SEBI/HO/MIRSD/MIRSD-PoD/P/CIR/2025/95 June 27, 2025

1 · Guidelines for Research Analysts 1

1 · 1 Qualification and certification requirements

7 · of the RA Regulations specifies the minimum qualification and certification requirements for RAs. It is clarified that the revised qualification requirements shall not be required to existing individual RAs, Principal officer of non-individual RAs or research entity, individuals employed as research analysts and partners of research analyst, if any, engaged in providing research services. However, they shall hold NISM certifications and comply with other conditions specified under Regulation 7(3) of the RA Regulations.

1 · 2 Deposit requirement:

1 · Reference: Circular No. SEBI/HO/MIRSD/ MIRSD-PoD-1/P/CIR/2025/004 dated January 08, 2025

1 · 3 Registration both as Investment Adviser and Research analyst:

1 · 4 Registration as part-time research analyst:

1 · 5 Designation as 'principal officer':

1 · 6 Appointment of an independent professional as Compliance Officer:

1 · 7 Use of Artificial Intelligence ('AI') tools in RA services

1 · 8 Research services provided by research analyst or research entity

1 · 9 Fees chargeable to clients by RAs:

15A · of RA Regulations provide that RA shall be entitled to charge fees for providing research services from client including an accredited investor in the manner as specified by SEBI. Accordingly, -

2 · Reference: Circular No. SEBI/HO/MIRSD/MIRSD-PoD/P/CIR/2025/48 dated April 02, 2025

1 · 10 Client level segregation of research and distribution activities

3 · "Group" and "family of an individual research analyst" shall be as per Regulation 26C (3) (iii) and Regulation 2(1)(fb) respectively of the RA regulations

1 · 11 Guidelines for recommendation of 'model portfolio' by RAs

1 · 12 Disclosure of terms and conditions to the client

5 · Reference: Circular No. SEBI/HO/MIRSD/MIRSD-PoD/P/CIR/2025/20 dated February 17, 2025.

1 · 13 KYC Requirements and maintenance of record

1 · 14 Compliance audit requirements

1 · 15 Requirement of website and the details on the website

2 · Procedural Guidelines for Proxy Advisors 6

2 · 1 Regulation 24(2) read with regulation 23(1) of the Securities and Exchange Board of India (Research Analyst) Regulations, 2014 ('the Regulations') mandates proxy advisors to abide by Code of Conduct specified therein. It is decided that proxy advisors shall also comply with the following procedural guidelines:

6 · Reference: Circular No. SEBI/HO/IMD/DF1/CIR/P/2020/147 dated August 03, 2020

7 · Reference: Circular No. SEBI/HO/IMD/DF1/CIR/P/2020/256 dated December 31, 2020.

2 · 2 The provisions of Clause 2.1(c) and 2.1(e) became applicable with effect from February 01, 2021. 8 All other provisions of clause 2.1 became applicable with effect from January 01, 2021. 9

3 · Framework for administration and supervision of Research Analysts 10 Background

3 · 1. In terms of Regulation 38A of the 'SECC Regulations' 11 notified on April 26, 2024, a recognised Stock Exchange may undertake the activities of administration and supervision over specified intermediaries on such terms and conditions and to such an extent as may be specified. Accordingly, Stock Exchange shall now be recognised as RAASB 12 and IAASB13 under Regulation 14 of the 'RA Regulations' 14 and 'IA Regulations' 15 for administration and supervision of Research Analysts ('RAs') and Investment Advisers ('IAs') respectively. The detailed framework for RAASB and IAASB is specified in Annexure C.

3 · 2. As per clause (xi) of Regulation 6 of RA Regulations and clause (n) of Regulation 6 of IA Regulations, an applicant seeking registration as RA and IA is required to be enlisted with RAASB and IAASB respectively. The provisions governing enlistment including enlistment of existing RAs/IAs and of applicants whose registration applications are under process as on the

8 · Reference: Circular No. SEBI/HO/IMD/DF1/CIR/P/2020/157 dated August 27, 2020 and Circular No. SEBI/HO/IMD/DF1/CIR/P/2020/256 dated December 31, 2020

9 · Reference: Circular No. SEBI/HO/IMD/DF1/CIR/P/2020/157 dated August 27, 2020.

