SEBI/HO/MIRSD/MIRSD -PoD/P/CIR/2025/90
master_circulars · 1992 · State unknown
Parent: THE SECURITIES AND EXCHANGE BOARD OF INDIA ACT, 1992 (7c4c1f5343adab106c3a94cafc08a5ecf5957ae7)
Text
Rule TOC
1 · Registration of Brokers - Verification of antecedents of the applicant 1
1 · 1. In terms of Rule 8(1)(e) of Securities Contracts (Regulation) Rules, 1957, "no person shall be eligible to be elected as a member if he has been convicted of an offence involving fraud or dishonesty".
1 · 2. Stock Exchanges shall verify the antecedents of the applicant before granting admission as a member of Stock Exchange and also submit a declaration at the time of forwarding the applications for registration with SEBI, to the effect that the member has not been convicted of any offence involving fraud or dishonesty.
2 · Conversion of individual membership into corporate membership 2
2 · 1.In case of corporatisation of individual membership, the individual member may trade in his individual name pending registration of the corporate member by SEBI.
2 · 2.In case the corporate member acquires the membership through purchase of membership card of an individual member, the corporate member shall not be entitled to trade because of the provisions of Section 12 of the Securities and Exchange Board of India Act, 1992 (hereinafter referred to as "SEBI Act 1992"), till registration is granted to the corporate member by SEBI.
3 · Additional information to be submitted at the time of registration of Stock Broker with SEBI3
3 · 1.In terms of Regulation 3(2) of the Securities and Exchange Board of India (Stock Brokers) Regulations, 1992 (hereinafter referred to as "Stock Brokers Regulations 1992"), a Stock Broker has to apply in Form A, Schedule I of the aforesaid Regulations, duly recommended by the Stock Exchange of which he is a member, for registration as a Stock Broker by SEBI.
3 · 2.While forwarding the applications in Form A, Stock Exchanges shall ensure that additional information as per the format at Annexure-1 is also submitted along with the application for all the cases sent for registration.
1 · Reference: Circular SMD/POLICY/CIRCULAR/30/97 dated November 25, 1997 .
2 · Reference: Circular SMD/POLICY/CIR-34/97 dated December 11, 1997 .
3 · Reference: Circular SMD/POLICY/CIR-11/98 dated March 16, 1998 .
4 · 1.The applications for grant of registration / requisite approvals are processed by SEBI based on information communicated by the Exchange/ members to SEBI. Such information can undergo a change within a very short period of time. It has been observed that in many cases information/ documents enclosed along with the applications are outdated for SEBI to take any cognizance of the same.
4 · 2.In order to improve the standard of information flow so as to enable SEBI to take an informed decision while processing applications, the following norms may be adhered to:
4 · 2.1. Application for registration of stock brokers:
4 · 2.2. Change of name applications for Brokers
4 · Reference: Circular SMD/DBA-II/CIR-22/2002 dated September 12, 2002
4 · 3.Clarification regarding eligibility for availing fee continuity benefit by corporate entity formed by converting partnership membership card of the Exchange .
4 · 3.1. In order to get benefit of clause I (4) of Schedule III of the Stock Brokers Regulations 1992, all erstwhile partner(s) should be whole-time directors in the corporate entity so formed, and the whole-time director shall individually (in case there is one whole-time director) or jointly (in case there are more than one whole -time directors) have to hold at least 40% of the paid up equity capital of the corporate entity formed for a period of at least three years from the date of such conversion.
4 · 3.2. In case of Exchanges which do not grant membership to the partnership firms, but permit individual members to form partnerships, each of the erstwhile member partner, now whole-time director of the corporate entity, will have to individually or jointly hold at least 40% of the paid-up capital of the corporate entity so formed for a period of at least three years from the date of such conversion.
5 · Merger/ Amalgamation of Trading Members 5
5 · 1.When two or more corporate broking firms merge leading to creation of a new entity, the SEBI registration granted to the extinguishing entity does not automatically devolve upon the emerging entity and the new entity has to fulfil the eligibility criteria and apply afresh for registration and pay the registration fees.
5 · 2.The emerging entity may be allowed to trade on the registration of the extinguishing entity for a period of say 45 days. However, the emerging entity should apply to SEBI at the earliest and give an undertaking to be liable for the act of the extinguishing entity and such applications in any case should be made not later than 30 days of the registration granted by the Registrar of companies to the emerging entity.
5 · Reference: Circular SMD/POLICY(BRK.REG.)/CIR-18/98 dated July 09, 1998 .
6 · Admission of Limited Liability Partnerships as Members of Stock Exchanges 6
6 · 1.Securities Contract (Regulation) Rules, 1957 (hereinafter referred to as "SCRR 1957") do not explicitly mention Limited Liability Partnerships (LLPs) as the Limited Liability Partnership Act, 2008 (hereinafter referred to as "LLP Act 2008") was a subsequent development. As per the LLP Act 2008, LLP is a body corporate. Sub-rule 4A and 5 of Rule 8 of the SCRR 1957 provide that Limited Liability Companies (LLC) and partnership firms are eligible to be admitted as members of Stock Exchanges. In this context it may be stated that LLPs are akin to LLC and partnership firms.
6 · 2.In view of the above and since the Parliament has put in place a legal framework for LLPs, Stock Exchanges may consider granting membership to LLPs subject to LLP complying with the conditions laid down in Rule 8(4A) of the SCRR 1957, as far as it can apply to LLPs.
7 · Single registration for Stock Brokers & Clearing Members 7
7 · 1.As per the amendment to the Stock Brokers Regulations 1992 vide Notification No. LAD -NRO/GN/2014 -15/15/1671 dated October 08, 2014, the requirement of obtaining registration as stock broker/ clearing member for each Stock Exchange/ Clearing Corporation has been done away with and instead a single registration with any Stock Exchange/ Clearing Corporation shall be required. For operating in any other Stock Exchange(s)/ Clearing Corporation (s), approval will be required from the concerned Stock Exchange or Clearing Corporation.
7 · 2.Registration requirements will be as per the following guidelines:
7 · 2.1. If a new entity desires to register as a stock broker or clearing member with any Stock Exchange or Clearing Corporation, as the case may be, then the entity shall apply to SEBI through the respective Stock Exchange or Clearing Corporation in the manner prescribed in the Stock Brokers Regulations 1992. The entity shall be issued one certificate of registration, irrespective of the Stock Exchange(s)/ Clearing Corporation(s) or number of segment(s).
7 · 2.2. If the entity is already registered with SEBI as a stock broker with any Stock Exchange, then for operating on any other Stock Exchange(s) or any Clearing Corporation, the entity can directly apply for approval to the
6 · Reference: Circular CIR/MIRSD/12/2011 dated July 11, 2011
7 · Reference: Circular CIR/MIRSD/4/2014 dated October 13, 2014
7 · 2.3. Similarly, if any entity is already registered with SEBI as a clearing member in any Clearing Corporation, then for operating in any other Clearing Corporation(s) or any Stock Exchange, the entity shall follow the procedure as prescribed in para 7.2.2 above.
7 · 2.4. Fees shall be applicable for all the stock brokers, self-clearing members and clearing members as per Schedule V of the Stock Brokers Regulations 1992. As per current requirement, the entity shall continue to be liable to pay fees for each segment approved by the Stock Exchange or Clearing Corporation, as per the Schedule to the Stock Brokers Regulations 1992.
7 · 3.The Stock Exchange or Clearing Corporation shall grant approval for operating in any segment(s) or additional segment(s) to the SEBI registered stock broker, self -clearing member or clearing member, as the case may be, after exercising due diligence and on being satisfied about the compliance of all relevant eligibility requirements, and shall also, inter-alia ensure:
7 · 3.1. The applicant, its directors, proprietor, partners and associates satisfy the Fit and Proper Criteria as defined in the Securities and Exchange Board of India (Intermediaries) Regulations, 2008 (hereinafter referred to as "Intermediaries Regulations 2008");
7 · 3.2. The applicant has taken satisfactory corrective steps to rectify the deficiencies or irregularities observed in the past in actions initiated/ taken by SEBI/ Stock Exchanges(s) or other regulators. The Stock Exchange or Clearing Corporation may also seek details whether the Board of the applicant is satisfied about the steps taken. They may also carry out inspection, wherever considered appropriate; and
7 · 3.3. Recovery of all pending fees/ dues payable to SEBI, Stock Exchange and Clearing Corporation.
8 · Registration of Members of Commodity Derivatives Exchanges 8
8 · 1.Any person desirous of becoming a member of any commodity derivatives exchange(s), shall have to meet the eligibility criteria to become a member of
8 · Reference: Circular CIR/MIRSD/4/2015 dated September 29, 2015
8 · 2.The application for registration shall be made in the manner prescribed in the Stock Brokers Regulations 1992, through the commodity derivatives exchange, of which it holds membership, in the prescribed form, along with the applicable fees. The application shall be accompanied by additional information as prescribed in Annexure-1 to this circular regarding additional information to be submitted at the time of registration of stock broker with SEBI.
8 · 3.The minimum net worth specified for members of commodity derivatives exchanges, shall have to be computed as prescribed in the Stock Brokers Regulations 1992.
8 · 4."Business in goods related to the underlying" and/ or "business in connection with or incidental to or consequential to trades in commodity derivatives", by a member of a Stock Exchange, would not be disqualified under Rule 8(1)(f) and Rule 8(3)(f) of the SCRR 1957.
9 · Integration of broking activities in Equity Markets and Commodity Derivatives Markets under single entity 9
9 · 1.A stock broker can deal in commodity derivatives and other securities under a single entity, thereby facilitating ease of doing business.
9 · 2.As per the existing procedure under single registration mechanism, a one-time certificate of registration as stock broker / clearing member shall be granted by SEBI and subsequent permissions to act as a stock broker / clearing member of other Stock Exchanges / Clearing Corporation, shall be granted by the respective Stock Exchange / Clearing Corporation after proper due diligence.
9 · 3.Prior approval from SEBI will be required to be obtained by the stock broker only in cases where integration leads to change in control of the stock broker/clearing member.
9 · 4.Further, to facilitate integration between stock brokers, it is clarified that client account may be transferred from one stock broker to the other stock broker, by taking the express consent of the client through a verifiable mode of communication and thereby continuing with the existing set of documentation in respect of broker client relationship.
9 · Reference: Circular SEBI/HO/MIRSD/MIRSD1/CIR/P/2017/104 dated September 21, 2017 .
10 · Uniform Membership structure across segments 10
10 · 1. SEBI has implemented the mechanism of single registration, whereby a registered TM /CM can operate in any segment of the recognized Stock Exchange / Clearing Corporation under the single registration number granted by SEBI.
10 · 2. In order to implement uniform membership structure across equity cash and derivatives segments, following course of action is provided:
10 · 2.1. The membership structure as TM, Self-clearing Member (SCM), CM and Professional Clearing Member (PCM) as prevalent in equity derivatives segment has been implemented in cash segment with effect from April 01, 2019 .
10 · 2.2. The existing Stock Brokers in cash segment of a Stock Exchange who are already registered as SCM / CM in derivatives segment have automatically become SCM / CM, as the case may be, in cash segment with effect from April 01, 2019.
10 · 2.3. The existing Stock Brokers in cash segment of a Stock Exchange who are not registered as SCM / CM in derivatives segment shall continue as SCM in cash segment with effect from April 01, 2019. However, -
10 · 2.3.1. Existing Stock Brokers in cash segment shall meet with the net -worth requirement as per formula prescribed by Dr. L.C. Gupta Committee as applicable to SCM / CM in equity derivatives segment on or before September 30, 2019.
10 · 2.3.2. Existing Stock Brokers in cash segment who fail to meet the net -worth requirement for SCM / CM on or before September 30, 2019 shall continue to trade as Trading Member in cash segment provided that they shall tie up with a CM / PCM for clearing and settlement of their trades on or before September 30, 2019.
11 · Online Registration Mechanism for Securities Market Intermediaries 11
11 · 1. SEBI Intermediary Portal (https://siportal.sebi.gov.in) has been operationalized for the intermediaries to submit all the registration applications online. The SEBI Intermediary Portal includes online application for
10 · Reference: Circular SEBI/HO/MIRSD/DOP/CIR/P/2019/14 dated January 11, 2019
11 · Reference: Circular SEBI/HO/MIRSD/MIRSD1/CIR/P/2017/38 dated May 02, 2017
11 · 2. All applications for registration / surrender / other requests shall be made through SEBI Intermediary Portal only. The application in respect of stock brokers and depository participants shall continue to be made through the Stock Exchanges and Depositories respectively.
11 · 3. The applicants will be separately required to submit relevant documents viz. declarations / undertakings, in physical form, only for records without impacting the online processing of applications for registration.
11 · 4. Where applications are made through the Stock Exchanges / Depositories, the hard copy of the applications made by their members shall be preserved by them and shall be made available to SEBI, as and when called for.
12 · Transfer of business by SEBI registered intermediaries to other legal entity 12
12 · 1 The transferee shall obtain fresh registration from SEBI in the same capacity before the transfer of business if it is not registered with SEBI in the same capacity. SEBI shall issue new registration number to transferee different from transferor's registration number in the following scenario:
12 · 2 In case of change in control pursuant to both regulatory process and nonregulatory process, prior approval and fresh registration shall be obtained. While granting fresh registration to same legal entity pursuant to change in control, same registration number shall be retained.
12 · 3 If the transferor ceases to exist, its certificate of registration shall be surrendered.
12 · 4 In case of complete transfer of business by transferor, it shall surrender its certificate of registration.
12 · Reference: Circular SEBI/HO/MIRSD/DOR/CIR/P/2021/46 dated March 26, 2021
12 · 5 In case of partial transfer of business by transferor, it can continue to hold certificate of registration.
13 · Oversight of Members (Stock Brokers/Trading Members/Clearing Members of any Segment of Stock Exchanges and Clearing Corporations) 13
13 · 1. Inspection of Members by Stock Exchanges / Clearing Corporations
13 · 1.1. The Stock Exchange or the Clearing Corporation, as the case may be, shall, in consultation with SEBI, formulate a policy for annual inspection of their members in various segments and follow up action thereon. The policy shall also cover various kinds of risks posed to the investors and market at large on account of the activities/business conduct of their members.
13 · 1.2. The Stock Exchange or the Clearing Corporation, as the case may be, shall conduct inspection of their members in various segments in terms of the above policy and in case of members who hold multiple memberships of the exchanges, the Stock Exchanges shall establish an information sharing mechanism with one another on the important outcome of inspection in order to improve the effectiveness of supervision.
13 · 1.3. The inspection shall cover:
13 · 1.4. An illustrative list of common violations/deficiencies observed by SEBI in its inspections of members is enclosed as Annexure-2. The Stock Exchanges and Clearing Corporations are advised to bring this list to the
13 · Reference: Circular SEBI/MIRSD/MASTER CIR-04/2010 dated March 17, 2010 and Circular CIR/MIRSD/13/2012 dated December 07, 2012.
13 · 1.5. The Stock Exchange or the Clearing Corporation, as the case may be, shall initiate all the follow up action – remedial, penal and disciplinary required on inspection findings, within six months from the conclusion of the inspection.
13 · 2. Internal Audit
13 · 2.1. The member shall carry out complete internal audit on a half yearly basis by an independent qualified Chartered Accountant, Company Secretary or Cost and Management Accountant who is in practice and does not have any conflict of interest.
13 · 2.2. The audit shall cover, inter alia,
13 · 2.3. The internal auditor shall submit the audit report to the member, who shall place it before its Board of Directors/Proprietor/Partners and shall forward the same along with para-wise comments to the respective Stock Exchange/ Clearing Corporation within two months from the end of the half year period.
13 · 2.4. The Stock Exchange/Clearing Corporation shall analyze the audit reports so received and take appropriate follow up action.
13 · 2.5. The Stock Exchange/Clearing Corporation shall initiate appropriate actions – remedial, penal or disciplinary - against the members where deficiencies are noticed in audit reports or where audit report has not been received, and inform the details of action taken to SEBI, within six months from the
13 · 3. Default in case of Multiple Membership
13 · 3.1. Whenever a member of any segment is declared defaulter, the concerned Stock Exchange/Clearing Corporation shall immediately declare it a defaulter in all its segments. It shall also immediately inform all other Stock Exchanges/Clearing Corporations the details of the defaulter member such as name of the member, the names of the proprietors/partners/promoters/dominant shareholders, as applicable .
13 · 3.2. Immediately on receipt of the information about default of a member, the Stock Exchange / Clearing Corporation shall declare the said member defaulter on all its segments.
13 · 3.3. The Stock Exchanges / Clearing Corporations shall take appropriate action against the associates of defaulter member. For this purpose, the term 'associate' shall include a person:
14 · Policy of Annual Inspection of Members by Stock Exchanges/Clearing Corporations 14
14 · 1. Policy for annual inspection of members, as decided in consultations with the Stock Exchanges/Clearing Corporations is specified below.
14 · 2. The criteria for selection of members for annual inspection are as follows:
14 · Reference: Circular CIR/HO/MIRSD/MIRSD2/CIR/P/2017/73 dated June 30, 2017
14 · 2.1. Stock Brokers servicing investors, getting disabled on account of funds shortages on more than three times in a month shall be inspected irrespective of the fact of when they were last inspected.
14 · 2.2. Stock Brokers servicing investors, having overnight disablement on account of margin shortage for more than two days shall be inspected irrespective of the fact of when they were last inspected.
14 · 2.3. Top twenty-five stock brokers paying high and recurring penalties for non-reporting or short reporting of margin/Client Code modification/CTCL mismatch fines or any other similar high risk compliance issue shall be inspected irrespective of when they were last inspected.
14 · 2.4. Top twenty-five stock brokers in terms of investor complaints and arbitration cases filed by investors shall be inspected irrespective of the fact of when they were last inspected.
14 · 2.5. Stock Brokers having adverse observations in the internal audit report on high risk issues like wrong reporting of margins, transfer of trades, pledging of client securities, dealing with unregistered intermediaries etc., shall be inspected irrespective of the fact of when they were last inspected.
14 · 2.6. Subsidiaries of Regional Stock Exchanges shall be inspected every year.
14 · 2.7. Stock Exchange shall frame internal policy for selection of stock brokers for inspection based on inputs/alerts from Risk Based Supervision.
14 · 2.8. Besides the above, the special purpose/limited inspections shall be carried out based on any triggers like patterns found during investor complaint resolution/Arbitration, complaints on specific malpractices of a broker or references from various authorities. The inspection shall be irrespective of the fact of when the last inspection was carried out.
14 · 2.9. Apart from the above few stock brokers shall be selected by the Stock Exchanges on a random basis for inspection.
14 · 2.10. Stock Brokers who do not fall under any of the above category shall be inspected by the Stock Exchanges at least once in three years.
14 · 2.11. Stock Brokers selected on the above category shall be inspected for all segments and also for clearing activity if the stock broker is undertaking clearing for other stock brokers.
14 · 2.12. Inspections of Professional Clearing Members shall be conducted by Clearing Corporations once in two years.
14 · 3. Clearing activity undertaken by stock brokers for other stock brokers shall be inspected by Clearing Corporations. Other activities of stock brokers shall be inspected by Stock Exchanges. If Stock Exchanges and Clearing Corporations so desire, they can conduct joint inspections of stock brokers. Where Clearing Corporation has not been set up, Stock Exchange shall inspect all activities of stock brokers including activity of clearing for other stock brokers.
14 · 4. The Stock Exchanges/Clearing Corporations are advised to continuously assess the risks posed by their members and review/revise the policy of annual inspection, as and when required, in consultation with SEBI.
14 · 5. The Stock Exchanges shall establish an information sharing mechanism with one another on the important outcome of inspection of members who hold multiple memberships of the exchanges in order to improve the effectiveness of supervision and shall also bring cases of repetitive and / or serious violations to the notice of SEBI.
15 · Enhanced Supervision of Stock Brokers / Depository Participants 15
15 · 1. SEBI constituted a committee on "Enhanced Supervision of Stock Brokers", which included representatives from Stock Exchanges, Depositories and Brokers. With a view to implement the recommendations, the guidelines in para 15.3 to 15.11 below have been issued. These guidelines cover the following broad areas:
15 · 1.1 Uniform nomenclature to be followed by stock brokers for Naming/Tagging of Bank and Demat Accounts and the reporting of such accounts to the Stock Exchanges/Depositories.
15 · 1.2 Monitoring of Clients' Funds lying with the stock broker by the Stock Exchanges, through a sophisticated alerting and reconciliation
15 · Reference: Circular SEBI/HO/MIRSD/MIRSD2/CIR/P/2016/95 dated September 26, 2016, Circular CIR/HO/MIRSD/MIRSD2/CIR/P/2017/64 dated June 22, 2017,
15 · 1.3 Changes in the existing system of internal audit for stock brokers/depository participants viz. appointment, rotation of Internal Auditors, formulation of objective sample criteria, monitoring of quality of Internal Audit Reports, timeline for submissions of Internal Audit Reports, etc.
15 · 1.4 Monitoring of Financial Strength of Stock Brokers by Stock Exchanges so as to detect any signs of deteriorating financial health of stock brokers and serve as an early warning system to take preemptive and remedial measures.
15 · 1.5 Imposition of uniform penal action on stock brokers/depository participants by the Stock Exchanges/Depositories in the event of noncompliance with specified requirements.
15 · 1.6 Other Requirements:
15 · 2. The provisions of enhanced supervision circular is not applicable to Regional Commodity Exchanges till further notice.
15 · 3. Naming/Tagging of Bank and Demat Accounts by Stock Broker 16
15 · 3.1. Bank accounts and Demat accounts maintained by all stock brokers shall have appropriate nomenclature to reflect the purpose for which those bank/demat accounts are being maintained.
15 · 3.2. The nomenclature for bank accounts and demat accounts to be followed is given as under:
16 · Reference: Circular SEBI/HO/ MIRSD/ MIRSD_DPIEA/P/CIR/2022/83 dated June 20, 2022 , Circular SEBI/HO/MIRSD/MIRSD-PoD-1/P/CIR/2022/153 dated November 11, 2022 and Circular SEBI/HO/MIRSD/MIRSD-PoD-1/P/CIR/2023/187 dated December 12, 2023
15 · 3.2.1. Up Streaming Client Nodal Bank Account (USCNBA): SB/CM shall receive clients' funds in USCNBA. The nomenclature for such accounts shall be "Name of the SB/CM – USCNB account".
15 · 3.2.2. Down Streaming Client Nodal Bank Account (DSCNBA): Payment to clients shall be done only from DSCNBA account. The nomenclature for such accounts shall be "Name of the SB/CM – DSCNB account".
15 · 3.2.3. Bank account(s) held for the purpose of settlement would be named as "Name of Stock Broker -Settlement Account".
15 · 3.2.4. Stock brokers are required to maintain demat accounts only under the following 6 categories:
15 · 3.3. Naming proprietary bank accounts of the stock broker as 'Stock BrokerProprietary Account' is voluntary. It is however clarified that bank account which do not fall under the above para of 15.3.2.1 and 15.3.2.2 would be deemed to be proprietary.
15 · 3.4. All demat accounts maintained by stock brokers should be appropriately tagged. Further, it is prescribed that:
15 · 3.4.1. Credit of securities shall not be allowed in any demat account left untagged from July 01, 2022 onwards. Credits on account of corporate actions shall be permitted.
15 · 3.4.2. Debit of securities shall also not be allowed in any demat
15 · 3.4.3. Stock Broker shall obtain permission from Stock Exchanges to allow tagging of such demat accounts from August 01, 2022 onwards. Stock Exchange shall grant such approval within two working days after imposing penalty as per their internal policy.
15 · 3.4.4. The provision at 15.3.4 shall not be applicable for the demat accounts which are used exclusively for banking activities by stock brokers which are also banks.
15 · 4. Reporting of Bank and Demat accounts maintained by Stock Broker:
15 · 4.1. The stock brokers shall inform the Stock Exchanges of existing and new bank account(s) in the following format:
15 · 4.1.1. Stock Broker which is also Bank, may be required to report to the Stock Exchanges only those bank accounts that are used for their stock broking activities.
15 · 4.2. The stock brokers shall inform the Stock Exchanges of existing and new demat account(s) in the following format:
15 · 4.3. Stock Exchanges and/or Depositories, as the case may be, shall ensure the following:
15 · 4.3.1. All new bank and demat accounts opened by the stock brokers shall be named as per the above given nomenclature and the details shall be communicated to the Stock
15 · 4.3.2. In case of closure of any of the reported bank and demat accounts, the same shall be communicated to the Stock Exchanges within one week of its closure.
15 · 4.3.3. Depositories shall ensure that once the nomenclature for a particular demat account has been assigned by the stock broker, then the same shall not be modified.
15 · 4.3.4. Any non-compliance/non-reporting in this regard by the stock broker shall attract penal action as per the provisions of Stock Exchanges.
15 · 4.3.5. Based on the list of stock brokers (including PANs) provided by the respective Stock Exchanges, Depositories shall also provide stock broker-wise details of all the demat accounts opened by a stock broker to the concerned Stock Exchanges to facilitate reconciliation with the data submitted by the stock broker.
15 · 4.4. In line with the prevalent regulatory requirement, it is reiterated that;
15 · 4.4.1. Stock Broker shall not use client funds and securities for proprietary purposes including settlement of proprietary obligations.
15 · 4.4.2. Transfer of funds between "Name of Stock Broker -Client Account" and "Name of Stock Broker -Settlement Account" and client's own bank accounts is permitted. Transfer of funds from "Name of Stock Broker -Client Account" to "Name of Stock Broker -Proprietary Account" is permitted only for legitimate purposes, such as, recovery of brokerage, statutory dues, funds shortfall of debit balance clients which has been met by the stock broker, etc. For such transfer of funds, stock broker shall maintain daily reconciliation statement clearly indicating the amount of funds transferred.
15 · 4.4.3. The Stock Exchanges shall monitor compliance with the above requirements, during inspections and the same shall be reviewed by the internal auditor of the broker during the half yearly internal audits.
15 · 4.4.4. Stock Brokers shall not grant further exposure to the clients
15 · 5. Monitoring of Clients' Funds lying with the Stock Broker by the Stock Exchanges 18
15 · 5.1. Stock Exchanges shall put in place a mechanism for monitoring clients' funds lying with the stock broker to generate alerts on any misuse of clients' funds by stock brokers, as per the guidelines stipulated in para 15.5.2 below.
15 · 5.2. Stock exchanges shall put in place a mechanism for monitoring of clients' funds ('G' principle) lying with the stock brokers on the principle enumerated below:
15 · 5.3. Based on the alerts generated, Stock Exchange shall, inter-alia, seek clarifications, carry out inspections and initiate appropriate actions to protect the clients' funds from being misused. Stock Exchanges shall also maintain records of such clarifications sought and details of such inspections.
15 · 5.4. Stock Exchanges shall carry out the monitoring of clients' funds for all stock brokers, except for those who are carrying out only proprietary trading and/or only trading for institutional clients.
15 · 5.5. Stock Brokers shall ensure due compliance in submitting the information to the Exchanges within the stipulated time.
15 · 6. Internal Audit of Stock Broker
15 · 6.1. SEBI has mandated half yearly internal audit for stock brokers/clearing
18 · Reference: SEBI Circular SEBI/HO/MIRSD/MIRSD-PoD-1/P/CIR/2024/03 dated January 12, 2024
15 · 6.2. Appointment and Rotation of Internal auditors
15 · 6.2.1.Stock Exchanges shall ensure that;
15 · 6.3. Formulation of objective sample criteria for Internal Audit
15 · 6.3.1. The Stock Exchanges shall, in consultation with each other, develop for each theme/area of the internal audit, pre-defined objective sample criteria, which shall mention not only the sample size but also the method used for arriving at the sample size. For example, with respect to verification of compliance with KYC norms, instead of the current practice of selecting a minimum number of KYCs, the sample selected may be a certain percentage of the top clients in each client category (Corporate, Partnership, Individual, Trust, Others) based on total turnover on the Stock Exchange and whose account has been opened during the audit period. For each theme/area of audit, internal audit report shall clearly specify the sample size verified, number of instances where adverse observations have been made as also the details of the adverse observations.
15 · 6.4. Monitoring of quality of Internal Audit Reports
15 · 6.4.1. The Stock Exchange shall every year identify a certain number of internal auditors based on criteria, such as, number and size of stock brokers audited, discrepancy in findings of auditor visà -vis Stock Exchange inspection, regulatory actions taken against the auditor/partners/directors, etc. A certain number of stock brokers who have been audited by these identified internal auditors shall be selected for inspection by the Stock Exchanges. The selection of these stock brokers shall be on the basis of the Supervisory Risk Rating Score derived from the Risk Based Supervisory System. Further, the sample and period of inspection shall be the same as that used for internal audit.
15 · 6.4.2. In cases where material deviations are observed between the findings of the internal audit report and the Stock Exchange inspection report, the Stock Exchanges shall caution the stock broker to reconsider the appointment of that particular internal auditor. The same shall also be brought to notice of all the stock brokers who are audited by that particular internal auditor. The Stock Exchange shall also bring the deviations to the notice of
15 · 6.5. Submissions of Internal Audit Report
15 · 6.5.1. Stock Brokers shall ensure that the internal audit reports are submitted to the Exchanges within two months of the end of respective half years for which the audit is being conducted. The due date for submissions shall be as under:
15 · 6.6. Other requirements
15 · 6.6.1. The Stock Exchanges shall provide a mechanism to enable the internal auditor to report directly to the Stock Exchanges in the event of non -cooperation by the stock broker.
15 · 6.6.2. Stock Exchanges shall ensure that, the Internal Auditors also monitor the corrective steps taken by the stock brokers to rectify the deficiencies observed in the inspection carried out by SEBI/Stock Exchanges and the compliance thereof. The compliance status shall be made as part of the internal audit report.
15 · 7. Monitoring of Financial Strength of Stock Brokers
15 · 7.1. The Stock Exchanges shall monitor the following financial indicators and ratios of stock brokers.
15 · 7.1.1. Financial Indicators:
15 · 7.1.2. Financial Ratios:
15 · 7.2. Stock Brokers shall submit financial statements to Stock Exchanges in the same format as prescribed under the Companies Act, 2013 irrespective of whether they fall under the purview of the Companies Act, 2013 or not. The due date for submission of the aforesaid financial statements to Stock Exchanges shall be the same as prescribed under the Companies Act, 2013 for submission to Registrar of Companies.
15 · 7.3. No stock broker shall appoint or re-appoint—
15 · 7.3.1. an individual as statutory auditor for more than one term of five consecutive years;
15 · 7.3.2. an audit firm as statutory auditor for more than two terms of five consecutive years:
15 · 7.4. An individual statutory auditor who has completed his term under para 15.7.3.1 above shall not be eligible for re-appointment as statutory auditor in the same stock broker for five years from the completion of his term.
15 · 7.5. A statutory audit firm which has completed its term under para 15.7.3.2 above, shall not be eligible for re-appointment as statutory auditor in the same stock broker for five years from the completion of such term.
15 · 8. Standard Operating Procedures for Stock Brokers/Depository Participants -Actions to be contemplated by Stock Exchanges/Depositories for any event based discrepancies
15 · 8.1. As per existing norms, Stock Exchanges /Depositories are required to monitor their members/depository participants. It has been decided that the Stock Exchanges and Depositories shall frame various event based monitoring criteria based on market dynamics and market intelligence. An illustrative list of such monitoring criterias are given below:
15 · 8.1.1. Monitoring criteria for Stock Brokers
15 · 8.1.2. Monitoring criteria for Depository Participants
15 · 8.1.3. The Stock Exchanges and Depositories shall jointly frame uniform penal action on stock brokers and depository participants respectively, in the event of noncompliance with the illustrative criteria listed above. Provided further that Stock Exchanges and Depositories may also frame more stringent criteria than as mentioned above.
15 · 9. Uploading clients' fund balance and securities balance by the Stock Brokers on Stock Exchange system
15 · 9.1. The Stock Exchanges shall put in place a mechanism and ensure that stock brokers upload the following data on a monthly basis for every client onto each Stock Exchange system where the broker is a member:
15 · 9.1.1. Exchange-wise end of day fund balance as per the client ledger, consolidated across all segments and also net funds payable or receivable by the broker to/from the client across all Exchanges.
15 · 9.1.2. End of day securities balances ISIN wise (as on last trading day of the month) and End of day securities balances (as on last trading day of the month) consolidated ISIN wise (i.e., total number of ISINs and total number of securities across all ISINs).
15 · 9.1.3. ISIN wise number of securities pledged, if any, and the funds raised from the pledging of such securities and consolidated number of securities pledged (i.e., total number of ISINs and total number of securities across all ISINs), if any and the funds raised from the pledging of such securities.
15 · 9.1.4. The data at Para 15.9.1.1 , 15.9.1.2 and 15.9.1.3 pertains to the last trading day of the month. The stock broker shall submit the aforesaid data within seven calendar days of the last trading day of the month.
15 · 9.1.5. Stock Broker shall not be required to upload the data for the following clients onto the Stock Exchange system:
15 · 9.2. Each Stock Exchange shall in turn forward –
15 · 9.2.1. Information at Para 15.9.1.1 , 15.9.1.2 and 15.9.1.3 to clients via Email on the email IDs uploaded by the stock broker to the exchange for their clients.
15 · 9.2.2. Information at Para 15.9.1.1 , 15.9.1.2 (only consolidated data) and 15.9.1.3 (only consolidated data) to clients via SMS on mobile numbers uploaded by the stock broker to the Exchange for their clients.
15 · 10. Running Account Settlement 19
15 · 10.1.The stock broker shall ensure that;
15 · 10.1.1.The TM, after considering the End of the Day (EOD) obligation of funds across all the Exchanges, shall settle the running accounts at the choice of the clients on quarterly and monthly basis, on the dates stipulated by the Stock Exchanges.
19 · Reference: Circular MIRSD/ SE /Cir-19/2009 dated December 03, 2009,
15 · 10.1.2.Stock exchanges shall, jointly, issue the annual calendar for the settlement of running account (quarterly and monthly) at the beginning of the financial year.
15 · 10.1.3.TM shall ensure that funds, if any, received from clients, whose running account has been settled, remain in the "Up Streaming Client Nodal Bank Account" and no such funds shall be used for settlement of running account of other clients. Stock Exchanges shall evolve a monitoring mechanism for this purpose.
15 · 10.1.4.For the purpose of settlement of funds, the mode of transfer of funds shall be by way of electronic funds transfer viz., through National Electronic Funds Transfer (NEFT), Real Time Gross Settlement (RTGS), etc.
15 · 10.1.5.The required bank details for initiating electronic fund transfers shall be obtained from new clients and shall be updated for existing clients. Only in cases where electronic payment instructions have failed or have been rejected by the bank, then the stock broker may issue a physical payment instrument.
15 · 10.1.6.In cases where physical payment instrument (cheque or demand draft) is issued by the TM towards the settlement of running account due to failure of electronic payment instructions, the date of realization of physical instrument into client's bank account shall be considered as settlement date and not the date of issue of physical instrument.
15 · 10.1.7.Once the TM settles the running account of funds of a client, an intimation shall be sent to the client by SMS on mobile number and also by email. The intimation should also include details about the transfer of funds (in case of electronic transfer – transaction number and date; in case of physical payment instruments – – instrument number and date). TM shall send the retention statement along with the statement of running accounts to the clients as per the existing provisions within five working days.
15 · 11. Providing PAN Number
15 · 11.1. The stock brokers shall provide Permanent Account Numbers of all their Directors, Key Management Personnel and dealers to the Stock
16 · Annual System Audit of Stock Brokers / Trading Members 20
16 · 1. System audit guidelines for Stock Brokers / Trading members prescribed below includes System Audit Process, Auditor Selection Norms and Terms of Reference (TOR).
16 · 2. The Stock Exchanges should ensure that system audit of stock brokers / trading members is conducted in accordance with the prescribed guidelines.
16 · 3. Exchanges are advised to keep track of findings of system audits of all brokers on quarterly basis and ensure that all major audit findings, specifically in critical areas, are rectified / complied in a time bound manner failing which follow up inspection of such brokers may be taken up for necessary corrective steps / actions thereafter, if any.
16 · 4. Stock Exchange should report all major non-compliances / observations of system auditors, broker wise, on a quarterly basis to SEBI.
1 · Audit Process
1 · 1. System Audit of stock brokers should be conducted with the following periodicity:
1 · 1.1. Annual system audit is prescribed for stock brokers who satisfy any of the following criteria:
1 · 1.2. Half yearly system audit has been prescribed for stock brokers who
20 · Reference: Circular CIR/MRD/DMS/34/2013 dated November 06, 2013.
1 · 1.3. For all other stock brokers, system audit shall be conducted once in two years.
1 · 2. Such audit shall be conducted in accordance with the Norms, Terms of Reference (ToR) and Guidelines issued by SEBI and / or by Stock Exchanges. Separate ToRs are specified for the following categories of brokers:
1 · 2.1. Type I Broker: Brokers who trade through exchange provided terminals such as NSE's NEAT, BSE's BOLT, MCX-SX's TWS, etc. (ToR attached as Annexure-3 below); 21
1 · 2.2. Type II Broker: Brokers who trade through API based trading terminals like [CTCL or IML] or IBT/DMA/STWT or SOR facility and who may also be TYPE I Brokers. (ToR attached as Annexure-4 below)
1 · 2.3. Type III Broker: Brokers who use Algorithmic Trading facility to trade and who may also be TYPE II Brokers. (ToR attached as Annexure-5 below)
1 · 3. Stock brokers shall select auditors as per the selection norms provided in the guidelines and directions issued by Stock Exchanges and SEBI from time to time. The Auditor may perform a maximum of three successive audits of the stock broker.
1 · 4. The Stock Exchanges shall periodically review ToR of such system audit and, if required, shall suitably revise the ToR after taking into consideration developments that have taken place in the securities market since the last review of ToR, observations reported in the audit reports of the stock brokers and directions issued by SEBI from time to time in this regard.
1 · 5. The auditor in its report shall specify compliance / non-compliance status with regard to areas mentioned in ToR. Observations on minor / major deviations as well as qualitative comments for scope for improvement shall also be specified in the report. The auditor shall also take into consideration the observations / issues mentioned in the previous audit reports and cover open items in the report. The audit report submitted by the auditor should be
21 · Vide Letter MRD/DMS/OW/9500/2015 dated March 31, 2015, SEBI informed Stock Exchanges that System Audit requirement for Type I brokers may be kept on hold till further communication from SEBI
1 · 6. Stock Exchange shall ensure that the management of the stock broker provides their comment about the non-compliance / non-conformities (NCs) and observations mentioned in the report. For each NC, specific time-bound (within 3 months of submission of report by the exchange) corrective action must be taken and reported to the Stock Exchange. The auditor should indicate if a follow -on audit is required to review the status of NCs.
1 · 7. In order to ensure that the corrective actions are taken by the stock broker, follow -on audit, if any, shall be scheduled by the stock broker within 6 months of submission of the audit report by the system auditor.
1 · 8. The system auditors should follow the reporting standard as specified in Annexure -6 of this Framework for the executive summary of the System Audit report to highlight the major findings of the System Audit.
2 · Auditor Selection Norms
2 · 1. The Auditor shall have minimum three years of experience in IT audit of securities market participants e.g. Stock Exchanges, Clearing Corporation, Depositories, stock brokers, depository participants etc. The audit experience should cover all the major areas mentioned under Terms of Reference (ToR) of the system audit specified by SEBI / Stock Exchange.
2 · 2. It is recommended that resources employed shall have relevant industry recognized certifications e.g. D.I.S.A. (ICAI) Qualification, CISA (Certified Information System Auditor) from ISACA, CISM (Certified Information Securities Manager) from ISACA, CISSP (Certified Information Systems Security Professional) from International Information Systems Security Certification Consortium, commonly known as (ISC).
2 · 3. The Auditor should have experience of IT audit/governance frameworks and processes conforming to industry leading practices like CobiT.
2 · 4. The Auditor shall not have any conflict of interest in conducting fair, objective and independent audit of the stock broker. Further, the directors / partners of Auditor firm shall not be related to any stock broker including its directors or promoters either directly or indirectly.
2 · 5. The Auditor shall not have any cases pending against its previous audited companies/firms, which fall under SEBI's jurisdiction, which point to its incompetence and/or unsuitability to perform the audit task.
