature, not a constraint.

For Policymakers: Principles Over Specifics

Kautilya's regulations succeeded because they focused on outcomes (fair prices, no fraud, consumer protection) rather than specific mechanisms. This approach adapts well to fast-changing technology:

SEBI's F&O restrictions exemplify this approach: rather than banning derivatives, they limited retail exposure to prevent predictable harm.

Addressing Skepticism

"Isn't regulation the enemy of innovation?"

Kautilya's regulated markets were among the most commercially sophisticated of their era. Regulation doesn't prevent innovation, it prevents exploitation. The crypto industry's current reputation crisis (scams, hacks, rug-pulls) actively harms legitimate innovation by destroying trust.

"Ancient principles can't apply to blockchain technology."

The technology is new; the human behavior isn't. Hoarding, manipulation, fraud, and exploitation existed in 300 BCE and exist in 2026. Kautilya's principles address behavior, not mechanism. A rug-pull is a rug-pull whether executed with silk or smart contracts.

"Overregulation will drive crypto offshore."

This is precisely the threat WazirX users face, if the platform were offshore, Indian law would be meaningless. The solution isn't no regulation but effective regulation: clear rules that platforms can comply with, rather than ambiguity that drives responsible actors away while fraudsters remain.

Your Turn: The Regulatory Citizen

A young Indian woman reading regulatory disclosures at her home desk

Market oversight in 2026 requires informed, active citizens, the ultimate samsthaniya.

First, recognize that "unregulated" doesn't mean "safe", it means "unprotected." When someone promises returns without regulatory oversight, they're also promising no recourse when things go wrong.

Second, advocate for sensible regulation. The Digital Assets Bill debate needs informed voices who understand both innovation's potential and exploitation's history.

Third, apply Kautilyan verification to every investment: Who is the guardian? What disclosure exists? What happens if things go wrong? If you can't answer these questions, reconsider.

Kautilya's markets functioned because citizens expected protection and demanded accountability. Twenty-three centuries later, that expectation remains our most powerful tool.

Case studies

The WazirX Hack: When Guardians Were Absent

On July 18, 2024, hackers breached WazirX, India's largest cryptocurrency exchange, and drained approximately ₹2,000 crore ($230 million) from a multi-signature wallet. Over 400,000 users woke up to find their funds inaccessible. WazirX immediately halted all withdrawals, leaving users unable to access even unaffected balances. The company blamed a sophisticated attack; users blamed inadequate security. Neither SEBI nor RBI had clear jurisdiction, cryptocurrency exchanges operated in a regulatory gray zone, registered only for anti-money laundering purposes with FIU-IND but not as regulated financial entities.

The WazirX disaster illustrates multiple Kautilyan failures. First, *matsya-nyaya* in action: sophisticated hackers (big fish) devoured retail investors' savings (small fish) because no guardian intervened. Second, *dosha-gupti* (concealment): WazirX's security practices, wallet architecture, and insurance coverage were opaque to users. Third, *upabhokta-raksha* failure: when things went wrong, users had no complaint mechanism, no regulatory recourse, no investor protection fund. Fourth, the absence of proportionate *danda*: as of late 2025, the hackers remain unidentified and unpunished, the platform faces no meaningful regulatory sanction, and users have recovered only a fraction of their funds.

By December 2025, WazirX had returned approximately 45% of user funds through a debt restructuring process, far less than SEBI-regulated exchanges would have managed. The incident accelerated discussions on the Digital Assets Bill but legislation remains pending. Users filed multiple PILs in various High Courts, but jurisdictional confusion delayed proceedings. Some users joined a Singapore-based restructuring proceeding since WazirX's parent company was Singapore-registered. The chaos demonstrated that without clear regulatory infrastructure, even legitimate legal recourse becomes complicated.

Kautilya's market oversight system worked because it was comprehensive: designated guardians, clear jurisdiction, established procedures, and certain consequences. The WazirX incident shows what happens when any element is missing. The technology was new; the human vulnerability to exploitation was not.

The WazirX hack accelerated India's push toward digital asset regulation, with the proposed framework requiring exchanges to maintain proof-of-reserves and segregated custody. The lesson extends beyond crypto: any financial platform holding customer assets needs the same regulatory oversight that Kautilya prescribed for market superintendents.

The WazirX hack drained approximately Rs 2,000 crore ($230 million) from over 400,000 users. By December 2025, only 45% of funds had been returned through debt restructuring. Neither SEBI nor RBI had clear jurisdiction over cryptocurrency exchanges at the time of the breach.

SEBI's F&O Restrictions: Modern Mulya-Niyamana

In September 2024, SEBI imposed significant restrictions on retail participation in index derivatives (F&O): increased lot sizes, higher margin requirements, and mandatory upfront collection of option premiums. The stated rationale: studies showed that 89% of individual F&O traders lost money, with aggregate losses of ₹51,000 crore in FY22 alone. Retail investors were being systematically outcompeted by institutional algorithms with better data, faster execution, and superior risk management.

SEBI's intervention represents *mulya-niyamana* adapted for information asymmetry rather than price asymmetry. The regulator recognized that retail investors couldn't fairly compete against institutional algorithms, a form of *matsya-nyaya* where the 'big fish' were trading firms with technological advantages, and 'small fish' were retail investors lured by gambling-like excitement. The solution wasn't price controls but access controls: limiting retail exposure to a game they couldn't win. Kautilya's tiered approach, different rules for different goods, finds expression in SEBI's different rules for different investor categories.

Initial data (Q4 2024) suggests retail F&O volumes dropped approximately 30%, while institutional participation remained stable. The restrictions proved controversial: some praised SEBI for investor protection, others criticized it as paternalistic interference in adult choices. The debate echoes ancient tensions between protecting citizens and respecting autonomy. SEBI's position, that protection is warranted when information asymmetry is severe, reflects Kautilyan logic: the state intervenes not because people are incapable but because the market structure enables systematic exploitation.

The F&O restrictions demonstrate that Kautilyan regulation isn't about controlling prices or preventing trade, it's about ensuring fair conditions for trade. When market structure creates systematic losers, intervention corrects the structure rather than prohibiting activity entirely. This nuanced approach distinguishes intelligent regulation from crude prohibition.

SEBI's F&O restrictions sparked global debate about whether regulators should protect retail investors from their own choices. Similar discussions are happening in the EU around payment-for-order-flow and in the US around gamified trading apps. The core question remains Kautilyan: when market structure creates systematic losers, is inaction an option?

SEBI data showed 89% of individual F&O traders lost money, with aggregate retail losses of Rs 51,000 crore in FY22 alone. After restrictions were imposed in September 2024, retail F&O volumes dropped approximately 30% while institutional participation held steady.

More in Market Oversight & Consumer Protection

All lessons in Market Oversight & Consumer Protection · Arthashastra: Economic Principles course