10 · Reference: Circular No. SEBI/HO/MIRSD/MIRSD-SEC-3/P/CIR/2024/34 dated May 2, 2024 11 SECC Regulations- Securities Contracts (Regulation) (Stock Exchanges and Clearing

12 · RAASB- Research Analyst Administration and Supervisory Body

13 · IAASB- Investment Adviser Administration and Supervisory Body

14 · RA Regulations- SEBI (Research Analysts) Regulations, 2014

15 · IA Regulations- SEBI (Investment Advisers) Regulations, 2013

3 · 3. Based on fulfillment of the criteria specified in Annexure C, a stock exchange shall be granted recognition as RAASB and IAASB. To begin with, in order to ensure efficiency in the system and economies of scale, RAASB and IAASB shall be one and the same stock exchange.

3 · 4. The above provisions have become effective on July 25, 2024 (ninetieth day from the date of publication in the Official Gazette of the amendments to RA Regulations made vide the SEBI (Research Analysts) (Amendment) Regulations, 2024 and the amendments to IA Regulations made vide the SEBI (Investment Advisers) (Amendment) Regulations, 2024).

4 · 1. In pursuance of SEBI circular no. SEBI/HO/MIRSD/MIRSD-SEC3/P/CIR/2024/34, dated May 2, 2024, BSE Limited, has been granted recognition under Regulation 14 of the 'RA Regulations' and 'IA Regulations' for administration and supervision of Research Analysts ('RAs') and Investment Advisers ('IAs') respectively as RAASB and IAASB for a period of five years starting from July 25, 2024.

4 · 2. BSE shall formulate bye-laws with respect to its activities as RAASB and IAASB and shall issue circulars, Standard Operating Procedures (SOPs),

16 · Reference: Circular No. SEBI/HO/MIRSD/MIRSD-POD-1/P/CIR/2024/101 dated July 12, 2024

4 · 3. Applicants seeking registration/renewal as RA/IA shall be liable to pay administrative fees, as specified by RAASB/IAASB.

4 · 4. The fees payable to SEBI by RAs/applicants seeking registration as RA have been revised by way of amendment to the RA Regulations, coming into effect from July 25, 2024. Details of the same are available on at https://www.sebi.gov.in/web/?file=https://www.sebi.gov.in/sebi_data/atta chdocs/a pr-2024/1714381081645.pdf#page=1&zoom=page-width,16,842.

4 · 5. The total fees payable by an applicant/RA towards application, registration and renewal to SEBI and administrative fees to RAASB for the respective period shall not exceed the total fees payable prior to abovementioned amendment. The fee structure shall thus be fee neutral to the applicants/RAs.

4 · 6. In respect of grant of registration as RA for applications received before July 25, 2024, the registration fee shall be received by SEBI as per the erstwhile fee structure.

4 · 7. The other terms and conditions as specified in the SEBI circular SEBI/HO/MIRSD/MIRSD-SEC-3/P/CIR/2024/34 dated May 2, 2024 shall continue to apply.

17 · Reference: Circular No. SEBI/HO/CFD/CMD1/CIR/P/2020/119 dated August 04, 2020

5 · 1. Regulation 4(2)(a) of the Securities and Exchange Board of India (Listing Obligations and Disclosure Requirements) Regulations, 2015 ('LODR Regulations') casts certain obligations on listed entities to protect and facilitate the exercise of the rights of shareholders, including:

5 · 2. Proxy advisors, over the past few years, have played a key role in enabling shareholders to effectively participate in corporate governance decisions and thus, furthering the achievement of the above objectives. Proxy advisors provide advice to institutional investors / shareholders of a listed entity, in relation to exercise of their rights in the company including voting recommendation on agenda items. However, due to the inherent nature of the work, it is probable that proxy advisors and listed entities may have different views on any agenda item of the listed entity leading to grievances.

5 · 3. In order to facilitate resolution of such grievances of listed entities against SEBI registered proxy advisors, the listed entities may approach SEBI. SEBI will examine the matter for non-compliance by proxy advisors with the provisions of the Code of Conduct under regulation 24(2) read with regulation 23(1) of the Regulations and the procedural guidelines for proxy advisors as mentioned at clause 2.1.