17 · Framework for Monitoring and Supervision of System Audit of Stock Brokers (SBs) through Technology based Measures 22
17 · 1. Monitoring and Supervision of System Audit process through online mechanism:
17 · 2. Standardization System Audit Process and Audit Report:
22 · SEBI/HO/MIRSD/TPD/CIR/2025/10 dated January 31, 2025
17 · 3. Framework for Empanelment of System Auditors
17 · 4. Enhanced obligation on the system auditor:
17 · 5. Other due diligence by stock exchanges:
18 · Early Warning Mechanism to prevent diversion of client securities 23
18 · 1. It has been decided to put in place an Early Warning Mechanism and sharing of information between Stock Exchanges, Depositories and Clearing Corporations to detect the diversion of client's securities by the stock broker at an early stage so as to take appropriate preventive measures. The threshold for such early warning signals shall be decided by the Stock Exchanges, Depositories and Clearing Corporations with mutual consultation.
23 · Reference: Circular SEBI/HO/MIRSD/DOP/CIR/P/2018/153 dated December 17,2018
18 · 2. Early warning signals, for prevention of diversion of clients' securities, may include the following:
18 · 2.1. Deterioration in financial health of the stock broker/ depository participant based on any of the following parameters:
18 · 2.2. Early warning signals in relation to securities pledge transactions by the stock broker to be identified by the Depositories and shall be shared with Stock Exchanges which may include:
18 · 2.3. Increase in number of investor complaints against the stock broker/depository participant alleging un-authorized trading / unauthorized delivery instructions being processed and non-receipt of funds and securities and non -resolution of the same.
18 · 2.4. Alerts generated from the monthly / weekly submissions made by stock broker under Risk Based Supervision (RBS) or Enhanced Supervision to the Stock Exchanges.
18 · 2.5. Stock broker's terminal disabled for certain number of days in any segment / Stock Exchange in previous quarter.
18 · 2.6. Stock Exchanges and Depositories shall frame an internal policy /guidelines regarding non-cooperation by stock brokers and depository participants during inspections which shall lay down the time period, the type of documents critical for closing the inspections, which if not submitted, can be treated as non-cooperation.
18 · 3. Stock Exchanges/ Clearing Corporations/ Depositories, shall devise a mechanism to detect diversion of clients' securities and to share information among themselves in respect of:
18 · 3.1. Diversion of pay-out of securities to non-client accounts
18 · 3.2. Mis -matches between gross (client-wise) securities pay-in and payout files of a stock brokers generated by the Clearing Corporation which shall be compared with actual transfer of securities to/from the client's depository accounts by the Depository. The cases of any mismatch found out by the Depository shall be informed to the concerned Stock Exchange / Clearing Corporation.
18 · 3.3. Stock Exchange shall seek clarification from the concerned stock broker on the mismatches reported by Depository and identify transfer to a non -client/third party, without any trade obligation.
18 · 3.4. Such information on wrong / fraudulent / unauthorized transfer shall be shared by the Stock Exchange with other Stock Exchanges.
18 · 4. Any other alerts as the Stock Exchanges / Clearing Corporations and Depositories may deem fit.
18 · 5. Alerts triggered at one Stock Exchange / Clearing Corporation/ Depository through early warning mechanism shall be immediately shared with other Stock Exchanges / Depositories with respect to the stock broker / depository participant.
18 · 6. Based on the analysis of the early warning data, if it is established that the stock broker's financial health has deteriorated and/ or he has made unauthorized transfer of funds / securities of the client, in such cases Stock Exchanges / Depositories shall jointly take preventive actions on the stock broker which may include one or more of, but not limited, to the following:
18 · 6.1. Actions to be initiated by the Stock Exchanges like:
18 · 6.1.1. Blocking of certain percentage of available collaterals towards margin.
18 · 6.1.2. Check securities register in respect of securities received and transferred against pay-in /pay-out against settlement
18 · 6.1.3. Check details of funds and securities available with the clearing member, Clearing Corporation and the Depository of that stock broker.
18 · 6.1.4. Impose limits on proprietary trading by the stock broker.
18 · 6.1.5. Prescribe and monitor shorter time duration for settlement of Running Account of clients.
18 · 6.1.6. Conduct meeting with the designated directors of the stock broker to seek appropriate explanation.
18 · 6.1.7. Uniform action of deactivation of trading terminals by all Stock Exchanges based on the communication received from other Stock Exchange.
18 · 6.1.8. Initiate inspection of the stock broker / depository participant.
18 · 6.1.9. Cross check information submitted by stock broker with other independent sources like collateral details with the Clearing Corporation, transactions in Bank and Depositories, with statement collected directly etc.
18 · 6.1.10.Where client money and securities diversion is suspected, appointed forensic auditor to trace trails of entire funds and securities of clients.
18 · 6.2. Actions to be taken by the Depositories:
18 · 6.2.1. Imposition of 100% concurrent audit on the depository participant.
18 · 6.2.2. Cessation/ restriction on uses of Power of Attorney (POA) given to stock broker by clients mapped to such brokers only to meet settlement obligation of that client. Clients to issue instructions electronically or through Delivery Instruction Slip (DIS) for delivery of shares for off market transfers.
18 · 6.3. Any other measures that Stock Exchanges/ Clearing Corporations/ Depositories may deem fit.
19 · Enhanced obligations and responsibilities on Qualified Stock Brokers (QSBs) 24
19 · 1. In order to further strengthen the compliance and monitoring requirements relating to stock brokers and to ensure efficient functioning of securities market, SEBI, vide Gazette Notification dated January 17, 2023, amended the SEBI (Stock Broker) Regulations, 1992 for designating certain stock brokers, having regard to their size and scale of operations, likely impact on investors and securities market, as well as governance and service standards, as Qualified Stock Brokers (QSBs), on the basis of certain parameters and appropriate weightages thereon.
19 · 2. The stock broker designated as a QSB shall be required to meet enhanced obligations and discharge responsibilities to ensure appropriate governance structure, appropriate risk management policy and processes, scalable infrastructure and appropriate technical capacity, framework for orderly
24 · Reference: Circular SEBI/HO/MIRSD/MIRSD-PoD-1/P/CIR/2023/24 dated February 06, 2023 and Circular SEBI/HO/MIRSD/MIRSD-PoD-1/P/CIR/2024/14 dated March 11, 2024
19 · 3. This circular details the parameters which shall be considered for designating a stock broker as QSB, enhanced obligations and responsibilities which shall be cast on such QSBs and guidelines on enhanced monitoring of QSBs which shall be carried out by Market Infrastructure Institutions (MIIs).
19 · 4. Parameters for designating a stock broker as QSB:
19 · 4.1. The following parameters shall be considered for designating a stock broker as QSB:
19 · 4.1.1. the total number of active clients of the stock broker;
19 · 4.1.2. the available total assets of clients with the stock broker;
19 · 4.1.3. the trading volumes of the stock broker (excluding the proprietary trading volume of the stock broker);
19 · 4.1.4. the end of day margin obligations of all clients of a stock broker (excluding the proprietary margin obligation of the stock broker in all segments)
19 · 4.1.5. the proprietary trading volumes of the stock broker;
19 · 4.1.6. compliance score of the stock broker; and
19 · 4.1.7. grievance redressal score of the stock broker.
19 · 4.2. The following procedure shall be followed for identifying a stock broker as QSB:
19 · 4.2.1. For each stock broker, the percentage (%) of a particular parameter compared to aggregate of the respective parameter summed across all stock brokers shall be calculated, viz. % of count of active clients for a particular broker shall be calculated by dividing the individual count of active clients for a particular broker by total number of active clients of all the stock brokers and the value is multiplied by 100. Similarly, individual % shall be calculated for all the parameters mentioned at para 18.4.1.1 to 18.4.1.7 above.
19 · 4.2.2. Based on the % of various parameters calculated above, the following stock brokers shall be identified as QSBs:
19 · 4.2.2.1. Stock brokers with a total sum of individual % of the parameters mentioned at para 18.4.1.1 to 18.4.1.5, greater than or equal to six point two five (6.25) shall be identified as QSBs.
19 · 4.2.2.2. In case of the parameter mentioned at para 18.4.1.6, i.e., compliance score of the stock
19 · 4.2.2.3. In case of the parameter mentioned at para 18.4.1.7, i.e., grievance redressal score of the stock broker, all stockbrokers (subject to maximum of 5) shall be considered as QSBs, if their individual grievance redressal score is equal to or more than 5%.
19 · 4.3. The values shall be calculated on an annual basis and the revised list of QSBs shall be released jointly by stock exchanges, in consultation with SEBI. For calculating the values for a particular year, parameters as on December 31st of such year shall be considered.
19 · 4.4. Once the revised list of QSBs is released, those QSBs which no longer belong to the list, shall continue to comply with the enhanced obligations and responsibilities, for an additional period of 3 financial years or such time, as may be specified by Market Infrastructure Institutions (MIIs), in consultation with SEBI.
19 · 4.5. In order to strengthen the compliance culture among stock brokers and thereby, encourage stock brokers to follow the enhanced obligations and responsibilities, it has been decided to facilitate stockbrokers to voluntarily get designated as QSBs, who otherwise would not have qualified to become QSBs by virtue of the parameters enumerated at para 19.4.1.
19 · 4.6. Such voluntarily designated QSBs shall have to abide by all the enhanced obligations and responsibilities for QSBs stated at paras 18.5 and 18.6 of this circular including such other provisions as may be prescribed by SEBI/stock exchanges from time to time. The detailed operational modalities in this regard shall be issued by stock exchanges, in consultation with SEBI.
19 · 5. Enhanced obligations and responsibilities for QSBs:
19 · 5.1. Governance structure and processes:
19 · 5.1.1. The Board of Directors (BoD) or analogous body of QSBs shall exercise oversight over incidents/vulnerabilities having an impact on functioning of the QSB in the securities market and investor protection including data security breaches that can affect investor data.
19 · 5.1.2. Further, QSBs shall have committees of the Board of Directors (BoD) or analogous body such as Audit Committee (for listed QSBs), Nomination and Remuneration Committee, Risk Management Committee, Information Technology (IT) Committee, Cybersecurity Committee and any other committee as mandated by SEBI from time to time.
19 · 5.1.3. QSBs shall submit an annual report to the stock exchanges regarding the observations of the committees of BOD or analogous body, corrective action taken by the QSB and measures taken to prevent recurrence of such incidents.
19 · 5.2. Risk Management Policy and Processes:
19 · 5.2.1. QSBs shall devise a clear and a well -documented risk management policy which encompasses the following:
19 · 5.2.2. Such risk management policy shall:
19 · 5.2.3. The risk management framework shall have measures for carrying out surveillance of client behaviour through analyzing the pattern of trading done by clients, detection of any unusual activity being done by such clients, reporting the same to stock exchanges and taking necessary measures to prevent any kind of fraudulent activity in the market in
19 · 5.2.4. QSBs shall maintain adequate human resources, systems, processes and procedures for seamless running of operations and protection of investor data.
19 · 5.2.5. The staff of the QSBs shall be given the necessary resources and support to carry out their duties effectively and efficiently. The QSBs shall train their employees at regular intervals in matters relating to the activities being handled by them.
19 · 5.2.6. A CXO level officer shall be designated as responsible for managing key risks, i.e., Chief Compliance Officer (responsible for all regulatory compliance related activities), Chief Information Security Officer (responsible for all cyber security related activities), Chief Risk Officer (responsible for overall risk management associated with functioning of the QSB).
19 · 5.2.7. QSBs shall employ adequate tools to automate process of risk management, reporting and compliance.
19 · 5.2.8. The risk management policy shall be reviewed on half yearly basis by the QSB and a report in this regard shall be submitted by the risk management committee of the QSB to the stock exchange.
19 · 5.2.9. The BoD/senior management shall view any recurrence of a particular incident seriously and take prompt and appropriate action including fixation of accountability.
19 · 5.3. Scalable infrastructure and appropriate technical capacity:
19 · 5.3.1. The QSBs shall put in place a policy framework, approved by its IT committee, for upgradation of infrastructure and technology from time to time to ensure smooth functioning and scalability for delivering services to investors at all times. Such framework should be reviewed on half -yearly basis.
19 · 5.3.2. QSBs shall, at all times, maintain adequate technical capacity to process 2 times the peak transaction load encountered during the preceding half year and shall also
19 · 5.4. Framework for orderly winding down:
19 · 5.4.1. QSB shall put in place, a framework for orderly wind down of its business to ensure continuity of services to its clients in case of closure of business by the QSB due to its inability to provide services to its clients or meet the prescribed regulatory requirements or any other reason. Such winddown framework shall encompass the following:
19 · 5.4.2. In case of wind down which may happen due to regulatory action, erosion of networth of the QSB etc., such wind down of operations of the QSB will be implemented under the supervision of the stock exchange.
19 · 5.5. Robust cyber security framework and processes:
19 · 5.5.1. Digitalization and online platforms have given rise to need for effective mitigation of information and cyber risks. SEBI, has specified the framework on cybersecurity and cyber resilience to be followed by all stock brokers.
19 · 5.5.2. However, QSBs handle sensitive data of a large number of the investors in the securities market and any cyber-attack on the systems of a QSB can compromise the confidentiality and integrity of such data.
19 · 5.5.3. Hence, QSBs shall have additional features in their cyber security framework which would be commensurate with the amount of data handled by them. The cyber security committee of the QSB shall review the framework on half -
19 · 5.5.4. The QSBs shall have a dedicated team of security analysts, which may include domain experts in the field of cyber security and resilience, network security and data security which shall carry out the following activities:
19 · 5.5.5. Such dedicated team shall submit a quarterly report to the BoD of QSB, on above mentioned activities carried out by them along with details of cybersecurity incidents which occurred and details of incidents which were prevented from occurring.
19 · 5.5.6. The dedicated team of security analysts shall report to Chief Information Security Officer (CISO) of the QSB and such CISO shall be designated as a Key Managerial Personnel (KMP) and shall directly report to the MD &CEO of the QSB.
19 · 5.5.7. The QSB should have well -defined and documented processes for monitoring of its systems and networks, analysis of cyber security threats and potential intrusions / security incidents, usage of appropriate technology tools, classification of threats and attacks, escalation hierarchy of incidents, response to threats and breaches, and reporting of the incidents.
19 · 5.5.8. QSBs shall carry out continuous assessment of the threat landscape faced by them and on half yearly basis, conduct vulnerability assessment to detect security vulnerabilities in their IT environments exposed to internet.
19 · 5.5.9. QSB shall also carry out penetration tests on half-yearly basis, in order to conduct an in-depth evaluation of the security posture of the system through simulations of actual attacks on its systems and networks that are exposed to the internet.
19 · 5.5.10.QSB shall put in place a comprehensive Business Continuity Plan (BCP) and such policy shall be reviewed on half -yearly basis to minimize the incidents affecting the business continuity.
19 · 5.5.11.QSB shall develop and document mechanisms and standard operating procedures to recover from the cyberattacks within the stipulated Recovery Time Objective (RTO) of the QSB, various scenarios and standard operating procedures for resuming operations from Disaster Recovery (DR) site of QSB.
19 · 5.5.12.The CISO of the QSB shall review the implementation of the BCP and SOP on DR on monthly basis and submit a report to the board of QSBs.
19 · 5.5.13.All the provisions applicable to specified stock brokers (as stated in SEBI circular SEBI/HO/MIRSD/TPD -1/P/CIR/2022/160 dated November 25, 2022 regarding Framework to address the 'technical glitches' in Stock Brokers' Electronic Trading Systems) shall also be applicable to the QSBs.
19 · 5.5.14.QSBs shall arrange to have their systems audited on halfyearly basis by a CERT-IN empanelled auditor to check
19 · 5.6. Investor Services including online complaint redressal mechanism:
19 · 5.6.1. QSBs must have investor service centers in all cities where they have branches.
19 · 5.6.2. QSBs shall have online capabilities for engaging with clients, responding to investor queries and seamless facility for filing complaints by investors and clearly defined escalation procedures.
19 · 5.6.3. The complaints redressal mechanism should be investor friendly and convenient. The same should have capabilities of being retrieved easily by the complainant online through complaint reference number, e-mail id, mobile no. etc.
19 · 6. Enhanced Monitoring of QSBs:
19 · 6.1. QSBs shall be subjected to enhanced monitoring and surveillance including additional submissions to be made to MIIs/SEBI, as and when sought.
19 · 6.2. Stock Exchanges, in consultation with SEBI, shall carry out annual inspection of QSBs and communicate the findings of such inspection along with action taken report to SEBI.
19 · 6.3. Stock Exchanges shall devise a comprehensive framework to carry out enhanced monitoring of such QSBs. An illustrative list of areas is as follows:
19 · 6.4. In case of any deviation/violation observed, Stock Exchanges shall take necessary steps to ensure that the same is corrected by QSBs including initiating disciplinary action, wherever found necessary, in accordance with the relevant regulatory provisions/bye-laws.
19 · 7. The effective date of implementation for different QSBs based on the parameter by which they are designated as QSBs has been prescribed in the table below:
19 · 8. Trading supported by Blocked Amount in Secondary Market 25
19 · 8.1. In addition to the current mode of trading, the Qualified Stock Brokers (QSBs) shall provide either the facility of trading supported by blocked amount in the secondary market (cash segment) using UPI block mechanism or the 3 -in -1 Trading Account facility, to their clients.
19 · 8.2. The 3 -in -1 trading account facility offered/ to be offered by the TMs shall, at least have the following features:
25 · SEBI/HO/MRD -PoD2/CIR/P/2024/153 dated November 11, 2024
19 · 8.3. Clients of the QSBs will have the option, to either continue with the existing facility of trading by transferring funds to TMs or opt for either of the facilities stated at Para 19.8.1 above, as provided by the QSBs .
20 · Unique Client Code 26
20 · 1. It shall be mandatory for the broker to use unique client code for all clients. For this purpose, the broker shall collect and maintain in their back office the Permanent Account Number (PAN) allotted by the Income Tax Department for all their clients.
20 · 2. In case of other entities –
20 · 2.1. Brokers shall verify the documents with respect to the unique code and retain a copy of the document.
20 · 2.2. The brokers shall also be required to furnish the above particulars of their clients to the Stock Exchanges/Clearing Corporations and the same would be updated on a monthly basis. Such information for a specific month should reach the exchange within seven working days of the following month.
20 · 2.3. The Stock Exchanges shall be required to maintain a database of client details submitted by brokers. Historical records of all quarterly submissions shall be maintained for a period of seven years by the exchanges.
20 · 3. Mapping of Unique Client Code(UCC) with demat account of clients: 27
20 · 3.1. UCC allotted by the trading member (TM) to the client shall be mapped with the demat account of the client.
20 · 3.2. A client may trade through multiple TMs in which case each such UCC shall be mapped with one or more demat account(s).
20 · 3.3. Stock Exchanges shall share the UCC data with the Depositories which shall include the PAN, segment, TM/CM code and UCC
26 · Reference: Circular SMDRP/POLICY/CIR-39/2001 dated July 18, 2001 and Circular SEBI/MRD/SE/CIR-34/2003/29/09 dated September 29, 2003.
27 · Reference: Circular SEBI/HO/MIRSD/DOP/CIR/P/2019/136 dated November 15, 2019
20 · 3.4. Depositories shall map the UCC data in the demat account based on the PAN provided in the UCC database.
20 · 3.5. Clients may make a request to their depository participants to delink or add UCC details which shall be processed by the Depository through depository participants. Before any addition of UCC in the demat account, the Depositories shall validate the same with the Stock Exchanges / client.
20 · 3.6. Stock Exchanges and Depositories shall have a mechanism in place to address clients' complaints with regard to UCC mapping with their demat accounts.
20 · 3.7. Stock Exchanges and Depositories shall have a mechanism in place to ensure that inactive, non-operational UCCs are not misused and also a mechanism to ensure that inactive, non-operational UCCs are weeded out in the process of mapping clients' UCC with their demat account.
21 · Simplification and Rationalization of Trading Account Opening Process 28
21 · 1. SEBI has devised the uniform documentation to be followed by all the stock brokers / trading members; a copy thereof to be provided by them to the clients. The details of such documents are listed below:
21 · 1.1. Index of documents giving details of various documents for client account opening process: Annexure-7
21 · 1.2. Client Account Opening Form in two parts:
21 · 1.2.1. Know Your Client (KYC) form capturing the basic information about the client and instruction/check list to fill up the form:
28 · Reference: Circular CIR/MIRSD/16/2011 dated August 22, 2011
21 · 1.2.2. Document capturing additional information about the client related to trading account: Annexure-8
21 · 1.3. Document stating the Rights & Obligations of stock broker, and client for trading on exchanges (including additional rights & obligations in case of internet / wireless technology based trading): Annexure-9
21 · 1.4. Uniform Risk Disclosure Documents (for all segments / exchanges): Annexure -10
21 · 1.5. Guidance Note detailing Do's and Don'ts for trading on exchanges: Annexure -11
21 · 1.6. Most Important Terms and Conditions
21 · 2. In the account opening process, the stock brokers / trading members would also give the following useful information to the clients:
21 · 2.1. A tariff sheet specifying various charges, including brokerage, payable by the client to avoid any disputes at a later date.
21 · 2.2. Information on contact details of senior officials within the stock broking firm and investor grievance cell in the Stock Exchange, so that the client can approach them in case of any grievance.
21 · 3. It may be noted that any voluntary clause / document added by the stock brokers shall form part of the non-mandatory documents. The stock broker shall ensure that any voluntary clause/document shall neither dilute the responsibility of the stock broker nor it shall be in conflict with any of the clauses in the mandatory documents, Rules, Bye-laws, Regulations, Notices, Guidelines and Circulars issued by SEBI and the Stock Exchanges from time to time. Any such clause introduced in the existing as well as new documents shall stand null and void.
21 · 4. The client will now be required to sign only on one document i.e. Account Opening Form. Further, in the same form, the client shall continue to put his signatures instead of saying 'yes' or 'tick mark' while indicating preferences for trading in different exchanges / segments, in accordance with existing requirements. However, in case the investor wants to avail Running Account facility, execute Power of Attorney, Demat Debit and Pledge Instruction 29 etc., he would have to give specific authorization to the stock broker in order to avoid any dispute in the future. The client would also be required to give acknowledgement of Most Important Terms and Conditions (MITC).
29 · Reference: Circular SEBI/HO/MIRSD/DoP/P/CIR/2022/44 dated April 04, 2022
21 · 5. In order to ensure that clients are permitted to access all the stock exchanges in which the stock brokers are registered for the same segment, the format of "Trading Preferences" has been standardized as specified at Para C of Annexure -8 .
21 · 6. All stock brokers are mandated to register their new clients on all the active stock exchanges after obtaining the trading preferences as per the aforementioned format. For existing clients, the stock brokers are mandated to offer them access on all the active stock exchanges for the segments already opted by them, as a default mode, within three months from the effective date of the circular and inform their respective clients through email / SMS. Clients shall be given a choice to opt out of such access by providing negative consent in this regard. Further, the stock brokers shall activate / deactivate the segments based on the preference of the clients.
21 · 7. The aforementioned format of "Trading Preferences" shall not be made applicable to members registered exclusively with commodity derivatives exchanges. Such members shall use the format as prescribed by the erstwhile Forward Markets Commission (FMC) vide its circular no. FMC/COMPL/IV/KRA -05/11/14 dated February 26, 2015.
21 · 8. The opting out facility should be provided to new as well as existing clients, and negative consent should be obtained separately from clients in writing. Stock brokers shall be mandated to maintain records of such written negative consent provided by the clients for at least five years.
21 · 9. The aforementioned provisions at para 20.5 and 20.6 shall also be applicable to the clients registered in accordance with SEBI Circular No. SEBI/HO/MIRSD/DOP/CIR/P/2020/73 dated April 24, 2020.
21 · 10. With regards to compliances related to MITC, as stated in para 21.1.6 and para 21.4 above, the date of implementation shall be as follows:
21 · 10.1. For onboarding of new clients, the date of the implementation and compliance by the market participants shall be April 01, 2024.
21 · 10.2. For existing clients, the MITC shall be informed to clients via email or any other suitable mode of communication (which can be preserved) by June 01, 2024.
21 · 11. In case the stock broker is also a depository participant, he can use the same KYC form (as specified at para 21.1.2.1 above) for basic details and take additional information pertaining to demat account.
21 · 12. Stock Broker shall make available these standard documents to the clients, either in electronic or physical form, depending upon the preference of the
21 · 13. Stock Exchanges / stock brokers shall continue to make the documents mentioned in para 21.1.3 to 21.1.5 above, available on their website and keep the clients informed about the same.
21 · 14. Further, with a view to bring about uniformity in securities markets, the KYC form at para 21.1.2.1 above and supporting documents shall also be used by Depository Participants, Mutual Funds, Portfolio Managers, Collective Investment Schemes and Venture Capital Funds. The KYC form shall be filled by an investor at the account opening stage while dealing with any of the above intermediaries. Additional details specific to the area of activity of the intermediary being obtained now but not covered in the KYC form shall also be obtained from the investors in Part II of the account opening form.
22 · Nomination for Eligible Trading Accounts 30
22 · 1. Submission of 'choice of nomination' for trading accounts has been made voluntary as a step towards ease of doing business.
22 · 2. In line with Section 72 of Companies Act, 2013 on nomination by a holder of securities, investors opening new trading account(s) may have the choice of providing nomination or opting out nomination, as follows;
22 · 3. The nomination and Declaration form shall be signed under wet signature of the account holder(s) and witness shall not be required. However, if the account holder(s) affixes thumb impression (instead of wet signature), then witness signature shall be required in the forms.
22 · 4. The on -line nomination and Declaration form may also be signed using eSign facility and in that case witness will not be required.
22 · 5. Trading Members shall ensure that adequate systems are in place including for providing for e-Sign facility and also take all necessary steps to maintain confidentiality and safety of client records.
30 · Reference: Circular SEBI/HO/MIRSD/RTAMB/CIR/P/2021/601 dated July 23, 2021 , Circular SEBI/HO/MIRSD/MIRSD_RTAMB/P/CIR/2022/23 dated February 24, 2022, Circular SEBI/HO/MIRSD/MIRSD-PoD-1/P/CIR/2023/42 dated March 27, 2023 and SEBI/HO/MIRSD/POD-1/P/CIR/2023/158 dated September 26, 2023 .
22 · 6. Existing investors who have not submitted nomination details till date and intend to submit their nomination or opt out of nomination (not to nominate any one) may also be allowed to do so by way of two factor authentication (2FA) login on the internet trading platform for Stock Brokers providing such services.
22 · 7. Stock Brokers shall encourage their clients to update 'choice of nomination' by sending a communication on fortnightly basis by way of emails and SMS to all such UCCs wherein the 'choice of nomination' is not captured. The communication shall provide guidance through which the client can provide his/her 'choice of nomination'.
22 · 8. Re -submission of nomination details shall be optional for the existing investors who have already provided the nomination details prior to July 23, 2021.
22 · 9. The details required in the form at Annexure-12 of the circular viz. mobile number, e-mail ID and identification details of the nominee(s)/ guardian(s) of the minor nominee(s) are optional.
23 · Requirements relating to dealings between a Client and a Stock Broker (Trading Members included) 31
23 · 1.Running Account Authorization 32
23 · 1.1. Unless otherwise specifically agreed to by a Client, the settlement of funds shall be done within twenty-four hours of the payout. However, a client may specifically authorize the stock broker to maintain a running account subject to the following conditions:
31 · Reference: Circular MIRSD/SE/CIR-19/2009 dated December 03, 2009,
33 · Refer "Eligibility of bank instruments as collateral" as specified at para 92 of this circular.
23 · 2.Authorization for Electronic Contract Notes
23 · 2.1. The stock broker may issue electronic contract notes (ECN) if specifically authorized by the client subject to the following conditions:
23 · 3.The stock broker shall have documentary evidence of financial details provided by the clients who opt to deal in the derivative segment. In respect of other clients, the stock broker shall obtain the documents in accordance with its risk management system.
23 · 4.There shall be a mandatory document dealing with policies and procedures for each of the following under appropriate headings:
23 · 4.1. refusal of orders for penny stocks
23 · 4.2. setting up client’s exposure limits
23 · 4.3. applicable brokerage rate
23 · 4.4. imposition of penalty/delayed payment charges by either party, specifying the rate and the period (This must not result in funding by the broker in contravention of the applicable laws)
23 · 4.5. the right to sell clients' securities or close clients' positions, without giving notice to the client, on account of non-payment of client's dues (This shall be limited to the extent of settlement/margin obligation)
23 · 4.6. shortages in obligations arising out of internal netting of trades
23 · 4.7. conditions under which a client may not be allowed to take further position or the broker may close the existing position of a client
23 · 4.8. temporarily suspending or closing a client's account at the client's request, and
23 · 4.9. deregistering a client
23 · 5.All the documents in both the mandatory and the non-mandatory parts shall be printed in minimum font size of 11.
23 · 6.A copy of all the documents executed by client shall be given to him, free of charge, within seven days from the date of execution of documents by the client. The stock broker shall take client's acknowledgement for receipt of the same.
23 · 7.The stock brokers having own web-sites shall display all the documents executed by a client, client's position, margin and other related information, statement of accounts, etc. in the web-site and allow secured access by way of client -specific user id and password.
23 · 8.The stock broker shall frame the policy regarding treatment of inactive accounts which should, inter-alia, cover aspects of time period, return of client assets and procedure for reactivation of the same. It shall display the same on its web site, if any.
23 · 9.As on 31st March of every year, a statement of balance of Funds and Securities in hard form and signed by the broker shall be sent to all the clients.
24 · Regulation of Transactions Between Clients and Brokers 34
24 · 1. It shall be compulsory for all Member brokers to keep the money of the clients in a separate account and their own money in a separate account. No payment for transactions in which the Member broker is taking a position as a principal will be allowed to be made from the client's account. The above principles and the circumstances under which transfer from client's account to Member broker's account would be allowed are enumerated below.
24 · 1.1. Member Broker to keep accounts: Every member broker shall keep such books of accounts, as will be necessary, to show and distinguish in connection with his business as a member:
24 · 1.2. Obligation to pay money into "clients' accounts". Every member broker who holds or receives money on account of a client shall forthwith pay such money to current or deposit account at bank to be kept in the name of the member in the title of which the word "clients" shall appear (hereinafter referred to as "clients account"). Member broker may keep one consolidated clients account for all the clients or accounts in the name of each client, as he thinks fit. Provided that when a Member broker receives a cheque or draft representing in part money belonging to the client and in part money due to the Member, he shall pay the whole of such cheque or draft into the clients account and effect subsequent transfer as laid down below in para 24.1.4(b).
24 · 1.3. What moneys to be paid into "clients account". No money shall be paid into clients account other than
34 · Reference: Circular SMD/SED/CIR/93/23321 dated November 18, 1993 and Circular CIR/HO/MIRSD/DOP/CIR/P/2019/75 dated June 20, 2019.
24 · 1.4. What moneys to be withdrawn from "clients account". No money shall be drawn from clients account other than
24 · 1.5. Right to lien, set-off etc., not affected. Nothing in this para 24.1 shall deprive a Member broker of any recourse or right, whether by way of lien, set-off, counter-claim charge or otherwise against moneys standing to the credit of clients account.
24 · 2. It shall be compulsory for all Member brokers to keep separate accounts for client's securities and to keep such books of accounts, as may be necessary, to distinguish such securities from his/their own securities. Such accounts for client's securities shall, inter-alia provide for the following:
24 · 2.1. Securities received for sale or kept pending delivery in the market.
24 · 2.2. Securities fully paid for, pending delivery to clients.
24 · 2.3. Securities received for transfer or sent for transfer by the Member, in the name of client or his nominee(s).
24 · 2.4. Securities that are fully paid for and are held in custody by the Member as security/margin etc. Proper authorization from client for the same shall be obtained by Member.
24 · 2.5. Fully paid for client's securities registered in the name of Member, if any, towards margin requirements etc.
24 · 2.6. Securities given on Vyaj-badla. Member shall obtain authorization from clients for the same.
24 · 3. Member Brokers shall make payment to their clients or deliver the securities purchased within 24 hours of pay-out unless the client has requested otherwise.
24 · 4. Member brokers shall issue the contract note for purchase/sale of securities to a client within 24 hours of the execution of the contract.
24 · 5. In case of sales on behalf of clients, Member broker shall be at liberty to close out the contract by effecting purchases if the client fails to deliver the securities sold with valid transfer documents within 48 hours of the contract note having been delivered or before delivery day (as fixed by Stock Exchange authorities for the concerned settlement period), whichever is earlier. Loss on the transaction, if any, will be deductible from the margin money of that client.
25 · Collateral deposited by Clients with Brokers 35
25 · 1. For brokers to maintain proper records of client collateral and to prevent misuse of client collateral, it is advised that:
25 · 1.1. Brokers should have adequate systems and procedures in place to ensure that client collateral is not used for any purposes other than meeting the respective client's margin requirements / pay-ins. Brokers should also maintain records to ensure proper audit trail of use of client collateral.
25 · 1.2. Brokers should further be able to produce the aforesaid records during inspection. The records should include details of:
25 · 1.3. The records should be periodically reconciled with the actual collateral deposited with the broker.
25 · 1.4. Brokers should issue a daily statement of collateral utilization to clients which shall include, inter-alia, details of collateral deposited, collateral utilised and collateral status (available balance / due from
35 · Reference: Circular MRD/DoP/SE/CIR-11/2008 dated April 17, 2008.
25 · 1.5. In case of complaints against brokers related to misuse of collateral deposited by clients, exchanges should look into the allegations, conduct inspection of broker if required and based on its findings take necessary action.
25 · 2. In case client collateral is found to be mis -utilised, the broker would attract appropriate deterrent penalty for violation of norms provided under SCRA 1956, SEBI Act 1992, SEBI Regulations and circulars, Exchange Byelaws, Rules, Regulations and circulars.
26 · Severance of connections with other businesses37
26 · 1. Rule 8(1)(f) and Rule 8(3)(f) of the SCRR 1957, requires that members of a Stock Exchange, whether individual, partnership or corporate, shall not engage in any business other than that of securities. Stock Exchanges should be ensured that the applicants do not attract the above stated rule
27 · Applicability of Rule 8(1)(f) and 8(3)(f) of the Securities Contract (Regulation) Rules, 1957 38
27 · 1. Borrowing and lending of funds, by a trading member, in connection with or incidental to or consequential upon the securities business, would not be disqualified under Rule 8(1)(f) and 8(3)(f) of the SCRR 1957.
28 · Mode of payment and delivery 39
28 · 1. Brokers should not accept cash from the client whether against obligations or as margin for purchase of securities and / or give cash against sale of securities to the clients.
28 · 2. All payments shall be received / made by the stock brokers from / to the clients strictly by account payee crossed cheques/ demand drafts or by way of direct credit into the bank account through electronic fund transfer, or any other mode permitted by the Reserve Bank of India. The stock brokers shall accept cheques drawn only by the clients and also issue cheques in favour of the clients only, for their transactions. Stock Brokers shall not accept cash
36 · Refer "Eligibility of bank instruments as collateral" as specified at para 92 of this circular.
37 · Reference: Circular SMD/VRN/1476/95 dated April 27, 1995.
38 · Reference: Circular SMD/POLICY/CIR-6/97 dated May 07, 1997
39 · Reference: Circular SEBI/MRD/SE/CIR-33/2003/27/08 dated August 27, 2003 and Circular: SEBI/HO/MIRSD/DOP/CIR/P/2018/113 dated July 12, 2018
28 · 3. Similarly, in the case of securities also, giving / taking delivery of securities in "demat mode" should be directly to / from the "beneficiary accounts" of the clients except delivery of securities to a recognized entity under the approved scheme of the Stock Exchange and / or SEBI.
29 · Pre -funded instruments / Electronic fund transfers40
29 · 1. To address the concerns regarding flow of third party funds / unidentified money, following guidelines shall be followed:
29 · 1.1. If the aggregate value of pre-funded instruments is Rs. 50,000/- (fifty thousand rupees) or more, per day per client, the stock brokers may accept the instruments only if the same are accompanied by the name of the bank account holder and number of the bank account debited for the purpose, duly certified by the issuing bank. The mode of certification may include the following:
29 · 1.2. Maintain an audit trail of the funds received through electronic fund transfers to ensure that the funds are received from their clients only.
30 · Disclosure of proprietary trading by Broker to Client 41
30 · 1. With a view to increase the transparency in the dealings between the broker and the client, every broker shall disclose to his client whether he does client based business or proprietary trading as well .
30 · 2. The broker shall disclose this information upfront to his new clients at the time of entering into the Know Your Client agreement.
40 · Reference: Circular CIR/MIRSD/03/2011 dated June 09, 2011
41 · Reference: Circular SEBI/MRD/SE/CIR-42/2003 dated November 19, 2003.
30 · 3. In case of a broker who at present does not trade on proprietary account, chooses to do so at a later date, he shall be required to disclose this to his clients before carrying out any proprietary trading.
31 · Pro – account" trading terminal 42
31 · 1. During the course of inspections carried out by SEBI and Stock Exchanges of the books of accounts and other documents of members, following observations were made:
31 · 1.1. Certain members are putting large number of orders on pro-account from various locations rather than using "pro-account" at the terminals located at the corporate office from where the owner / directors normally function.
31 · 1.2. These trades executed from various locations under "pro-account" are, many a time, transferred subsequently to the respective clients in the back office of the members.
31 · 2. The aforementioned practices clearly violate the requirement of putting the orders of clients under the appropriate client code through trading terminals.
31 · 3. With a view to check such misuse of the above facility, if any, Stock Exchanges are directed to ensure the following: -
31 · 3.1. Facility of placing orders on "pro-account" through trading terminals shall be extended only at one location of the members as specified / required by the members.
31 · 3.2. Trading terminals located at places other than the above location shall have a facility to place orders only for and on behalf of a client by entering client code details as required / specified by the Exchange / SEBI.
31 · 3.3. In case any member requires the facility of using "pro-account" through trading terminals from more than one location, such member shall be required to submit an undertaking to the Stock Exchange stating the reason for using the "pro-account" at multiple locations and the Stock Exchange may, on case to case basis after due diligence, consider extending the facility of allowing use of "pro-account" from more than one location.
42 · Reference: Circular SEBI/MRD/SE/CIR-32/2003/27/08 dated August 27, 2003
32 · Review of norms relating to trading by Members 43
32 · 1. Stock Exchanges are directed to ensure the following:
32 · 1.1. A stock broker of an exchange cannot deal with the brokers of the same exchange either for proprietary trading or for trading on behalf of clients, except with the prior permission of the exchange. The Stock Exchanges while giving such permission, shall consider the reasons stated by the brokers for dealing with brokers of the same exchange and after carrying out due diligence allow such brokers to deal with only one stock broker of the same exchange.
32 · 1.2. A stock broker of an exchange can deal with only one broker of another exchange for proprietary trading after intimating the names of such stock broker to his parent Stock Exchange.
33 · Market Access through Authorised Persons 44
33 · 1. Who is an “Authorised Person”?
33 · 2. Appointment of Authorised Person
33 · 3. Procedure for Appointment
43 · Reference: Circular SEBI/MIRSD/CIR-06/2004 January 13, 2004
44 · Reference: Circular MIRSD/DR-1/CIR-16/09 dated November 06, 2009 and Circular SEBI/CIR/MIRSD/AP/8/2010 dated July 23, 2010
33 · 3.1. Stock Broker shall select a person in compliance with the criteria laid down by the Exchange and this framework for appointment as an authorized person and forward the application of the person to Stock Exchange for approval.
33 · 3.2. On receipt of the aforesaid application, the Stock Exchange
33 · 4. Eligibility Criteria
33 · 4.1. An individual is eligible to be appointed as authorised person if he:
33 · 4.2. A partnership firm, LLP or a body corporate is eligible to be appointed as authorized person
33 · 4.3. The person shall have the necessary infrastructure like adequate office space, equipment and manpower to effectively discharge the activities on behalf of the stock broker.
33 · 4.4. The approved users and/or sales personnel of Authorised Persons shall have the necessary certification of the respective segments at all points of time.
33 · 5. Conditions of Appointment
33 · 5.1. The following are the conditions of appointment of an authorised person:
33 · 6. Withdrawal of Approval
33 · 6.1. Approval given to an authorised person may be withdrawn by the Stock Exchange:
33 · 7. Obligations of Stock Broker
33 · 7.1. The stock broker shall be responsible for all acts of omission and commission of his authorised person(s) and/or their employees, including liabilities arising there from.