5 · 4. The provisions under this clause became applicable with effect from January

6 · Redressal of investor grievances through SEBI Complaints Redress system (SCORES) Platform and Online Dispute Resolution (ODR) Platform 19

6 · 1. SEBI has been taking various measures to create awareness among investors about grievance mechanisms available to them through workshops as well as through print and electronic media.

6 · 2. As an additional measure and for information of all investors who deal/ invest/ transact in the market, the research analysts shall prominently display in their offices the following information about the grievance redressal mechanism available to investors.

18 · Reference: Circular No. SEBI/HO/CFD/CMD1/CIR/P/2020/159 dated August 27, 2020.

19 · Reference: Circular No. CIR/MIRSD/3/2014 dated August 28, 2014, SEBI/HO/OIAE/IGRD/P/CIR/2022/0150 dated November 07, 2022, SEBI/HO/OIAE/IGRD/CIR/P/2023/156 dated September 20, 2023 and SEBI/HO/OIAE/OIAE_IAD-3/P/CIR/2023/195 dated July 31, 2023 (updated as on December 28, 2023)

6 · 3. Research analysts are also advised to refer to the following circulars on the redressal of investor grievances through the SEBI Complaints Redressal System (SCORES) platform and Online Dispute Resolution (ODR) Platform.

7 · Investor Charter for Research Analysts 20

7 · 1. Investor charter for Research Analysts is placed at Annexure D. All research analysts are required to bring the investor charter to the notice of their clients.

7 · 2. BSE Limited (presently recognized as RAASB) has been directed to advise Research Analysts to bring the Investor Charter to the notice of their clients (existing as well as new clients) through disclosing the Investor Charter on their respective websites and mobile applications (if any), making them available at prominent places in the office, provide a copy of Investor Charter as a part of client on-boarding process, through e-mails/ letters etc.

20 · Reference: Circular No. SEBI/HO/MIRSD/MIRSD-PoD/P/CIR/2025/81 dated June 02, 2025

7 · 3. Additionally, in order to ensure transparency in the Investor Grievance Redressal Mechanism, all the Research Analysts shall continue to disclose on their respective websites and mobile applications (if any), the data on complaints received against them or against issues dealt by them and redressal thereof, latest by 7th of succeeding month, as per the format enclosed at Annexure E to this circular.

8 · Advisory for Financial Sector Organizations regarding Software as a Service (SaaS) based solutions 21

8 · 1. Ministry of Electronics & Information Technology, Govt. of India ('MEITy'), has informed SEBI that the financial sector institutions are availing or thinking of availing Software as a Service (SaaS) based solution for managing their Governance, Risk & Compliance (GRC) functions so as to improve their cyber Security Posture. As observed by MEITy, though SaaS may provide ease of doing business and quick turnaround, but it may bring significant risk to health of financial sector as many a time risk and compliance data of the institution moves beyond the legal and jurisdictional boundary of India due to nature of shared cloud SaaS, thereby posing risk to the data safety and security.

8 · 2. In this regard, Indian Computer Emergency Response Team (CERT-in) has issued an advisory for Financial Sector organizations. The advisory has been forwarded to SEBI for bringing the same to the notice of financial sector organization. The advisory can be viewed at Annexure F.

8 · 3. It is advised to ensure complete protection and seamless control over the critical systems at your organizations by continuous monitoring through

21 · Reference: Circular No. SEBI/HO/MIRSD2/DOR/CIR/P/2020/221 dated November 03, 2020

8 · 4. The compliance of the advisory shall be reported half yearly by research analysts to SEBI with an undertaking, "Compliance of the SEBI circular for Advisory for Financial Sector Organizations regarding Software as a Service (SaaS) based solutions has been made."

9 · Procedure for seeking prior approval for change in control 22

9 · 1. Regulation 24(3) of the Regulations provide that research analyst or research entity shall obtain prior approval of SEBI in case of change in control.

9 · 2. To streamline the process of providing approval to the proposed change in control of research analyst or research entity (hereinafter referred as intermediary or applicant), it has been decided as under:

22 · Reference: Circular No. SEBI/HO/MIRSD/ MIRSD-PoD-2/P/CIR/2022/163 dated November 28, 2022

9 · 3. To streamline the process of providing approval to the proposed change in control of an intermediary in matters which involve scheme(s) of arrangement which needs sanction of the National Company Law Tribunal (NCLT) in terms of the provisions of the Companies Act, 2013, the following has been decided:

10 · Prior approval for change in control: Transfer of shareholdings among immediate relatives and transmission of shareholdings and their effect on change in control 23

10 · 1. Transfer /transmission of shareholding in case of unlisted body corporate intermediary:

10 · 2. Transfer /transmission of shareholding in case of a proprietary firm type intermediary:

23 · Reference: Circular No. SEBI/HO/MIRSD/ MIRSD-PoD-1/P/CIR/2024/164 dated December 27, 2024

10 · 3. Transfer /transmission of ownership interest in case of partnership firm type intermediary:

10 · 4. Incoming entities/ shareholders becoming part of controlling interest in the intermediary pursuant to transfer of shares from immediate relative / transmission of shares (immediate relative or not), need to satisfy the fit and proper person criteria stipulated in Schedule II of SEBI (Intermediaries) Regulations, 2008.

11 · Advertisement code and usage of brand name/trade name 24

11 · 1. Research Analysts shall ensure compliance with the advertisement code as prescribed below:

24 · Reference: Circular Nos. SEBI/HO/MIRSD/ MIRSD-PoD-2/P/CIR/2023/51 dated April 05, 2023 and SEBI/HO/MIRSD/ MIRSD-PoD-2/P/CIR/2023/52 dated April 06, 2023

11 · 2. In order to ensure the transparency in usage of brand name/trade name/logo, RA shall ensure that:

11 · 3. The aforesaid provisions on advertisement code and usage of brand name/ trade name became applicable with effect from May 01, 2023.

12 · Optional mechanism for fee collection by SEBI registered Investment Advisers (IAs) and Research Analysts (RAs) 25

12 · 1. With growing interest in the securities market, there is a need for a mechanism for an investor to discern whether payment of fees is being made only to a registered IA/RA. In order to create a closed and transparent payment ecosystem, consultations were held with relevant stakeholders on the proposal of a separate centralized mechanism for fee collection by IAs and RAs.

12 · 2. Pursuant to public consultation and various discussions with stakeholders, the "Centralized Fee Collection Mechanism for IA and RA" (CeFCoM) is being operationalized to facilitate collection of fees by registered IAs and RAs from their clients

25 · Reference: Circular No. SEBI/HO/MIRSD/MIRSD-POD-1/P/CIR/2024/120 dated September 13, 2024

12 · 3. Under this mechanism, clients shall pay fees to IAs/RAs, through a designated platform/portal administered by recognized Administration and Supervisory Body (ASB).

12 · 4. The mechanism has been co-created by BSE Limited with the help of various stakeholders. BSE Limited was advised to specify the operational framework for the mechanism on or before September 23, 2024 and make the mechanism operational from October 01, 2024.

12 · 5. Though the mechanism is optional, ASB, in the interest of investors, shall take steps to encourage clients and the registered IAs and RAs to avail the services of this mechanism. Registered IAs and RAs shall encourage their clients to use this mechanism.

13 · Unauthenticated news circulated by SEBI Registered Market Intermediaries through various modes of communication 26

13 · 1. Due to lack of proper internal controls and poor training, employees of intermediaries are sometimes not aware of the damage which can be caused by circulation of unauthenticated news or rumours. It is a well established fact that market rumours can do considerable damage to the normal functioning and behaviour of the market and distort the price discovery mechanisms.

13 · 2. In view of the above facts, SEBI Registered Market Intermediaries are directed that:

26 · Reference: Circular No. CIR/ISD/1/2011 dated March 23, 2011

14 · Guidelines on Outsourcing of Activities by Intermediaries 28

14 · 1. SEBI Regulations for various intermediaries require that they shall render at all times high standards of service and exercise due diligence and ensure proper care in their operations.

14 · 2. It has been observed that often the intermediaries resort to outsourcing with a view to reduce costs, and at times, for strategic reasons.

14 · 3. Outsourcing may be defined as the use of one or more than one third party – either within or outside the group - by a registered intermediary to perform the activities associated with services which the intermediary offers.

14 · 4. Principles for Outsourcing

27 · Circular No. CIR/ISD/2/2011 dated March 24, 2011.