33 · 7.2. If any trading terminal is provided by the stock broker to an authorised person, the place where such trading terminal is located shall be treated as branch office of the stock broker.
33 · 7.3. Stock Broker shall display at each branch office additional information such as particulars of authorised person in charge of that branch, time lines for dealing through authorised person, etc., as may be specified by the Stock Exchange.
33 · 7.4. Stock Broker shall notify changes, if any, in the authorised person to all registered clients of that branch at least thirty days before the change.
33 · 7.5. Stock Broker shall conduct periodic inspection of branches assigned to authorised persons and records of the operations carried out by them.
33 · 7.6. The client shall be registered with stock broker only. The funds and securities of the clients shall be settled directly between stock broker and client and all documents like contract note, statement of funds and securities would be issued to client by stock broker. Authorised person may provide administrative assistance in procurement of documents and settlement but shall not issue any document to client in its own name. No fund/securities of clients shall go to account of authorized person.
33 · 7.7. On noticing irregularities, if any, in the operations of authorised person, stock broker shall seek withdrawal of approval, withhold all moneys due to authorised person till resolution of investor problems, alert investors in the location where authorised person operates, file a complaint with the police, and take all measures required to protect the interest of investors and market.
33 · 8. Obligations of Exchange
33 · 8.1. The Stock Exchange shall maintain a database of all the authorised persons which shall include the following:
33 · 8.2. While conducting the inspection of the stock broker, the Stock Exchange shall also conduct inspection of branches where the terminals of authorised persons are located and records of the operations carried out by them.
33 · 8.3. Dispute between a client and an authorised person shall be treated as dispute between the client and the stock broker and the same shall be redressed by the Stock Exchange accordingly.
33 · 8.4. In case of withdrawal of approval of authorised person due to disciplinary action, the Stock Exchange shall issue a press release and disseminate the names of such authorised persons on its website citing the reason for cancellation.
34 · SMS and E -mail alerts to investors by Stock Exchanges 45
34 · 1.Applicability –
34 · 1.1. These guidelines are applicable to equity cash and derivative segments of the Stock Exchanges.
34 · 2.Uploading of mobile number and E-mail address by stock brokers
34 · 2.1. Stock Exchanges shall provide a platform to stock brokers to upload the details of their clients, preferably, in sync with the UCC updation module.
34 · 2.2. Stock Brokers shall upload the details of clients, such as, name, mobile number, address for correspondence and E-mail address.
34 · 2.3. Stock Brokers shall ensure that the mobile numbers/E -mail addresses of their employees /remisiers/authorized persons are not uploaded on behalf of clients.
45 · Reference: Circular CIR/MIRSD/15/2011 dated August 02, 2011 and SEBI communication SE/10118 dated October 12, 1992 and SEBI/HO/MIRSD/MIRSD-PoD1/P/CIR/2024/169 dated December 03, 2024
34 · 2.4. Stock Brokers shall ensure that separate mobile number/E-mail address is uploaded for each client. However, under exceptional circumstances, the stock broker may, at the specific written request of a client, upload the same mobile number/E-mail address for more than one client provided such clients belong to one family (in case of individual clients) or such client is the authorised person of an HUF, Corporate, Partnership or Trust (in case of non-individual clients).
34 · 3.Verification by the Stock Exchanges
34 · 3.1. After uploading of details by the stock brokers, the Stock Exchanges shall take necessary steps to verify the details by any mode as considered appropriate by them which may include the following:
34 · 4.Sending of alerts by the Stock Exchanges
34 · 4.1. Upon receipt of confirmation from the investors, the Stock Exchanges shall commence sending the transaction details generated based on investors' Permanent Account Number, directly to them.
34 · 5.Handling of discrepancies, if any
34 · 5.1. If any discrepancy is observed by the Stock Exchanges in the details uploaded by the stock brokers including non-confirmation by investors, bounced E-mails, undelivered SMS/letters, etc., the Stock Exchanges shall inform the respective stock broker .
34 · 6. Meeting out the expenses for providing SMS and E-mail alerts
34 · 6.1. The Stock Exchanges may use the amount set aside from the listing fees (20% of the listing fees) for providing services to the investing public, to meet the expenses for providing this facility.
35 · Prevention of Unauthorised Trading by Stock Brokers 46
35 · 1. SEBI in the past has taken several steps to tackle the menace of "Unauthorized Trades" viz Periodic Running Account Settlement, Post transactions SMS/email by Stock Exchanges/Depositories, Ticker on broker/DP websites etc. It was observed that in spite of measures taken, a considerable proportion of investor complaints is of the nature of "Unauthorized Trades".
35 · 2. To further strengthen regulatory provisions against un-authorized trades and also to harmonise the requirements across markets, it has now been decided that all brokers shall execute trades of clients only after keeping evidence of the client placing such order, it could be, inter alia, in the form of:
35 · 3. When a dispute arises, the broker shall produce the above mentioned records for the disputed trades. However, for exceptional cases such as technical failure etc. where broker fails to produce order placing evidences, the broker shall justify with reasons for the same and depending upon merit of the same, other appropriate evidences like post trade confirmation by client, receipt/payment of funds/ securities by client in respect of disputed trade, etc. shall also be considered.
35 · 4. Further, wherever the order instructions are received from clients through the telephone, the stock broker shall mandatorily use telephone recording system to record the instructions and maintain telephone recordings as part
46 · Reference: Circular SEBI/HO/MIRSD/DOP1/CIR/P/2018/54 dated March 22, 2018
35 · 5. The Brokers are required to maintain the records specified at para 35.2 above for a minimum period for which the arbitration accepts investors' complaints as notified from time to time currently three years. However, in cases where dispute has been raised, such records shall be kept till final resolution of the dispute.
35 · 6. If SEBI desires that specific records be preserved, then such records shall be kept till further intimation by SEBI.
36 · Execution of Power of Attorney (PoA) by the Client in favour of the Stock Broker/ Stock Broker and Depository Participant 47
36 · 1. A Power of Attorney (PoA) is executed by the client in favour of the stock broker /stock broker and depository participant to authorize the broker to operate the client's demat account and bank account to facilitate the delivery of shares and pay – in/ pay – out of funds.
36 · 2. Generally, the PoA is taken from the clients who want to avail internet based trading services. For offering internet based trading services, a Stock Broker requires necessary authorizations for seamless trading, collection of margins as well as settlement of funds and securities. Further, some of the Stock Brokers also obtain authorizations from their clients to offer non -internet based services.
36 · 3. It came to SEBI's notice that the clients are compelled to give irrevocable power of attorney to manage client's demat account and bank account so that the client is able to pay funds or deliver shares to its broker on time. In some cases, the PoA even allows a broker to open and close accounts on behalf of the client and to trade on client's account without the consent of the client.
36 · 4. In order to standardize the norms to be followed by stock brokers/ stock broker and depository participants while obtaining PoA from the clients, guidelines as set out in the para 36.7 , 36.8 , 36.9 , 36.10 and 36.11 below, shall be made applicable to stock brokers/ stock broker and depository participants.
36 · 5. Standardizing the norms for PoA must not be construed as making the PoA a condition precedent or mandatory for availing broking or depository participant services. PoA is merely an option available to the client for instructing his broker or depository participant to facilitate the delivery of
47 · Reference: Circular CIR/MRD/DMS/13/2010 dated April 23, 2010, Circular CIR/MRD/DMS/28/2010 dated August 31, 2010 and Circular SEBI/HO/MIRSD/DOP/CIR/P/2020/158 dated August 27, 2020
36 · 6. Stock Broker/ DP may revoke those authorizations that are inconsistent with the present guidelines by communicating the inconsistent clauses to the existing clients. In the event, the deleted clauses are not accepted by the client, Stock Broker/ DP may be required to either obtain fresh PoA or close the account. In case of any addition to the existing PoA, Stock Broker / DP shall be required to obtain a new PoA from clients.
36 · 7. PoA favouring Stock Brokers
36 · 7.1. PoA executed in favour of a stock broker by the client should be limited to the following:
36 · 7.1.1. Securities48
36 · 7.1.2. Funds
48 · Refer to para 37 of this Master Circular
36 · 8. PoA favouring Stock Brokers and Depository Participants
36 · 8.1. PoA executed in favour of a stock broker and Depository Participant by the client should:
36 · 8.1.1. Identify/provide the particulars of the beneficial owner account(s) and the bank account(s) of the client(s) that the stock broker is entitled to operate.
36 · 8.1.2. Provide the list of clients' & brokers' Bank accounts & demat accounts where funds and securities can be moved. Such bank & demat accounts should be accounts of related party only. The list of clients' and brokers' Bank account and demat accounts may be updated / amended by proper communication without executing a new PoA every time. Copies of such communication may be preserved as annexure to PoA.
36 · 8.1.3. Be executed in the name of the concerned SEBI registered entity only and not in the name of any employee or representative of the stock broker /depository participant.
36 · 8.1.4. Not provide the authority to transfer the rights in favour of any assignees of the stock broker/depository participant.
36 · 8.1.5. Be executed and stamped as per the rules / law prevailing in the place where the PoA is executed or the place where the PoA is kept as a record, as applicable.
36 · 8.1.6. Contain a clause by which the stock broker would return to the client(s), the securities or fund that may have been received by it erroneously or those securities or fund that it was not entitled to receive from the client(s).
36 · 8.1.7. Be revocable at any time. However, such revocation shall not be applicable for any outstanding settlement obligation arising out of the trades carried out prior to receiving request for revocation of PoA. Further, the PoA revocation requests should be dated and time stamped by the brokers for ensuring proper audit trail.
36 · 8.1.8. Be executed by all the joint holders (in case of a demat account held jointly). If the constitution of the account is changed for whatever reason, a new PoA should be executed.
36 · 8.1.9. Authorize the stock broker/depository participant to send consolidated summary of Client's scrip-wise buy and sell positions taken with average rates to the client by way of SMS / email on a daily basis, notwithstanding any other document to be disseminated as specified by SEBI from time to time.
36 · 9. General Guidelines
36 · 9.1. The PoA shall not facilitate the stock broker to do the following:
36 · 9.1.1. Off -market trades between parties other than the related parties as mentioned in the PoA.
36 · 9.1.2. Transfer of funds from the bank account(s) of the Clients for trades executed by the clients through another stock broker.
36 · 9.1.3. Open a broking / trading facility with any stock broker or for opening a beneficial owner account with any depository participant.
36 · 9.1.4. Execute trades in the name of the client(s) without the client(s) consent.
36 · 9.1.5. Prohibit issue of Delivery Instruction Slips (DIS) to beneficial owner (client).
36 · 9.1.6. Prohibit client(s) from operating the account.
36 · 9.1.7. Merging of balances (dues) under various accounts to nullify debit in any other account.
36 · 9.1.8. Open an email ID/ email account on behalf of the client(s) for receiving statement of transactions, bills, contract notes etc. from stock broker / depository participant.
36 · 9.1.9. Renounce liability for any loss or claim that may arise due to any blocking of funds that may be erroneously instructed by the stock broker to the designated bank.
36 · 10. Stock Broker / Depository Participant should ensure that:
36 · 10.1. A duplicate/ certified true copy of the PoA is provided to the Client(s) after execution.
36 · 10.2. In case of merger/ demerger of the stock broker/depository participant with another entity/ into another entity, the scheme of merger/ demerger should be approved by High Court and one month prior intimation given to the client about the corporate restructuring to facilitate investor/ client to continue or discontinue with the broker .
36 · 11. All off -market transfer of securities shall be permitted by the Depositories only by execution of Physical Delivery Instruction Slip (DIS) duly signed by the client himself or by way of electronic DIS. The Depositories shall also put in place a system of obtaining client's consent through One Time Password (OTP) for such off market transfer of securities from client's demat account.
37 · Execution of 'Demat Debit and Pledge Instruction' (DDPI) for transfer of securities towards deliveries / settlement obligations and pledging / repledging of securities 49
49 · Reference: Circular SEBI/HO/MIRSD/DoP/P/CIR/2022/44 dated April 04, 2022 Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2022/137 dated October 06, 2022
37 · 1. While executing a PoA, authorization is given by client to the stock broker / stock broker and depository participant, to access the Beneficial Owner (BO) account of the client to meet settlement obligations of the trade executed by the client. In order to make the process more transparent and simpler, the following conditions shall be made part of a separate document viz. 'Demat Debit and Pledge Instruction' (DDPI) (Annexure-14):
37 · 1.1. Transfer of securities held in the beneficial owner accounts of the client towards Stock Exchange related deliveries / settlement obligations arising out of trades executed by clients on the Stock Exchange through the same stock broker.
37 · 1.2. Pledging / re-pledging of securities in favour of TM/ CM for the purpose of meeting margin requirements of the clients in connection with the trades executed by the clients on the Stock Exchange.
37 · 1.3. Mutual Fund transactions being executed on stock exchange order entry platforms and which shall be in compliance with SEBI circulars SEBI/HO/IMD/IMD -I DOF5/P/CIR/2021/634 dated October 04, 2021, SEBI/HO/IMD/IMD-I DOF5/P/CIR/2021/635 dated October 04, 2021 and SEBI/HO/IMD/IMD-I DOF5/P/CIR/2022/29 dated March 15, 2022 or any other circular which may be issued in this regard; and
37 · 1.4. Tendering shares in open offers which shall be in compliance with SEBI circular SEBI/HO/CFD/DCR -III/CIR/P/2021/615 dated August 13, 2021 or any other circular which may be issued in this regard.
37 · 2. The client may use the DDPI or opt to complete the settlement by issuing physical Delivery Instruction Slip (DIS) or electronic Delivery Instruction Slip (eDIS) themselves. Hence, PoA shall no longer be executed for the conditions specified in para 37.1.1 and 37.1.2 .
37 · 3. The DDPI, which is indexed as part of the Voluntary Documents in Annexure -7 of this master circular, shall be executed only if the client provides his/her explicit consent for the same, including internet based trading. The DDPI shall also be adequately stamped. The DDPI can be digitally signed by the clients.
37 · 4. The existing PoAs shall continue to remain valid till the time client revokes the same. Thus, the stock broker/stock broker and depository participant shall not directly / indirectly compel the clients to execute the DDPI or deny services to the client if the client refuses to execute the DDPI.
37 · 5. PoA is optional and should not be insisted upon by the stock broker / stock broker depository participant for opening of the client account.
37 · 6. For the execution of the DDPI for fulfilling delivery / settlement obligations, prior to executing actual transfer of securities based on details provided by stock broker/stock broker and depository participant, the Depositories shall ensure matching and confirming the transfer of securities with client-wise net delivery obligation arising from the trade executed on the exchange, as provided by the Clearing Corporation to Depositories for each settlement date.
37 · 7. Securities transferred on the basis of the DDPI provided by the client shall be credited to client's TM pool account / CM pool account / demat account of clearing corporation, as the case may be. The DDPI provided by the client shall be registered in the demat account of the client by TM /CM. Stock Exchanges and Depositories shall ensure that stock broker/stock broker and depository participant providing DDPI facility, has enabled its clients to revoke / cancel the DDPI provided by them.
37 · 8. For the clients who issue the DDPI to stock broker/stock broker and depository participant, the following provisions of the SEBI circulars issued with respect to PoA shall stand replaced with DDPI:
37 · 8.1. Para 36.7.1.1. (a) and (b) of this circular,
37 · 8.2. Para 36.7.1.1. (c) of this circular to the extent applicable for Mutual Fund transactions and tendering shares in open offers.
38 · Modification of Client Codes of Non -Institutional Trades executed on Stock Exchanges (All Segments) 50
38 · 1. Stock Exchanges may allow modifications of client codes of non-institutional trades only to rectify a genuine error in entry of client code at the time of placing / modifying the related order.
50 · Reference: Circular CIR/DNPD/6/2011 dated July 05, 2011, Circular CIR/MRD/DP/29/2014 dated October 21, 2014 and Circular SEBI/HO/CDMRD/DMP/CIR/P/2016/73 dated August 19, 2016
38 · 2. If a Stock Exchange wishes to allow trading members to modify client codes of non -institutional trades, it shall
38 · 2.1. lay down strict objective criteria, with the approval of its Governing Board, for identification of genuine errors in client codes which may be modified, and disclose the same to market in advance,
38 · 2.2. set up a mechanism to monitor that the trading members modify client codes only as per the strict objective criteria, and
38 · 2.3. ensure that modification of client codes is covered in the internal audit of trading members
38 · 3. Notwithstanding the above,
38 · 3.1. The Stock Exchanges shall levy a penalty from trading members and credit the same to its Investor Protection Fund as under:
38 · 3.2. The Stock Exchange shall conduct a special inspection of the trading member to ascertain whether the modifications of client codes are being carried on as per the strict objective criteria set by the Stock Exchange, as directed in Para 38.2 above, if 'a' as % of 'b', as defined above, exceeds 1% during a month and take appropriate disciplinary action, if any deficiency is observed.
38 · 4. Shifting of trades to the error account of broker would not be treated as modification of client code, provided the trades in error account are subsequently liquidated in the market and not shifted to some other code.
38 · 5. Further, brokers shall disclose the codes of accounts which are classified as 'error accounts' to the Stock Exchanges. Each broker should have a welldocumented error policy approved by the management of the broker. Stock Exchanges shall periodically review the trades flowing to the error accounts of the brokers.
38 · 6. Waiver of Penalty
38 · 6.1. Stock exchanges may waive penalty for a client code modification where stock broker is able to produce evidence to the satisfaction of the stock exchange to establish that the modification was on account of a genuine error.
38 · 6.2. Not more than one such waiver per quarter may be given to a stock broker for modification in a client code. Explanation: If penalty wavier has been given with regard to a genuine client code modification from client code AB to client code BA, no more penalty waivers shall be allowed to the stock broker in the quarter for modifications related to client codes AB and BA.
38 · 7. Proprietary trades shall not be allowed to be modified as client trade and vice versa
38 · 8. Stock exchanges shall submit a report to SEBI every quarter regarding all such client code modifications where penalties have been waived.
38 · 9. Stock exchanges shall undertake stringent disciplinary actions against stock brokers who undertake frequent client code modifications.
39 · Margin Trading Facility 51
39 · 1. Equity Shares and units of Equity Exchange Traded Funds (ETFs) 52 that are classified as 'Group I security' shall be eligible for margin trading facility. Group I securities are liquid securities which are traded at least eighty percent of the days over the previous six months and impact cost for which over the previous six months is less than or equal to one percent. (For securities that have been listed for less than six months, the trading frequency and the impact cost shall be computed using the entire trading history of the scrip)
39 · 2. Margin Requirement
39 · 2.1. In order to avail margin trading facility, initial margin required shall be as under:
51 · Reference: Circular CIR/MRD/DP/54/2017 dated June 13, 2017, Circular CIR/MRD/DP/86/2017 dated August 01, 2017 and Circular SEBI/HO/MRD/MRD-PoD-3/P/CIR/2022/166 dated November 30, 2022 52 Equity ETFs were included vide circular SEBI/HO/MRD/MRD-PoD-3/P/CIR/2022/166 dated November 30, 2022, which shall come into force with effect from 30th day of issuance of that circular.
39 · 2.2. The initial margin payable by the client to the stock broker shall be in the form of cash, cash equivalent or Group I equity shares or units of Group I Equity ETFs, with appropriate haircut as specified by SEBI.
39 · 2.3. The stock brokers shall be required to comply with the following conditions53:
53 · SEBI/HO/MRD/MRD -PoD -2/P/CIR/2024/118 dated September 11, 2024
39 · 2.4. Stock Brokers shall ensure maintenance of the aforesaid margin at all times during the period that the margin trading facility is being availed by the client. In case of short fall, stock broker shall make necessary margin calls.
39 · 2.5. The exchange/stock broker, based on the risk assessment, shall have the discretion to impose/collect higher margin than the margin specified in para 39.2.1 above.
39 · 3. Liquidation of Securities by the stock broker in case of default by the client
39 · 3.1. The stock broker shall list out situations/conditions in which the securities may be liquidated and such situations/conditions shall be included in the "Rights and Obligations Document". The broker shall liquidate the securities, if the client fails to meet the margin call to comply with the conditions as mentioned in this circular or specified in the "Rights and Obligations Document" specified by exchange.
39 · 3.2. However, the broker shall not liquidate or use in any manner the securities of the client in any situation other than the conditions stipulated at para 39.3.1 above.
39 · 4. Eligibility requirements for stock brokers to provide Margin Trading Facility to clients
39 · 4.1. Only corporate stock brokers with a net worth of at least three crore shall be eligible to offer margin trading facility to their clients.
39 · 4.2. The "net worth" for the purpose of margin trading facility shall be as specified in the Stock Brokers Regulations 1992.
39 · 4.3. The stock brokers shall submit to the Stock Exchange a half-yearly certificate, as on 31st March and 30th September of each year, from an auditor confirming the net worth. Such a certificate shall be submitted not later than 30th April and 31st October of every year.
39 · 5. Source of Funds
39 · 5.1. For the purpose of providing the margin trading facility, a stock broker may use own funds or borrow funds from scheduled commercial banks and/or NBFCs regulated by the Reserve Bank of India, borrow funds by way of issuance of Commercial Papers (CPs)
39 · 5.2. A stock broker shall not be permitted to borrow funds from any other source, other than the sources stated above para 39.5.1 above
39 · 5.3. The stock broker shall not use the funds of any client for providing the margin trading facility to another client, even if the same is authorized by the first client.
39 · 6. Leverage and Exposure Limits
39 · 6.1. At any point of time, the total indebtedness of a stock broker for the purpose of margin trading shall not exceed five times of its net worth, calculated as per para 39.4.2 above.
39 · 6.2. The maximum allowable exposure of the broker towards the margin trading facility shall be within the self imposed prudential limits and shall not, in any case, exceed the borrowed funds and fifty percent of his "net worth".
39 · 6.3. While providing the margin trading facility, the broker shall ensure that:
39 · 6.4. For the purpose of applicable haircuts for units of Equity ETFs as collateral for margin trading facility, it is clarified that the haircuts applicable to Liquid (Group I) Equity Shares (under "Other Liquid Assets" category) as per SEBI circular MRD/DoP/SE/Cir-07/2005 dated February 23, 2005 shall be applicable to units of Equity ETFs.
39 · 7. Disclosure Requirement
39 · 7.1. The stock broker shall disclose to the Stock Exchanges details on gross exposure towards margin trading facility including name of the
39 · 7.2. The Stock Exchanges shall disclose on their websites the scrip wise gross outstanding in margin accounts with all brokers to the market. Such disclosure regarding margin trading done on any day shall be made available after the trading hours, on the following day, through its website.
39 · 7.3. The Stock Exchanges shall put in place a suitable mechanism to capture and maintain all relevant details including member-wise, client -wise, scrip-wise information regarding outstanding positions in margin trading facility and also source of funds of the stock brokers, on the exchange both on daily as well as on cumulative basis.
39 · 8. Rights and Obligations for Margin Trading
39 · 8.1. The Stock Exchanges shall frame a Rights and Obligations document laying down the rights and obligations of stock brokers and clients for the purpose of margin trading facility. The Rights and Obligations document shall be mandatory and binding on the Broker/Trading Member and the clients for executing trade in the Margin Trading framework.
39 · 8.2. The broker/exchange may modify the Rights and Obligations document only for stipulating any additional or more stringent conditions, provided that no such modification shall have the effect of diluting any of the conditions laid down in the circular or in the Rights and Obligations document.
39 · 9. Maintenance of Records
39 · 9.1. The stock broker shall maintain separate client-wise ledgers for funds and securities of clients availing margin trading facility.
39 · 9.2. The stock broker shall maintain a separate record of details of the funds used and sources of funds for the purpose of margin trading.
39 · 9.3. The books of accounts, maintained by the broker, with respect to the margin trading facility offered by it, shall be audited on a half yearly basis. The stock broker shall submit an auditor's certificate to the
39 · 10.Other Conditions
39 · 10.1. A broker shall take adequate care and exercise due diligence before providing margin trading facility to any client.
39 · 10.2. Any disputes arising between the client and the stock broker in connection with the margin trading facility shall have the same treatment as normal trades and should be covered under the investor grievance redressal mechanism, arbitration mechanism of the Stock Exchange.
39 · 10.3. SGF and IPF shall be available for transactions done on the exchange, whether through normal or margin trading facility. However, any losses suffered in connection with the margin trading facility availed by the client from the stock broker shall not be covered under IPF.
39 · 10.4. The stock brokers wishing to extend margin trading facility to their clients shall be required to obtain prior permission from the exchange where the margin trading facility is proposed to be offered. The exchange shall have right to withdraw this permission at a later date, after giving reasons for the same.
40 · Collection and reporting of margins by Trading Member (TM) /Clearing Member (CM) in Cash Segment 54
40 · 1. Collection of margins from the clients by TM/CM in cash segment:
40 · 1.1. The 'margins' for this purpose shall mean VaR margin, extreme loss margin (ELM), mark to market margin (MTM), delivery margin, special / additional margin or any other margin as prescribed by the Exchange to be collected by TM/CM from their clients.
40 · 1.2. Henceforth, like in derivatives segment, the TMs/CMs in cash segment are also required to mandatorily collect upfront VaR margins and ELM from their clients. The TMs/CMs will have time till
54 · Reference: Circular CIR/HO/MIRSD/DOP/CIR/P/2019/139 dated November 19, 2019, Circular SEBI/HO/MIRSD/DOP/CIR/P/2020/146 dated July 31,2020 and Circular SEBI/HO/MIRSD/DOP/CIR/P/2020/173 dated September 15, 2020 SEBI/HO/MIRSD/MIRSD -PoD/P/CIR/2025/57 dated April 28, 2025
40 · 1.3. If pay-in (both funds and securities) is made by settlement day, the other margins would deemed to have been collected and penalty for short / non collection of other margins shall not arise.
40 · 1.4. If Early Pay-In of securities has been made to the Clearing Corporation (CC), then all margins would deemed to have been collected and penalty for short / non-collection of margin including other margins shall not arise.
40 · 1.5. If client fails to make pay-in by settlement day and TM / CM do not collect other margins from the client by settlement day, the same shall also result in levy of penalty as applicable.
40 · 1.6. As prescribed in clause 7 of SEBI circular MRD/DoP/SE/Cir-07/2005 dated February 23, 2005, the TM/CM shall be exempted from collecting upfront margins from the institutional investors carrying out business transactions and in cases where early pay-in of securities is made by the clients .
40 · 1.7. If the TM/CM had collected adequate initial margins from the client to cover the potential losses over time till pay-in, he need not collect MTM from the client.
40 · 1.8. As like in derivatives segments, the TMs/CMs shall report to the Stock Exchange on T+5 day the actual short-collection/ noncollection of all margins from clients.
40 · 2. It is reiterated that CC shall continue to collect upfront VaR plus ELM and other margins from TM / CM as applicable from time to time.
40 · 3. Penalty structure for short-collection/non-collection of margins and false/incorrect reporting of margin collection from the clients by TMs/CMs:
40 · 3.1. For short -collection / non -collection of client margins, the Stock Exchanges shall take the disciplinary action as per the framework
40 · 3.2. If TM / CM collects minimum 20% upfront margin in lieu of VaR and ELM from the client, then penalty for short-collection / noncollection of margin shall not be applicable.
40 · 3.3. For false/incorrect reporting of margin collection from the clients by TMs/CMs, the Stock Exchanges shall take disciplinary action as per the framework CIR/HO/MIRSD/DOP/CIR/P/2019/88 dated August 01, 2019.
41 · Framework to Enable Verification of Upfront Collection of Margins from Clients in Cash and Derivatives segments 55
41 · 1. With an objective to enable uniform verification of upfront collection of margins from clients by TM/ CM and levy of penalty across segments, it has been decided that the Stock Exchanges/ Clearing Corporations shall adopt the framework specified in paras 41.2 to 41.5 below, for the purpose of 'Mechanism for regular monitoring of and penalty for short collection/ noncollection of margins from clients' in Cash and Derivatives segments.
41 · 2. Clearing Corporations shall send minimum four snapshots of client wise margin requirement to TMs/CMs for them to know the intraday margin requirement per client in each segment. The number of times snapshots need to be sent in a day may be decided by the respective Clearing Corporation depending on market timings subject to a minimum of four snapshots in a day. The snapshots would be randomly taken in pre-defined time windows.
41 · 3. The client wise margin file (MG-12/13) provided by the CCs to TMs/CMs shall contain the EOD margin requirements of the client as well as the peak margin requirement of the client, across each of the intra-day snapshots.
55 · Reference: Circular SEBI/HO/MRD2/DCAP/CIR/P/2020/127 dated July 20, 2020,
41 · 4. The member shall have to report the margin collected from each client, as at EOD and peak margin collected during the day, in the following manner:
41 · 4.1. EOD margin obligation of the client shall be compared with the respective client margin available with the TM/CM at EOD.
41 · 4.2. Peak margin obligation of the client, across the snapshots, shall be compared with respective client peak margin available with the TM/CM during the day.
41 · 5. Higher of the shortfall in collection of the margin obligations at para 41.4.1 and 41.4.2 above, shall be considered for levying of penalty as per the extant framework.
41 · 6. The verification of availability of margins with TM/ CM, as at para 41.4.1 and 41.4.2 above, shall be done by exchanges/ clearing corporations on a weekly basis by verification of the balances in the books/ ledgers of the TM/ CM in respect of the client.
41 · 7. The margin requirements to be considered for the intra-day snapshots in derivatives segments (including commodity derivatives), shall be calculated based on the fixed Beginning of Day (BOD) margin parameters. The BOD margin parameters would include all SPAN margin parameters as well as ELM requirements.
41 · 8. The End of Day (EOD) margin collection requirement from clients, in derivatives segments (including commodity derivatives), shall also be calculated based on the fixed BOD margin parameters.
41 · 9. The provisions at para 41.7 and 41.8 are only for the purpose of verification of upfront collection of margins from clients. The margin parameters applicable for collection of margin obligation by Clearing Corporations shall continue to be updated on intra-day and EOD basis, as per the extant provisions.
42 · Margin obligation to be given by way of Pledge/ Re-pledge in the Depository System 56
42 · 1. TM / CM shall, inter alia, accept collateral from clients in the form of securities, only by way of 'margin pledge', created in the Depository system
56 · Reference: Circular SEBI/HO/MIRSD/DOP/CIR/P/2020/28 dated February 25,2020 and Circular no. SEBI/HO/MIRSD/DOP/CIR/P/2020/88 dated May 25,2020 and SEBI/HO/MIRSD/MIRSDPoD//P/CIR/2025/82 dated June 03, 2025
42 · 2. The above sections and regulations clearly enumerate the manner of creating pledge of the dematerialised securities. Any procedure followed other than as specified under the aforesaid provisions of law for creating pledge of the dematerialised securities is prohibited. It is clarified that an offmarket transfer of securities leads to change in ownership and shall not be treated as pledge.
42 · 3. Transfer of securities to the demat account of the TM / CM for margin purposes (i.e. title transfer collateral arrangements) shall be prohibited. In case, a client has given a power of attorney in favour of a TM / CM, such holding of power of attorney shall not be considered as equivalent to the collection of margin by the TM / CM in respect of securities held in the demat account of the client.
42 · 4. The TM / CM shall open a separate demat account for accepting margin pledge, which shall be tagged as 'Client Securities Margin Pledge Account'.
42 · 5. For the purpose of providing collateral in form of securities as margin, a client shall pledge securities with TM, and TM shall re-pledge the same with CM, and CM in turn shall re -pledge the same to Clearing Corporation (CC). The complete trail of such re-pledge shall be reflected in the de-mat account of the pledgor.
42 · 6. The TM shall re -pledge securities to the CM's 'Client Securities Margin Pledge Account' only from the TM's 'Client Securities Margin Pledge Account'. The CM shall create a re -pledge of securities on the approved list to CC only out of 'Client Securities Margin Pledge Account' (Re-pledge would mean endorsement of pledge by TM / CM in favour of CM/CC, as per procedure laid down by the Depositories)
42 · 7. The TM and CM shall ensure that the client's securities re -pledged to the CC shall be available to give exposure limit to that client only. Dispute, if any, between the client, TM / CM with respect to pledge, re-pledge, invocation and release of pledge shall be settled inter-se amongst client and TM / CM through arbitration as per the bye-laws of the Depository. CC and Depositories shall not be held liable for the same.
42 · 8. Securities that are not on the approved list of a CC may be pledged in favour of the TM / CM. Each TM / CM may have their own list of acceptable securities that may be accepted as collateral from client.
42 · 9. Funded stocks held by the TM / CM under the margin trading facility shall be held by the TM / CM only by way of pledge. For this purpose, the TM / CM shall be required to open a separate demat account tagged 'Client Securities under Margin Funding Account' in which only funded stocks in respect of margin funding shall be kept/ transferred, and no other transactions shall be permitted. Such funded stocks shall be transferred to respective client's demat account followed by creation of an auto-pledge (i.e. without the requirement of a specific instruction from the client) with suitable reason, in favor of 'Client Securities under Margin Funding Account'.
42 · 10. The TM / CM shall be required to transfer all client's securities lying in such accounts to the respective clients' demat accounts. Thereafter, TM / CM are prohibited from holding any client securities in any beneficial owner accounts of TM/CM, other than specifically tagged accounts as indicated above, and in pool account(s), unpaid securities account.
42 · 11. The operational mechanism for margin pledge is provided below:
42 · 11.1. For the purpose of providing collateral in form of dematerialised securities as margin, a client shall initiate the margin pledge only in favour of the TM / CM's separate client securities margin account tagged as 'Client Securities Margin Pledge Account' through physical instruction or electronic instruction mechanism provided by the Depositories. Such instructions shall have details of client UCC, TM, CM and Default Segment.
42 · 11.2. In cases where a client has given a Power of Attorney ("POA") to the TM / CM, the TM / CM may be allowed to execute the margin pledge on behalf of such client to the demat account of the TM / CM tagged as 'Client Securities Margin Pledge Account'.
42 · 11.3. The 'pledge request form' shall have a clause regarding express consent by the client for re-pledge of the securities by the TM to CM and further by the CM to CC.
42 · 11.4. On receipt of the margin pledge instruction either from the client or by TM / CM as per the POA, DP of a client shall initiate a margin pledge in the client's account and the status of instruction will remain pending till confirmation is received from client / pledgor. The client will submit acceptance by way of One Time Password (the "OTP") confirmation on mobile number / registered e-mail id of the client or other verifiable mechanism. Further no other OTP confirmation from client shall be required, if securities of such client are being re-
42 · 11.5. In client account, margin pledge or re-pledge shall be reflected against each security, if it is pledged / re-pledged and in whose favour i.e. TM / CM / CC.
42 · 11.6. The TM can re -pledge only in favour of CM's demat account tagged as 'Client Securities Margin Pledge Account'. The CM shall create a re-pledge of securities on the approved list only to the CC out of 'Client Securities Margin Pledge Account'. While re-pledging the securities to the CC, CM/TM shall fully disclose the details of the client wise pledge to the CC/CM. CM would need to have visibility of client level position and client collateral so that CM shall allow exposure and / or margin credit in respect of such securities to that client to whom such securities belong.
42 · 11.7. In case of a client creating pledge of the securities in favour of the TM / CM against margin, the TM / CM may release the 'margin pledge' after their internal exposure and risk management checks. The request for release of pledge can be made by the client to its DP or to the TM / CM, who shall release the pledge in the Depository system.
42 · 11.8. For release of client securities given to TM/CM as margin pledge and which are re -pledged in favour of the CC, the CM shall make a request to the CC. The client through TM, or the TM on his own, may request the CM to make an application to the CC for the release of margin pledge. CC shall do margin utilisation check at the CM level before releasing the re-pledge of securities to the CM. The CC will release the re -pledged client securities to CM after blocking other available free collateral of CM. The CM /TM in turn after doing their risk management shall release the securities to TM / client, as the case may be.
42 · 11.9. In case where client sells the securities, which are pledged in favor of TM/CM as Margin pledged securities (including pledged funded stock) / CUSPA pledge, depositories shall provide a functionality of single instruction in the form of 'Pledge release for early pay in' to TM/CM wherein pledge will be released and early pay in block will be set up immediately in client demat account subject to pay in validation i.e. only to the extent of delivery obligation of that client as provided by CCs to depositories without the need for physical instruction or electronic instruction or DDPI/POA.
42 · 11.10. In case of default by a client of TM where the clients securities are re- pledged with the CM/ CC, the invocation request shall be made by the TM to CM and CM in turn will make request to CC as per the procedure laid down by the Depositories under their bye-laws.
42 · 11.11. In case of default by a client of TM who has pledged securities with TM, the TM shall invoke the pledge.
42 · 11.12. In case of default by a client of TM whose securities are re-pledged by TM with CM, the invocation request shall be made by TM to the CM. The CM, after doing its internal exposure and risk management, shall release the re -pledged securities to the 'Client Securities Margin Pledge Account' of the TM. The TM in turn will invoke the pledge of client's securities.
42 · 11.13. In the event of default by a client of a TM, whose securities are repledged by TM with CM and CM in turn has re-pledged with CC, the TM shall make a request for invocation of pledge with CM and CM in turn shall file a request with CC to release the re-pledged securities for invocation. The CC shall block equivalent available free collateral provided by CM and shall release the re-pledged securities of that defaulting client of TM to CM in "Client Securities Margin Pledge Account" of CM. The CM shall do his own risk assessment of TM and would release re -pledged securities of the defaulting client of TM in "Client Securities Margin Pledge Account" of TM and TM shall invoke the pledge in Demat account of the client.
42 · 11.14. In case of default by a client/ TM of CM whose securities are repledged with CC, CM shall file a request with CC for invocation of the pledged/ re-pledged securities of that client/TM. CC shall block the equivalent available free collateral provided by CM and shall release the re -pledged securities of that defaulting client/TM in "Client Securities Margin Pledge Account" of CM and the CM shall invoke the pledge in Demat account of the client/ TM.
42 · 11.15. In case of default by TM or client of TM, CM shall be entitled to invoke pledged/ re-pledged securities of the TM. CM shall also be entitled to invoke directly the repledged securities of client of TM having open position with CM to close out such positions.
42 · 11.16. In case of default by the CM, CC shall invoke securities pledged by the CM. After exhausting the CM own collateral, CC may also invoke re-pledge securities of that client who has open position and their repledged securities are blocked by CC to close out their open
42 · 11.17. In case of invocation of margin pledged securities (including pledged funded stock) of client by Trading member (TM), the invoked securities, other than mutual fund units that are not traded on the exchanges, shall be blocked for early pay-in in the client's demat account with a trail being maintained in TM/CM's 'Client Securities Margin Pledge Account' / 'Client Securities under Margin Funding Account'. The pay in block in client's demat account shall be subject to pay in validation i.e. only to the extent of delivery obligation of that client as provided by CCs to depositories.
42 · 12. The framework for utilisation of pledged clients' securities for exposure and margin is provided below:
42 · 12.1. At present, the margin requirement is computed in real time at client level by the CC and is aggregated at the level of CMs to arrive at the total margin requirement. The CC maintains and monitor the collateral at the level of CM. The CM is required to provide the collateral in various acceptable forms such as Cash, Bank Guarantee57, Government Securities, pledge of acceptable shares, etc.
42 · 12.2. The day to day real time risk management with respect to client / TM exposure, and the margin requirement shall continue to be the
57 · Refer "Eligibility of bank instruments as collateral" as specified at para 96 of this circular
42 · 12.3. In order to provide exposure to CM and/or to the clients / TM of a CM, CC shall aggregate margin requirement at CM level that shall be compared against the available collateral in real time as aggregate of;
42 · 12.4. CM shall be allowed to re -pledge acceptable/approved client securities with the CC by furnishing the UCC wise client details. CC shall not allow any exposure to the CM on re-pledged securities of the client / TM. In case of a trade by a client / TM whose securities are re-pledged with CC, the CC shall first block the available collateral provided by CM as mentioned in point 42.12.3 above. However, at periodical interval (latest by end of day), CC shall release the blocked securities collateral of CM to the extent of re -pledged securities collateral of that client / TM available with the CC.