28 · Circular No. CIR/MIRSD/24/2011 dated December 15, 2011.

14 · 5. Activities that shall not be Outsourced:

14 · 6. Other Obligations:

15 · Framework for Regulatory Sandbox 29

15 · 1. The Objective of Regulatory Sandbox is to grant certain facilities and flexibilities to the entities regulated by SEBI so that they can experiment with FinTech solutions in a live environment and on limited set of real users for a limited time frame.

15 · 2. The guidelines pertaining to the functioning of the Regulatory Sandbox are provided vide SEBI Circular No. SEBI/HO/ITD/ITD/CIR/P/2021/575 dated June 14, 2021 and SEBI/HO/MIRSD/MIRSD_IT/P/CIR/2021/0000000658 dated November 16, 2021 which are available at the links below:

29 · Reference: Circular No. SEBI/HO/ITD/ITD/CIR/P/2021/575 dated June 14, 2021 and SEBI/HO/MIRSD/MIRSD_IT/P/CIR/2021/0000000658 dated November 16, 2021

16 · General Guidelines for dealing with Conflicts of Interest of intermediaries and their Associated Persons in Securities Market.30

16 · 1. All intermediaries are presently governed by the provisions for avoidance of conflict of interest as mandated in the regulations read with relevant circulars issued from time to time by SEBI. On the lines of Principle 8 of the International Organisation of Securities Commissions (IOSCO) Objectives and Principles of Securities Regulations, it has been decided to put in place comprehensive guidelines to collectively cover such intermediaries, for elimination of their conflict of interest, as detailed hereunder.

16 · 2. Intermediaries shall adhere to these guidelines for avoiding or dealing with or managing conflict of interest. They shall be responsible for educating their associated persons for compliance of these guidelines.

16 · 3. For the purpose of these guidelines "associated persons" shall have the same meaning as defined in Securities and Exchange Board of India (Certification of Associated Persons in the Securities Markets) Regulations, 2007.

16 · 4. Intermediaries and their associated persons shall,

30 · Reference: Circular CIR/MIRSD/5/2013 dated August 27, 2013.

16 · 5. The Boards of intermediaries shall put in place systems for implementation of the aforementioned guidelines and provide necessary guidance enabling

16 · 6. The said guidelines shall be in addition to the provisions, if any, contained in respective regulations/ circulars issued by the Board from time to time regarding dealing with conflict of interest, in respect of intermediaries.

17 · 1. Research Analysts are advised to make note of the following:

17 · 2. Further, apart from the data made available free of cost, data which is chargeable should be appropriately identified as such in public domain.

31 · Reference: Circular SEBI/HO/DEPA-III/DEPA-III_SSU/P/CIR/2022/25 dated Feb 25,2022

19 · Know Your Client (KYC) Requirements

20 · Association of persons regulated by the Board and their agents with certain persons 32

20 · 1. RAs shall comply with the provisions on association of persons regulated by the Board and their agents with certain persons.

32 · SEBI/HO/MIRSD/ MIRSD-PoD-1/P/CIR/2024/143 dated October 22, 2024 and SEBI/HO/MIRSD/ MIRSDPoD-1/P/CIR/2025/11 dated January 29, 2025

20 · 2. Securities and Exchange Board of India (Intermediaries) (Amendment) Regulations, 2024, Securities Contracts (Regulation) (Stock Exchanges and Clearing Corporations) (Fourth Amendment) Regulations, 2024 and Securities and Exchange Board of India (Depositories and Participants) (Second Amendment) Regulations, 2024 have been notified by SEBI on August 29, 2024.

20 · 3. These regulations inter alia provide that persons regulated by the Board (including recognised stock exchanges, clearing corporations and depositories), and agents of such persons shall not have any direct or indirect association with another person who-

20 · 4. In terms of these regulations, a "specified digital platform" shall mean digital platform as specified by the Board, which has a mechanism in place to take preventive as well as curative action, to the satisfaction of the Board, to ensure that such a platform is not used for indulging in any activity as referred to in clauses (i) or (ii) of paragraph 20.3 above.