42 · 12.5. In the event of default by a client of TM, the TM shall make good the default to CM. In the event of default by a client or TM on its proprietary position, the CM shall make good the default to CC. However, in the event of default by client/s leading to default of TM and also the CM, the following process shall be applied by TM/CM/CC for invocation of pledged and re-pledged securities of client/TM/CM:
43 · Segregation and Monitoring of Collateral at Client Level 58
43 · 1. In order to strengthen the mechanism of protection of client collateral from (i) misappropriation/ misuse by TM/ CM and (ii) default of TM/CM and/or other clients, the following framework for segregation and monitoring of collateral at client level is specified:
43 · 2. With a view to providing visibility of client-wise collateral (for each client) at all levels, viz., TM, CM and Clearing Corporation (CC), a reporting mechanism, covering both cash and non-cash collateral, shall be specified by the CCs. Details in respect of the same are as under:
58 · Reference: Circular SEBI/HO/MRD2_DCAP/CIR/2021/0598 dated July 20,2021
43 · 3. A web portal facility shall be provided by the CCs/SEs to allow clients to view aforesaid disaggregated collateral reporting by TM/CM.
43 · 4. In case of securities collateral provided to CC through margin pledge/repledge in the Depository system, CC has visibility of the client to whom such securities belong to, and accordingly is able to assign the value of the securities collateral, based on applicable haircut, to that client's account.
43 · 5. Similarly, for other forms of collateral placed with the CC, the CCs shall provide a facility to CMs for upfront segment-wise allocation of collateral to a TM/ client or CM's own account. The CCs shall use such collateral allocation information to ensure that the collateral allocated to a client is used towards the margin obligation of that client only.
43 · 6. There shall be no change in the procedures pertaining to placing of securities as collateral through the margin pledge/re-pledge mechanism in the Depository system, and this collateral will be identified as belonging to a client or as being proprietary securities of the TM or CM, as the case may be, as per the existing procedures .
43 · 7. While depositing other forms of collateral i.e. Cash, Fixed Deposits (FDs), Bank Guarantees (BGs) or Government Securities provided through the SGL/CSGL route, etc, the CM shall allocate these collaterals into proprietary account of CM, and/or proprietary account of any TM clearing through the CM, and/or account of any of the clients (including Custodial Participants (CPs)) clearing through the CM, and/or of any of the clients trading through the TM who in turn is clearing through the CM, segmentwise.
43 · 8. In case of such collateral received by the CM from any TM, the CM shall not accept the same without the TM specifying break-up of such collateral into proprietary account of the TM and/or uniquely identified client account. Similarly, the CC shall not accept such collateral without the CM specifying
43 · 9. The amount of collateral allocated shall not exceed the amount of collateral received by the TM/CM from the client and reported as such under the reporting mechanism (refer Para 43.2 above), excluding the securities collateral re -pledged to CC through margin pledge mechanism. Further, the sum of client collateral retained by the TM/CM and client collateral passed on to CM/CC shall equal the amount of collateral received by the TM/CM from the client. Also, the allocation of collateral at CC shall not be lower than the amount of collateral (except securities collateral repledged to CC) reported as having been passed on by the CM to the CC. The CC shall have appropriate validations in place in respect of allocations and reporting done by CMs. Further, CMs shall also perform validations at their end in respect of allocations and reporting done by TMs.
43 · 10.An illustration is provided at Annexure-16 regarding permitted and nonpermitted allocation of collateral.
43 · 11. ……. 59
43 · 12. The allocation thus provided by the CM to CC and by TM to CM shall be considered as final by the CC and CM respectively for the purpose of granting exposure and utilization during default.
43 · 13. The TM/CM shall ensure that sufficient collateral is allocated to clients to cover their margin requirements. However, if the client margin applicable at the CC for a client in a segment exceeds the collateral allocated to the client plus the securities collateral re-pledged to CC (from that client's account) in the respective segment, then the proprietary collateral of the TM/CM shall be blocked (including repledged/pledged securities and allocated collateral). Such margin blocked from the proprietary collateral towards a client's margin shall be deemed to have been the collateral allocated to that client. This provision shall include deemed allocation of TM's proprietary collateral towards client margins and deemed allocation of CM's proprietary collateral towards TM/CP/client margins.
43 · 14. The members shall ensure that allocated collateral plus value of securities collateral re -pledged to the CC for a client is at all times greater than or equal to the minimum margin collection requirement for the respective client
59 · Deleted in view of Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2023/061 dated April 25, 2023
43 · 15. Information regarding the collateral allocated by the CM shall be made available on a daily basis on the web portal facility to clients to view disaggregated collateral reporting by TM/CM (refer Para 43.3). Further, CC shall also provide a facility to the TMs of the clients to view such collateral allocation to the clients by the CM.
43 · 16. CMs are required to maintain at least 50% of the total collateral in the form of cash or cash equivalents. At individual client level, a client may have allocation of cash equivalent, less than the value of non-cash collateral provided by the client. In other words, the minimum 50% cash equivalent collateral requirement may not be applied at the client level. For the purpose of monitoring of at least 50% cash-equivalent collateral at the level of CM, the excess cash -equivalent collateral of a client shall not be considered for other client or for proprietary account of TM/CM. However, the excess cashequivalent collateral of proprietary account of TM/CM can be considered for clients trading/clearing through them, for the purpose of monitoring minimum 50% cash -equivalent requirement.
43 · 17.An illustration of the above requirement is provided at Annexure-17.
43 · 18. The procedure for blocking of margins only specifies the order of blocking of collateral available with the CC. There shall be no change in the requirement of collection of upfront margins by the TM/CM. The TM/CM shall be required to ensure that sufficient collateral is allocated to clients to cover their margin requirements. (refer 43.12 and 43.13 above)
43 · 19. The terms "Client Collateral", "TM Collateral", "CP Collateral" and "CM Collateral" shall mean the total of the allocated collateral value plus the value of demat securities collateral provided through margin pledge/repledge by any individual client, TM, CP and CM respectively to the level of CC. The TM/CM collateral shall mean the proprietary collateral of the TM/CM only and shall not include the collateral of any of their clients.
43 · 20.On receipt of a trade from a client account by the CC, the margin shall first be blocked from the value of the client collateral. If the client collateral is not sufficient, the residual margin shall be blocked from the TM proprietary collateral of the TM of such client. If the TM proprietary collateral is also not sufficient, then the residual margin shall be blocked from the CM proprietary collateral of the CM of such TM.
43 · 21. In case of a trade from the proprietary account of a TM, the margin shall first be blocked from the TM proprietary collateral, and in case such collateral is not sufficient, then the residual margin shall be blocked from the CM proprietary collateral.
43 · 22. Margins based on trades from proprietary account of the CM shall be blocked from the proprietary collateral of the CM only.
43 · 23.An illustration of blocking of margins is provided at Annexure-18.
43 · 24. For monitoring of the risk reduction mode (90% utilization or such applicable limit), the following procedure shall be adopted:
43 · 25.An illustration for monitoring of risk reduction mode is provided at Annexure19.
43 · 26. In case of CP trades executed by TMs, the margin shall be blocked in the following order(i) CP collateral through the executing TM, if any, (ii) residual margin from the proprietary collateral of the executing TM, and (iii) residual margin from the proprietary collateral of the CM of the executing TM. Upon confirmation of such trades by CM of the CP, the margin so
43 · 27. CMs shall be permitted to change the allocation of collateral deposited with the CC, subject to the value allocated to any client not exceeding the value of actual collateral received from that client (excluding the securities collateral re -pledged to CC through margin pledge mechanism). However, such change of allocation shall be permitted subject to adequacy of available collateral with the CC after the change vis-à-vis the margin obligation. An illustration is provided at Annexure-20.
43 · 28. CC shall also provide notification of such change of allocation of collateral to the concerned client, in respect of whom the allocation has been changed, pursuant to the change of allocation.
43 · 29. There shall be no change in the client margin reporting process.
43 · 30. There shall be no change in the settlement process.
43 · 31.Subject to the CM not being in default and fulfilling all obligations on a going concern basis, the CM may place requests for withdrawal of collateral to the CC.
43 · 32.After validation of such requests, if the collateral is found to be releasable, the CC shall release the collateral to the CM. CM may return the collateral to TM/CP/Clients or utilize collateral of the entities who are in default.
43 · 33. CC shall also provide notification of such withdrawal of allocation of collateral to the concerned clients, in respect of whom the allocation has been withdrawn, pursuant to the withdrawal of allocation.
43 · 34. The default management process by the CCs in case of default by a CM shall take place in four stages:
43 · 35. CC shall utilize available financial resources to complete settlement in a timely manner and complete the pay-outs to the non-defaulting members.
43 · 36. CC shall put in place a mechanism/ process for TMs/clients/CPs of defaulting CM to establish that they are not in default to the defaulting CM and have deposited collateral to the extent of allocation (including deemed allocation). This process shall be completed within a pre-specified time period. On identification of such non-defaulting TMs/clients/CPs, CC shall provide them opportunity for either porting of their positions and collateral to another CM or immediate return of their collateral.
43 · 37.Portability of Positions and Collateral:
43 · 38. Immediate return of collateral:
43 · 39. In some circumstances, it may be desirable to liquidate the positions and even the collateral, since both are subject to risks. Under such circumstances, not closing out positions/collateral to allow for portability may lead to accumulation of losses. Considering the nature of positions, market conditions and such other risk assessment, the CC may at any stage decide to not provide the facility of portability. If the CC decides to not provide the opportunity for portability, the CC shall crystalize the profits/losses on close-out of positions and the value of collateral arrived at after liquidation of the same.
43 · 40. For the remaining entities after Stage 2, i.e., entities other than the ones who could avail the opportunity of either porting or immediate return of collateral in Stage 2, following process shall be followed:
43 · 41.An Illustration on the procedures to be followed in the Stage-2 and the Stage-3 are given at Annexure-21.
43 · 42. The procedure for verification and settlement of claims of constituents of defaulting CM shall be as follows:
43 · 43. Illustration on procedures to be followed in Stage-4 are provided at Annexure -22 .
43 · 44. The following procedure shall be adopted in case of default of TM to CM:
43 · 45.Any false allocation by members shall be treated as a violation and disciplinary action shall be taken against the members.
43 · 46. The aforementioned framework for segregation and monitoring of collateral at client level shall be applicable to all segments and product classes at Stock Exchanges/ Clearing Corporations.
44 · Maintenance of current accounts in multiple banks by Stock Brokers 60
44 · 1. The Stock Brokers should maintain current accounts in appropriate number of banks (subject to the maximum limit prescribed by Stock Exchanges/SEBI from time to time) for holding the client funds (i.e., Client Account), for settlement purposes (i.e., Settlement Account) and any other accounts mandated by Stock Exchanges such as Exchange Dues Account subject to the condition that brokers are using these accounts for their defined purposes.
45 · Block Mechanism in demat account of clients undertaking sale transactions61
45 · 1. When the client intends to make a sale transaction, shares will be blocked in the demat account of the client in favour of Clearing Corporation. If sale
60 · Reference: Circular SEBI/HO/MIRSD/DOP/P/CIR/2021/653 dated October 28,2021
61 · Reference: Circular SEBI/HO/MIRSD/DOP/P/CIR/2021/595 dated July 16,2021, Circular
45 · 2. Process for Block Mechanism:
45 · 2.1. The securities lying in client's demat account will be blocked either by client himself using depository's online system or eDIS mandate or through depository participant based on physical DIS given by client or Power of Attorney (POA) holder.
45 · 2.2. Depositories may keep block on the securities in client's demat account in respect of Intra or Inter depository transfer instruction till pay -in day. The blocked securities will be transferred only after checking against the client level net delivery obligation received from CCs.
45 · 2.3. Depositories will provide the details of transfer instructions viz., UCC, TM ID, Exchange ID etc. to CCs for clients to avail EPI benefit.
45 · 2.4. CC will match the client level net obligations with the Block details provided by depositories and CC will provide EPI benefit to client if the client level net obligation exists for that client.
45 · 2.5. In case of matched orders, block securities will be debited from Client's demat account and will be credited to linked TM Pool account upto pay-in day. TM shall further transfer such securities to CM Pool account.
45 · 2.6. TM shall not transfer the securities to any other pool account other than CM pool account mapped to the TM account. Pool to Pool transfers except TM pool to CM pool shall not be permitted.
45 · 2.7. Inter -settlement shall not be allowed from TM Pool account and CM pool account.
45 · 2.8. Securities lying in CM pool account will be delivered in settlement process on the Pay-in date. If TM Pool Account is also mapped as a CM Pool Account, then, securities lying in such TM/CM Pool Account can also be delivered in the settlement process.
45 · 2.9. After receiving client level net obligations on T day from CCs, depositories will match the Intra or Inter depository transfer instruction details with CC obligation details based on UCC, TM ID, CM ID, Exchange ID, etc.
45 · 2.10. ln case of unmatched orders, CCs shall upload cancellation of Block instruction on T day so that securities are unblocked and become free in client's demat account on T day itself.
45 · 2.11. Broker or client shall not be allowed to unblock securities if EPI benefit is provided by CC to client for the same.
45 · 2.12. When the client intends to block securities for a sale transaction, shares will remain blocked in favour of CC. If securities are blocked in favour of CC, then all Margin would deemed to have been collected and penalty for short/non collection of margin including other margins shall not arise.
45 · 2.13. Blocking shall be on 'time basis' and would mean if the order is not executed by the end of the T day, the block shall be released.
45 · 3. The facility of block mechanism shall be mandatory for all Early Pay-In transactions.
45 · 4. The block mechanism shall not be applicable to clients having arrangements with custodians registered with SEBI for clearing and settlement of trades.
46 · Handling of Client's Securities by Trading Members/ Clearing Members 62
46 · 1. In order to provide clarity with respect to a TM/CM maintaining a running account for client securities and pledging the client securities with Banks/NBFCs, after discussions with the Exchanges, Depositories and Clearing Corporations, the following advice is issued:
46 · 1.1. All the securities received in pay-out, shall be transferred to the demat account of the respective clients directly from the pool account of the TM/CM within one working day of the pay-out.
62 · Reference: Circular CIR/HO/MIRSD/DOP/CIR/P/2019/75 dated June 20, 2019 and Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2022/153 dated November 11, 2022.
46 · 1.2. With regard to the unpaid securities (i.e., the securities that have not been paid for in full by the clients), such securities shall be transferred to respective client's demat account followed by creation of an auto -pledge (i.e., without any specific instruction from the client) with the reason "unpaid", in favor of a separate account titled – "client unpaid securities pledgee account", which shall be opened by TM/CM.
46 · 1.3. After the creation of pledge, a communication (email / SMS) shall be sent by TM/CM informing the client about their funds obligation and also about the right of TM/CM to sell such securities in event of failure by client to fulfill their obligation.
46 · 1.4. If the client fulfills its funds obligation within five trading days after the pay -out, TM/CM shall release the pledge so that the securities are available to the client as free balance.
46 · 1.5. If the client does not fulfill its funds obligation, TM / CM shall dispose off such unpaid securities in the market within five trading days after the pay-out. TM/CM, before disposing the securities, shall give an intimation (email / SMS) to the client, one trading day before such sale.
46 · 1.6. The unpaid securities shall be sold in the market with UCC of the respective client. Profit/loss on the sale transaction of the unpaid securities, if any, shall be transferred to/adjusted from the respective client account.
46 · 1.7. TM / CM shall invoke the pledge only against the delivery obligation of the client. On invocation, the securities shall be blocked for early pay -in in the client's demat account with a trail being maintained in the TM/CM's client unpaid securities pledgee account.
46 · 1.8. Once such securities are blocked for early pay-in in client's demat account, the depositories shall verify the block details against the client level obligation.
46 · 1.9. In case, such pledge is neither invoked nor released within seven trading days after the pay-out, the pledge on securities shall be auto released and the securities shall be available to the client as free balance without encumbrance.
46 · 1.10. Such unpaid securities pledged in client's account shall not be considered for the margin obligations of the client.
46 · 2. Monitoring with respect to handling of clients securities:
46 · 2.1. Handling of unpaid clients' securities by the TM/CM – Mechanism of matching of transfer of securities with the securities obligation as obtained from the clearing corporation with respect to the following:
46 · 2.2. Securities lying with TM/CM in client unpaid securities account shall not be permitted to be pledged/transferred to Banks/NBFCs for raising funds by TM/CM.
47 · Validation of Instructions for Pay-In of Securities from Client demat account to Trading Member (TM) Pool Account against obligations received from the Clearing Corporations 63
47 · 1. Depositories, prior to executing actual transfer of the securities for Pay-In from client demat account to TM Pool account, shall validate the transfer instruction received through any of the available channels for the purpose of Pay-in, i.e. either initiated by clients themselves or by the Power of Attorney (POA) / Demat Debit and Pledge Instruction (DDPI) holder against the clientwise net delivery obligation received from CCs.
47 · 2. For Early Pay-In transactions, the existing facility of Block mechanism shall continue.
47 · 3. In order to validate the Pay-In Instructions, the following process shall be put in place by the Depositories:
47 · 3.1. Depositories receive the debit instruction for the purpose of Pay-In, given either by client himself using depository's online system or eDIS mandate or through depository participant based on physical DIS / digitally signed DIS given by client or POA / DDPI holder.
63 · Reference: Circular SEBI/HO/MIRSD/DoP/P/CIR/2022/119 dated September 19, 2022
47 · 3.2. CCs shall provide client-wise net delivery obligations on T day to the depositories.
47 · 3.3. Based on the obligation data provided by CCs, Depositories shall validate the depository transfer instruction details with CC obligation details based on UCC, TM ID, CM ID, Exchange ID, ISIN, quantity, settlement details etc.
47 · 3.4. In case of matching of all details like UCC, TM ID, CM ID, ISIN, quantity, settlement details etc. of the transfer instruction with the obligation data, the instruction shall be carried out by the Depositories and such securities will be debited from client's demat account and credited to linked TM Pool account on or before the settlement day.
47 · 3.5. In case of discrepancies in details like UCC, TM ID, CM ID, ISIN etc., between instruction and obligation, such transfer instructions will be rejected by the depositories.
47 · 3.6. In case of discrepancies in quantity of securities between instruction and obligation, the following shall be noted:
47 · 3.6.1. If the quantity in instruction is less than the obligation provided by CC, then the instruction will be carried out by the depositories.
47 · 3.6.2. If the quantity in instruction is more than the obligation provided by CC, then the instruction will be partially processed by the depositories (i.e., upto the matching obligation quantity).
47 · 3.7. This process shall not be applicable to clients having arrangements with custodians registered with SEBI for clearing and settlement of trades.
48 · Settlement of Running Account of Client's Funds lying with Trading Member (TM) 64
48 · 1. Regarding Settlement of running account, following shall be complied with:
64 · Reference: Circular SEBI/HO/MIRSD/DOP/P/CIR/2021/577 dated June 16,2021, Circular SEBI/HO/MIRSD/DOP/P/CIR/2022/101 dated July 27, 2022 and Circular SEBI/HO/MIRSD/MIRSD -PoD1/P/CIR/2023/197 dated December 28, 2023 SEBI/HO/MIRSD/MIRSD -PoD1/P/CIR/2025/1 dated January 06, 2025
48 · 1.1. The TM, after considering the End of the Day (EOD) obligation of funds across all the Exchanges, shall settle the running accounts at the choice of the clients on quarterly and monthly basis, on the dates stipulated by the Stock Exchanges.
48 · 1.2. Stock exchanges shall, jointly, issue the annual calendar for the settlement of running account (quarterly and monthly) at the beginning of the financial year.
48 · 1.3. TM shall ensure that funds, if any, received from clients, whose running account has been settled, remain in the "Up Streaming Client Nodal Bank Account" and no such funds shall be used for settlement of running account of other clients. Stock Exchanges shall evolve a monitoring mechanism for this purpose.
48 · 2. In case of client having any outstanding trade position on the day on which settlement of running account of funds is scheduled, a TM may retain funds calculated in the manner specified below:
48 · 2.1. Entire pay-in obligation of funds outstanding at the end of the day on settlement of running account, of T day & T-1 day.
48 · 2.2. Margin liability as on the date of settlement of running account, in all segments and additional margins (maximum upto 125% of total margin liability on the day of settlement). The margin liability shall include the end of the day margin requirement excluding the MTM and pay -in obligation, therefore, TM may retain 225% of the total margin liability in all the segments across exchanges. Computation for arriving at retention of excess client funds based on above points would be as under:
48 · 3. Client's running account shall be considered settled only by making actual payment into client's bank account and not by making any journal entries. Journal entries in client account shall be permitted only for levy / reversal of charges in client's account.
48 · 4. For the clients having credit balance, who have not done any transaction in the 30 calendar days since the last transaction and any amount of such client's funds is lying with member for more than such 30 calendar days, the entire credit balance of client shall be returned to the client by TM, on the upcoming settlement dates of monthly running account settlement cycle (irrespective of settlement cycle preferred by the client) as stipulated by stock exchanges.
48 · 5. In cases where physical payment instrument (cheque or demand draft) is issued by the TM towards the settlement of running account due to failure of electronic payment instructions, the date of realization of physical instrument into client's bank account shall be considered as settlement date and not the date of issue of physical instrument.
48 · 6. Retention of any amount towards administrative / operational difficulties in settling the accounts of regular trading clients (active clients), shall be discontinued.
48 · 7. The Authorized person is not permitted to accept client's funds and securities. The TM should keep a proper check. Proprietary trading by Authorized person should be permitted only on his own funds and securities and not using any of the client's fund.
48 · 8. Once the TM settles the running account of funds of a client, an intimation shall be sent to the client by SMS on mobile number and also by email. The intimation should also include details about the transfer of funds (in case of electronic transfer – transaction number and date; in case of physical payment instruments – instrument number and date). TM shall send the retention statement along with the statement of running accounts to the clients as per the existing provisions within 5 working days.
48 · 9. Client shall bring any dispute on the statement of running account, to the notice of TM within 30 working days from the date of the statement.
48 · 10.Stock Exchanges shall develop online system for effective monitoring of timely settlement of running account for funds of client and to verify that excess clients' funds are not retained by the TM as on the date of settlement of running account. The intent of the online system shall be to discourage TM from retaining excess funds of clients after settlement of running account, by considering all the client obligations across exchanges. The responsibility of monitoring settlement of running account compliance of TM may be shared among Stock Exchanges.
49 · Risk disclosure with respect to trading by individual traders in Equity Futures & Options Segment 65
49 · 1. With a view to facilitating informed decision making by the investors trading in derivatives segment, it has been decided to introduce 'Risk disclosures' with respect to trading in equity Futures & Options (F&O) segment.
49 · 2. Accordingly, all stock brokers shall display the 'Risk disclosures' given at Annexure -23 on their websites and to all their clients in the manner as specified below:
49 · 2.1. Upon login into their trading accounts with brokers, the clients may be prompted to read the 'Risk disclosures' (which may appear as a pop -up window upon login) and shall be allowed to proceed ahead only after acknowledging the same.
49 · 2.2. The 'Risk disclosures' shall be displayed prominently, covering at least 50 percent area of the screen.
49 · 3. All Qualified Stock Brokers (QSBs) shall maintain the Profit and Loss (P&L) data of their clients on continuous basis as per the format given at Annexure24. The P&L data of the clients shall be retained for at least 5 years.
50 · Ease of Doing Investments by InvestorsFacility of voluntary freezing/ blocking of Trading Accounts by Clients 66
50 · 1. To enhance ease of doing business and ease of investment, it has been decided that the framework for Trading Members to provide the facility of voluntary freezing/blocking the online access of the trading account to their clients on account of suspicious activities shall be laid down on or before April 01, 2024, by the ISF, under the aegis of stock exchanges, in consultation with SEBI and the same shall, inter-alia, contain necessary guidelines with respect to the following:
65 · Reference: Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2023/73 dated May 19, 2023
66 · Reference: Circular SEBI/HO/MIRSD/POD -1/P/CIR/2024/4 dated January 12, 2024
50 · 1.1. Detailed policy for voluntary freezing/ blocking the online access of the trading account of the client including the following:
50 · 1.2. Action to be taken by the Trading Member pursuant to the receipt of request for freezing/blocking of the trading account;
50 · 1.3. Process for re -enabling the client for trading/transfers;
50 · 1.4. Intimation to be provided by the trading member to the clients w.r.t. introduction of the facility to block the trading accounts.
50 · 2. Further, the Stock Exchanges shall ensure that the guidelines so issued under the aforesaid framework are implemented by Trading Members with effect from July 01, 2024. Stock Exchanges shall also put in place an appropriate reporting requirement by Trading Members to enforce the above system. A compliance report to this effect shall be submitted to SEBI by Stock Exchanges latest by August 31, 2024.
51 · Enhancement of operational efficiency and Risk Reduction-Pay-out of securities directly to client demat account 67
51 · 1. To protect the clients' securities from misuse, it has been decided to make the process of securities pay-out directly to client demat account mandatory, as detailed below:
51 · 1.1. The securities for pay-out shall be credited directly to the respective client's demat account by the CCs.
51 · 1.2. CCs shall provide a mechanism for Trading Member(TM)/Clearing Members (CM) to identify the unpaid securities and funded stocks under the margin trading facility.
51 · 1.3. With regard to unpaid securities, the processes as specified at para 46 above shall be applicable.
51 · 2. The processes specified at para 51.1 above, shall not be applicable to clients having arrangements with custodians registered with SEBI for clearing and settlement of trades.
51 · 3. Handling of shortages arising due to inter se netting of positions between clients: In case of any shortages arising due to inter se netting of positions between clients i.e., internal shortages, the following measures shall be
67 · Reference Circular SEBI/HO/MIRSD/MIRSD -PoD1/P/CIR/2024/75 dated June 05, 2024
51 · 3.1. TM/CM shall handle such shortages through the process of auction as specified by CCs.
51 · 3.2. In such cases, the brokers shall not levy any charges on the client over and above the charges levied by the CCs.
52 · Electronic Contract Note68
52 · 1. Brokers are allowed to issue contract notes authenticated by means of digital signatures provided that the broker has obtained digital signature certificate from Certifying Authority under the Information and Technology Act, 2000 (hereinafter referred to as "IT Act 2000").
52 · 2. Contract notes can be issued by the brokers in electronic form authenticated by means of digital signatures.
52 · 3. All the members of stock exchanges who are desirous of issuing Electronic Contract Notes (ECNs) to their clients shall comply with the following conditions:
52 · 3.1. Authorization for Electronic Contract Notes -The stock broker may issue electronic contract notes (ECN) if specifically authorized by the client subject to the following conditions:
52 · 3.2. Issuing ECNs when specifically, consented
68 · Reference: Circular SMDRP/POLICY/CIR -56/00 dated December 15, 2000,
52 · 3.3. Where to send ECNs
52 · 3.4. Requirement of digital signature
52 · 3.5. Requirements for acknowledgement, proof of delivery, log report etc.
52 · 3.6. When to issue or send in Physical mode
52 · 3.7. General requirements
53 · Conditions to be met by Broker for providing Internet Based Trading Service69
53 · 1. Internet Based trading can take place through order routing systems, which will route client orders, to exchange trading systems, for execution of trades on the existing stock exchanges. SEBI Registered Brokers can introduce the service after obtaining permission from respective Stock Exchanges. Exchanges while giving permission will be required to ensure minimum conditions specified in the report which is available on the SEBI's web site. The salient conditions to be met are:
53 · 2. Application for permission by Brokers
53 · 2.1. SEBI registered Stock Brokers interested in providing Internet based trading services will be required to apply to the respective stock exchange for a formal permission. The stock exchange should grant approval or reject the application as the case may be, and communicate its decision to the member within thirty calendar days of the date of completed application submitted to the exchange.
69 · Reference: Circular SMDRP/POLICY/CIR -06/2000 dated January 31, 2000 and Circular FITTC/DC/CIR1/98 dated June 16, 1998
53 · 2.2. The stock exchange, before giving permission to brokers to start Internet based services shall ensure the fulfilment of the following minimum conditions:
64 · bit/128 bit encryption **
54 · Securities Trading through Wireless medium on Wireless Application Protocol (WAP) platform 70
54 · 1. A broker providing stock trading through WAP must be a SEBI registered broker who also has an Internet website which complies with all the requirements laid in para 52 above. With regard to the requirements mentioned above, some additional requirements are to be met by the broker for providing securities transaction through WAP. These requirements are provided in the following criteria:
54 · 2. Network Security
54 · 2.1. The break in data encryption at the WAP gateway server raises security issues. Until the shortcoming is addressed by WAP, the WAP server should be hosted by the broker itself and not by a third party.
54 · 2.2. Suitable firewalls should be installed between trading set-up directly connected to an Exchange trading system and the WAP server.
54 · 2.3. WTLS (Wireless Transport Layer Security) level security or a higher level of security (as and when available) for wireless communication is mandatory for wireless transactions.
54 · 2.4. The WTLS encrypts data upto the WAP Gateway server. Transmission from the WAP Gateway server to the Internet server should be secured using Secured Socket Level Security, preferably with 128 bit encryption, for server access through Internet. Alternately, the WAP Gateway server and Internet server may be cohosted. The server resource should not be shared for any other applications.
54 · 2.5. The following security measures applicable for fixed Internet based systems should be made mandatory:
70 · Reference: Circular SMDRP/POLICY/CIR -48/2000 dated October 11, 2000
54 · 2.6. Digitally signed transactions ensure client authentication and support nonrepudiation. Digital certification should be mandatory for participants as and when certification agencies are notified by Government / SEBI.
54 · 2.7. In case of failure of the network, alternative means of communication such as telephone, Internet or e-mail should be available.
54 · 3. Price Quotes/ Order/ Trade Confirmations
54 · 3.1. Stock quotes should be time-stamped.
54 · 3.2. All orders and trades must be identified by a unique ID. Order confirmation must be provided to the user on submitting the order. Order modification/ cancellation facilities must also be provided. This may be provided using alternate protocols in case the same is not supported by WAP.
54 · 3.3. Trade confirmation should be provided to the user through e-mail and/or on the mobile phone.
54 · 4. System operations
54 · 4.1. Brokers should follow the similar logic/priorities used by the Exchange to treat client orders.
54 · 4.2. Orders/ trades placed through either fixed Internet or WAP system should be accessible from both systems.
54 · 4.3. Brokers should maintain all activities/ alerts log with audit trail facility.
54 · 4.4. Broker Web Server should have internally generated unique numbering for all client order/trades.
54 · 5. Risk Management
54 · 5.1. It is emphasised that risk management should be comprehensive and the risk management systems should take into account the overall positions of clients, irrespective of the medium of trading.
55 · Securities Trading using Wireless Technology 71
55 · 1. SEBI registered brokers who provide Internet Based Trading shall be eligible to provide securities trading using wireless technology. All relevant requirements applicable to internet based trading shall also be applicable to securities trading using wireless technology.
55 · 2. Securities Trading using Wireless technology shall include devices such as mobile phone, laptop with data card, etc, that use Internet Protocol (IP).
55 · 3. In addition, the stock exchange shall ensure that the broker complies with the following:
55 · 3.1. There shall be secure access, encryption and security of communication for internet based trading and securities trading using wireless technology. DOT policy and regulation shall govern the level of encryption.
55 · 3.2. Adequate measures should be taken for user identification, authentication and access control using means such as user-id, passwords, smart cards, biometric devices or other reliable means, to prevent misuse of facility by unauthorized persons.
55 · 3.3. Unique identification number as given in case of internet based trading shall be made applicable for securities trading using wireless technology.
55 · 3.4. In case of failure of the wireless network, alternative means of communication for placing orders should be available.
55 · 3.5. Additional provisions specifying possible risks, responsibilities and liabilities associated with securities trading using wireless technology should be incorporated in the Broker-Client agreement as an addendum or by bringing to the notice of clients, who are desirous of availing such facility, and taking their concurrence on the same.
55 · 3.6. As it may not be possible to give detailed information to the investor on a hand held device e.g. mobile phones, it may be ensured that minimum information may be given with addresses of the Internet web site/web page where detailed information would be available.
55 · 3.7. Order confirmation should be provided to the user on submitting the order. Order modification / cancellation facilities should also be
71 · Reference: Circular CIR/MRD/DP/ 25/2010 dated August 27, 2010
55 · 3.8. Session login details should not be stored on the devices used for internet based trading and securities trading using wireless technology.
55 · 3.9. Network security protocols and interface standards should be as per prevalent industry standards and sound audit trails should be available for all transactions conducted using wireless devices.
55 · 3.10. The broker's server routing orders to the exchange trading system shall be located in India.
55 · 3.11. Stock exchanges shall arrange for periodic systems audits of broker systems to ensure that requirements specified in the circulars are being met.
55 · 3.12. Stock exchange shall also include securities trading using wireless technology in their ongoing investor awareness and educational programme.
55 · 4. Stock exchanges may take such other measures and implement such other safeguards as they deem fit to ensure security and integrity of transactions conducted using wireless technology.
56 · Additional Requirements for Internet Based Trading (IBT) and Securities trading using Wireless Technology (STWT) 72
56 · 1. The stock exchange shall ensure that the broker comply with the following
56 · 1.1. The broker shall capture the IP (Internet Protocol) address (from where the orders are originating), for all IBT/ STWT orders.
56 · 1.2. The brokers system should have built-in high system availability to address any single point failure.
56 · 1.3. There should be secure end -to -end encryption for all data transmission between the client and the broker through a Secure Standardized Protocol. A procedure of mutual authentication between the client and the broker server should be implemented.
56 · 1.4. The broker system should have adequate safety features to ensure it is not susceptible to internal/ external attacks
72 · Reference: Circular CIR/MRD/DP/08/2011 dated June 30, 2011
56 · 1.5. In case of failure of IBT/ STWT, the alternate channel of communication shall have adequate capabilities for client identification and authentication.
56 · 1.6. Two -factor authentication for login session may be implemented for all orders emanating using Internet Protocol. Public Key Infrastructure (PKI) based implementation using digital signatures, supported by one of the agencies certified by the government of India, is advisable. Further the two factors in the Two-factor authentication framework should not be same.
56 · 1.7. In case of no activity by the client, the system should provide for automatic trading session logout.
56 · 1.8. Further to the above, the following practice is advisable –
56 · 1.9. The back -up and restore systems implemented by the broker should be adequate to deliver sustained performance and high availability. The broker system should have on-site as well as remote site back -up capabilities .
57 · Direct Market Access facility 73
57 · 1. Direct Market Access (DMA) is a facility which allows brokers to offer clients direct access to the exchange trading system through the broker's infrastructure without manual intervention by the broker. Some of the advantages offered by DMA are direct control of clients over orders, faster execution of client orders, reduced risk of errors associated with manual order entry, greater transparency, increased liquidity, lower impact costs for large orders, better audit trails and better use of hedging and arbitrage opportunities through the use of decision support tools / algorithms for trading.
57 · 2. While ensuring conformity with the provisions of the SCRA 1956, Stock Exchanges may facilitate Direct Market Access for investors subject to the following conditions:
57 · 3. Application for Direct Market Access (DMA) facility
57 · 3.1. Brokers interested to offer DMA facility shall apply to the respective stock exchanges giving details of the software and systems
73 · Reference: Circular MRD/DoP/SE/CIR -7/2008 dated April 03, 2008, Circular MRD/DoP/SE/CIR -03/2009 dated February 20, 2009 and Circular CIR/MRD/DP/20/2012 dated August 02, 2012.
57 · 3.2. The stock exchange should grant approval or reject the application as the case may be and communicate its decision to the member within thirty calendar days of the date of completed application submitted to the exchange.
57 · 3.3. The stock exchange, before giving permission to brokers to offer DMA facility shall ensure the fulfillment of the conditions specified below.
57 · 4. Operational specifications
57 · 4.1. All DMA orders shall be routed to the exchange trading system through the broker's trading system. The broker's server routing DMA orders to the exchange trading system shall be located in India.
57 · 4.2. The broker should ensure sound audit trail for all DMA orders and trades and be able to provide identification of actual user-id for all such orders and trades. The audit trail data should available for at least five years.
57 · 4.3. Exchanges should be able to identify and distinguish DMA orders and trades from other orders and trades. Exchanges shall maintain statistical data on DMA trades and provide information on the same to SEBI on a need basis.
57 · 4.4. The DMA system shall have sufficient security features including password protection for the user ID, automatic expiry of passwords at the end of a reasonable duration, and reinitialisation of access on entering fresh passwords .
57 · 4.5. In case where the clients access the DMA server of the broker through a third party service provider, the password maintenance and authentication can be done either by the broker of by third party network service provider, so long as the exchange/broker ensures secured access and communication and a sound audit trail for all DMA orders/ trades. The authorized user and client details should be part of the order details received and authenticated at the DMA server of the broker.74
57 · 4.6. Brokers should follow the similar logic/priorities used by the Exchange to treat DMA client orders. Brokers should maintain all
74 · Letter no MRD/DoP/NSE/129791/2008 dated June 24, 2008
57 · 4.7. A systems audit of the DMA systems and software shall be periodically carried out by the broker as may be specified by the exchange and certificate in this regard shall be submitted to the exchange.
57 · 4.8. The exchanges and brokers should provide for adequate systems and procedures to handle the DMA trades.
57 · 5. Risk Management
57 · 5.1. The broker shall ensure that trading limits/ exposure limits/ position limits are set for all DMA clients based on risk assessment, credit quality and available margins of the client. The broker system shall have appropriate authority levels to ensure that the limits can be set up only by persons authorized by the risk / compliance manager.
57 · 5.2. The broker shall ensure that all DMA orders are routed through electronic/automated risk management systems of the broker to carry out appropriate validations of all risk parameters including Quantity Limits, Price Range Checks, Order Value, and Credit Checks before the orders are released to the Exchange.
57 · 5.3. All DMA orders shall be subjected to the following limits:
57 · 5.4. The broker may provide for additional risk management parameters as they may consider appropriate.
57 · 6. Broker to be liable for DMA trades
57 · 7. Cross Trades
57 · 8. Other legal provisions
57 · 9. The facility of DMA provided by the stock broker shall be used by the client or an investment manager of the client. A SEBI registered entity shall be permitted to act as an investment manager on behalf of institutional clients. In case the facility of DMA is used by the client through an investment manager, the investment manager may execute the necessary documents on behalf of the client(s).
57 · 10. The facility of DMA provided by the stock broker shall be used by the client or an investment manager of the client. A SEBI registered entity shall be permitted to act as an investment manager on behalf of institutional clients. In case the facility of DMA is used by the client through an investment manager, the investment manager may execute the necessary documents on behalf of the client(s).
57 · 11. The exchange/ broker shall ensure that proper audit trails are available to establish identity of the ultimate client. The exchange may put in place such other safeguards as it deems fit to mitigate any concerns it may have.
57 · 12. The terms and Conditions for the purpose of DMA is specified in paras 57.13 to 57.49 below. The "Terms and Conditions" shall be provided to the client or investment manager acting on behalf of a client (s) for availing the DMA facility. In case the DMA facility provided by the stock broker is used by the client the paras 57.13 to 57.30 shall be applicable. In case the DMA facility provided by the stock broker is used by the client through an investment manager the paras 57.31 to 57.48 shall be applicable and additionally, the investment manager shall provide to the stock broker the details as specified at para 57.49 (Table 13).
57 · 13. The client is expected to be fully aware of the risks associated with the market and the financial instruments being traded on stock exchanges through DMA. The client shall be responsible for complying with laws, rules, regulations, notifications etc issued by regulatory authorities as may be applicable from time to time.
57 · 14. The client shall ensure that DMA facility provided by the Broker is used only to execute the trades of the client and shall not be used for transactions on behalf of any other person / entity.
57 · 15. The client shall be responsible for ensuring that, only persons authorized by it shall access and use the DMA facility provided by the Broker. All orders originating from such facility / system shall be deemed to be authorized by the client.
57 · 16.Where the client accesses or proposes to access the Broker's DMA platform through external applications, including but not restricted to services of third party service provider(s), own application(s), etc., the client shall ensure that such applications have adequate security features including but not limited to access controls, password protection etc; and that appropriate agreement(s) with such third party service provider(s) etc. for ensuring secured access and communication has been executed and are in place.
57 · 17. The client shall ensure that no person authorized by them to place orders through DMA facility provided by the broker has been / is involved in any adverse action by any regulatory authorities in any jurisdiction.
57 · 18. The client shall provide the names of authorized individual users to the broker prior to placing DMA orders.
57 · 19. The client shall not use or allow the use of DMA facility to engage in any form of market misconduct including insider trading and market manipulation or conduct that is otherwise in breach of applicable laws, rules and regulation.
57 · 20. The client is aware that Algorithmic trading i.e. generation of orders using automated execution logic is governed by Algorithmic trading guidelines issued by SEBI and Exchanges and requires prior approval of the exchanges. The client shall ensure that new algorithms and changes to existing approved algorithms are not used through the DMA facility without prior approval of concerned stock exchanges. The client shall ensure that it has necessary checks and balances, in place to identify and control
57 · 21. The client is aware that authentication technologies and strict security measures are required for routing orders through DMA facility and undertakes to ensure that the password of the client and/or his representative are not revealed to any third party.