20 · 5. It has been clarified that the term "another person" shall not include a person who is engaged in investor education, provided that such a person does not,

20 · 6. While the guidelines on the preventive and curative measures for the digital platforms for their recognition as specified digital platform are being specified separately, the persons regulated by the Board (including recognised stock exchanges, clearing corporations and depositories), and their agents have been advised to terminate their existing contracts, if any, with persons engaged in the activities mentioned in clauses (i) or (ii) of paragraph 20.3 above, by January 21, 2025.

20 · 7. To provide guidance for compliance to persons regulated by the Board, MIIs, and their agents on their association with another person, the details/clarifications on the provisions are provided in the form of frequently asked questions in circular No. SEBI/HO/MIRSD/ MIRSD-PoD1/P/CIR/2025/11 dated January 29, 2025 on 'Details/clarifications on provisions related to association of persons regulated by the Board, MIIs, and their agents with persons engaged in prohibited activities' available at: https://www.sebi.gov.in/legal/circulars/jan-2025/details-clarifications-onprovisions-related-to-association-of-persons-regulated-by-the-board-miisand-their-agents-with-persons-engaged-in-prohibited-activities_91356.html .

21 · Recognition and operationalization of Past Risk and Return Verification Agency (PaRRVA)

16D · and 16E of the 'Securities and Exchange Board of India (Intermediaries) Regulations, 2008' ("Intermediaries Regulations"), provide for verification of risk and return metrics by a Past Risk and Return Verification Agency ("PaRRVA"). In this regard, RAs are advised to refer to Circular no. SEBI/HO/MIRSD/MIRSD-POD/P/CIR/2025/51 dated April 4, 2025 on 'Recognition and operationalization of Past Risk and Return Verification Agency (PaRRVA)' available at: https://www.sebi.gov.in/legal/circulars/apr2025/recognition-and-operationalization-of-past-risk-and-return-verificationagency-parrva-_93321.html

22 · Cybersecurity and Cyber Resilience Framework (CSCRF)

33 · Reference: Circular No. SEBI/HO/MIRSD/MIRSD-PoD1/P/CIR/2024/148 dated October 25, 2024

3 · Annual audit report and adverse findings, if any:

34 · Note: Timeline for submission of periodic report for half-yearly period ending March 31, 2025 has been extended till July 31, 2025

1 · Definitions

2 · Model Portfolio Framework

1 · Criteria for grant of recognition as RAASB and IAASB:

1 · 1. The recognition of a recognised stock exchange as RAASB and IAASB under regulation 14 of RA Regulations and IA Regulations respectively shall be based on the following eligibility criteria:

2 · Setting up of requisite systems by stock exchange recognised as RAASB/ IAASB:

2 · 1. The stock exchange recognised as RAASB/IAASB shall include in its Memorandum of Association, Articles of Association and bye-laws, requisite provisions to fulfil the role and responsibilities specified in para 3 below.

2 · 2. The stock exchange recognised as RAASB/IAASB shall maintain necessary infrastructure like adequate office space, equipment and manpower to effectively discharge the responsibilities of RAASB/ IAASB. Infrastructure may be shared with other group entities where required.

2 · 3. The stock exchange recognised as RAASB/IAASB shall put in place systems/ processes for maintaining database of RAs/IAs, sharing of information with SEBI and discharging the responsibilities of RAASB/ IAASB.

2 · 4. RAASB and IAASB shall constitute an internal committee to oversee the activities of administration and supervision of RAs and IAs. The committee shall periodically review the performance of the stock exchange as RAASB/ IAASB and make recommendations to SEBI. The constitution of the committee shall be as follows:

3 · Responsibilities of SEBI and RAASB/ IAASB:

3 · 1. The core functions relating to registration, enforcement action and disciplinary or penal action shall remain with SEBI and SEBI shall continue to register IAs and RAs as per the mandate given under the Securities and Exchange Board of India Act, 1992. The following functions as specified in the table below shall be performed concurrently by SEBI and RAASB or IAASB, as the case may be.

4 · Enlistment of RAs/IAs with RAASB/IAASB:

4 · 1. Amendments have been made to RA/IA Regulations to provide for 'enlistment' of RAs/IAs with RAASB/IAASB in place of the earlier provision of 'membership' of RAs/IAs with RAASB/IAASB. Under the amended regulations, an applicant seeking registration as RA./IA shall be required to 'enlist' with RAASB/IAASB.

4 · 2. Further, in order to provide ease of doing business and to ensure smooth operationalization of RAASB and IAASB framework and to prevent disruption for existing RAs and IAs registered with SEBI, the following has been provided for:

5 · Measures for promoting efficiency

6 · 1 To begin with, in order to ensure efficiency in the system and economies of scale, RAASB and IAASB shall be one and the same stock exchange.

6 · 2 In cases where a person has registration as both RA as well as IA, in the interest of efficiency, a single window clearance of various approvals shall be adopted. Details in this regard shall be specified by the recognised RAASB and IAASB.

6 · Submission of Periodic Reports

7 · 1 Pursuant to operationalization of RAASB/ IAASB framework, all registered RAs/ IAs shall submit periodic reports to RAASB/ IAASB in the manner specified by SEBI.

8 · 1 SEBI shall monitor RAASB and IAASB through periodical reports and inspection regarding administration and supervision of RAs and IAs.

1 · 1. The policy shall cover activities or the nature of activities that can be outsourced, the authorities who can approve outsourcing of such activities, and the selection of third party to whom it can be outsourced. For example, an activity shall not be outsourced if it would impair the supervisory authority's right to assess, or its ability to supervise the business of the intermediary. The policy shall be based on an evaluation of risk concentrations, limits on the acceptable overall level of outsourced activities, risks arising from outsourcing multiple activities to the same entity, etc.

1 · 2. The Board shall mandate a regular review of outsourcing policy for such activities in the wake of changing business environment. It shall also have overall responsibility for ensuring that all ongoing outsourcing decisions taken by the intermediary and the activities undertaken by the third-party, are in keeping with its outsourcing policy.

2 · 1. An intermediary shall make an assessment of outsourcing risk which depends on several factors, including the scope and materiality of the outsourced activity, etc. The factors that could help in considering materiality in a risk management programme include-

2 · 1.1. The impact of failure of a third party to adequately perform the activity on the financial, reputational and operational performance of the intermediary and on the investors / clients;

2 · 1.2. Ability of the intermediary to cope up with the work, in case of non performance or failure by a third party by having suitable back-up arrangements;

2 · 1.3. Regulatory status of the third party, including its fitness and probity status;

2 · 1.4. Situations involving conflict of interest between the intermediary and the third party and the measures put in place by the intermediary to address such potential conflicts, etc.

2 · 2. While there shall not be any prohibition on a group entity / associate of the intermediary to act as the third party, systems shall be put in place to have an arm's length distance between the intermediary and the third party in terms of infrastructure, manpower, decision-making, record keeping, etc. for avoidance of potential conflict of interests. Necessary disclosures in this regard shall be made as part of the contractual agreement. It shall be kept in mind that the risk management practices expected to be adopted by an intermediary while outsourcing to a related party or an associate would be identical to those followed while outsourcing to an unrelated party.

2 · 3. The records relating to all activities outsourced shall be preserved centrally so that the same is readily accessible for review by the Board of the intermediary and / or its senior management, as and when needed. Such records shall be regularly updated and may also form part of the corporate governance review by the management of the intermediary.

2 · 4. Regular reviews by internal or external auditors of the outsourcing policies, risk management system and requirements of the regulator shall be mandated by the Board wherever felt necessary. The intermediary shall review the financial and operational capabilities of the third party in order to assess its ability to continue to meet its outsourcing obligations.

3 · 1. The intermediary shall be fully liable and accountable for the activities that are being outsourced to the same extent as if the service were provided inhouse.

3 · 2. Outsourcing arrangements shall not affect the rights of an investor or client against the intermediary in any manner. The intermediary shall be liable to the investors for the loss incurred by them due to the failure of the third party and also be responsible for redressal of the grievances received from investors arising out of activities rendered by the third party.

3 · 3. The facilities / premises / data that are involved in carrying out the outsourced activity by the service provider shall be deemed to be those of the registered intermediary. The intermediary itself and Regulator or the persons authorized by it shall have the right to access the same at any point of time.

3 · 4. Outsourcing arrangements shall not impair the ability of SEBI/SRO or auditors to exercise its regulatory responsibilities such as supervision/inspection of the intermediary.

4 · 1. It is important that the intermediary exercises due care, skill, and diligence in the selection of the third party to ensure that the third party has the ability and capacity to undertake the provision of the service effectively.