57 · 22. The client acknowledges that all DMA orders placed by them through the DMA facility would be validated by the risk management system of the broker. The Broker has the right to accept or reject any DMA order placed by the client at its sole discretion.
57 · 23. The client shall be solely responsible for all acts or omissions of any person using a DMA facility and shall be bound to accept and settle all transactions executed through the DMA facility provided by the Broker notwithstanding that such order(s) may have been submitted erroneously or by an unauthorized user, or that its data is inaccurate or incomplete when submitted, or the client subsequently determines for whatever reason that the order should not have been submitted.
57 · 24. The client shall notify the Broker in the event of DMA facility being compromised. Upon receipt of this notice, client's DMA facility shall be promptly disabled but the client shall continue to be responsible for any misuse of the DMA facility or any orders placed through the DMA facility as a result of the compromise of the DMA facility at their end. The Broker shall not be liable for any loss, liability or cost whatsoever arising as a result of any unauthorized use of DMA facility at the client's end.
57 · 25. In the event of winding-up or insolvency of the client or his otherwise becoming incapable of settling their DMA obligation, broker may close out the transaction of the client as permissible under bye-laws, rules, regulations of the exchanges. The client shall continue to be liable for any losses, costs, damages arising thereof.
57 · 26. The client is fully aware of the risks of transmitting DMA orders to the Broker's DMA facility through vendor systems or service providers and the Broker is not responsible for such risks.
57 · 27. The client should be aware of the fact that neither the DMA facility will be uninterrupted nor error free nor the results that may be obtained from the use of the service or as to the timeliness, sequence, accuracy, completeness, reliability or content of any information, service or transaction provided through DMA. The DMA service is provided on an "as is", "as available" basis without warranties of any kind, either express or
57 · 28. The Broker shall have the right to withdraw the DMA facility in case of:-
57 · 28.1. Breach of the limits imposed by the broker or any regulatory authority.
57 · 28.2. On account of any misuse of the DMA facility by the client or on instructions from SEBI/Exchanges.
57 · 28.3. Any other reason, at the discretion of the broker.
57 · 29. The Broker shall not be liable or responsible for non-execution of the DMA orders of the client due to any link/system failure at the client/ Broker/ exchange(s) end.
57 · 30. This document shall not be altered, amended and /or modified by the parties in a manner that shall be in contravention of any other provisions of this document. Any additional terms and conditions should not be in contravention with rules / regulations /bye-laws/circulars, of the relevant authorities including applicable stock exchanges as amended from time to time.
57 · 31. The client shall be solely responsible for all acts or omissions of any person using a DMA facility and shall be bound to accept and settle all transactions executed through the DMA facility provided by the Broker to the investment manager acting on behalf of the client, notwithstanding that such order(s) may have been submitted erroneously or by an unauthorized user, or that its data is inaccurate or incomplete when submitted, or the client subsequently determines for whatever reason that the order should not have been submitted.
57 · 32. The investment manager is expected to be fully aware of the risks associated with the market and the financial instruments being traded on stock exchanges through DMA. The investment manager shall be responsible for complying with laws, rules, regulations, notifications etc. issued by regulatory authorities as may be applicable from time to time.
57 · 33.Where the DMA facility provided by the Broker is used to execute trade on behalf of one or more clients, by the investment manager, then it is represented and warranted that, at each time an order is placed by such investment manager through the DMA facility of the Broker –
57 · 33.1. The investment manager has due authority to deal on behalf of the client(s) through the Broker, specifying the roles and responsibilities of the investment manager in execution of transactions on behalf of the client(s).
57 · 33.2. The investment manager shall comply with any applicable laws, rules and regulations affecting or relating to trading operations.
57 · 33.3. The investment manager and the client(s) are bound by the terms and conditions hereof;
57 · 33.4. The investment manager using the DMA facility for routing client(s) orders shall not cross trades of their client(s) with each other. Accordingly, all orders should be offered in the market.
57 · 33.5. The stock exchange or SEBI may at any time call for any information from a client(s) or an investment manager acting on behalf of the client(s) with respect to any matter relating to the activity of the investment manager. The investment manager shall also furnish any information specifying the roles and responsibilities of the investment manager in execution of transactions on behalf of the client(s), as and when required by the exchanges or SEBI.
57 · 34. The investment manager shall be responsible for ensuring that, only persons authorized by it shall access and use the DMA facility provided by the Broker. All orders originating from such facility / system shall be deemed to be authorized by the client.
57 · 35.Where the investment manager accesses or proposes to access the Broker's DMA platform through external applications, including but not restricted to services of third party service provider(s), own application(s), etc., the investment manager shall ensure that such applications have adequate security features including but not limited to access controls, password protection etc; and that appropriate agreement(s) with such third party service provider(s) etc. for ensuring secured access and communication has been executed and are in place.
57 · 36. The investment manager shall ensure that no person authorized by them to place orders through DMA facility provided by the broker has been / is
57 · 37. The investment manager shall provide the names of authorized individual users to the broker prior to placing DMA orders.
57 · 38. The investment manager shall not use or allow the use of DMA facility to engage in any form of market misconduct including insider trading and market manipulation or conduct that is otherwise in breach of applicable laws, rules and regulation.
57 · 39. The investment manager is aware that Algorithmic trading i.e. generation of orders using automated execution logic is governed by Algorithmic trading guidelines issued by SEBI and Exchanges and requires prior approval of the exchanges. The investment manager shall ensure that new algorithms and changes to existing approved algorithms are not used through the DMA facility without prior approval of concerned stock exchanges. The investment manager shall ensure that it has necessary checks and balances, in place to identify and control dysfunctional algorithms and the Broker shall have the right to shut down the DMA facility and remove any outstanding client orders in case of any suspected dysfunctional algo.
57 · 40. The investment manager is aware that authentication technologies and strict security measures are required for routing orders through DMA facility and undertakes to ensure that the password of the investment manager and/or his representative are not revealed to any third party.
57 · 41. The investment manager acknowledges that all DMA orders placed by them through the DMA facility would be validated by the risk management system of the broker. The Broker has the right to accept or reject any DMA order placed by the investment manager at its sole discretion.
57 · 42. The investment manager shall notify the Broker in the event of DMA facility being compromised. Upon receipt of this notice, client's DMA facility shall be promptly disabled but the client shall continue to be responsible for any misuse of the DMA facility or any orders placed through the DMA facility as a result of the compromise of the DMA facility at their end. The Broker shall not be liable for any loss, liability or cost whatsoever arising as a result of any unauthorized use of DMA facility at the client's end.
57 · 43. In the event of winding-up or insolvency of the client or his otherwise becoming incapable of honoring their DMA obligation, broker may close out the transaction of the client as permissible under bye-laws, rules, regulations of the exchanges. The client shall continue to be liable for any losses, costs, damages arising thereof.
57 · 44. The investment manager is fully aware of the risks of transmitting DMA orders to the Broker's DMA facility through vendor systems or service providers and the Broker is not responsible for such risks.
57 · 45. The investment manager should be aware of the fact that neither the DMA facility will be uninterrupted nor error free nor the results that may be obtained from the use of the service or as to the timeliness, sequence, accuracy, completeness, reliability or content of any information, service or transaction provided through DMA. The DMA service is provided on an "as is", "as available" basis without warranties of any kind, either express or implied, including, but not limited to, those of information access, order execution, merchantability and fitness for a particular purpose. The Broker shall not be liable for any loss, damage or injury including but not limited to direct lost profits or trading losses or any consequential, special, incidental, indirect, or similar damages from the use or inability to use the service or any part thereof.
57 · 46. The Broker shall have the right to withdraw the DMA facility in case of:-
57 · 46.1. Breach of the limits imposed by the broker or any regulatory authority.
57 · 46.2. On account of any misuse of the DMA facility by the client/ investment manager or on instructions from SEBI/Exchanges.
57 · 46.3. Any other reason, at the discretion of the broker.
57 · 47. The Broker shall not be liable or responsible for non-execution of the DMA orders of the client due to any link/system failure at the client/ Broker/ exchange(s) end.
57 · 48. This document shall not be altered, amended and /or modified by the parties in a manner that shall be in contravention of any other provisions of this document. Any additional terms and conditions should not be in contravention with rules / regulations /bye-laws/circulars, of the relevant authorities including applicable stock exchanges as amended from time to time.
57 · 49. DETAILS TO BE PROVIDED TO THE STOCK BROKER
58 · Smart Order Routing 75
58 · 1. Smart Order Routing allows the brokers trading engines to systematically choose the execution destination based on factors viz. price, costs, speed, likelihood of execution and settlement, size, nature or any other consideration relevant to the execution of the order.
58 · 2. Stock Exchanges are advised to ensure the following conditions with regard to the Smart Order Routing facility:
58 · 2.1. Stock broker interested to offer Smart Order Routing facility shall apply to the respective stock exchanges.
58 · 2.2. Stock broker shall submit a third party system audit of its Smart Order Routing system and software. Stock exchanges shall disseminate to its stock brokers a list of approved system auditors (CISA or equivalent) qualified to undertake such system audits.
58 · 2.3. Stock broker shall provide the following to the respective stock exchanges:
75 · Reference: Circular CIR/MRD/DP/26/2010 dated August 27, 2010 and Circular CIR/MRD/DP/36/2010 dated December 09, 2010
58 · 2.4. Stock exchange shall communicate its decision to the broker within thirty calendar days from the date of receipt of complete application by the stock exchange. Stock exchange shall not consider testing and demonstration of the SOR system/software as a criterion for declaring the application of the broker as 'complete'. Further, testing and demonstration of SOR system/software, if required, shall be suitably scheduled within the aforesaid period of thirty calendar days.
58 · 2.5. In case of rejection of the application on smart order routing of a stock broker, the stock exchange shall communicate such reasons of rejections to the stock broker. Further, the decision of the stock exchange on the SOR application of the stock broker and reasons for rejection of the SOR application shall also be communicated to all the other stock exchanges where the broker's SOR facility intends to route orders.
58 · 2.6. Stock exchange shall ensure that brokers adhere to the best execution policy while using Smart Order Routing.
58 · 2.7. Smart Order Routing facility shall be provided to all class of investors.
58 · 2.8. Stock Broker shall communicate to all clients the features, possible risks, rights, responsibilities and liabilities associated with the smart order routing facility, as part of 'Rights and Obligation of Stock brokers and clients' placed at Annexure 9 of this Master Circular.
58 · 2.9. Stock broker shall maintain logs of all activities to facilitate audit trail. Broker shall maintain record of orders, trades and data points for the basis of decision.
58 · 2.10. Stock exchange shall permit smart order routing for all orders, without restricting to any specific type of order. The choice on order types shall be left to the client.
58 · 2.11. If stock exchange desires to advise its brokers to seek re-approval, it may do so only in case of –
58 · 2.12. In case the client has availed Smart Order Routing facility and does not want to use the same for a particular order, the same shall be well documented by the stock broker.
58 · 2.13. System audit of the Smart Order Routing systems and software shall be periodically carried out by the brokers as may be specified by the exchange and certificate in this regard shall be submitted to the exchange.
58 · 2.14. Stock exchange shall ensure that Smart Order Routing is not used to place orders at venues other than the recognised stock exchanges.
58 · 2.15. The stock broker shall carry out appropriate validation of all risk parameters before the orders are placed in the Smart Order Routing system.
58 · 2.16. Stock exchange shall provide unique identification number for the orders placed through Smart Order Routing system. Further, stock exchanges shall maintain data on Smart Order Routing orders and trades.
58 · 2.17. Stock exchange shall have necessary surveillance mechanism in place to monitor trading done through Smart Order Routing.
58 · 2.18. Stock broker shall ensure that alternative mode of trading system is available in case of failure of Smart Order Routing facility.
58 · 2.19. Stock exchange shall ensure that within a period of three months from implementation of Smart Order Routing, a system is put in place to time stamp market data feed that is disseminated to the market, if the same is not already available.
58 · 2.20. Stock exchange shall strengthen investor grievance cell in order to address complaints, if any, received with regard to Smart Order Routing. Further, in case of any disputes or complaints, stock exchanges shall share necessary data as and when required in order to facilitate necessary examination.
58 · 2.21. Stock exchange shall synchronise their system clocks with atomic clock before the start of market.
58 · 2.22. The broker server routing orders placed through Smart Order Routing system to the exchange trading system shall be located in India. Stock exchange shall permit SOR approved brokers to offer SOR facility through all their servers irrespective of their location in India.
58 · 2.23. All other existing obligations for the broker as per current regulations and circulars will continue.
58 · 2.24. Stock exchange may specify additional safeguards as they deem fit for allowing Smart Order Routing facility to their brokers.
59 · Broad Guidelines on Algorithmic Trading 76
59 · 1. Any order that is generated using automated execution logic shall be known as algorithmic trading.
59 · 2. Stock exchanges shall ensure the following while permitting algorithmic trading:
59 · 2.1. The stock exchange shall have arrangements, procedures and system capability to manage the load on their systems in such a manner so as to achieve consistent response time to all stock brokers. The stock exchange shall continuously study the performance of its systems and, if necessary, undertake system upgradation, including periodic upgradation of its surveillance system, in order to keep pace with the speed of trade and volume of data that may arise through algorithmic trading.
59 · 2.2. In order to ensure maintenance of orderly trading in the market, stock exchange shall put in place effective economic disincentives with regard to high daily order-to-trade ratio of algo orders of the stock broker. Further, the stock exchange shall put in place monitoring systems to identify and initiate measures to impede any possible instances of order flooding by algos.
59 · 2.3. The stock exchange shall ensure that all algorithmic orders are necessarily routed through broker servers located in India and the stock exchange has appropriate risk controls mechanism to address
76 · Reference: Circular CIR/MRD/DP/09/2012 dated March 30, 2012, Circular CIR/MRD/DP/16/2013 dated May 21, 2013 and Circular SEBI/HO/MIRSD/DOP/P/CIR/2022/117 dated September 02, 2022.
59 · 2.4. In the interest of orderly trading and market integrity, the stock exchange shall put in place a system to identify dysfunctional algos (i.e. algos leading to loop or runaway situation) and take suitable measures, including advising the member, to shut down such algos and remove any outstanding orders in the system that have emanated from such dysfunctional algos. Further, in exigency, the stock exchange should be in a position to shut down the broker's terminal.
59 · 2.5. Terminals of the stock broker that are disabled upon exhaustion of collaterals shall be enabled manually by the stock exchange in accordance with its risk management procedures.
59 · 2.6. The stock exchange may seek details of trading strategies used by the algo for such purposes viz. inquiry, surveillance, investigation, etc.
59 · 2.7. In order to strengthen the surveillance mechanism related to algorithmic trading and prevent market manipulation, stock exchanges shall take necessary steps to ensure effective monitoring and surveillance of orders and trades resulting from trading algorithms. Stock exchanges shall periodically review their surveillance arrangements in order to better detect and investigate market manipulation and market disruptions.
59 · 2.8. The stock exchange shall include a report on algorithmic trading on the stock exchange in the Monthly Development Report (MDR) submitted to SEBI inter -alia incorporating turnover details of algorithmic trading, algorithmic trading as percentage of total trading, number of stock brokers / clients using algorithmic trading, action taken in respect of dysfunctional algos, status of grievances, if any, received and processed, etc.
59 · 2.9. The stock exchange shall synchronize its system clock with the atomic clock before the start of market such that its clock has precision of atleast one microsecond and accuracy of atleast +/- one millisecond.
59 · 3. Stock exchange shall ensure that the stock broker shall provide the facility of algorithmic trading only upon the prior permission of the stock exchange. Stock exchange shall subject the systems of the stock broker to initial conformance tests to ensure that the checks mentioned below are in place and that the stock broker's system facilitate orderly trading and integrity of the securities market. Further, the stock exchange shall suitably schedule such conformance tests and thereafter, convey the outcome of the test to the stock broker.
59 · 4. For stock brokers already providing algo trading, the stock exchange shall ensure that the risk controls specified herein are implemented by the stock broker.
59 · 5. The stock brokers / trading members that provide the facility of algorithmic trading shall subject their algorithmic trading system to a system audit every six months in order to ensure that the requirements prescribed by SEBI / stock exchanges with regard to algorithmic trading are effectively implemented. Such system audit of algorithmic trading system shall be undertaken by a system auditor who possess any of the following certifications:
59 · 5.1. CISA (Certified Information System Auditors) from ISACA;
59 · 5.2. DISA (Post Qualification Certification in Information Systems Audit) from Institute of Chartered Accountants of India (ICAI);
59 · 5.3. CISM (Certified Information Securities Manager) from ISACA;
59 · 5.4. CISSP (Certified Information Systems Security Professional) from International Information Systems Security Certification Consortium, commonly known as (ISC) .
59 · 6. Deficiencies or issues identified during the process of system audit of trading algorithm / software shall be reported by the stock broker / trading member to the stock exchange immediately on completion of the system audit. Further, the stock broker / trading member shall take immediate corrective actions to rectify such deficiencies / issues.
59 · 7. In case of serious deficiencies / issues or failure of the stock broker / trading member to take satisfactory corrective action, the stock exchange shall not
59 · 8. The stock broker, desirous of placing orders generated using algos, shall satisfy the stock exchange with regard to the implementation of the following minimum levels of risk controls at its end -
59 · 8.1. Price check – Algo orders shall not be released in breach of the price bands defined by the exchange for the security.
59 · 8.2. Quantity check – Algo orders shall not be released in breach of the quantity limit as defined by the exchange for the security.
59 · 8.3. Order Value check -Algo orders shall not be released in breach of the 'value per order' as defined by the stock exchanges.
59 · 8.4. Cumulative Open Order Value check – The individual client level cumulative open order value check, may be prescribed by the broker for the clients. Cumulative Open Order Value for a client is the total value of its unexecuted orders released from the stock broker system.
59 · 8.5. Automated Execution check – An algo shall account for all executed, unexecuted and unconfirmed orders, placed by it before releasing further order(s). Further, the algo system shall have predefined parameters for an automatic stoppage in the event of algo execution leading to a loop or a runaway situation.
59 · 8.6. All algorithmic orders are tagged with a unique identifier provided by the stock exchange in order to establish audit trail.
59 · 9. The other risk management checks already put in place by the exchange shall continue and the exchange may re-evaluate such checks if deemed necessary in view of algo trading.
59 · 10. The stock broker, desirous of placing orders generated using algos, shall submit to the respective stock exchange an undertaking that -
59 · 10.1. The stock broker has proper procedures, systems and technical capability to carry out trading through the use of algorithms.
59 · 10.2. The stock broker has procedures and arrangements to safeguard algorithms from misuse or unauthorized access.
59 · 10.3. The stock broker has real -time monitoring systems to identify algorithms that may not behave as expected. Stock broker shall keep stock exchange informed of such incidents immediately.
59 · 10.4. The stock broker shall maintain logs of all trading activities to facilitate audit trail. The stock broker shall maintain record of control parameters, orders, trades and data points emanating from trades executed through algorithm trading.
59 · 10.5. The stock broker shall inform the stock exchange on any modification or change to the approved algos or systems used for algos.
59 · 11. The stock exchange, if required, shall seek conformance of such modified algo or systems to the requirements specified above.
59 · 12. In order to discourage repetitive instances of high daily order-to-trade ratio, stock exchanges shall impose an additional penalty in form of suspension of proprietary trading right of the stock broker / trading member for the first trading hour on the next trading day in case a stock broker / trading member is penalized for maintaining high daily order-to-trade ratio, provided penalty was imposed on the stock broker / trading member on more than ten occasions in the previous thirty trading days.
59 · 13.Stock Brokers who provide services relating to algorithmic trading shall not:
59 · 13.1. directly or indirectly make any reference to the past or expected future return/performance of the algorithm; and/or
59 · 13.2. directly or indirectly associate with any platform providing any reference to the past or expected future return/performance of the algorithm.
59 · 14. The above restrictions mentioned in para 59.13 shall not apply in case reference is made to risk -return metrics of algorithms verified by Past Risk and Return Verification Agency (PaRRVA),in the manner specified by SEBI.
59 · 15. Use of Application Programming Interface (API) 78 for Algo trading
77 · SEBI/HO/MIRSD/MIRSD -PoD/P/CIR/2025/0000013 dated February 04, 2025
78 · An API (Application Programming Interface) is a set of rules and protocols that allows different software applications to communicate and exchange data with each other.
59 · 15.1. For the purpose of provision of algo trading through APIs, brokers shall be the principal while any algo provider or fintech/vendor (hereinafter referred to as "Algo Provider") shall act as its agent, while using the API provided by the broker.
59 · 15.2. All algo orders originating/flowing through Application Programming Interface (API) extended by brokers to algo providers , shall be tagged with a unique identifier provided by Stock Exchange.
59 · 15.3. Algos developed by tech-savvy retail investors themselves , using programming knowledge, shall also be registered with the Exchange , through their broker, only if they cross the specified order per second threshold 79 . Further, the same registered Algo shall be permitted to be used by such retail investors for their family (but not for other investors). 'Family' for this purpose would mean self, spouse, dependent children and dependent parents.
59 · 15.4. Brokers shall:
59 · 16. Roles and responsibilities of Stock Brokers:
79 · Specified threshold for categorization as an Algo shall be evolved by the Broker's Industry Standards Forum, under the aegis of the stock exchanges and in consultation with SEBI.
80 · A secure authorization framework that allows third -party applications to access user data without requiring users to share their login credentials or other sensitive information.
59 · 17.Empanelment and Registration of Algo Providers:
59 · 18. Role and Responsibilities of Exchanges:
59 · 19. Categorization of Algos
81 · The kill switch is an emergency function and the last level of defence against any Algorithm malfunction. It is expected to automatically trigger a halt on trading activity based on pre-defined conditions.
59 · 20.Exchanges and brokers shall continue to comply with existing provisions prescribed with regard to Algorithmic trading.
60 · Testing of software used in or related to Trading and Risk Management 84
60 · 1. The term 'software' shall mean electronic systems or applications used by stock brokers / trading members for connecting to the stock exchanges and for the purposes of trading and real-time risk management, including software used for Internet Based Trading (IBT), Direct Market Access (DMA), Securities Trading using Wireless Technology (STWT), Smart Order Routing (SOR), Algorithmic Trading (AT) etc.
60 · 2. Testing of Software
60 · 2.1. In addition to the testing and approval requirements specified by SEBI on IBT, DMA, STWT, SOR and AT, stock exchanges shall frame appropriate testing policies for functional as well as
82 · Execution Algos or White Box Algos are automated trading strategies/systems that execute orders based on fully transparent Algorithms, where the logic, decision making processes and underlying rules are accessible and understandable to users.
83 · Black box Algos are Algos where the user cannot see the internal workings and rationale of the Algo or an Algo where the logic is not known to the user and is not replicable.
84 · Reference: Circular CIR/MRD/DP/24/2013 dated August 19, 2013 and Circular CIR/MRD/DP/06/2014 dated February 07, 2014 and Circular SEBI/HO/MRD1/DSAP/CIR/P/2020/234 dated November 24, 2020.
60 · 2.2. Stock brokers / trading members shall also engage system auditor(s) to examine reports of mock tests and UAT in order to certify that the tests were satisfactorily undertaken.
60 · 2.3. Stock exchanges shall monitor compliance of stock brokers / trading members, who use trading algorithm, with regard to the requirement of participation in mock trading session as mandated herein. In cases where stock exchanges find that the stock broker / trading member has failed to participate in such mock trading sessions, stock exchange shall call for reasons and if found unsatisfactory, shall suspend the proprietary trading rights of the stock broker / trading member for a minimum period of one trading day.
60 · 2.4. Stock exchanges shall also ensure that the system auditors examine the compliance of stock broker / trading member, who use trading algorithms, with regard to the requirement of participation in mock trading session, as mandated herein, and provide suitable comments in the periodic system audit report. In cases where the system audit report indicate that the stock broker / trading member has failed to participate in such mock trading sessions, stock exchange shall call for reasons from the stock broker / trading member and if found unsatisfactory, shall suspend the proprietary trading rights of the stock broker / trading member for a minimum period of one trading day.
60 · 2.5. For pre-approval / periodic system audit of Computer-toComputer Link (CTCL) or Intermediate Messaging Layer (IML), IBT, DMA, STWT, SOR and AT, stock brokers / trading members shall engage a system auditor with any of the certifications specified in para 59.5.1 to 59.5.4 above. While finalizing the system auditor, stock brokers / trading members shall ensure the system auditor does not have any conflict of interest with the stock broker and the directors / promoters of the system auditor are not directly or indirectly related to the current directors or promoters of stock broker / trading member.
60 · 3. Approval of Software of stock broker / trading member
60 · 3.1. Stock brokers / trading members shall seek approval of the respective stock exchanges for deployment of the software in the securities market by submitting necessary details required by stock exchange including details of software, tests undertaken and certificate / report provided by the system auditor. Stock exchange may seek additional details as deemed necessary for evaluating the application of the stock broker / trading member.
60 · 3.2. Stock exchanges shall grant approval or reject the application of the stock broker as the case may be, and communicate the decision to the stock broker / trading member within fifteen working days from the date of receipt of completed application (or within any other such time period specified vide SEBI circulars on DMA, IBT, STWT, SOR, AT, etc.). In case of rejection of the application, the stock exchange shall also communicate reasons of rejection to the stock broker / trading member within such time period.
60 · 3.3. Before granting approval to use software in securities market, stock exchange shall ensure that the requirements specified by
60 · 3.4. Stock exchanges may suitably schedule the requirements of mock testing, certification of test reports by system auditor(s) and the software approval process, so as to facilitate a speedy approval and a smooth transition of the stock brokers to the new / upgraded software.
60 · 3.5. In order to ensure that stock brokers are not using software without requisite approval of the stock exchanges, stock exchanges are advised to put in place suitable mechanism to prevent any unauthorized change to the approved software.
60 · 4. Undertaking to be provided by stock brokers / trading members
60 · 4.1. Stock brokers / trading members shall submit an undertaking to the respective stock exchanges stating the following at the minimum:
60 · 4.2. Stock exchanges may include additional clauses as deemed necessary in the undertaking.
60 · 5. Sharing of Application Programming Interface (API) specifications by the stock exchange with stock brokers / trading members:
60 · 5.1. API is an interface that enables interaction of software with other software and typically includes language and message format that is used by an application program to communicate with the operating system or other application program. Stock brokers / trading members and software vendors require relevant API
60 · 5.2. Stock exchanges shall provide relevant API specifications to all stock brokers / trading members and software vendors who are desirous of developing software for the securities market, after establishing their respective credentials.
60 · 5.3. In case of refusal to share APIs, stock exchanges shall provide reasons in writing to the desirous stock brokers / trading members or software vendors within a period of fifteen working days from the date of receipt of such request for sharing of API.
60 · 5.4. Further, stock exchanges shall not selectively release updates / modifications, if any, of the existing API specifications to few stock brokers / trading members or software vendors ahead of others and shall provide such updated / modified API specifications to all stock brokers / trading members and software vendors with whom the earlier API specifications were shared.
60 · 6. Penalty on malfunction of software used by stock broker / trading member:
60 · 6.1. include suitable clauses in their agreement with the software vendors to define liabilities of software vendor and stock broker / trading member in case of software malfunction, and / or,
60 · 6.2. consider taking suitable insurance cover to meet probable losses in case of software malfunction.
60 · 7. With regard to changes / updates to stock broker's trading software that intend to modify the 'look and feel' and do not affect the risk management system of the stock broker or the connectivity of the trading software with stock exchange's trading system, it is clarified that mock testing and consequent system audit may not be insisted upon by the stock exchanges.
60 · 8. Stock exchanges shall direct their stock brokers to put in place adequate mechanism to restore their trading systems to 'production state' at the
61 · Safeguards to avoid trading disruption in case of failure of software vendor 85
61 · 1. Software vendors who provide software to market participants and market infrastructure institutions for the purpose of trading, risk management, clearing and settlement play a crucial role in the securities market. Any inability on the part of such software vendors to provide software or related services in timely and continuous manner may create a situation of stress in the securities market.
61 · 2. Adequate mechanism / procedure should be in place to ensure smooth transition by stock broker(s) to another software vendor in case of inability of the existing software vendor to provide software and related services in timely and continuous manner.
61 · 3. Stock exchanges may advise the stock brokers to take the following measures:
61 · 3.1. Explore the possibility of establishing a 'software escrow arrangement' with their existing software vendors.
61 · 3.2. In case of large stock brokers, consider reducing dependence on a single software vendor for trading and risk management systems, by engaging more than one software vendor.
61 · 3.3. Consider including the following in their contracts with the software vendors:
85 · Reference: Circular CIR/MRD/DP/07/2014 dated February 11, 2014 .
62 · Cyber Security and Cyber resilience framework for Stock Brokers 86
62 · 1. Stock brokers perform significant functions in providing services to holder of securities. So it is desirable that these entities have robust cyber security and cyber resilience framework in order to provide essential facilities and perform systematically critical functions relating to securities market. Accordingly, a framework on Cyber security and cyber resilience has been designed and prescribed at paras 62.3 to 62.6 below.
62 · 2. The Stock Brokers are mandated to conduct comprehensive cyber audit at least once in a financial year. All Stock Brokers shall submit with Stock Exchange a declaration from the MD/ CEO/ Partners/ Proprietors certifying compliance by the Stock Brokers with all SEBI Circulars and advisories related to Cyber security from time to time, along with the Cyber audit report.
62 · 3. Cyber-attacks and threats attempt to compromise the Confidentiality, Integrity and Availability (CIA) of the computer systems, networks and databases (Confidentiality refers to limiting access of systems and information to authorized users, Integrity is the assurance that the information is reliable and accurate, and Availability refers to guarantee of reliable access to the systems and information by authorized users). Cyber security framework includes measures, tools and processes that are intended to prevent cyber-attacks and improve cyber resilience. Cyber Resilience is an organization's ability to prepare and respond to a cyberattack and to continue operation during, and recover from, a cyber-attack.
62 · 4. As part of the operational risk management framework to manage risk to systems, networks and databases from cyber-attacks and threats, Stock Brokers should formulate a comprehensive Cyber Security and Cyber Resilience policy document encompassing the framework mentioned hereunder. In case of deviations from the suggested framework, reasons for such deviations, technical or otherwise, should be provided in the policy document. The policy document should be approved by the Board / Partners / Proprietor of the Stock Broker. The policy document should be reviewed by the aforementioned group at least annually with the view to strengthen and improve its Cyber Security and Cyber Resilience framework.
86 · Reference: Circular SEBI/HO/MIRSD/CIR/PB/2018/14 dated December 03, 2018, Circular CIR/HO/MIRSD/DOS2/CIR/PB/2019/038 dated March 15, 2019, Circular SEBI/HO/MIRSD/DOP/CIR/P/2019/109 dated October 15, 2019, Circular SEBI/HO/MIRSD/TPD/P/CIR/2022/80 dated June 07, 2022 and Circular SEBI/HO/MIRSD/TPD/P/CIR/2022/93 dated June 30, 2022
62 · 5. The Cyber Security Policy should include the following process to identify, assess, and manage Cyber Security risk associated with processes, information, networks and systems:
62 · 6. The Cyber Security Policy of Stock Brokers trading through APIs based terminal should consider the principles prescribed by National Critical Information Infrastructure Protection Centre (NCIIPC) of National Technical Research Organization (NTRO), Government of India (titled 'Guidelines for Protection of National Critical Information Infrastructure') and subsequent revisions, if any, from time to time.
62 · 7. Stock Brokers trading through APIs based terminal may refer to best practices from international standards like ISO 27001, COBIT 5, etc., or their subsequent revisions, if any, from time to time.
62 · 8. Stock Brokers should designate a senior official or management personnel (henceforth, referred to as the "Designated Officer") whose function would be to assess, identify, and reduce security and Cyber Security risks, respond to incidents, establish appropriate standards and controls, and direct the establishment and implementation of processes and procedures as per the Cyber Security Policy.
62 · 9. The Board / Partners / Proprietor of the Stock Brokers shall constitute a Technology Committee comprising experts. This Technology Committee should on a half yearly basis review the implementation of the Cyber Security and Cyber Resilience policy approved by their Board / Partners / Proprietor, and such review should include review of their current IT and Cyber Security and Cyber Resilience capabilities, set goals for a target level of Cyber Resilience, and establish plans to improve and strengthen Cyber Security and Cyber Resilience. The review shall be placed before the Board / Partners / Proprietor of the Stock Brokers for appropriate action.
62 · 10.Stock Brokers should establish a reporting procedure to facilitate communication of unusual activities and events to the Designated Officer in a timely manner.
62 · 11. The Designated officer and the technology committee of the Stock Brokers should periodically review instances of cyber-attacks, if any, domestically
62 · 12.Stock Brokers should define responsibilities of its employees, outsourced staff, and employees of vendors, members or participants and other entities, who may have privileged access or use systems / networks of Stock Brokers towards ensuring the goal of Cyber Security.
62 · 13.Stock Brokers shall identify and classify critical assets based on their sensitivity and criticality for business operations, services and data management. The critical assets shall include business critical systems, internet facing applications /systems, systems that contain sensitive data, sensitive personal data, sensitive financial data, Personally Identifiable Information (PII) data, etc. All the ancillary systems used for accessing/communicating with critical systems either for operations or maintenance shall also be classified as critical system. The Board/Partners/Proprietor of the Stock Brokers shall approve the list of critical systems. To this end, Stock Brokers shall maintain up-to date inventory of its hardware and systems, software and information assets (internal and external), details of its network resources, connections to its network and data flows.
62 · 14.Stock Brokers should accordingly identify cyber risks (threats and vulnerabilities) that it may face, along with the likelihood of such threats and impact on the business and thereby, deploy controls commensurate to the criticality.
62 · 15. No person by virtue of rank or position should have any intrinsic right to access confidential data, applications, system resources or facilities.
62 · 16.Any access to Stock Brokers systems, applications, networks, databases, etc., should be for a defined purpose and for a defined period. Stock Brokers should grant access to IT systems, applications, databases and networks on a need -to -use basis and based on the principle of least privilege. Such access should be for the period when the access is required and should be authorized using strong authentication mechanisms.
62 · 17.Stock Brokers should implement an access policy which addresses strong password controls for users' access to systems, applications, networks and databases. Illustrative examples for this are given in Illustration C.
62 · 18.All critical systems of the Stock Broker accessible over the internet should have two -factor security (such as VPNs, Firewall controls etc.)
62 · 19.Stock Brokers should ensure that records of user access to critical systems, wherever possible, are uniquely identified and logged for audit and review purposes. Such logs should be maintained and stored in a secure location for a time period not less than two years.
62 · 20.Stock Brokers should deploy controls and security measures to supervise staff with elevated system access entitlements (such as admin or privileged users) to Stock Broker's critical systems. Such controls and measures should inter -alia include restricting the number of privileged users, periodic review of privileged users' activities, disallow privileged users from accessing systems logs in which their activities are being captured, strong controls over remote access by privileged users, etc.
62 · 21.Employees and outsourced staff such as employees of vendors or service providers, who may be given authorized access to the Stock Brokers critical systems, networks and other computer resources, should be subject to stringent supervision, monitoring and access restrictions.
62 · 22.Stock Brokers should formulate an Internet access policy to monitor and regulate the use of internet and internet based services such as social media sites, cloud-based internet storage sites, etc. within the Stock Broker's critical IT infrastructure.
62 · 23. User Management must address deactivation of access of privileges of users who are leaving the organization or whose access privileges have been withdrawn.
62 · 24.Physical access to the critical systems should be restricted to minimum and only to authorized officials. Physical access of outsourced staff/visitors should be properly supervised by ensuring at the minimum that outsourced staff/visitors are accompanied at all times by authorized employees.
62 · 25.Physical access to the critical systems should be revoked immediately if the same is no longer required.
62 · 26.Stock Brokers should ensure that the perimeter of the critical equipment room, if any, are physically secured and monitored by employing physical,
62 · 27.Stock Brokers should establish baseline standards to facilitate consistent application of security configurations to operating systems, databases, network devices and enterprise mobile devices within their IT environment. The LAN and wireless networks should be secured within the Stock Brokers' premises with proper access controls.
62 · 28. For algorithmic trading facilities, adequate measures should be taken to isolate and secure the perimeter and connectivity to the servers running algorithmic trading applications.
62 · 29.Stock Brokers should install network security devices, such as firewalls, proxy servers, intrusion detection and prevention systems (IDS) to protect their IT infrastructure which is exposed to the internet, from security exposures originating from internal and external sources.
62 · 30.Adequate controls must be deployed to address virus / malware / ransomware attacks. These controls may include host / network / application based IDS systems, customized kernels for Linux, anti-virus and anti -malware software etc.
62 · 31. Critical data must be identified and encrypted in motion and at rest by using strong encryption methods. Illustrative measures in this regard are given in Illustration A and B.
62 · 32.Stock Brokers should implement measures to prevent unauthorized access or copying or transmission of data / information held in contractual or fiduciary capacity. It should be ensured that confidentiality of information is not compromised during the process of exchanging and transferring information with external parties. Illustrative measures to ensure security during transportation of data over the internet are given in Illustration B.
62 · 33. The information security policy should also cover use of devices such as mobile phones, faxes, photocopiers, scanners, etc., within their critical IT infrastructure, that can be used for capturing and transmission of sensitive data. For instance, defining access policies for personnel, and network connectivity for such devices etc.
62 · 34.Stock Brokers should allow only authorized data storage devices within their IT infrastructure through appropriate validation processes.
62 · 35.Stock Brokers should only deploy hardened hardware / software, including replacing default passwords with strong passwords and disabling or removing services identified as unnecessary for the functioning of the system.
62 · 36.Open ports on networks and systems which are not in use or that can be potentially used for exploitation of data should be blocked and measures taken to secure them.
62 · 37.Application security for Customer facing applications offered over the Internet such as IBTs (Internet Based Trading applications), portals containing sensitive or private information and Back office applications (repository of financial and personal information offered by Brokers to Customers) are paramount as they carry significant attack surfaces by virtue of being available publicly over the Internet for mass use. An illustrative list of measures for ensuring security in such applications is provided in Illustration C.
62 · 38.Stock Brokers should ensure that off the shelf products being used for core business functionality (such as Back office applications) should bear Indian Common criteria certification of Evaluation Assurance Level 4. The Common criteria certification in India is being provided by (STQC) Standardisation Testing and Quality Certification (Ministry of Electronics and Information Technology). Custom developed / in-house software and components need not obtain the certification, but have to undergo intensive regression testing, configuration testing etc. The scope of tests should include business logic and security controls.
62 · 39.Stock Brokers should establish and ensure that the patch management procedures include the identification, categorization and prioritization of patches and updates. An implementation timeframe for each category of patches should be established to apply them in a timely manner.
62 · 40.Stock Brokers should perform rigorous testing of security patches and updates, where possible, before deployment into the production environment so as to ensure that the application of patches do not impact other systems.
62 · 41.Stock Brokers should frame suitable policy for disposal of storage media and systems. The critical data / Information on such devices and systems should be removed by using methods such as crypto shredding / degauss / Physical destruction as applicable.
62 · 42.Stock Brokers should formulate a data -disposal and data retention policy to identify the value and lifetime of various parcels of data.
62 · 43.Stock Brokers shall carry out periodic Vulnerability Assessment and Penetration Tests (VAPT) which inter-alia include critical assets and infrastructure components like Servers, Networking systems, Security devices, load balancers, other IT systems pertaining to the activities done as Stock Brokers etc., in order to detect security vulnerabilities in the IT environment and in -depth evaluation of the security posture of the system through simulations of actual attacks on its systems and networks.
62 · 44.Stock Brokers shall conduct VAPT at least once in a financial year. All Stock Brokers are required to engage only CERT-In empaneled organizations for conducting VAPT. The final report on said VAPT shall be submitted to the Stock Exchanges after approval from Technology Committee of respective Stock Brokers, within 1 month of completion of VAPT activity. In addition, Stock Brokers shall perform vulnerability scanning and conduct penetration testing prior to the commissioning of a new system which is a critical system or part of an existing critical system.
62 · 45. In case of vulnerabilities discovered in off -the -shelf products (used for core business) or applications provided by exchange empanelled vendors, Stock Brokers should report them to the vendors and the exchanges in a timely manner.