4 · 2. The due diligence undertaken by an intermediary shall include assessment of:

4 · 2.1. third party's resources and capabilities, including financial soundness, to perform the outsourcing work within the timelines fixed;

4 · 2.2. compatibility of the practices and systems of the third party with the intermediary's requirements and objectives;

4 · 2.3. market feedback of the prospective third party's business reputation and track record of their services rendered in the past;

4 · 2.4. level of concentration of the outsourced arrangements with a single third party; and

4 · 2.5. the environment of the foreign country where the third party is located.

5 · 1. Outsourcing arrangements shall be governed by a clearly defined and legally binding written contract between the intermediary and each of the third parties, the nature and detail of which shall be appropriate to the materiality of the outsourced activity in relation to the ongoing business of the intermediary.

5 · 2. Care shall be taken to ensure that the outsourcing contract:

5 · 2.1. clearly defines what activities are going to be outsourced, including appropriate service and performance levels;

5 · 2.2. provides for mutual rights, obligations and responsibilities of the intermediary and the third party, including indemnity by the parties;

5 · 2.3. provides for the liability of the third party to the intermediary for unsatisfactory performance/other breach of the contract

5 · 2.4. provides for the continuous monitoring and assessment by the intermediary of the third party so that any necessary corrective measures can be taken up immediately, i.e., the contract shall enable the intermediary to retain an appropriate level of control over the outsourcing and the right to intervene with appropriate measures to meet legal and regulatory obligations;

5 · 2.5. includes, where necessary, conditions of sub-contracting by the third-party, i.e. the contract shall enable intermediary to maintain a similar control over the risks when a third party outsources to

5 · 2.6. has unambiguous confidentiality clauses to ensure protection of proprietary and customer data during the tenure of the contract and also after the expiry of the contract;

5 · 2.7. specifies the responsibilities of the third party with respect to the IT security and contingency plans, insurance cover, business continuity and disaster recovery plans, force majeure clause, etc.;

5 · 2.8. provides for preservation of the documents and data by third party;

5 · 2.9. provides for the mechanisms to resolve disputes arising from implementation of the outsourcing contract;

5 · 2.10. provides for termination of the contract, termination rights, transfer of information and exit strategies;

5 · 2.11. addresses additional issues arising from country risks and potential obstacles in exercising oversight and management of the arrangements when intermediary outsources its activities to foreign third party. For example, the contract shall include choiceof-law provisions and agreement covenants and jurisdictional covenants that provide for adjudication of disputes between the parties under the laws of a specific jurisdiction;

5 · 2.12. neither prevents nor impedes the intermediary from meeting its respective regulatory obligations, nor the regulator from exercising its regulatory powers; and

5 · 2.13. provides for the intermediary and /or the regulator or the persons authorized by it to have the ability to inspect, access all books, records and information relevant to the outsourced activity with the third party.

6 · 1. Specific contingency plans shall be separately developed for each outsourcing arrangement, as is done in individual business lines.

6 · 2. An intermediary shall take appropriate steps to assess and address the potential consequence of a business disruption or other problems at the third party level. Notably, it shall consider contingency plans at the third party; co-ordination of contingency plans at both the intermediary and the third party; and contingency plans of the intermediary in the event of nonperformance by the third party.

6 · 3. To ensure business continuity, robust information technology security is a necessity. A breakdown in the IT capacity may impair the ability of the intermediary to fulfill its obligations to other market participants/clients/regulators and could undermine the privacy interests of its customers, harm the intermediary's reputation, and may ultimately impact on its overall operational risk profile. Intermediaries shall, therefore, seek to ensure that third party maintains appropriate IT security and robust disaster recovery capabilities.

6 · 4. Periodic tests of the critical security procedures and systems and review of the backup facilities shall be undertaken by the intermediary to confirm the adequacy of the third party's systems.

7 · 1. An intermediary that engages in outsourcing is expected to take appropriate steps to protect its proprietary and confidential customer information and ensure that it is not misused or misappropriated.

7 · 2. The intermediary shall prevail upon the third party to ensure that the employees of the third party have limited access to the data handled and only on a "need to know" basis and the third party shall have adequate checks and balances to ensure the same.

7 · 3. In cases where the third party is providing similar services to multiple