62 · 46.Any gaps/vulnerabilities detected shall be remedied on immediate basis and compliance of closure of findings identified during VAPT shall be submitted to the Stock Exchanges within three months post the submission of final VAPT report.
62 · 47.Stock Brokers should establish appropriate security monitoring systems and processes to facilitate continuous monitoring of security events / alerts and timely detection of unauthorised or malicious activities, unauthorised changes, unauthorised access and unauthorised copying or transmission of data / information held in contractual or fiduciary capacity, by internal and external parties. The security logs of systems, applications and network devices exposed to the internet should also be monitored for anomalies.
62 · 48. Further, to ensure high resilience, high availability and timely detection of attacks on systems and networks exposed to the internet, Stock Brokers should implement suitable mechanisms to monitor capacity utilization of its critical systems and networks that are exposed to the internet, for example, controls such as firewalls to monitor bandwidth usage.
62 · 49.Alerts generated from monitoring and detection systems should be suitably investigated in order to determine activities that are to be performed to prevent expansion of such incident of cyber-attack or breach, mitigate its effect and eradicate the incident.
62 · 50. The response and recovery plan of the Stock Brokers should have plans for the timely restoration of systems affected by incidents of cyber-attacks or breaches, for instance, offering alternate services or systems to Customers. Stock Brokers should have the same Recovery Time Objective (RTO) and Recovery Point Objective (RPO) as specified by SEBI for Market Infrastructure Institutions vide SEBI circular CIR/MRD/DMS/17/20 dated June 22, 2012 as amended from time to time.
62 · 51. The response plan should define responsibilities and actions to be performed by its employees and support / outsourced staff in the event of cyber-attacks or breach of Cyber Security mechanism.
62 · 52.Any incident of loss or destruction of data or systems should be thoroughly analyzed and lessons learned from such incidents should be incorporated to strengthen the security mechanism and improve recovery planning and processes.
62 · 53.Stock Brokers should also conduct suitable periodic drills to test the adequacy and effectiveness of the aforementioned response and recovery plan.
62 · 54.All Cyber-attacks, threats, cyber-incidents and breaches experienced by Stock Brokers shall be reported to Stock Exchanges & SEBI within six hours of noticing / detecting such incidents or being brought to notice about such incidents. This information shall be shared to SEBI through the dedicated e-mail id: sbdp-cyberincidents@sebi.gov.in .
62 · 55. The incident shall also be reported to Indian Computer Emergency Response team (CERT-In) in accordance with the guidelines / directions issued by CERT-In from time to time. Additionally, the Stock Brokers, whose systems have been identified as "Protected system" by National Critical Information Infrastructure Protection Centre (NCIIPC) shall also report the incident to NCIIPC.
62 · 56.Stock Brokers should work on building Cyber Security and basic system hygiene awareness of staff (with a focus on staff from non-technical disciplines).
62 · 57.Stock Brokers should conduct periodic training programs to enhance knowledge of IT / Cyber Security Policy and standards among the employees incorporating up-to-date Cyber Security threat alerts. Where possible, this should be extended to outsourced staff, vendors etc.
62 · 58. The training programs should be reviewed and updated to ensure that the contents of the program remain current and relevant.
62 · 59.Where the systems (IBT, Back office and other Customer facing applications, IT infrastructure, etc.) of a Stock Brokers are managed by vendors and the Stock Brokers may not be able to implement some of the aforementioned guidelines directly, the Stock Brokers should instruct the vendors to adhere to the applicable guidelines in the Cyber Security and Cyber Resilience policy and obtain the necessary self-certifications from them to ensure compliance with the policy guidelines.
62 · 60.Where applications are offered to customers over the internet by MIIs (Market Infrastructure Institutions), for eg.: NSE's NOW, BSE's BEST etc., the responsibility of ensuring Cyber Resilience on those applications reside with the MIIs and not with the Stock Broker. The Stock Broker is exempted from applying the aforementioned guidelines to such systems offered by MIIs such as NOW, BEST, etc.
62 · 61. The Terms of Reference for the System Audit of Stock Brokers specified at para 16 above, shall accordingly stand modified to include audit of implementation of the areas mentioned at para 62.1 to 62.60 above.
62 · 62. The Type I Stock Brokers shall arrange to have their systems audited on an annual basis by a CERT-IN empanelled auditor, an independent DISA (ICAI) Qualification, CISA (Certified Information System Auditor) from ISACA, CISM (Certified Information Securities Manager) from ISACA, CISSP (Certified Information Systems Security Professional) from International Information Systems Security Certification Consortium (commonly known as (ISC)2), to check compliance with the above areas and shall submit the report to Stock Exchanges along with the comments of the Board / Partners / Proprietor of Stock Broker within three months of the end of the financial year.
62 · 63. The periodicity of audit for the compliance with the provisions of Cyber Security and Cyber Resilience provisions for stock brokers, irrespective of number of terminals and location presence, shall be as under:
63 · Reporting for Artificial Intelligence (AI) and Machine Learning (ML) applications and systems offered and used by market intermediaries 87
87 · Reference: Circular SEBI/HO/MIRSD/DOS2/CIR/P/2019/10 dated January 04,2019
63 · 1. Any set of applications / software / programs / executable / systems (computer systems) –cumulatively called application and systems,
63 · 2. Technologies that are considered to be categorized as AI and ML technologies in the scope of this circular, are explained in Annexure-27 .
63 · 3. All registered Stock Brokers offering or using applications or systems as defined in Annexure -27, should participate in the reporting process by completing the AI / ML reporting form (see Annexure-26).
63 · 4. All registered Stock Brokers using AI / ML based application or system as defined in Annexure -27, are required to fill in the form (Annexure-26) and make submissions on quarterly basis within fifteen calendar days of the expiry of the quarter.
63 · 5. Stock Exchanges have to consolidate and compile a report, on AI / ML applications and systems reported by registered Stock Brokers in the reporting format (Annexure-28) on quarterly basis. The said report (Annexure-28) shall be submitted in soft copy only at AI_SE@sebi.gov.in to SEBI within thirty calendar days of the expiry of the quarter.
64 · Advisory for Financial Sector Organizations regarding Software as a Service (SaaS) based solutions 88
64 · 1. Indian Computer Emergency Response Team (CERT-in) issued an advisory for Financial Sector organizations to improve their cyber Security Posture by availing Software as a Service (SaaS) based solution for managing their Governance, Risk & Compliance (GRC) functions.
88 · Reference: Circular SEBI/HO/MIRSD2/DOR/CIR/P/2020/221 dated November 03, 2020
64 · 2. The advisory was forwarded to SEBI for bringing the same to the notice of financial sector organization. The advisory is enclosed at Annexure-29 .
64 · 3. Stock brokers are advised to ensure complete protection and seamless control over the critical systems at their organizations by continuous monitoring through direct control and supervision protocol mechanisms while keeping the critical data within the legal boundary of India.
64 · 4. The compliance of the advisory shall be reported in the half yearly report by stock brokers to stock exchanges with an undertaking, "Compliance of the SEBI circular for Advisory for Financial Sector Organizations regarding Software as a Service (SaaS) based solutions has been made."
65 · Framework to address the 'technical glitches' in Stock Brokers' Electronic Trading Systems 89
65 · 1. Technology related interruptions and glitches (technical glitches) and their impact on the investors' opportunity to trade constitutes major technology related risk. Thus, the following framework to deal with technical glitches occurring in the trading systems of stock brokers shall be complied with.
65 · 2. Definition of Technical Glitch:
65 · 3. Reporting Requirements
65 · 3.1. Stock brokers shall inform about the technical glitch to the stock exchanges immediately but not later than one hour from the time of occurrence of the glitch.
65 · 3.2. Stock brokers shall submit a Preliminary Incident Report to the Exchange within T+1 day of the incident (T being the date of the incident). The report shall include the date and time of the incident, the details of the incident, effect of the incident and the immediate action taken to rectify the problem.
89 · Reference: Circular SEBI/HO/MIRSD/TPD-1/P/CIR/2022/160 dated November 25, 2022
65 · 3.3. Stock brokers shall submit a Root Cause Analysis (RCA)Report (as per Annexure-30) of the technical glitch to stock exchange, within fourteen days from the date of the incident.
65 · 3.4. RCA report submitted by the stock brokers shall, inter-alia, include time of incident, cause of the technical glitch (including root cause from vendor(s), if applicable), duration, chronology of events, impact analysis and details of corrective/ preventive measures taken (or to be taken), restoration of operations etc.
65 · 3.5. Stock brokers shall submit information stated in para 65 . 3.1 , 65.3.2 and 65.3.3 above, by e-mail at infotechglitch@nse.co.in, a common email address for reporting across all stock exchanges.
65 · 3.6. All technical glitches reported by stock brokers as well as independently monitored by stock exchanges, shall be examined collectively by the stock exchanges along with the report/ RCA and appropriate action shall be taken.
65 · 4. Capacity Planning:
65 · 4.1. Increasing number of investors may create additional burden on the trading system of the stock broker and hence, adequate capacity planning is prerequisite for stock brokers to provide continuity of services to their clients. Stock brokers shall do capacity planning for entire trading infrastructure i.e. server capacities, network availability, and the serving capacity of trading applications.
65 · 4.2. Stock brokers shall monitor peak load in their trading applications, servers and network architecture. The Peak load shall be determined on the basis of highest peak load observed by the stock broker during a calendar quarter. The installed capacity shall be at least one and half times (1.5x) of the observed peak load.
65 · 4.3. Stock brokers shall deploy adequate monitoring mechanisms within their networks and systems to get timely alerts on current utilization of capacity going beyond permissible limit of seventy percent of its installed capacity.
65 · 4.4. To ensure the continuity of services at the primary data center, stock brokers as may be specified from time to time by stock exchange (hereafter referred to as specified stock brokers) shall strive to achieve full redundancy in their IT systems that are related to trading applications and trading related services.
65 · 4.5. Stock exchanges shall issue detailed guidelines with regard to frequency of capacity planning to review available capacity, peak load, and new capacity required to tackle future load on the system.
65 · 5. Software testing and change:
65 · 5.1. Software applications are prone to updates/changes and hence, it is imperative for the stock brokers to ensure that all software changes that are taking place in their applications are rigorously tested before they are used in production systems. Software changes could impact the functioning of the software if adequate testing is not carried out. In view of this, stock brokers shall adopt the following framework for carrying out software related changes / testing in their systems:
65 · 5.1.1. Stock brokers shall create test driven environments for all types of software developed by them or their vendors. Regression testing, security testing and unit testing shall be included in the software development, deployment and operations practices.
65 · 5.1.2. Specified stock brokers shall do their software testing in automated environments.
65 · 5.1.3. Stock Brokers shall prepare a traceability matrix between functionalities and unit tests, while developing any software that is used in trading activities.
65 · 5.1.4. Stock brokers shall implement a change management process to avoid any risk arising due to unplanned and unauthorized changes for all its information security assets (hardware, software, network, etc.).
65 · 5.1.5. Stock brokers shall periodically update all their assets including Servers, OS, databases, middleware, network devices, firewalls, IDS /IPS desktops etc. with latest applicable versions and patches.
65 · 5.1.6. Stock exchanges shall issue detailed guidelines with regard to testing of software, testing in automated environments, traceability matrix, change management process and periodic updation of assets etc.
65 · 6. Monitoring mechanism:
65 · 6.1. Proactively and independently monitoring technical glitches shall be one of the approaches in mitigating the impact of such glitches.
65 · 6.2. Stock Exchanges shall identify the key parameters in consultation with stock brokers. These key parameters shall be monitored by specified stock brokers and by stock exchanges, on a real time or on a near real time basis.
65 · 6.3. Stock exchanges shall maintain a dedicated cell for monitoring the key parameters and the technical glitches occurring in stock brokers' trading systems. The cell also shall intimate the specified stock broker concerned immediately about the breach of the key parameters monitored under LAMA.
65 · 6.4. Stock brokers and stock exchanges shall preserve the logs of the key parameters for a period of thirty days in normal course. However, if a technical glitch takes place, the data related to the glitch, shall be maintained for a period of two years.
65 · 7. Business Continuity Planning (BCP) and Disaster Recovery Site (DRS):
65 · 7.1. Stock brokers with a minimum client base across the exchanges, as may be specified by stock exchanges from time to time, shall mandatorily establish business continuity/DR set up.
65 · 7.2. Stock brokers shall put in place a comprehensive BCP-DR policy document outlining standard operating procedures to be followed in the event of any disaster. A suitable framework shall be put in place to constantly monitor health and performance of critical systems in the normal course of business. The BCP-DR policy document shall be periodically reviewed to minimize incidents affecting the business continuity.
65 · 7.3. The DRS shall preferably be set up in different seismic zones. In case, due to any reasons like operational constraints, such a geographic separation is not possible, then the Primary Data Centre (PDC) and DRS shall be separated from each other by a distance of at least two hundred and fifty (250) kilometers to ensure that both of them do not get affected by the same natural disaster.
65 · 7.4. Specified stock brokers shall conduct DR drills / live trading from DR site. DR drills / live trading shall include running all operations from DRS for at least 1 full trading day. Stock exchanges in consultation with specified stock brokers shall decide the frequency of DR drill / live trading from DR site.
65 · 7.5. Stock brokers, shall constitute responsible teams for taking decisions about shifting of operations from primary site to DR site, putting adequate resources at DR site, and setting up mechanism to make DR site operational from primary data center etc.
65 · 7.6. Hardware, system software, application environment, network and security devices and associated application environments of DRS and PDC shall have one -to -one correspondence between them. Adequate resources shall be made available at all times to handle operations at PDC or DRS.
65 · 7.7. Stock exchanges in consultation with stock brokers shall decide upon Recovery Time Objective(RTO) i.e. the maximum time taken to restore operations from DRS after declaration of Disaster and, Recovery Point Objective (RPO) i.e. the maximum tolerable period for which data might be lost due to a major incident.
65 · 7.8. Replication architecture, bandwidth and load consideration between the DRS and PDC shall be within stipulated RTO and the whole system shall ensure high availability, right sizing, and no single point of failure. Any updates made at the PDC shall be reflected at DRS immediately.
65 · 7.9. Specified stock brokers shall obtain ISO certification as may be specified by stock exchanges from time to time in the area of IT and IT enabled infrastructure/processes of the stock brokers.
65 · 7.10. The System Auditor, while covering the BCP – DR as a part of mandated annual System Audit, shall check the preparedness of the stock broker to shift its operations from PDC to DRS and also comment on documented results and observations on DR drills conducted by the stock brokers.
65 · 7.11. Stock exchanges shall define the term 'critical systems', 'disaster' and issue detailed guidelines with regard to review of BCP document, DR drill/live trading, operating DR site from PDC, timeline for obtaining ISO certification etc.
65 · 8. Stock exchanges shall put in place a structure of financial disincentives applicable to stock brokers for technical glitches occurring in their trading systems and non-compliance of the provisions made in this regard.
65 · 9. Stock exchanges shall disseminate on their websites the instances of Technical glitches occurred in the trading system of stock brokers along with Root Cause Analysis (RCA) on such glitches.
65 · 10.Stock exchanges shall build necessary systems for implementation of the provisions of this circular and issue appropriate guidelines to the stock brokers for compliance with the provisions of this circular.
66 · Advisory for SEBI Regulated Entities (REs) regarding Cybersecurity best practices 90
66 · 1. Considering the interconnectedness and interdependency of the financial entities to carry out their functions, the cyber risk of any given entity is no longer limited to the entity's owned or controlled systems, networks and assets
66 · 2. Further, given the sophistication and persistence of the threat with a high level of coordination among threat actors, it is important to recognize that many traditional approaches to risk management and governance that worked in the past may not be comprehensive or agile enough to address the rapid changes in the threat environment and the pace of technological change that is redefining public and private enterprise.
66 · 3. Thus, an efficient and effective response to and recovery from a cyberincident by REs are essential to limit any related financial stability risks. For ensuring the same, Financial Computer Security Incident Response Team (CSIRT-Fin) has provided important recommendations in its report sent to SEBI. The applicable recommendations, in the form of an advisory, are enclosed at Annexure -31 of this circular.
66 · 4. This advisory should be read in conjunction with the applicable SEBI circulars (including but not limited to Cybersecurity and Cyber Resilience framework, Annual System Audit framework, etc.) and subsequent updates issued by SEBI from time to time.
66 · 5. The compliance of the advisory shall be provided by the REs along with their cybersecurity audit report (conducted as per the applicable SEBI Cybersecurity and Cyber Resilience framework). The compliance shall be submitted as per the existing reporting mechanism and frequency of the respective cybersecurity audit.
90 · Reference: Circular SEBI/HO/ITD/ITD_VAPT/P/CIR/2023/032 dated February 22, 2023
67 · Framework for Adoption of Cloud Services by SEBI Regulated Entities (REs) 91
67 · 1. Background: In recent times, the dependence on cloud computing for delivering the IT services is increasing. While cloud computing offers multiple advantages viz. ready to scale, ease of deployment, no overhead of maintaining physical infrastructure etc., the RE should also be aware of the new cyber security risks and challenges which cloud computing introduces. In view of the above, this cloud framework has been drafted to provide baseline standards of security and for the legal and regulatory compliances by the RE. The framework shall be seen as an addition to already existing SEBI circulars /guidelines /advisories.
67 · 2. Objective: The major purpose of this framework is to highlight the key risks, and mandatory control measures which REs need to put in place before adopting cloud computing. The document also sets out the regulatory and legal compliances by REs if they adopt such solutions.
67 · 3. Applicability:
67 · 4. Transition Period
91 · Reference: Circular SEBI/HO/ITD/ITD_VAPT/P/CIR/2023/033 dated March 06, 2023.
67 · 5. Scope:
92 · The details of cloud deployment shall be submitted in the format provided in Appendix-A
67 · 6. Approach:
68 · Periodical Report – Grant of prior approval to members of Stock Exchanges 93
68 · 1. With the amendment in the Stock Brokers Regulations 1992 vide Notification No. LAD -NRO/GN/2011 -12/03/12650 dated April 19, 2011, the requirement of members of the Stock Exchanges to obtain prior approval from SEBI for change in status or constitution has been done away with. However, the members of the Stock Exchanges would be required to take prior approval from SEBI for change in control.
68 · 2. The Stock Exchanges will continue to grant prior approval to their members for change in status or constitution, which would include the following:
68 · 2.1. in case of a body corporate —
68 · 2.2. any change between the following legal forms -individual, partnership firm, Hindu undivided family, private company, public company, unlimited company or statutory corporation and other similar changes;
68 · 2.3. in case of a partnership firm any change in partners not amounting to dissolution of the firm;
68 · 2.4. any other purpose as may be considered appropriate by the Stock Exchanges.
68 · 3. The Stock Exchanges shall submit a periodical report with details of the changes in status or constitution of the members, as per the format and in accordance with guidelines given at Annexure-33.
69 · Procedure for seeking prior approval for change in control 94
93 · Reference: Circular CIR/MIRSD/2/2011 dated June 03, 2011
94 · Reference: Circular SEBI/HO/MIRSD/ MIRSD -PoD -2/P/CIR/2022/163 dated November 28, 2022
69 · 1. Regulation 9(c) of the Stock Brokers Regulations 1992 and Regulation 9(c) read with Regulation 10B of the Stock Brokers Regulations 1992 provide respectively that stock broker and clearing member shall obtain prior approval of SEBI in case of change in control.
69 · 2. To streamline the process of providing approval to the proposed change in control of stock broker/clearing member (hereinafter referred as intermediary or applicant), it has been decided as under:
69 · 2.1. The Intermediary shall make an online application to SEBI for prior approval through the SEBI Intermediary Portal ('SI Portal') (https://siportal.sebi.gov.in).
69 · 2.2. The online application in SI portal shall be accompanied by the following information/declaration/undertaking about itself, the acquirer(s)/the person(s) who shall have the control and the directors/partners of the acquirer(s)/ the person(s) who shall have the control:
69 · 2.2.1. Current and proposed shareholding pattern of the applicant
69 · 2.2.2. Whether any application was made in the past to SEBI seeking registration in any capacity but was not granted? If yes, details thereof.
69 · 2.2.3. Whether any action has been initiated / taken under SCRA 1956/SEBI Act 1992 or rules and regulations made thereunder? If yes, the status thereof along with the corrective action taken to avoid such violations in the future. The acquirer/ the person who shall have the control shall also confirm that it shall honour all past liabilities / obligations of the applicant, if any.
69 · 2.2.4. Whether any investor complaint is pending? If yes, steps taken and confirmation that the acquirer/ the person who shall have the control shall resolve the same.
69 · 2.2.5. Details of litigation(s), if any.
69 · 2.2.6. Confirmation that all the fees due to SEBI have been paid.
69 · 2.2.7. Declaration cum undertaking of the applicant and the acquirer/ the person who shall have the control (in a format enclosed at Annexure -34), duly stamped and signed by their authorized signatories that:
69 · 2.2.7.1. There will not be any change in the Board of Directors of incumbent, till the time prior approval is granted;
69 · 2.2.7.2. pursuant to grant of prior approval by SEBI, the incumbent shall inform all the existing investors/ clients about the proposed change prior to effecting the same, in order to enable them to take informed decision regarding their continuance or otherwise with the new management; and
69 · 2.2.7.3. the 'fit and proper person' criteria as specified in Schedule II of the Intermediaries Regulations 2008 are complied with.
69 · 2.2.8. In case the incumbent is a registered stock broker, clearing member, depository participant, in addition to the above, it shall obtain approval /NOC from all the stock exchanges/clearing corporations/depositories, where the incumbent is a member/depository participant and submit self -attested copy of the same to SEBI.
69 · 2.3. The prior approval granted by SEBI shall be valid for a period of six months from the date of such approval within which the applicant shall file application for fresh registration pursuant to change in control.
69 · 3. To streamline the process of providing approval to the proposed change in control of an intermediary in matters which involve scheme(s) of arrangement which needs sanction of the National Company Law Tribunal ("NCLT") in terms of the provisions of the Companies Act, 2013, the following has been decided:
69 · 3.1. The application seeking approval for the proposed change in control of the intermediary shall be filed with SEBI prior to filing the application with NCLT.
69 · 3.2. Upon being satisfied with compliance of the applicable regulatory requirements, an in-principle approval will be granted by SEBI;
69 · 3.3. The validity of such in-principle approval shall be three months from the date issuance, within which the relevant application shall be made to NCLT.
69 · 3.4. Within fifteen days from the date of order of NCLT, the intermediary shall submit an online application in terms of para 69.3 of this circular along with the following documents to SEBI for final approval:
69 · 4. With respect to transfer of shareholding among immediate relatives and transmission of shareholding, certain provisions are mentioned below: 95
69 · 4.1. Transfer /transmission of shareholding in case of unlisted body corporate intermediary: In following scenarios, change in shareholding of the intermediary will not be construed as change in control:
69 · 4.2. Transfer /transmission of shareholding in case of a proprietary firm type intermediary: In case of an intermediary being a proprietary concern, the transfer or bequeathing of the business/capital by way of transmission to another person is a change in the legal formation or ownership and hence by the definition of change in control, such transmission or transfer shall be considered as change in control. The legal heir / transferee in such cases is required to obtain prior approval and thereafter fresh registration shall be obtained in the name legal heir/transferee.
69 · 4.3. Transfer /transmission of ownership interest in case of partnership firm type intermediary: Change in partners and their ownership interest of the partnership firm type intermediary shall be dealt in following manner:
95 · Reference: Circular no. SEBI/HO/MIRSD/DOR/CIR/P/2021/42 dated March 25,2021
69 · 4.4. Incoming entities/ shareholders becoming part of controlling interest in the intermediary pursuant to transfer of shares from immediate relative / transmission of shares (immediate relative or not), need to satisfy the fit and proper person criteria stipulated in Schedule II of the Intermediaries Regulations 2008.
70 · Guidelines for seeking NOC by Stock Brokers / Clearing Members for setting up Wholly Owned Subsidiaries, Step Down Subsidiaries, Joint Ventures in GIFT IFSC96
70 · 1. SEBI receives applications from Stock Brokers / Clearing Members for granting NOCs for setting up Wholly Owned Subsidiaries, Step Down Subsidiaries, Joint Ventures, etc. in GIFT IFSC. With an endeavour to rationalise and streamline the process of application, the following guidelines are being issued.
70 · 2. The format of application along with list of supporting documents for seeking NOC for setting up Wholly Owned Subsidiaries, Step Down Subsidiaries or entering into Joint Ventures in GIFT IFSC is placed as Annexure -35.
70 · 3. Stock Brokers and Clearing Members shall apply through a Stock Exchange where the applicant is a member, along with the required information, documents and NOC received from all Stock Exchanges/Clearing Corporations/Depositories in which the applicant is a member/participant.
70 · 4. Stock Exchanges / Clearing Corporations (where the applicant is only clearing member) are directed to forward the complete application to SEBI, after verification along with its recommendation.
96 · Reference: Circular SEBI/HO/MIRSD/DoR/P/CIR/2022/61 dated May 13, 2022
71 · 1. In order to facilitate SEBI registered stock brokers to undertake securities market related activities in Gujarat International Finance Tech-city – International Financial Services Centre (GIFT-IFSC), it has been decided to do away with the requirement of obtaining specific approval from SEBI.
71 · 2. Stock brokers proposing to undertake securities market related activities in GIFT -IFSC are permitted to do so under a Separate Business Unit (SBU) of the stock broking entity itself. These activities can also be carried out if the branch qualifies as an SBU.
71 · 3. Existing practice of carrying out securities market related activities in GIFTIFSC through a subsidiary is also allowed. Thus, the form in which these activities are to be carried out is at the discretion of the entity.
71 · 4. The matters related to policy, eligibility criteria, risk management, investor grievances, inspection, enforcement, claims etc. for SBU in GIFT-IFSC would be specified under the regulatory framework issued by the concerned regulatory authority and all activities of the SBU in GIFT-IFSC would be under the jurisdiction of that regulatory authority .
71 · 5. In pursuance of the above regulatory jurisdiction, to demarcate the regulatory obligations and to ring fence the activities of the stock brokers in Indian securities market and that of SBU in GIFT -IFSC, some of the key safeguards are being prescribed as under:
71 · 5.1. Stock brokers shall ensure that securities market related activities of the SBU in GIFT -IFSC are segregated and ring-fenced from the Indian securities market related activities of the stock broker and arms-length relationship between these activities is maintained.
71 · 5.2. Such SBU in GIFT -IFSC shall be exclusively engaged in providing securities market related activities as permitted by the IFSCA. Further that, the activities to be carried out by the SBU shall be as permitted by the IFSCA.
71 · 5.3. Stock brokers shall prepare and maintain a separate account for the SBU on arms -length basis.
71 · 5.4. The net worth of the SBU shall be kept segregated from the net worth of the stock broker in the Indian securities market. Net worth criteria
97 · SEBI/HO/MIRSD/MIRSD -PoD/P/CIR/2025/61 dated May 02, 2025
71 · 6. As the activities of the SBU shall be under the jurisdiction of another regulatory authority, Grievance Redressal Mechanism and Investor Protection Fund (IPF) of the stock exchanges and SCORES shall not be available for investors availing the services of the SBU.
71 · 7. Stock brokers who have already floated subsidiary or entered into joint venture to undertake securities market related activities in GIFT -IFSC after obtaining approval from SEBI, shall have an option to dismantle at its discretion, such subsidiary/joint venture and carry out such services under an SBU of the stock broking entity itself.
72 · Facilitation to SEBI registered Stock Brokers to access Negotiated Dealing System-Order Matching (NDS-OM) for trading in Government SecuritiesSeparate Business Units (SBU) 98
72 · 1. Reserve Bank of India vide its notification dated February 07, 2025 permitted access of SEBI-registered non-bank brokers to Negotiated Dealing System-Order Matching (NDS-OM) through Master Direction Reserve Bank of India (Access Criteria for NDS-OM) Directions, 2025 .
72 · 2. In order to facilitate SEBI -registered stock brokers to participate in Government Securities (G-Secs) market in the NDS-OM, it has been decided that they may do so under a Separate Business Unit (SBU) of the stock broking entity itself, in the manner specified herewith.
72 · 3. The matters related to policy, eligibility criteria, risk management, investor grievances, inspection, enforcement, claims etc. for stock brokers to transact on NDS -OM would be specified under the regulatory framework issued by the respective regulatory authority and all activities of the business unit of stock broker facilitating trading on NDS-OM would be under the jurisdiction of that regulatory authority.
72 · 4. In pursuance of the above regulatory jurisdiction, to demarcate the regulatory obligations and to ring fence the activities of the stock brokers and its NDS -OM activities, some of the key safeguards are being prescribed as under:
72 · 4.1. Stock brokers shall ensure that activities of the NDS -OM under a SBU are segregated and ring-fenced from the securities market related activities of the stock broker and arms -length relationship between these activities are maintained;
98 · SEBI/HO/MIRSD/MIRSD -PoD/P/CIR/2025/14 dated February 11, 2025
72 · 4.2. Such SBU shall be exclusively engaged in activities of transacting on NDS -OM only;
72 · 4.3. Stock brokers shall prepare and maintain a separate account for the SBU on arms -length basis;
72 · 4.4. The net worth of the SBU shall be kept segregated from the net worth of the stock broker in the securities market. Net worth criteria for stock broker shall be satisfied after excluding account of the SBU.
72 · 5. As the activities of the SBU shall be under the jurisdiction of another regulatory authority , Grievance Redressal Mechanism and Investor Protection Fund (IPF) of the stock exchanges and SCORES shall not be available for investors availing the services of the SBU.
73 · Inter -Governmental Agreement with United States of America under Foreign Accounts Tax Compliance Act - Registration 99
73 · 1. The Government of India has advised that India and the United States of America (US) have reached an agreement in substance on the terms of an Inter -Governmental Agreement (IGA) to implement Foreign Accounts Tax Compliance Act (FATCA) and India is now treated as having an IGA in effect from April 11, 2014. However, the IGA may be signed in due course. Information on FATCA is available at:
73 · 2. As advised by the Government, the following points may be noted by all SEBI registered intermediaries:
73 · 2.1. Indian Financial Institutions would have time upto December 31, 2014 to register with US authorities and obtain a Global Intermediary Identification Number (GIIN). This time limit would also be applicable to Indian Financial Institutions having overseas branches in Model 1 jurisdictions, including those jurisdictions where an agreement under Model 1 has been reached in substance. Registration should be done only after the formal IGA is signed.
73 · 2.2. Overseas branches of Indian Financial Institutions in a jurisdiction having IGA 2 agreement or in a jurisdiction that does not have an IGA but permits financial institutions to register and agree to a Foreign Financial Institution (FFI) agreement, may register with US authorities within the stipulated time period and obtain a GIIN in accordance with the requirements to avoid potential withholding under FATCA.
73 · 2.3. Overseas branches of Indian Financial Institutions in a jurisdiction that does not have an IGA and does not permit financial institutions to register and agree to an FFI agreement may not register and their overseas branches would eventually be subject to withholding under FATCA.
73 · 2.4. The Government has further advised that if registration of the parent intermediary/ head office is a pre-requisite for a branch to register, such intermediaries may register as indicated at para 73.2.1 and 73.2.2 above.
99 · Reference: Circular CIR/MIRSD/2/2014 dated June 30, 2014
74 · Implementation of the Multilateral Competent Authority Agreement and Foreign Account Tax Compliance Act 100
74 · 1. India joined the Multilateral Competent Authority Agreement (MCAA) on Automatic Exchange of Financial Account Information on June 03, 2015. In terms of the MCAA, all countries which are signatory to MCAA, are obliged to exchange a wide range of financial information after collecting the same from financial institutions in their country / jurisdiction.
74 · 2. On July 09, 2015, the Governments of India and United States of America (USA) signed an agreement to improve international tax compliance and to implement the Foreign Account Tax Compliance Act (FATCA) in India. The USA enacted FATCA in 2010 to obtain information on accounts held by US taxpayers in other countries. As per the aforesaid agreement, foreign financial institutions (FFIs) in India will be required to report tax information about US account holders / taxpayers directly to the Indian Government which will, in turn, relay that information to the IS Internal Revenue Service (IRS).
74 · 3. For implementation of the MCAA and agreement with USA, the Government of India has made necessary legislative changes to Section 285BA of the Income Tac Act, 1961. Further, the Government of India has notified Rules 114F to 114H (herein after referred to as "the Rules") under the Income Tax Rules, 1962 and form No. 61B for furnishing of statement of reportable account specified in the Rules. The Rule is available at http://www.incometaxindia.gov.in/communications/notification/notification% 20no.%2062%20dated%2007 -08 -2015.pdf
74 · 4. A "Guidance Note on implementation of Reporting Requirements under Rules 114F to 114H of the Income Tax Rules" as issued by the Department of Revenue, Ministry of Finance vide F.No.500/137/2011-FTTR-III dated August 31, 2015 is available at http://www.incometaxindia.gov.in/communications/notification/guidance_not es_on_im plementation_31_08_2015.pdf, for information and necessary action.
74 · 5. All registered intermediaries shall take necessary steps to ensure compliance with the requirements specified in the aforesaid Rules after carrying out necessary due diligence.
100 · Reference: Circular CIR/MIRSD/2/2015 dated August 26, 2015 and Circular CIR/MIRSD/3/2015 dated September 10, 2015.
75 · Exclusive e -mail ID for redressal of Investor Complaints 101
75 · 1. All the registered stock brokers shall designate an e-mail ID of the grievance redressal division/compliance officer exclusively for the purpose of registering complaints by investors. Stock Brokers shall also display the email ID and other relevant details prominently on their websites and in the various materials/pamphlets/advertisement campaigns initiated by them for creating investor awareness.
76 · Redressal of Investor complaints against Stock Brokers in SEBI Complaints Redress System (SCORES) 102
76 · 1. SEBI commenced processing of investor complaints in a centralized web based complaints redress system 'SCORES'. The salient features of this system are:
76 · 1.1. Centralised database of all complaints,
76 · 1.2. Online movement of complaints to the concerned listed companies,
76 · 1.3. Online upload of Action Taken Reports (ATRs) by the concerned companies, and
76 · 1.4. Online viewing by investors of actions taken on the complaint and its current status.
76 · 2. The investor grievances received by SEBI against stock brokers are taken up electronically with the concerned Stock Exchange(s) through SCORES. The Stock Exchange(s) in turn, take up the matter with the concerned stock brokers.
76 · 3. Stock Exchanges shall ensure that the investor complaints shall be resolved within fifteen working days from the date of receipt of the complaint. Additional information, if any, required from the complainant, shall be sought within seven working days from the date of receipt of the complaint. The period of fifteen working days shall be counted from the date of receipt of additional information sought. 103
101 · Reference: Circular MRD/DoP/Dep/SE/CIR-22/06 dated December 18, 2006
102 · Reference: Circular CIR/MIRSD/18/2011 dated August 25, 2011 and Circular SEBI/HO/MIRSD/MIRSD6/CIR/P/2017/20 dated March 10, 2017.
103 · Reference: Circular SEBI/HO/MIRSD/DOC/CIR/P/2020/226 dated November 06, 2020
76 · 4. For redressal of investor grievances through the SEBI Complaints Redress System (SCORES) platform, the master circular issued by SEBI in this regard may be accessed at the following link:
77 · Information regarding Grievance Redressal Mechanism 104
77 · 1. For information of all investors who deal/ invest/ transact in the market, the offices of all stock brokers (and its authorized person(s)) shall prominently display basic information, as provided in Annexure-36, about the grievance redressal mechanism available to investors.
78 · Publishing Investor Charter and disclosure of Investor Complaints by Stock Brokers on their websites105
78 · 1. The Investor Charter for Stock Brokers inter -alia provide details about the services provided to Investors, Rights of Investors, various activities of Stock Brokers with timelines, DOs and DON'Ts for Investors and Grievance Redressal Mechanism. The same is placed at Annexure-37.
78 · 2. Stock Brokers shall bring the Investor Charter to the notice of their clients (existing as well as new clients) through disclosing the Investor Charter on their respective websites, making them available at prominent places in the office, provide a copy of Investor Charter as a part of account opening kit to the clients, through e-mails/ letters etc.
78 · 3. Additionally, in order to bring about transparency in the Investor Grievance Redressal Mechanism, all the Stock Brokers shall disclose on their respective websites, the data on complaints received against them or against issues dealt by them and redressal thereof, latest by seventh of succeeding month, as per the format enclosed at Annexure-38.
104 · Reference: Circular CIR/MIRSD/3/2014 dated August 28, 2014. 105 Reference: Circular SEBI/HO/MIRSD/DOP/P/CIR/2021/676 dated December 02,2021 and SEBI/HO/MIRSD/MIRSD -PoD1/P/CIR/2025/22 dated February 21, 2025
79 · Standard operating procedure in the cases of Trading Member / Clearing Member leading to default 106
79 · 1.With the introduction of uniform membership structure of TM and CM across all segments, the TM shall make good the default of its clients to the CM and the CM shall make good the default of its clients / TM to the CC. The default of TM may not necessarily lead to default of CM, if the CM continues to fulfill the settlement obligation with the CC. To protect the interest of nondefaulting clients of a TM and /or non-defaulting clients / TM(s) of the CM, in the likely event of default by TM / CM, there is a need for Standard Operating Procedure ("SoP") enumerating the steps to be taken by the SEs / CCs / Depositories in such cases where SE / CC is of the view that TM / CM is likely to default in repayment of funds or securities to its clients.
79 · 2. In order to harmonize the action amongst all SEs / CCs / Depositories in a time bound manner this SoP has been prepared in consultation with SEs, CCs and Depositories so as to achieve uniformity in implementation of actions. The SoP lays down the actions to be initiated by the SEs / CCs / Depositories within a time frame after detection of the early warning signals as laid out in the Circular dated December 17, 2018 and other triggers as laid down in this circular until declaration of defaulter of TM / CM by the SE / CC. Once the TM is declared defaulter, the proceedings shall be in compliance with the bye-laws, rules and regulations of SE / CC respectively.
79 · 3.On analysis of early warning signals or any of the following triggers, if the SE / CC is of the view that the TM / CM is likely to default in the repayment of funds / securities to its clients and / or fail to meet the settlement obligations to CM / CC, where:
79 · 3.1. There is shortage of funds / securities payable to the clients by Rs. 10 crore (SE may have their own criteria) and / or
79 · 3.2. TM / CM has failed to meet the settlement obligations to CM / CC and / or
79 · 3.3. There is sudden increase in the number of investor's complaints against the TM / CM for non-payment of funds and / or transfer of securities,
106 · Reference: Circular SEBI/HO/MIRSD/DPIEA/CIR/P/2020/115 dated July 01,2020 and Circular SEBI/HO/MIRSD/DPIEA/CIR/2022/72 dated May 27, 2022.
79 · 4.The above action shall equally apply to a likely event of default by a CM who is also a TM. However, in case of likely default of a Professional CM, the action to be initiated by the CM shall fall upon the CC.
79 · 5.As soon as TM is disabled that information shall be shared by ISE with all SEs / CCs. On receipt of such information respective SE shall also conduct their due diligence and may initiate action of disablement by issuing reasoned order by MD of SE concern. However, when SCN has been issued for declaring a TM / CM as a defaulter by any SE, its subsidiary / associate companies which are also member(s) on other segment / SE / CC shall also be put in suspension mode. All their open positions shall be squared off and their assets shall be frozen.
79 · 6.Once the Member is disabled or SCN is issued for declaration of defaulter to TM / CM (whichever is earlier), no further Investor Grievance Redressal Committee (IGRC) / Arbitration meetings shall be conducted.
79 · 7.Default proceedings shall take place as per bye laws / rules / regulations of the SE / CC. If the member is also a DP, Depositories shall take action as per its bye laws for termination / transfer of its participant-ship based on record. SEs shall not expel the TM immediately until the default proceedings are completed.
79 · 8.The TM shall provide a list of all its bank accounts to the SEs /CCs and the SEs / CCs shall obtain an undertaking from the TM within 90 days from the date of issuance of this Circular, undertaking that the SEs / CCs shall be empowered to instruct the bank(s) of the TM to freeze the bank account(s) for debits. The draft of undertaking is enclosed at Annexure-39.
79 · 9.The above SoP enumerates the minimum action which shall be initiated by the respective SEs / CCs / Depositories However, the respective SEs / CCs / Depositories are free to initiate any other actions as may be necessary in compliance with their bye laws / rules / regulations and / or to protect the interest of investors. The ISE / SEs/ CCs and Depositories are expected to follow the timelines with respect to each actions as enumerated, reasons shall be recorded in case of for any deviation in timelines prescribed.
80 · Recovery of assets of defaulter member and recovery of funds from debit balance clients of defaulter member for meeting the obligations of clients / Stock Exchange / Clearing Corporation 107
80 · 1. In the case of default by TM/CM, it has been noted that in certain cases there is shortfall of funds/securities with defaulter member to meet the obligation of clients / SE / CC. The bye-laws of SE/CC provide for the procedure for declaring a member as defaulter when, amongst other reasons, the member is not able to fulfil its obligations and also provide for initiation of proceedings in a court of law whenever a member is declared
107 · Reference: Circular SEBI/HO/MIRSD/DPIEA/CIR/P/2020/186 dated September 28,2020
80 · 2. The SE/CC are advised to initiate suitable actions for liquidating the assets (movable and immovable) of defaulter member including that of debit balance clients (to the extent of debit balance), within six months of declaration of defaulter, for recovery of the assets not in possession of the SE/CC, before appropriate court of law.
81 · Advertisement by Brokers and grant of trading terminals 108
81 · 1. The Stock Exchanges shall ensure that brokers do not issue advertisements of their business, including in their internet sites, by subsidiaries, group companies etc. in contravention to Clause C(4) and C(5) of the Code of Conduct specified in Schedule II of Regulation 9 of the Stock Brokers Regulations 1992 and Bye Laws of the concerned Stock Exchange.
81 · 2. Stock Exchanges shall grant trading terminals only at the members' registered office and their branch offices.
82 · Registration Number of Brokers to be quoted on all correspondences with SEBI109
82 · 1. Stock Exchanges shall quote SEBI Registration Number of the concerned Broker quoted on all correspondences with SEBI relating to them. Stock Exchanges shall instruct the Brokers to quote their SEBI Registration Number in all their correspondences with SEBI.
83 · Maintenance of books of accounts and other documents sought by Enforcement Agencies from Stock Exchanges and Brokers 110
83 · 1. In terms of Rules 14 and 15 of SCRR 1957 (hereinafter referred to as SCRR, 1957), every recognized stock exchange and its members are required to maintain and preserve the specified books of account and documents for a period ranging from two years to five years. Further, as per Regulation 18 of the Stock Brokers Regulations 1992 (hereinafter referred to as Stock Broker Regulations), every stock broker shall preserve the specified books of account and other records for a minimum period of five years.
83 · 2. Enforcement agencies like Central Bureau of Investigation, Police, Crime Branch etc. have been collecting copies of the various records/documents during the course of their investigation. These original documents both in physical form and electronic form would be required by such enforcement agencies during trial of the case also.
83 · 3. Notwithstanding anything contained in SCRR 1957 and the Stock Broker Regulations 1992, it is advised to preserve the originals of the documents,
108 · Reference: Circular SMD/POLICY/CIR -49/2001 dated October 22, 2001.
109 · Reference: Circular SMD/DBA -II/Cir -16/9618/03 dated May 05, 2003.
110 · Reference: Circular SEBI/MRD/SE/CIR -15/2005 dated August 04, 2005.
84 · Display of details by Stock Brokers (including Trading Members) 111
84 · 1. While a stock broker may use the brand name / logo of its group companies, it must display more prominently:
85 · Unauthenticated news circulated by SEBI Registered Market Intermediaries through various modes of communication 112
85 · 1. It has been observed by SEBI that unauthenticated news related to various scrips are circulated in blogs/chat forums/e-mail etc. by employees of Broking Houses/Other Intermediaries without adequate caution as mandated in the Code of Conduct for Stock Brokers and respective Regulations of various intermediaries registered with SEBI.
85 · 2. It was also observed that the Intermediaries do not have proper internal controls and do not ensure that proper checks and balances are in place to govern the conduct of their employees. Due to lack of proper internal controls and poor training, employees of such intermediaries are sometimes not aware of the damage which can be caused by circulation of unauthenticated news or rumours. It is a well -established fact that market rumours can do considerable damage to the normal functioning and behaviour of the market and distort the price discovery mechanisms.
85 · 3. In view of the above facts, SEBI Registered Market Intermediaries are directed that:
111 · Reference: Circular CIR/MIRSD/9/2010 dated November 04, 2010.
112 · Reference: Circular CIR/ISD/1/2011 dated March 23, 2011 and Circular CIR/ISD/2/2011 dated March 24, 2011
85 · 3.1. Proper internal code of conduct and controls should be put in place.
85 · 3.2. Employees/temporary staff/voluntary workers etc. employed/working in the Offices of market intermediaries do not encourage or circulate rumours or unverified information obtained from client, industry, any trade or any other sources without verification.
85 · 3.3. Access to Blogs/Chat forums/Messenger sites etc. should either be restricted under supervision or access should not be allowed.
85 · 3.4. Logs for any usage of such Blogs/Chat forums/Messenger sites (called by any nomenclature) shall be treated as records and the same should be maintained as specified by the respective Regulations which govern the concerned intermediary.
85 · 3.5. Employees should be directed that any market related news received by them either in their official mail/personal mail/blog or in any other manner, should be forwarded only after the same has been seen and approved by the concerned Intermediary's Compliance Officer. If an employee fails to do so, he/she shall be deemed to have violated the various provisions contained in SEBI Act/Rules/Regulations etc. and shall be liable for action. The Compliance Officer shall also be held liable for breach of duty in this regard.
86 · Guidelines on Outsourcing of Activities by Stock Brokers 113
86 · 1. SEBI Regulations for various intermediaries require that they shall render at all times high standards of service and exercise due diligence and ensure proper care in their operations.
86 · 2. It has been observed that often the stock brokers resort to outsourcing with a view to reduce costs, and at times, for strategic reasons.
86 · 3. Outsourcing may be defined as the use of one or more than one third party – either within or outside the group - by a registered intermediary to perform the activities associated with services which the intermediary offers.
86 · 4. Principles for Outsourcing
86 · 4.1. The risks associated with outsourcing may be operational risk, reputational risk, legal risk, country risk, strategic risk, exit-strategy risk, counter party risk, concentration and systemic risk. The principles for outsourcing are given below at paras 86.7 to 86.14 below.
113 · Circular CIR/MIRSD/24/2011 dated December 15, 2011.
86 · 5. Activities that shall not be Outsourced
86 · 5.1. The stock brokers desirous of outsourcing their activities shall not, however, outsource their core business activities and compliance functions. An example of core business activity may be – execution of orders and monitoring of trading activities of clients in case of stock brokers. Regarding Know Your Client (KYC) requirements, the stock brokers shall comply with the provisions of Securities and Exchange Board of India {KYC (Know Your Client) Registration Agency} Regulations, 2011 and Guidelines issued thereunder from time to time.
86 · 6. Other Obligations
86 · 6.1. Reporting to Financial Intelligence Unit (FIU) - The stock brokers shall be responsible for reporting of any suspicious transactions / reports to FIU or any other competent authority in respect of activities carried out by the third parties.
86 · 7. An intermediary seeking to outsource activities shall have in place a comprehensive policy to guide the assessment of whether and how those activities can be appropriately outsourced. The Board / partners (as the case may be) {hereinafter referred to as the "the Board"} of the intermediary shall have the responsibility for the outsourcing policy and related overall responsibility for activities undertaken under that policy.
86 · 7.1. The policy shall cover activities or the nature of activities that can be outsourced, the authorities who can approve outsourcing of such activities, and the selection of third party to whom it can be outsourced. For example, an activity shall not be outsourced if it would impair the supervisory authority's right to assess, or its ability to supervise the business of the intermediary. The policy shall be based on an evaluation of risk concentrations, limits on the acceptable overall level of outsourced activities, risks arising from outsourcing multiple activities to the same entity, etc.
86 · 7.2. The Board shall mandate a regular review of outsourcing policy for such activities in the wake of changing business environment. It shall also have overall responsibility for ensuring that all ongoing outsourcing decisions taken by the intermediary and the activities undertaken by the third-party, are in keeping with its outsourcing policy.
86 · 8. The intermediary shall establish a comprehensive outsourcing risk management programme to address the outsourced activities and the relationship with the third party.
86 · 8.1. An intermediary shall make an assessment of outsourcing risk which depends on several factors, including the scope and materiality of the outsourced activity, etc. The factors that could help in considering materiality in a risk management programme include-
86 · 8.1.1. The impact of failure of a third party to adequately perform the activity on the financial, reputational and operational performance of the intermediary and on the investors / clients;
86 · 8.1.2. Ability of the intermediary to cope up with the work, in case of non -performance or failure by a third party by having suitable back -up arrangements;
86 · 8.1.3. Regulatory status of the third party, including its fitness and probity status;
86 · 8.1.4. Situations involving conflict of interest between the intermediary and the third party and the measures put in place by the intermediary to address such potential conflicts, etc.
86 · 8.2. While there shall not be any prohibition on a group entity / associate of the intermediary to act as the third party, systems shall be put in place to have an arm's length distance between the intermediary and the third party in terms of infrastructure, manpower, decision-making, record keeping, etc. for avoidance of potential conflict of interests. Necessary disclosures in this regard shall be made as part of the contractual agreement. It shall be kept in mind that the risk management practices expected to be adopted by an intermediary while outsourcing to a related party or an associate would be identical to those followed while outsourcing to an unrelated party.
86 · 8.3. The records relating to all activities outsourced shall be preserved centrally so that the same is readily accessible for review by the Board of the intermediary and / or its senior management, as and when needed. Such records shall be regularly updated and may also form part of the corporate governance review by the management of the intermediary.
86 · 8.4. Regular reviews by internal or external auditors of the outsourcing policies, risk management system and requirements of the regulator
86 · 9. The intermediary shall ensure that outsourcing arrangements neither diminish its ability to fulfill its obligations to customers and regulators, nor impede effective supervision by the regulators.
86 · 9.1. The intermediary shall be fully liable and accountable for the activities that are being outsourced to the same extent as if the service were provided in-house.
86 · 9.2. Outsourcing arrangements shall not affect the rights of an investor or client against the intermediary in any manner. The intermediary shall be liable to the investors for the loss incurred by them due to the failure of the third party and also be responsible for redressal of the grievances received from investors arising out of activities rendered by the third party.
86 · 9.3. The facilities / premises / data that are involved in carrying out the outsourced activity by the service provider shall be deemed to be those of the registered intermediary. The intermediary itself and Regulator or the persons authorized by it shall have the right to access the same at any point of time.
86 · 9.4. Outsourcing arrangements shall not impair the ability of SEBI/SRO or auditors to exercise its regulatory responsibilities such as supervision/inspection of the intermediary.
86 · 10. The intermediary shall conduct appropriate due diligence in selecting the third party and in monitoring of its performance.
86 · 10.1. It is important that the intermediary exercises due care, skill, and diligence in the selection of the third party to ensure that the third party has the ability and capacity to undertake the provision of the service effectively.
86 · 10.2. The due diligence undertaken by an intermediary shall include assessment of:
86 · 10.2.1.third party's resources and capabilities, including financial soundness, to perform the outsourcing work within the timelines fixed;
86 · 10.2.2.compatibility of the practices and systems of the third party with the intermediary's requirements and objectives;
86 · 10.2.3.market feedback of the prospective third party's business reputation and track record of their services rendered in the past;
86 · 10.2.4.level of concentration of the outsourced arrangements with a single third party; and
86 · 10.2.5.the environment of the foreign country where the third party is located.
86 · 11. Outsourcing relationships shall be governed by written contracts / agreements / terms and conditions (as deemed appropriate) {hereinafter referred to as "contract"} that clearly describe all material aspects of the outsourcing arrangement, including the rights, responsibilities and expectations of the parties to the contract, client confidentiality issues, termination procedures, etc.
86 · 11.1. Outsourcing arrangements shall be governed by a clearly defined and legally binding written contract between the intermediary and each of the third parties, the nature and detail of which shall be appropriate to the materiality of the outsourced activity in relation to the ongoing business of the intermediary.
86 · 11.2. Care shall be taken to ensure that the outsourcing contract:
86 · 11.2.1.clearly defines what activities are going to be outsourced, including appropriate service and performance levels;
86 · 11.2.2.provides for mutual rights, obligations and responsibilities of the intermediary and the third party, including indemnity by the parties;
86 · 11.2.3.provides for the liability of the third party to the intermediary for unsatisfactory performance/other breach of the contract
86 · 11.2.4.provides for the continuous monitoring and assessment by the intermediary of the third party so that any necessary corrective measures can be taken up immediately, i.e., the contract shall enable the intermediary to retain an appropriate level of control over the outsourcing and the
86 · 11.2.5.includes, where necessary, conditions of sub-contracting by the third-party, i.e. the contract shall enable intermediary to maintain a similar control over the risks when a third party outsources to further third parties as in the original direct outsourcing;
86 · 11.2.6.has unambiguous confidentiality clauses to ensure protection of proprietary and customer data during the tenure of the contract and also after the expiry of the contract;
86 · 11.2.7.specifies the responsibilities of the third party with respect to the IT security and contingency plans, insurance cover, business continuity and disaster recovery plans, force majeure clause, etc.;
86 · 11.2.8.provides for preservation of the documents and data by third party;
86 · 11.2.9.provides for the mechanisms to resolve disputes arising from implementation of the outsourcing contract;
86 · 11.2.10.provides for termination of the contract, termination rights, transfer of information and exit strategies;
86 · 11.2.11.addresses additional issues arising from country risks and potential obstacles in exercising oversight and management of the arrangements when intermediary outsources its activities to foreign third party. For example, the contract shall include choice -of -law provisions and agreement covenants and jurisdictional covenants that provide for adjudication of disputes between the parties under the laws of a specific jurisdiction;
86 · 11.2.12.neither prevents nor impedes the intermediary from meeting its respective regulatory obligations, nor the regulator from exercising its regulatory powers; and
86 · 11.2.13.provides for the intermediary and /or the regulator or the persons authorized by it to have the ability to inspect, access all books, records and information relevant to the outsourced activity with the third party.
86 · 12. The intermediary and its third parties shall establish and maintain contingency plans, including a plan for disaster recovery and periodic testing of backup facilities.
86 · 12.1. Specific contingency plans shall be separately developed for each outsourcing arrangement, as is done in individual business lines.
86 · 12.2. An intermediary shall take appropriate steps to assess and address the potential consequence of a business disruption or other problems at the third party level. Notably, it shall consider contingency plans at the third party; co-ordination of contingency plans at both the intermediary and the third party; and contingency plans of the intermediary in the event of non-performance by the third party.
86 · 12.3. To ensure business continuity, robust information technology security is a necessity. A breakdown in the IT capacity may impair the ability of the intermediary to fulfill its obligations to other market participants/clients/regulators and could undermine the privacy interests of its customers, harm the intermediary's reputation, and may ultimately impact on its overall operational risk profile. Intermediaries shall, therefore, seek to ensure that third party maintains appropriate IT security and robust disaster recovery capabilities.
86 · 12.4. Periodic tests of the critical security procedures and systems and review of the backup facilities shall be undertaken by the intermediary to confirm the adequacy of the third party's systems.
86 · 13. The intermediary shall take appropriate steps to require that third parties protect confidential information of both the intermediary and its customers from intentional or inadvertent disclosure to unauthorised persons.
86 · 13.1. An intermediary that engages in outsourcing is expected to take appropriate steps to protect its proprietary and confidential customer information and ensure that it is not misused or misappropriated.
86 · 13.2. The intermediary shall prevail upon the third party to ensure that the employees of the third party have limited access to the data handled and only on a "need to know" basis and the third party shall have adequate checks and balances to ensure the same.
86 · 13.3. In cases where the third party is providing similar services to multiple entities, the intermediary shall ensure that adequate care
86 · 14. Potential risks posed where the outsourced activities of multiple intermediaries are concentrated with a limited number of third parties.
86 · 14.1. In instances, where the third party acts as an outsourcing agent for multiple intermediaries, it is the duty of the third party and the intermediary to ensure that strong safeguards are put in place so that there is no co -mingling of information /documents, records and assets.
87 · General Guidelines for dealing with Conflicts of Interest of Stock Brokers and their Associated Persons in Securities Market114
87 · 1. Stock brokers are presently governed by the provisions for avoidance of conflict of interest as mandated in the regulations read with relevant circulars issued from time to time by SEBI. On the lines of Principle 8 of the International Organisation of Securities Commissions (IOSCO) Objectives and Principles of Securities Regulations, it has been decided to put in place comprehensive guidelines to collectively cover such stock brokers, for elimination of their conflict of interest, as detailed hereunder.
87 · 2. Stock Brokers shall adhere to these guidelines for avoiding or dealing with or managing conflict of interest. They shall be responsible for educating their associated persons for compliance of these guidelines.
87 · 3. For the purpose of these guidelines "associated persons" shall have the same meaning as defined in the Securities and Exchange Board of India (Certification of Associated Persons in the Securities Markets) Regulations, 2007.
87 · 4. Stock brokers and their associated persons shall,
87 · 4.1. lay down, with active involvement of senior management, policies and internal procedures to identify and avoid or to deal or manage actual or potential conflict of interest, develop an internal code of conduct governing operations and formulate standards of appropriate conduct in the performance of their activities, and ensure to communicate such policies, procedures and code to all concerned;
87 · 4.2. at all times maintain high standards of integrity in the conduct of their business;
114 · Reference: Circular CIR/MIRSD/5/2013 dated August 27, 2013
87 · 4.3. ensure fair treatment of their clients and not discriminate amongst them;
87 · 4.4. ensure that their personal interest does not, at any time conflict with their duty to their clients and client's interest always takes primacy in their advice, investment decisions and transactions;
87 · 4.5. make appropriate disclosure to the clients of possible source or potential areas of conflict of interest which would impair their ability to render fair, objective and unbiased services;
87 · 4.6. endeavor to reduce opportunities for conflict through prescriptive measures such as through information barriers to block or hinder the flow of information from one department/ unit to another, etc.;
87 · 4.7. place appropriate restrictions on transactions in securities while handling a mandate of issuer or client in respect of such security so as to avoid any conflict;
87 · 4.8. not deal in securities while in possession of material non published information;
87 · 4.9. not to communicate the material non published information while dealing in securities on behalf of others;
87 · 4.10. not in any way contribute to manipulate the demand for or supply of securities in the market or to influence prices of securities;
87 · 4.11. not have an incentive structure that encourages sale of products not suiting the risk profile of their clients;
87 · 4.12. not share information received from clients or pertaining to them, obtained as a result of their dealings, for their personal interest;
87 · 5. The Boards of Stock Brokers shall put in place systems for implementation of the aforementioned guidelines and provide necessary guidance enabling identification, elimination or management of conflict of interest situations. The Boards shall review the compliance of the above guidelines periodically.
87 · 6. The said guidelines shall be in addition to the provisions, if any, contained in respective regulations/ circulars issued by the Board from time to time regarding dealing with conflict of interest, in respect of such entities.
88 · Association of persons regulated by the Board and their agents with certain persons 115
88 · 1. Securities and Exchange Board of India (Intermediaries) (Amendment) Regulations, 2024, Securities Contracts (Regulation) (Stock Exchanges and Clearing Corporations) (Fourth Amendment) Regulations, 2024 and Securities and Exchange Board of India (Depositories and Participants) (Second Amendment) Regulations, 2024 have been notified by SEBI on August 26, 2024.
88 · 2. These regulations inter alia provide that persons regulated by the Board (including recognised stock exchanges, clearing corporations and depositories), and agents of such persons shall not have any direct or indirect association with another person who
88 · 3. In terms of these regulations, a "specified digital platform" shall mean digital platform as specified by the Board, which has a mechanism in place to take preventive as well as curative action, to the satisfaction of the Board, to ensure that such a platform is not used for indulging in any activity as referred to in clauses (i) or (ii) of paragraph 88.2 above.
88 · 4. It has been clarified that the term "another person" shall not include a person who is engaged in investor education, provided that such a person does not, directly or indirectly, indulge in any activity as referred to in clauses (i) or (ii) of paragraph 88.2 above.
115 · SEBI/HO/MIRSD/ MIRSD -PoD -1/P/CIR/2024/143 dated October 22, 2024
88 · 5. The guidelines on the preventive and curative measures for the digital platforms for their recognition as specified digital platform are being specified separately.
89 · Digital Mode of Payment 116
89 · 1. SEBI had notified the SEBI (Payment of Fees and Mode of Payment) (Amendment) Regulations, 2017 on March 06, 2017 to enable digital mode of payment (RTGS/NEFT/IMPS etc.) of fees/penalties/remittance/other payments etc.
89 · 2. Pursuant to above, SEBI has been receiving direct credit of amounts from various intermediaries / other entities.
89 · 3. In order to identify and account such direct credit in the SEBI account, intermediaries / other entities shall provide the information as mentioned in Annexure -40 to SEBI once the payment is made.
89 · 4. The above information should be emailed to the respective department(s) as well as to Treasury & Accounts division at tad@sebi.gov.in .
90 · Regulatory Framework for Commodity Derivatives Brokers 117
90 · 1. Erstwhile Forward Markets Commission (FMC) issued various circulars/letters/ directions to exchanges dealing in commodity derivatives for compliance by their members from time to time. Consequent to merger of FMC with SEBI, it is important that regulatory provisions for brokers across equity and commodity derivatives markets be harmonized. Accordingly, regulatory provisions have been divided into three parts as described below.
90 · 1.1. Annexure -41 contains details of FMC circulars which shall stand repealed and relevant SEBI circulars which shall be applicable.
90 · 1.2. Annexure -42 contains details of FMC circulars contents/norms of which shall continue as they are specific to commodity derivative markets.
116 · Reference: Circular SEBI/HO/GSD/T&A/CIR/P/2017/42 dated May 16, 2017.
117 · Reference: Circular SEBI/HO/MIRSD/MIRSD2/CIR/P/2016/92 dated September 23, 2016 and Circular SEBI/HO/MIRSD/MIRSD1/CIR/P/2017/104 dated September 21, 2017.
90 · 1.3. Annexure -43 contains details of FMC circulars which shall stand repealed.
90 · 2. All commodity derivatives exchanges shall continue to levy penalties they are currently levying and any revision thereof shall be decided in consultation with SEBI. Accordingly, FMC circulars dealing with penalties including Uniform Penalty Circular dated Mar 05, 2010 shall stand repealed.
91 · Approach to securities market data access and terms of usage of data provided by data sources in Indian securities market 118
91 · 1. In order to further enhance the quantum as well as the ease of accessibility and usability of data disseminated in public by various data sources in Indian securities market and keeping in view the deliberations and recommendations of Market Data Advisory Committee (MDAC), Stock Brokers are advised to make note of the following:
91 · 2. Further, apart from the data made available free of cost, data which is chargeable should be appropriately identified as such in public domain.
92 · Introduction of Investor Risk Reduction Access (IRRA) platform in case of disruption of trading services provided by the Trading Member (TM) 119
92 · 1. In recent times, with increasing dependence on technology in securities market, there is a rise in instances of glitches in trading members' systems, some of which lead to disruption of trading services and investor complaints. In such instances, investors with open positions are at risk of non-availability of avenues to close their positions, particularly if markets are volatile.
92 · 2. To address the issue, SEBI had extensive consultations with stock exchanges, clearing corporations (CCs) and TMs. As the respective business continuity plans, if any, of the TMs, may not be able to prevent disruption in some cases like TM being unable to move to Disaster Recovery Site within stipulated time, cyber-attacks etc., it has been decided
118 · Reference: Circular SEBI/HO/DEPA -III/DEPA -III_SSU/P/CIR/2022/25 dated February 25,2022
119 · Reference: Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2022/177 dated December 30, 2022
92 · 3. In this regard, the following has been decided:
92 · 3.1. A joint platform to provide Investor Risk Reduction Access (IRRA) service shall be developed by the exchanges to provide the investors an opportunity to square off/close the open positions and/or cancel pending orders in case of disruption of trading services provided by the Trading Member.
92 · 3.2. The IRRA service shall support multiple segments across multiple exchanges.
92 · 3.3. TMs, upon facing technical glitches which lead to disruption of trading services, can request for enablement of the IRRA service as per the procedures specified by the stock exchanges from time to time and IRRA shall be enabled on receipt of such requests.
92 · 3.4. In addition, stock exchanges shall also monitor the parameters like connectivity, order flow, social media posts etc. and suo moto initiate the enablement of the service, if needed, irrespective of any such request by the TM.
92 · 3.5. This service shall be enabled by the exchanges, suo moto, only in case of disruption of trading services of TM across all the exchanges, where the TM is member. In case of disruption of trading services of TM with one/some of the exchanges, where the TM is member, TM may request the enablement, in which case TM shall use the service for all the exchanges.
92 · 3.6. Once the service is enabled, all the investors of the TM shall be informed by the exchange of the availability of the service through email/SMS and a public notice on exchanges' website. TMs shall also communicate the same by displaying on their website.
92 · 3.7. Investors can login to the service using either the Unique Client Code (UCC) or the PAN number and they shall be authorized by a One
92 · 3.8. Once successfully authorized, the investors can-
92 · 3.8.1. square off/close the open positions across segments and exchange/s and/or
92 · 3.8.2. cancel the orders across segments which are pending at the exchange/s.
92 · 3.9. The IRRA service shall not permit any action that increases the risk of the investor.
92 · 3.10. Further, IRRA service shall also provide the TM with access to an Admin Terminal, through which the TM can monitor the actions of investors and also carry out the actions as mentioned at para 92.3.8 above, on instructions of investors. The TM shall maintain evidence of such instructions. The form of such evidence shall be as specified by SEBI/stock exchanges, through various circulars, from time to time.
92 · 3.11. In case of enablement of IRRA due to cyber-attacks, such Admin Terminal shall be on a network other than the network, which was subjected to the attack, to protect the other critical infrastructure.
92 · 3.12. The TM shall continue to be responsible for all the activities on the IRRA with respect to all obligations including settlement and margin requirements.
92 · 3.13. Stock exchanges shall design a detailed framework for reverse migration from IRRA system to the TM's trading system, as and when the TM's trading system is revived successfully and a request is made in this regard.
92 · 3.14. Upon revival of the TM's trading system, TM shall update their systems taking data from the exchanges thus ensuring that latest status of orders and trades is available to the investors.
92 · 3.15. Stock exchanges shall decide on the reverse migration based on various parameters including the size of the broker, time required for reverse migration and remaining time of the trading session.
92 · 4. Exchanges shall ensure that credible and periodic testing of the IRRA platform is carried out from time to time for smooth functioning of the service.
92 · 5. Stock exchanges shall issue guidelines in this regard giving details like cutoff times for enablement of IRRA service, handling of various scenarios of open positions, framework for reverse migration etc.
92 · 6. In case of disruptions after the cut off time for enablement of IRRA service, exchanges, based on their assessment and in consultation with SEBI, may extend the market hours, if needed.
93 · Maintenance of a website by stock brokers 120
93 · 1. All stock brokers are mandated to maintain a designated website.
93 · 2. Such website shall mandatorily display the following information, in addition to all such information, which have been mandated by SEBI/stock exchanges/depositories from time to time.
93 · 3. The URL to the website of a stock broker shall be reported to the stock exchanges. Any modification in the URL shall be reported to stock exchanges within 3 days of such changes.
94 · Framework for Regulatory Sandbox 121
94 · 1. The Objective of Regulatory Sandbox is to grant certain facilities and flexibilities to the entities regulated by SEBI so that they can experiment with FinTech solutions in a live environment and on limited set of real users for a limited time frame.
120 · Reference: Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2023/30 dated February 15, 2023
121 · Reference: Circular SEBI/HO/ITD/ITD/CIR/P/2021/575 dated June 14, 2021 and
94 · 2. The guidelines pertaining to the functioning of the Regulatory Sandbox are available at the link below:
95 · Transactions in Corporate Bonds through Request for Quote (RFQ) platform by Stock Brokers (SBs) 122
95 · 1. It has been decided to take steps to increase liquidity on RFQ platform visà -vis trading in Corporate Bonds (CBs) by SBs, as under:
95 · 1.1. With effect from July 01, 2023, for all the trades in proprietary capacity, SBs shall undertake at least 10% of their total secondary market trades by value in CBs in that month by placing/seeking quotes through one-to-one (OTO) or one-to-many (OTM) mode on the RFQ platform of stock exchanges.
95 · 1.2. Further, with effect from April 01, 2024, for all the trades in proprietary capacity, SBs shall undertake at least 25% of their total secondary market trades by value in CBs in that month by placing/seeking quotes through OTO or OTM mode on the RFQ platform of stock exchanges.
95 · 1.3. SBs shall consider the trades executed by value through OTO or OTM mode of RFQ with respect to the total secondary market trades in CBs, during the current month and immediate preceding two months on a rolling basis. Only trades pertaining to proprietary capacity of SBs shall be considered for the purpose of such calculations.
95 · 1.4. Further, in terms of SEBI Circular SEBI/HO/DDHS/P/CIR/2022/142 dated October 19, 2022, quotes on RFQ platform can be placed to an identified counterparty (i.e. 'one-to-one' mode) or to all the participants (i.e. 'one-to-many' mode). SBs are encouraged to place bids (in proprietary capacity or for clients) on RFQ platform through OTM mode, as the same shall contribute towards achieving better price discovery.
122 · Reference: Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2023/83 dated June 02, 2023
96 · Bank Guarantees (BGs) created out of clients' funds 123
96 · 1. It has been decided to implement the following measures in order to safeguard the interests of the investors: -
96 · 1.1. No new BGs shall be created out of clients’ funds by SBs/CMs.
96 · 1.2. Existing BGs created out of clients' funds shall be wound down by September 30, 2023.
96 · 2. The provisions of this framework shall not be applicable for proprietary funds of SBs/CMs in any segment and SB's proprietary funds deposited with CM in the capacity of a client.
96 · 3. The stock exchanges and clearing corporations shall take stock of the current position of the BGs issued out of clients' funds by SBs/CMs and monitor the wind down to ensure implementation of the circular without any disruption of services to clients. For the purpose, stock exchanges and clearing corporations shall put in place periodic reporting mechanisms for SBs/CMs.
96 · 4. SBs/CMs shall be required to provide a certificate, by its statutory auditor confirming the implementation of provisions at para 96 of this circular. Such a certificate shall be submitted to stock exchanges/clearing corporations by October 16, 2023.
96 · 5. Stock exchanges and clearing corporations shall verify the compliance of the provisions of the circular in their periodic inspections/reporting. They shall also evolve adequate mechanisms to address cases of SBs/CMs who do not comply with the provisions of the circular by the stipulated dates.
97 · Upstreaming of clients' funds by Stock Brokers (SBs) / Clearing Members (CMs) to Clearing Corporations (CCs) 124
97 · 1. Principle: SBs/CMs shall upstream all the clients' clear credit balances to CCs on End of Day (EOD) basis. Such upstreaming shall be done only in the form of either cash, lien on Fixed Deposit Receipts (FDRs) created out of clients' funds, or pledge of units of Mutual Fund Overnight Schemes (MFOS) created out of clients' funds.
123 · Reference: SEBI circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2023/061 dated April 25, 2023
124 · Reference: SEBI Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2023/187 dated December 12, 2023
97 · 2. Stock brokers shall maintain the following designated bank account (s) to receive/pay funds from/to their clients:
97 · 3. In addition, CMs, who clear trades for other SBs, shall only use the designated bank account(s) maintained with the nomenclature "Name of the CM – TM prop account" to receive/pay proprietary funds from/to stock brokers.
97 · 4. Payment to Clients: The clients may request SBs/CMs to release funds at any time during the day. The processing of such release requests shall be as per respective risk management practices of SB/CMs. All payment requests of the client received on a day shall be processed on or before the next settlement day. In cases, where the payment request is not processed on the same day, SB/CMs need to ensure that the funds of the client are placed with CC in terms of this circular.
97 · 5. FDRs created out of clients' funds by SBs/CMs shall satisfy the following conditions:
97 · 6. It is clarified that existing FDRs (created out of clients' funds and having tenor of more than one -year) created prior to June 30, 2023 shall be allowed to be grandfathered till maturity. Such FDRs at the time of renewal shall meet the conditions specified at para 97.5 above.
97 · 7. Units of Mutual Fund Overnight Schemes (MFOS) is a new avenue being made available to SBs/ CMs to deploy client funds into. MFOS ensures minimal risk transformation of client funds (that are withdrawable on demand) available with SBs/ CMs because of overnight tenure and exposure to only risk-free government securities.
97 · 8. SBs/CMs shall ensure that client funds are invested only in such MFOS that deploy funds into risk-free government bond overnight repo markets and overnight Tri-party Repo Dealing and Settlement (TREPS). Such MFOS units should be in dematerialized (demat) form, and must necessarily be pledged with a CC at all times.
97 · 9. SBs/CMs shall maintain a dedicated demat account (hereinafter referred to as "Client Nodal MFOS Account") for subscription/ redemption of MFOS units. The depositories shall allow subscription/redemption transactions only in the said account.
97 · 10. From "Client Nodal MFOS Account", SBs/CMs shall provide MFOS units as collateral to the CC. While providing the units as collateral, SBs/CMs shall identify the end clients. In order to implement the same, a pledge shall be created from the Client Nodal MFOS account to SB/CM margin pledge account of the SB/CM. The SB/CM shall further repledge the same to CC using the existing pledge re-pledge mechanism.
97 · 11. To improve operational efficiency and reduce transaction costs, CCs shall build a mechanism for utilization of surplus unutilized collateral (i.e. collateral in excess of margin blocked) lying with CC in cash form, towards fund pay-in requirements across segments.
97 · 12. Further, to improve operational efficiency and to reduce costs, CCs shall also facilitate a mechanism to adjust the margin blocked in the form of cash, towards client fund pay-in obligations. As CCs are in the process of evolving such a mechanism since issuance of June Circulars, the same shall be made available by January 01, 2024.
97 · 13. The bank instruments provided by clients as collateral (i.e. client FDRs and BGs) cannot be upstreamed to CCs, and they shall be ineligible to be accepted as collateral in any segment of securities market.
97 · 14. However, in the interest of encouraging and development of hedging in the commodity derivatives market, it has been decided to allow Bank guarantees provided only by non-individual clients, based on certain terms
97 · 15. The cut -off times for upstreaming of clear credit balance of clients shall be determined by the CCs in consultation with ISF. Any clear credit balance that could not be upstreamed to CCs due to receipt of funds from clients beyond cut-off time shall necessarily remain in UNSCBA until it is upstreamed to CC on the next day.
97 · 16. The provisions of this framework shall not be applicable to bank-CMs (including Custodians that are banks), and for proprietary funds of SBs/CMs in any segment and SB's proprietary funds deposited with CM in the capacity of a client.
98 · Measures to instil confidence in securities market – Brokers' Institutional mechanism for prevention and detection of fraud or market abuse 125
98 · 1. Chapter IVA of the Securities and Exchange Board of India (Stock Brokers) (Amendment) Regulations, 2024 (hereinafter referred to as the "Broker Regulations") requires stock brokers to put in place an institutional mechanism for prevention and detection of fraud or market abuse. Accordingly, it has been decided that stock brokers shall comply with the following obligations / mechanisms as laid down in Chapter IVA of the Broker Regulations:
98 · 1.1. Systems for surveillance of trading activities and internal controls
98 · 1.2. Obligations of the stock broker and its employees
98 · 1.3. Escalation and reporting mechanisms
98 · 1.4. Whistle Blower Policy
98 · 2. The effective date for implementation w.r.t. provisions mentioned in para 98.1 above, for different stock brokers has been prescribed in the table below:
125 · Reference Circular SEBI/HO/MIRSD/MIRSD -PoD -1/P/CIR/2024/96 dated July 04, 2024
98 · 3. In case of Qualified Stock Brokers (QSBs), considering that enhanced obligations and responsibilities such as governance structure and processes and surveillance of client behaviour are already being followed by them, the effective date for implementation of the circular for QSBs (irrespective of number of UCCs) is August 01, 2024.
6 · 1 Partnership
6 · 2 Corporate Body
8 · 1 New Membership
8 · 2 Conversion
8 · 3 Succession
8 · 4 Auction Purchase (In case member has become defaulter)
8 · 5 Market Purchase
8 · 6 Transfer to another Company under same management (please specify reasons)
8 · 7 Others, please specify
9 · 1 Name of the previous holder of the card
9 · 2 SEBI Registration No.
9 · 3 Date of Registration with SEBI
12 · 1 Where he is individual, he or any of his relative being a broker/any intermediary, he or any of his relative being a partner in a broking firm/any intermediary, he or any of his relative being a director in a broking company/any intermediary or he or any of his relatives clubbed together holding substantial equity in any broking company/any intermediary engaged in capital market.
12 · 2 Where it is partnership firm/company, the relative(s) of partner(s)/director(s) in the firm(s)/corporate body being a broker/any intermediary or being partner(s)/director(s) in any broking/intermediary or the same set of shareholders holding substantial equity in other broking / any intermediary engaged in capital market.
12 · 3 Relative shall mean husband, wife, brother, unmarried sister or any linear ascendant or descendant of an individual.
12 · 4 If yes, please give details (you may attach separate sheet, if required)
13 · 1 Disciplinary action taken by SEBI (if yes, please attach details mentioning nature of violation and action taken) YES / NO
13 · 2 Disciplinary action taken by any other authority (please attach details of nature of violation and action initiated) YES / NO
13 · 3 Disciplinary action initiated by SEBI (if yes, please attach details of nature of violation and action taken) YES / NO
13 · 4 Disciplinary action initiated by any other authority (please attach details of nature of violation and action initiated ) YES / NO
126 · Amended by the SEBI (Payment of Fees and Mode of Payment) (Amendment) (Regulations) 2021 w.e.f. 0505 -2021
127 · Para VI(37) of Annexure of Circular SEBI/MIRSD/MASTER CIR-04/2010 dated March 17, 2010, deleted in view of Notification LAD -NRO/GN/2011-12/03/12650 dated April 19, 2011.
1 · Terms of Reference (ToR) for Type I Broker
1 · 1. System controls and capabilities
1 · 1.1. Order Tracking – The system auditor should verify system process and controls at exchange provided terminals with regard to order entry, capturing of IP address of order entry terminals, modification / deletion of orders, status of the current order/outstanding orders and trade confirmation.
1 · 1.2. Order Status/ Capture – Whether the system has capability to generate / capture order id, time stamping, order type, scrip details, action, quantity, price and validity etc.
1 · 1.3. Rejection of orders – Whether system has capability to reject orders which do not go through order level validation at the end of the stock broker and at the servers of respective Stock Exchanges.
1 · 1.4. Communication of Trade Confirmation / Order Status – Whether the system has capability to timely communicate to Client regarding the Acceptance/ Rejection of an Order / Trade via various media including email; facility of viewing trade log.
1 · 1.5. Client ID Verification – Whether the system has capability to recognize only authorized Client Orders and mapping of Specific user Ids to specific predefined location for proprietary orders.
1 · 2. Risk Management System (RMS)
1 · 2.1. Online risk management capability – The system auditor should check whether the system of online risk management (including upfront real-time risk management) is in place for all orders placed through exchange provided terminals.
1 · 2.2. Trading Limits –Whether a system of pre-defined limits / checks such as Order Quantity and Value Limits, Symbol wise User Order / Quantity limit, User / Branch Order Limit, Order Price limit, etc) are in place and only such orders which are within the parameters specified by the RMS are allowed to be pushed into exchange trading engines. The system auditor should check that no user or branch in the system is having unlimited limits on the above parameters.
1 · 2.3. Order Alerts and Reports –Whether the system has capability to generate alerts when orders that are placed are above the limits and has capability to generate reports relating to Margin Requirements, payments and
1 · 2.4. Order Review –W –Whether the system has capability to facilitate review of such orders were not validated by the system.
1 · 2.5. Back testing for effectiveness of RMS – Whether the system has capability to identify trades which have exceeded the pre-defined limits (Order Quantity and Value Limits, Symbol wise User Order / Quantity limit, User / Branch Order Limit, Order Price limit) and also exceed corresponding margin availability of clients. Whether deviations from such pre -defined limits are captured by the system, documented and corrective steps taken.
1 · 2.6. Log Management – Whether the system maintains logs of alerts / changes / deletion / activation / deactivation of client codes and logs of changes to the risk management parameters mentioned above. Whether the system allows only authorized users to set the risk parameter in the RMS.
1 · 3. Password Security
1 · 3.1. Organization Access Policy – Whether the organization has a welldocumented policy that provides for a password policy as well as access control policy for the exchange provided terminals.
1 · 3.2. Authentication Capability – Whether the system authenticates user credentials by means of a password before allowing the user to login, and whether there is is a system for authentication of orders originating from Internet Protocol by means of two-factor authentication, including Public Key Infrastructure (PKI) based implementation of digital signatures.
1 · 3.3. Password Best Practices – Whether there is a system provision for masking of password, system prompt to change default password on first login, disablement of user id on entering multiple wrong passwords (as defined in the password policy document), periodic password change mandate and appropriate prompt to user, strong parameters for password, deactivation of dormant user id, etc.
1 · 4. Session Management
1 · 4.1. Session Authentication – Whether the system has provision for Confidentiality, Integrity and Availability (CIA) of the session and the data transmitted during the session by means of appropriate user and session authentication mechanisms like SSL etc.
1 · 4.2. Session Security – Whether there is availability of an end-to-end encryption for all data exchanged between client and broker systems. or other means of ensuring session security.
1 · 4.3. Inactive Session – Whether the system allows for automatic trading session logout after a system defined period of inactivity.
1 · 4.4. Log Management – Whether the system generates and maintain logs of Number of users, activity logs, system logs, Number of active clients.
1 · 5. Network Integrity
1 · 5.1. Seamless connectivity – Whether stock broker has ensured that a backup network link is available in case of primary link failure with the exchange.
1 · 5.2. Network Architecture – Whether the web server is separate from the Application and Database Server.
1 · 5.3. Firewall Configuration – Whether appropriate firewall is present between stock broker's trading setup and various communication links to the exchange. Whether the firewall is appropriately configured to ensure maximum security.
1 · 6. Access Controls
1 · 6.1. Access to server rooms – Whether adequate controls are in place for access to server rooms and proper audit trails are maintained for the same.
1 · 6.2. Additional Access controls – Whether the system provides for any authentication mechanism to access to various components of the exchange provided terminals. Whether additional password requirements are set for critical features of the system. Whether the access control is adequate
1 · 7. Backup and Recovery
1 · 7.1. Backup and Recovery Policy – Whether the organization has a well documented policy on periodic backup of data generated from the broking operations.
1 · 7.2. Log generation and data consistency -Whether backup logs are maintained and backup data is tested for consistency.
1 · 7.3. System Redundancy – Whether there are appropriate backups in case of failures of any critical system components.
1 · 8. BCP/DR (Only applicable for Stock Brokers having BCP / DR site)
1 · 8.1. BCP / DR Policy – Whether the stock broker has a well documented BCP/ DR policy and plan. The system auditor should comment on the documented incident response procedures.
1 · 8.2. Alternate channel of communication – Whether the stock broker has provided its clients with alternate means of communication including channel for communication in case of a disaster. Whether the alternate
1 · 8.3. High Availability – Whether BCP / DR systems and network connectivity provide high availability and have no single point of failure for any critical operations as identified by the BCP/DR policy.
1 · 8.4. Connectivity with other FMIs – The system auditor should check whether there is an alternative medium to communicate with Stock Exchanges and other FMIs.
1 · 9. Segregation of Data and Processing facilities – The system auditor should check and comment on the segregation of data and processing facilities at the stock broker in case the stock broker is also running other business.
1 · 10.Back office data
1 · 10.1. Data consistency – The system auditor should verify whether aggregate client code data available at the back office of broker matches with the data submitted / available with the Stock Exchanges through online data view / download provided by exchanges to members.
1 · 10.2. Trail Logs – The system auditor should specifically comment on the logs of Client Code data to ascertain whether editing or deletion of records have been properly documented and recorded and does not result in any irregularities.
1 · 11.IT Infrastructure Management (including use of various Cloud computing models such as Infrastructure as a service (IaaS), Platform as a service (PaaS), Software as a service (SaaS), Network as a service (NaaS))
1 · 11.1. IT Governance and Policy – The system auditor should verify whether the relevant IT Infrastructure -related policies and standards exist and are regularly reviewed and updated. Compliance with these policies is periodically assessed.
1 · 11.2. IT Infrastructure Planning – The system auditor should verify whether the plans/policy for the appropriate management and replacement of aging IT infrastructure components have been documented, approved, and implemented. The activities, schedules and resources needed to achieve objectives related to IT infrastructure have been integrated into business plans and budgets.
1 · 11.3. IT Infrastructure Availability (SLA Parameters) – The system auditor should verify whether the broking firm has a process in place to define its required availability of the IT infrastructure, and its tolerance to outages. In cases where there is huge reliance on vendors for the provision of IT services to the brokerage firm the system auditor should also verify that the mean time to recovery (MTTR) mentioned in the Service Level Agreement (SLA) by the service provider satisfies the requirements of the
1 · 11.4. IT Performance Monitoring (SLA Monitoring) – The system auditor should verify that the results of SLA performance monitoring are documented and are reported to the management of the broker.
1 · 12.Exchange specific exceptional reports – The additional checks recommended by a particular exchange need to be looked into and commented upon by the system auditor over and above the ToR of the system audit.
2 · ToR for Type II Broker
2 · 1.System controls and capabilities (CTCL / IML terminals and servers)
2 · 1.1. Order Tracking – The system auditor should verify system process and controls at CTCL / IML terminals and CTCL/ IML servers covering order entry, capturing of IP address of order entry terminals, modification / deletion of orders, status of current order/outstanding orders and trade confirmation.
2 · 1.2. Order Status/ Capture – Whether the system has capability to generate / capture order id, time stamping, order type, scrip details, action, quantity, price and validity, etc.
2 · 1.3. Rejection of orders – Whether system has capability to reject orders which do not go through order level validation at CTCL servers and at the servers of respective Stock Exchanges.
2 · 1.4. Communication of Trade Confirmation / Order Status – Whether the system has capability to timely communicate to Client regarding the Acceptance/ Rejection of an Order / Trade via various media including e-mail; facility of viewing trade log.
2 · 1.5. Client ID Verification – Whether the system has capability to recognize only authorized Client Orders and mapping of Specific user Ids to specific predefined location for proprietary orders.
2 · 1.6. Order type distinguishing capability – Whether system has capability to distinguish the orders originating from (CTCL or IML) / IBT/ DMA / STWT.
2 · 2.Software Change Management - The system auditor should check whether proper procedures have been followed and proper documentation has been maintained for the following:
2 · 2.1. Processing / approval methodology of new feature request or patches.
2 · 2.2. Fault reporting / tracking mechanism and process for resolution.
2 · 2.3. Testing of new releases / patches / modified software / bug fixes.
2 · 2.4. Version control -History, Change Management process, approval etc.
2 · 2.5. Development / Test / Production environment segregation.
2 · 2.6. New release in production – promotion, release note approvals.
2 · 2.7. Production issues / disruptions reported during last year, reasons for such disruptions and corrective actions taken.
2 · 2.8. User Awareness.
2 · 3.Risk Management System (RMS)
2 · 3.1. Online risk management capability – The system auditor should check whether system of online risk management including upfront real -time risk management, is in place for all orders placed through (CTCL or IML) / IBT / DMA / STWT.
2 · 3.2. Trading Limits – Whether a system of pre-defined limits /checks such as Order Quantity and Value Limits, Symbol wise User Order / Quantity limit, User / Branch Order Limit, Order Price limit, etc., are in place and only such orders which are within the parameters specified by the RMS are allowed to be pushed into exchange trading engines. The system auditor should check that no user or branch in the system is having unlimited limits on the above parameters.
2 · 3.3. Order Alerts and Reports – Whether the system has capability to generate alerts when orders that are placed are above the limits and has capability to generate reports relating to margin requirements, payments and delivery obligations.
2 · 3.4. Order Review – Whether the system has capability to facilitate review of such orders that were not validated by the system.
2 · 3.5. Back testing for effectiveness of RMS – Whether system has capability to identify trades which have exceeded the pre-defined limits (Order Quantity and Value Limits, Symbol wise User Order / Quantity limit, User / Branch Order Limit, Order Price limit) and also exceed corresponding margin availability of clients. Whether deviations from such pre-defined limits are captured by the system, documented and corrective steps taken.
2 · 3.6. Log Management – Whether the system maintains logs of alerts / changes / deletion / activation / deactivation of client codes and logs of changes to the risk management parameters mentioned above. Whether the system allows only authorized users to set the risk parameter in the RMS.
2 · 4.Smart order routing (SOR) - The system auditor should check whether proper procedures have been followed and proper documentation has been maintained for the following:
2 · 4.1. Best Execution Policy – System adheres to the Best Execution Policy while routing the orders to the exchange.
2 · 4.2. Destination Neutral – The system routes orders to the recognized Stock Exchanges in a neutral manner.
2 · 4.3. Class Neutral – The system provides for SOR for all classes of investors.
2 · 4.4. Confidentiality - The system does not release orders to venues other than the recognized Stock Exchange.
2 · 4.5. Opt–out – The system provides functionality to the client who has availed of the SOR facility, to specify for individual orders for which the clients do not want to route order using SOR.
2 · 4.6. Time stamped market information – The system is capable of receiving time stamped market prices from recognized Stock Exchanges from which the member is authorized to avail SOR facility.
2 · 4.7. Audit Trail -Audit trail for SOR should capture order details, trades and data points used as a basis for routing decision.
2 · 4.8. Server Location – The system auditor should check whether the order routing server is located in India.
2 · 4.9. Alternate Mode -The system auditor should check whether an alternative mode of trading is available in case of failure of SOR Facility.
2 · 5.Password Security
2 · 5.1. Organization Access Policy – Whether organization has a welldocumented policy that provides for a password policy as well as access control policy for exchange provided terminals and for API based terminals.
2 · 5.2. Authentication Capability – Whether the system authenticates user credentials by means of a password before allowing the user to login, and whether there is a system for authentication of orders originating from Internet Protocol by means of two-factor authentication, including Public Key Infrastructure (PKI) based implementation of digital signatures.
2 · 5.3. Password Best Practices – Whether there is a system provision for masking of password, system prompt to change default password on first login, disablement of user id on entering multiple wrong passwords (as defined in the password policy document), periodic password change mandate and appropriate prompt to user, strong parameters for password, deactivation of dormant user id, etc.
2 · 6.Session Management
2 · 6.1. Session Authentication – Whether system has provision for Confidentiality, Integrity and Availability (CIA) of the session and the data transmitted during the session by means of appropriate user and session authentication mechanisms like SSL etc.
2 · 6.2. Session Security – Whether there is availability of an end-to-end encryption for all data exchanged between client and broker systems or other means of ensuring session security. Whether session login details are stored on the devices used for IBT and STWT.
2 · 6.3. Inactive Session – Whether the system allows for automatic trading session logout after a system defined period of inactivity.
2 · 6.4. Log Management – Whether the system generates and maintains logs of Number of users, activity logs, system logs, Number of active clients.
2 · 7.Database Security
2 · 7.1. Access – Whether the system allows CTCL or IML database access only to authorized users / applications.
2 · 7.2. Controls – Whether the CTCL or IML database server is hosted on a secure platform, with Username and password stored in an encrypted form using strong encryption algorithms.
2 · 8.Network Integrity
2 · 8.1. Seamless connectivity – Whether the stock broker has ensured that a backup network link is available in case of primary link failure with the exchange.
2 · 8.2. Network Architecture – Whether the web server is separate from the Application and Database Server.
2 · 8.3. Firewall Configuration – Whether appropriate firewall is present between stock broker's trading setup and various communication links to the exchange. Whether the firewall is appropriately configured to ensure maximum security.
2 · 9.Access Controls
2 · 9.1. Access to server rooms – Whether adequate controls are in place for access to server rooms and proper audit trails are maintained for the same.
2 · 9.2. Additional Access controls – Whether the system provides for two
2 · 10.Backup and Recovery
2 · 10.1. Backup and Recovery Policy – Whether the organization has a well -documented policy on periodic backup of data generated from the broking operations.
2 · 10.2. Log generation and data consistency - Whether backup logs are maintained and backup data is tested for consistency.
2 · 10.3. System Redundancy – Whether there are appropriate backups in case of failures of any critical system components.
2 · 11.BCP/DR (Only applicable for Stock Brokers having BCP / DR site)
2 · 11.1. BCP / DR Policy – Whether the stock broker has a well-documented BCP/ DR policy and plan. The system auditor should comment on the documented incident response procedures.
2 · 11.2. Alternate channel of communication – Whether the stock broker has provided its clients with alternate means of communication including channel for communication in case of a disaster. Whether the alternate channel is capable of authenticating the user after asking for additional details or OTP (One-Time-Password).
2 · 11.3. High Availability – Whether BCP / DR systems and network connectivity provide high availability and have no single point of failure for any critical operations as identified by the BCP/ DR policy.
2 · 11.4. Connectivity with other FMIs – The system auditor should check whether there is an alternative medium to communicate with Stock Exchanges and other FMIs.
2 · 12.Segregation of Data and Processing facilities – The system auditor should check and comment on the segregation of data and processing facilities at the stock broker in case the stock broker is also running other business.
2 · 13.Back office data
2 · 13.1. Data consistency – The system auditor should verify whether aggregate client code data available at the back office of broker matches with the data submitted / available with the Stock Exchanges through online data view / download provided by exchanges to members.
2 · 13.2. Trail Logs – The system auditor should specifically comment on the
2 · 14.User Management
2 · 14.1. User Management Policy – The system auditor should check whether the stock broker has a well -documented policy that provides for user management and the user management policy explicitly defines user, database and application Access Matrix.
2 · 14.2. Access to Authorized users – The system auditor should check whether the system allows access only to the authorized users of the CTCL or IML System. Whether there is a proper documentation of the authorized users in the form of User Application approval, copies of User Qualification and other necessary documents.
2 · 14.3. User Creation / Deletion – The system auditor should check whether new user's ids were created / deleted as per CTCL or IML guidelines of the exchanges and whether the user ids are unique in nature.
2 · 14.4. User Disablement – The system auditor should check whether non-complaint users are disabled and appropriate logs (such as event log and trade logs of the user) are maintained.
2 · 15.IT Infrastructure Management (including use of various Cloud computing models such as Infrastructure as a service (IaaS), Platform as a service (PaaS), Software as a service (SaaS), Network as a service (NaaS))
2 · 15.1. IT Governance and Policy – The system auditor should verify whether the relevant IT Infrastructure -related policies and standards exist and are regularly reviewed and updated. Compliance with these policies is periodically assessed.
2 · 15.2. IT Infrastructure Planning – The system auditor should verify whether the plans/policy for the appropriate management and replacement of aging IT infrastructure components have been documented, approved, and implemented. The activities, schedules and resources needed to achieve objectives related to IT infrastructure have been integrated into business plans and budgets.
2 · 15.3. IT Infrastructure Availability (SLA Parameters) – The system auditor should verify whether the broking firm has a process in place to define its required availability of the IT infrastructure, and its tolerance to outages. In cases where there is huge reliance on vendors for the provision of IT services to the brokerage firm the system auditor should also verify that the mean time to recovery (MTTR) mentioned in the Service Level Agreement (SLA) by the service provider satisfies the requirements of the broking firm.
2 · 15.4. IT Performance Monitoring (SLA Monitoring) – The system auditor should verify that the results of SLA performance monitoring are documented and are reported to the management of the broker.
2 · 16.Exchange specific exceptional reports – The additional checks recommended by a particular exchange need to be looked into and commented upon by the System Auditor over and above the ToR of the System audit.
2 · 17.Software Testing Procedures - The system auditor should check whether the stock broker has complied with the guidelines and instructions of SEBI / Stock Exchanges with regard to testing of software and new patches, including the following:
2 · 17.1. Test Procedure Review – The system auditor should evaluate whether the procedures for system and software testing were proper and adequate.
2 · 17.2. Documentation – The system auditor should verify whether the documentation related to testing procedures, test data, and resulting output were adequate and follow the organization's standards.
2 · 17.3. Test Cases – The system auditor should review the internal test cases and comment upon the adequacy of the same with respect to the requirements of the Stock Exchange and SEBI.
3 · ToR for Type III Broker
3 · 1.System controls and capabilities (CTCL/IML Terminals and servers)
3 · 1.1. Order Tracking – The system auditor should verify system process and controls at CTCL / IML terminals and CTCL/ IML servers covering order entry, capturing IP address of order entry, modification / deletion of orders, status of current order/outstanding orders and trade confirmation.
3 · 1.2. Order Status/ Capture – Whether the system has capability to generate / capture order id, time stamping, order type, scrip details, action, quantity, price and validity etc.
3 · 1.3. Rejection of orders – Whether the system has capability to reject orders which do not go through order level validation at CTCL servers and at the servers of respective exchanges.
3 · 1.4. Communication of Trade Confirmation / Order Status – Whether the system has capability to timely communicate to client regarding the Acceptance/ Rejection of an Order / Trade via various media including e-mail; facility of viewing trade log.
3 · 1.5. Client ID Verification – Whether the system has capability to recognize only authorized Client Orders and mapping of Specific user Ids to specific predefined location for proprietary orders.
3 · 1.6. Order type distinguishing capability – Whether the system has capability to distinguish the orders originating from (CTCL or IML) / IBT / DMA / STWT / SOR / Algorithmic Trading.
3 · 2.Software Change Management - The system auditor should check whether proper procedures have been followed and proper documentation has been maintained for the following:
3 · 2.1. Processing / approval methodology of new feature request or patches.
3 · 2.2. Fault reporting / tracking mechanism and process for resolution.
3 · 2.3. Testing of new releases / patches / modified software / bug fixes.
3 · 2.4. Version control -History, Change Management process, approval etc.
3 · 2.5. Development / Test / Production environment segregation.
3 · 2.6. New release in production – promotion, release note approvals.
3 · 2.7. Production issues / disruptions reported during last year, reasons for such disruptions and corrective actions taken.
3 · 2.8. User Awareness.
3 · 3.Risk Management System (RMS)
3 · 3.1. Online risk management capability – The system auditor should check whether the online risk management including upfront real-time risk management, is in place for all orders placed through (CTCL or IML) / IBT/ DMA / SOR / STWT / Algorithmic Trading.
3 · 3.2. Trading Limits – Whether a system of pre-defined limits / checks such as Order Quantity and Value Limits, Symbol wise User Order / Quantity limit, User / Branch Order Limit, Order Price limit, etc., are in place and only such orders which are within the parameters specified by the RMS are allowed to be pushed into exchange trading engines. The system auditor should check that no user or branch in the system is having unlimited limits on the above parameters.
3 · 3.3. Order Alerts and Reports – Whether the system has capability to generate alerts when orders that are placed are above the limits and has capability to generate reports relating to margin requirements, payments and delivery obligations.
3 · 3.4. Order Review – Whether the system has capability to facilitate review of such orders that were not validated by the system.
3 · 3.5. Back testing for effectiveness of RMS – Whether the system has capability to identify trades which have exceeded the pre-defined limits (Order Quantity and Value Limits, Symbol wise User Order / Quantity limit, User / Branch Order Limit, Order Price limit) and also exceed corresponding margin availability of clients. Whether deviations from such pre-defined limits should be captured by the system, documented and corrective steps taken.
3 · 3.6. Log Management – Whether the system maintains logs of alerts / changes / deletion / activation / deactivation of client codes and logs of changes to the risk management parameters mentioned above. Whether the system allows only authorized users to set the risk parameter in the RMS.
3 · 4.Smart order routing (SOR) - The system auditor should check whether proper procedures have been followed and proper documentation has been maintained for the following:
3 · 4.1. Best Execution Policy – System adheres to the Best Execution Policy while routing the orders to the exchange.
3 · 4.2. Destination Neutral – The system routes orders to the recognized Stock Exchanges in a neutral manner.
3 · 4.3. Class Neutral – The system provides for SOR for all classes of investors.
3 · 4.4. Confidentiality - The system does not release orders to venues other than the recognized Stock Exchange.
3 · 4.5. Opt–out – The system provides functionality to the client who has availed of the SOR facility, to specify for individual orders for which the clients do not want to route order using SOR .
3 · 4.6. Time stamped market information – The system is capable of receiving time stamped market prices from recognized Stock Exchanges from which the member is authorized to avail SOR facility.
3 · 4.7. Audit Trail -Audit trail for SOR should capture order details, trades and data points used as a basis for routing decision.
3 · 4.8. Server Location – The system auditor should check whether the order routing server is located in India.
3 · 4.9. Alternate Mode -The system auditor should check whether an alternative mode of trading is available in case of failure of SOR Facility.
3 · 5.Algorithmic Trading - The system auditor should check whether proper procedures have been followed and proper documentation has been maintained for the following:
3 · 5.1. Change Management – Whether any changes (modification/addition) to the approved algos were informed to and approved by Stock Exchange. The inclusion / removal of different versions of algos should be well documented.
3 · 5.2. Online Risk Management capability -The CTCL or IML server should have capacity to monitor orders / trades routed through algo trading and have online risk management for all orders through Algorithmic trading and ensure that Price Check, Quantity Check, Order Value Check, Cumulative Open Order Value Check are in place.
3 · 5.3. Risk Parameters Controls – The system should allow only authorized users to set the risk parameter. The System should also maintain a log of all the risk parameter changes made.
3 · 5.4. Information / Data Feed – The auditor should comment on the
3 · 5.5. Check for preventing loop or runaway situations – The system auditor should check whether the brokers have real time monitoring systems to identify and shutdown/stop the algorithms which have not behaved as expected.
3 · 5.6. Algo / Co-location facility Sub-letting – The system auditor should verify if the algo / co-location facility has not been sub-letted to any other firms to access the exchange platform.
3 · 5.7. Audit Trail – The system auditor should check the following areas in audit trail:
3 · 5.8. Systems and Procedures – The system auditor should check and comment on the procedures, systems and technical capabilities of stock broker for carrying out trading through use of Algorithms. The system auditor should also identify any misuse or unauthorized access to algorithms or the system which runs these algorithms.
3 · 5.9. Reporting to Stock Exchanges – The system auditor should check whether the stock broker is informing the Stock Exchange regarding any incidents where the algos have not behaved as expected. The system auditor should also comment upon the time taken by the stock broker to inform the Stock Exchanges regarding such incidents.
3 · 6.Password Security
3 · 6.1. Organization Access Policy – The system auditor should whether the stock broker has a well documented policy that provides for a password policy as well as access control policy for exchange provided terminals and for API based terminals.
3 · 6.2. Authentication Capability – Whether the system authenticates user credentials by means of a password before allowing the user to login. Whether there is a system for authentication of orders originating from Internet Protocol by means of two-factor authentication, including Public Key Infrastructure (PKI) based implementation of digital signatures.
3 · 6.3. Password Best Practices – Whether there is a system should for masking of password, system prompt to change default password on first login, disablement of user id on entering multiple wrong passwords (as defined in the password policy document), periodic password change mandate and appropriate prompt to user, strong parameters for password, deactivation of dormant user id, etc.
3 · 7.Session Management
3 · 7.1. Session Authentication – Whether the system has provision for Confidentiality, Integrity and Availability (CIA) of the session and the data transmitted during the session by means of appropriate user and session authentication mechanisms like SSL etc.
3 · 7.2. Session Security – Whether there is availability of an end-to-end encryption for all data exchanged between client and broker system or other means of ensuring session security. Whether session login details are stored on the devices used for IBT and STWT.
3 · 7.3. Inactive Session – Whether the system allows for automatic trading session logout after a system defined period of inactivity.
3 · 7.4. Log Management – Whether the system generates and maintains logs of number of users, activity logs, system logs, number of active clients.
3 · 8.Database Security
3 · 8.1. Access – Whether the system allows CTCL or IML database access only to authorized users / applications.
3 · 8.2. Controls – Whether the CTCL or IML database server is hosted on a secure platform, with username and password stored in an encrypted form using strong encryption algorithms.
3 · 9.Network Integrity
3 · 9.1. Seamless connectivity – Whether the stock broker has ensured that a backup network link is available in case of primary link failure with the exchange.
3 · 9.2. Network Architecture – Whether the web server is separate from the
3 · 9.3. Firewall Configuration – Whether appropriate firewall are present between the stock broker's trading setup and various communication links to the exchange. Whether the firewalls should be appropriately configured to ensure maximum security.
3 · 10.Access Controls
3 · 10.1. Access to server rooms – Whether adequate controls are in place for access to server rooms, proper audit trails should be maintained for the same.
3 · 10.2. Additional Access controls -Whether the system should provide for two factor authentication mechanism to access to various CTCL or IML components. Whether additional password requirements are set for critical features of the system. Whether the access control is adequate.
3 · 11.Backup and Recovery
3 · 11.1. Backup and Recovery Policy – Whether the organization has a well documented policy on periodic backup of data generated from the broking operations.
3 · 11.2. Log generation and data consistency – Whether backup logs are maintained and backup data should be tested for consistency.
3 · 11.3. System Redundancy – Whether there are appropriate backups in case of failures of any critical system components
3 · 12.BCP/DR (Only applicable for Stock Brokers having BCP / DR site)
3 · 12.1. BCP / DR Policy – Whether the stock broker has a well documented BCP / DR policy and plan. The system auditor should comment on the documented incident response procedures.
3 · 12.2. Alternate channel of communication – Whether the stock broker has provided its clients with alternative means of communication including channel for communication in case of a disaster. Whether the alternate channel is capable of authenticating the user after asking for additional details or OTP (One-Time-Password).
3 · 12.3. High Availability – Whether BCP / DR systems and network connectivity provide high availability and have no single point of failure for any critical operations as identified by the BCP / DR policy.
3 · 12.4. Connectivity with other FMIs – The system auditor should check whether there is an alternative medium to communicate with Stock Exchanges and other FMIs.
3 · 13.Segregation of Data and Processing facilities – The system auditor should check and comment on the segregation of data and processing facilities at the stock broker in case the stock broker is also running other business.
3 · 14.Back office data
3 · 14.1. Data consistency – The system auditor should verify whether aggregate client code data available at the back office of broker matches with the data submitted / available with the Stock Exchanges through online data view / download provided by exchanges to members.
3 · 14.2. Trail Logs – The system auditor should specifically comment on the logs of Client Code data to ascertain whether editing or deletion of records have been properly documented and recorded and does not result in any irregularities.
3 · 15.User Management
3 · 15.1. User Management Policy – The system auditor should verify whether the stock broker has a well documented policy that provides for user management and the user management policy explicitly defines user, database and application access matrix.
3 · 15.2. Access to Authorized users – The system auditor should verify whether the system allows access only to the authorized users of the CTCL or IML system. Whether there is a proper documentation of the authorized users in the form of user application approval, copies of user qualification and other necessary documents.
3 · 15.3. User Creation / Deletion – The system auditor should verify whether new users ids should be created / deleted as per CTCL or IML guidelines of the exchanges and whether the user ids are unique in nature.
3 · 15.4. User Disablement – The system auditor should verify whether non-complaint users are disabled and appropriate logs such as event log and trade logs of the user should be maintained.
3 · 16.IT Infrastructure Management (including use of various Cloud computing models such as Infrastructure as a service (IaaS), Platform as a service (PaaS), Software as a service (SaaS), Network as a service (NaaS))
3 · 16.1. IT Governance and Policy – The system auditor should verify whether the relevant IT Infrastructure -related policies and standards exist and are regularly reviewed and updated. Compliance with these policies is periodically assessed.
3 · 16.2. IT Infrastructure Planning – The system auditor should verify whether the plans/policy for the appropriate management and replacement of aging IT infrastructure components have been documented, approved, and implemented. The activities, schedules and resources needed to achieve objectives related to IT infrastructure have been integrated into business plans and budgets.
3 · 16.3. IT Infrastructure Availability (SLA Parameters) – The system auditor should verify whether the broking firm has a process in place to define its required availability of the IT infrastructure, and its tolerance to outages. In cases where there is huge reliance on vendors for the provision of IT services to the brokerage firm the system auditor should also verify that the mean time to recovery (MTTR) mentioned in the Service Level Agreement (SLA) by the service provider satisfies the requirements of the broking firm.
3 · 16.4. IT Performance Monitoring (SLA Monitoring) – The system auditor should verify that the results of SLA performance monitoring are documented and are reported to the management of the broker.
3 · 17.Exchange specific exceptional reports – The additional checks recommended by a particular exchange need to be looked into and commented upon by the system auditor over and above the ToR of the system audit.
3 · 18.Software Testing Procedures - The system auditor shall audit whether the stock broker has complied with the guidelines and instructions of SEBI / Stock Exchanges with regard to testing of software and new patches including the following:
3 · 18.1. Test Procedure Review – The system auditor should review and evaluate the procedures for system and program testing. The system auditor should also review the adequacy of tests.
3 · 18.2. Documentation – The system auditor should review documented testing procedures, test data, and resulting output to determine if they are comprehensive and if they follow the organization's standards.
3 · 18.3. Test Cases – The system auditor should review the test cases and comment upon the adequacy of the same with respect to the requirements of the Stock Exchange and various SEBI Circulars.
4 · . Any other information:
3 · . Demat master or recent holding statement issued by DP bearing name of the client.
1 · BASIC RISKS:
1 · 1 Risk of Higher Volatility:
1 · 2 Risk of Lower Liquidity:
1 · 2.1 Buying or selling securities / derivatives contracts as part of a day trading strategy may also result into losses, because in such a situation, securities / derivatives contracts may have to be sold / purchased at low / high prices, compared to the expected price levels, so as not to have any open position or obligation to deliver or receive a security / derivatives contract.
1 · 3 Risk of Wider Spreads:
1 · 4 Risk -reducing orders:
1 · 4.1 A "market" order will be executed promptly, subject to availability of orders on opposite side, without regard to price and that, while the customer may receive a prompt execution of a "market" order, the execution may be at available prices of outstanding orders, which satisfy the order quantity, on price time priority. It may be understood that these prices may be significantly different from the last traded price or the best price in that security / derivatives contract.
1 · 4.2 A "limit" order will be executed only at the "limit" price specified for the order or a better price. However, while the customer receives price protection, there is a possibility that the order may not be executed at all.
1 · 4.3 A stop loss order is generally placed "away" from the current price of a stock / derivatives contract, and such order gets activated if and when the security / derivatives contract reaches, or trades through, the stop price. Sell stop orders are entered ordinarily below the current price, and buy stop orders are entered ordinarily above the current price. When the security / derivatives contract reaches the pre -determined price, or trades through such price, the stop loss order converts to a market/limit order and is executed at the limit or better. There is no assurance therefore that the limit order will be executable since a security / derivatives contract might penetrate the pre-determined price, in which case, the risk of such order not getting executed arises, just as with a regular limit order.
1 · 5 Risk of News Announcements:
1 · 6 Risk of Rumors:
1 · 7 System Risk:
1 · 7.1 During periods of volatility, on account of market participants continuously modifying their order quantity or prices or placing fresh orders, there may be delays in order execution and its confirmations.
1 · 7.2 Under certain market conditions, it may be difficult or impossible to liquidate a position in the market at a reasonable price or at all, when there are no outstanding orders either on the buy side or the sell side, or if trading is halted in a security / derivatives contract due to any action on account of unusual trading activity or security / derivatives contract hitting circuit filters or for any other reason.
1 · 8 System/Network Congestion:
2 · As far as Derivatives segments are concerned, please note and get yourself acquainted with the following additional features:-
2 · 1 Effect of "Leverage" or "Gearing":
2 · 2 Currency specific risks:
2 · 3 Risk of Option holders:
1 · An option holder runs the risk of losing the entire amount paid for the option in a relatively short period of time. This risk reflects the nature of an option as a wasting asset which becomes worthless when it expires. An option holder who neither sells his option in the secondary market nor exercises it prior to its expiration will necessarily lose his entire investment in the option. If the price of the underlying does not change in the anticipated direction before the option expires, to an extent
2 · 4 Risks of Option Writers:
3 · TRADING THROUGH WIRELESS TECHNOLOGY/ SMART ORDER ROUTING OR ANY OTHER TECHNOLOGY:
4 · GENERAL
4 · 1 The term 'constituent' shall mean and include a client, a customer or an investor, who deals with a stock broker for the purpose of acquiring and/or selling of securities / derivatives contracts through the mechanism provided by the Exchanges.
4 · 2 The term 'stock broker' shall mean and include a stock broker, a broker or a stock broker, who has been admitted as such by the Exchanges and who holds a registration certificate from SEBI.
14 · should be filled only if nominee(s) is a minor:
1 · ___________________________________2.__________________________________________3___________________________________
1 · ___________________________________2.__________________________________________3___________________________________
1 · Suppose Client-3 and Client-4 establish within the pre-specified time period that they are not in default, do not have debit balance/dues towards the member and have not received the pay-out due.
2 · The remaining collateral of Client-3 and Client-4 (Rs 13 crore and Rs 2 crore respectively), along with the pay-out for the clients (Rs 2 crore each), shall be provided to the clients.
3 · The settlement shortfall would now be Rs 9 crore (Rs 5 crore shortfall in net payin, plus Rs 4 crore of pay-out made to Client-3 and Client-4).
4 · The settlement shortfall of Rs 9 crore shall be first adjusted with the SCM proprietary pay-in obligation of Rs 3 crore. Excess remaining proprietary collateral of SCM (Rs 3 crore) shall also be used towards the settlement shortfall.
5 · Remaining settlement shortfall of Rs 3 crore shall be attributed pro-rata to clients having pay-in, i.e., settlement shortfall of Rs 1.5 crore each shall be attributed to Client -1 and Client -2 and appropriated from their collateral.
1 · Suppose Client-3 establishes within the pre-specified time period of not being in default, not having debit balance/dues towards the member and not having received the pay-out due.
2 · The remaining collateral of Client-3 (Rs 13 crore), along with the pay-out (Rs 2 crore), shall be provided to the Client-3.
3 · The settlement shortfall would now be Rs 7 crore (Rs 5 crore shortfall in net payin, plus Rs 2 crore of pay-out made to Client-3).
4 · The settlement shortfall of Rs 7 crore shall be first adjusted with the SCM proprietary pay-in obligation of Rs 3 crore. Excess remaining proprietary collateral of SCM (Rs 3 crore) shall also be used towards the settlement shortfall.
5 · Remaining settlement shortfall of Rs 1 crore shall be attributed pro-rata to clients having pay-in, i.e., settlement shortfall of Rs 0.5 crore each shall be attributed to Client -1 and Client -2 and appropriated from their collateral.
1 · Suppose Client-1 and Client-3 establish within the pre-specified time period of not being in default, not having debit balance/dues towards the member and not having received the pay-out due, where applicable.
2 · The remaining collateral of Client-1 and Client-3 (Rs 7 crore and Rs 13 crore respectively) shall be provided to them. The pay-out due to Client-3 (Rs 2 crore) shall also be provided to Client-3.
3 · The settlement shortfall would now be Rs 7 crore (Rs 5 crore shortfall in net payin, plus Rs 2 crore of pay-out made to Client-3).
4 · The settlement shortfall of Rs 7 crore shall be first adjusted with the SCM proprietary pay-in obligation of Rs 3 crore. Excess remaining proprietary collateral of SCM (Rs 3 crore) shall also be used towards the settlement shortfall.
5 · Remaining settlement shortfall of Rs 1 crore shall be attributed to Client-2 (since it is established that Client -1 is not in default, no shortage shall be attributed to Client -1).
1 · to 10
10 · to 100
1 · Roles and Responsibilities of Chief Information Security Officer (CISO)/ Designated Officer:
2 · Measures against Phishing attacks/ websites:
3 · Patch Management and Vulnerability Assessment and Penetration Testing (VAPT):
4 · Measures for Data Protection and Data breach:
5 · Log retention:
6 · Password Policy/ Authentication Mechanisms:
7 · Privilege Management:
8 · Cybersecurity Controls:
9 · Security of Cloud Services:
10 · Implementation of CERT-In/ CSIRT-Fin Advisories:
11 · Concentration Risk on Outsourced Agencies:
12 · Audit and ISO Certification:
50 · Executive Summary
6 · 1. Security of the Cloud:
6 · 2. Security in the Cloud:
6 · 2.1. Vulnerability Management and Patch Management:
6 · 2.2. Vulnerability Assessment and Penetration Testing (VAPT):
6 · 2.3. Incident Management and SOC Integration:
6 · 2.4. Continuous Monitoring:
6 · 2.5. Secure User Management:
6 · 2.6. Security of Interfaces:
6 · 2.6.1. Management interface:
6 · 2.6.2. Internet facing interfaces:
6 · 2.6.3. Interfaces connected between RE's/relevant organizations (Through P2P or LAN/MPLS etc.) and CSP: ................................ ...................
6 · 2.7. Secure Software Development:
6 · 2.8. Managed Service Provider (MSP) & System Integrator (SI):
6 · 2.9. Encryption and Cryptographic Key Management:
6 · 2.10. End Point Security:
6 · 2.11. Network Security:
6 · 2.12. Backup and recovery solution:
6 · 2.13. Skillset:
6 · 2.14. Breach Notification:
51 · Abbreviations:
52 · Definitions
1 · Cloud Model Description-
128 · Ref: https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf
2 · Cloud Service Models -
129 · Ref: https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-145.pdf
3 · Regulated Entity (RE) –
4 · Key Management-
5 · Hardware Security Module (HSM)-
1 · Governance, Risk and Compliance (GRC):
2 · Selection of CSPs:
3 · Data Ownership and Localization:
4 · Responsibility of the RE (with respect to CSPs):
5 · Due Diligence by the RE (with respect to CSPs):
10 · Any other additional criteria that the RE considers appropriate/ as per RE's requirement.
6 · Security Controls 130 :
6 · 1.Security of the Cloud:
130 · For CSPs offering PaaS/ SaaS services, in the event any particular security control does not apply to their specific deployment model, such CSPs have to ensure that their vendor/ partner/ sub-contractor providing the underlying infrastructure/ platform fulfils the requirement of the security controls. The RE shall deploy the services of only those PaaS/ SaaS providers which have a back-to-back, clear and enforceable agreement with their vendor/ partner/ sub-contractor for the same .
131 · An indicative mind -map of security controls for cloud deployments is given in Appendix-B
132 · Any type of access/ user provided to SEBI/ any law enforcement agency of Government of India or state government shall be exempt from this clause
6 · 2.Security in the Cloud:
6 · 2.1. Vulnerability Management and Patch Management:
133 · SOC -2 is a voluntary compliance standard for information security developed by American Institute of Certified Public Accountants (AICPA).
6 · 2.2. Vulnerability Assessment and Penetration Testing (VAPT):
6 · 2.3. Incident Management and SOC Integration:
6 · 2.4. Continuous Monitoring:
6 · 2.5. Secure User Management:
6 · 2.6. Security of Interfaces:
6 · 2.6.1. Management interface:
6 · 2.6.2. Internet facing interfaces:
6 · 2.6.3. Interfaces connected between RE's/relevant organizations (Through P2P or LAN/MPLS etc.) and CSP:
6 · 2.7. Secure Software Development:
6 · 2.8. Managed Service Provider (MSP) & System Integrator (SI):
6 · 2.9. Encryption and Cryptographic Key Management:
6 · 2.10. End Point Security:
6 · 2.11. Network Security:
6 · 2.12. Backup and recovery solution:
6 · 2.13. Skillset:
6 · 2.14. Breach Notification:
7 · Contractual and Regulatory Obligations 134 :
134 · With respect to CSPs offering PaaS/SaaS services, REs shall deploy the services of only those CSPs which have a back -to -back, clear and enforceable agreement with their vendor/ partner/ sub-contractor providing their underlying infrastructure/ platform for fulfilling the requirements provided in this Principle.
8 · Business Continuity Planning (BCP), Disaster Recovery & Cyber Resilience:
9 · Concentration Risk Management:
10 · Recommendations:
2 · UNDERTAKING
135 · Words "Clauses 1 to 11 and Clauses 14 to 19 of Annexure A to MIRSD /SE/Cir-19/2009 dated Dec 3, 2009 " replaced with "Clause 6,8,14,15,16,18 and 19 of Annexure A to MIRSD/SE/CIR-19/2009 dated December 03, 2009" in view of Clauses 1,2,3,4,5,7,9,10,11 and 17 of SEBI Circular dated December 03, 2009, being incorporated in various provisions of SEBI Circular CIR/MIRSD/16/2011 dated August 22, 2011 and FMC Circular FMC/4/2011/G/30 dated December 16, 2011 and Annexures specified in these circulars.
10 · SB/CM cannot use borrowed funds for this purpose. Trading member shall give auditors certificate on half yearly basis to CC in this regard.