SEBI Guidelines to Stock Exchanges, Clearing Corporations & Depositories

Introduction

Securities & Exchange Board of India (“SEBI”) notified via circular dated November 22, 2024 through the guidelines on Market Infrastructure Institutions (“MIIs”) which includes Stock Exchanges, Clearing Corporations and Depositories was reformed by the recommendations of the Committee on Strengthening of Governance of MIIs with deliberations with the Industry Standards Forum (ISF).

Mechanism to enhance accountability

Under the legislation of Securities Contracts (Regulation) (Stock Exchanges and Clearing Corporations) Regulations, 2018 (“SECC Regulations”) and SEBI (Depositories & Participants) Regulations, 2018 (“D&P Regulations”), lays down the Code of Conduct for Public Interest Directors (“PIDs”) of the MII, to meet separately, at least once in every six months, to deliberate on certain critical issues. It is a mandate for all the PIIs to attend such meetings.

The PII meeting objectives should consist aspects like; to review the status of compliance with respect to the regulations, circulars, guidelines, etc. that are issued by SEBI on a frequent basis. It is important to discuss the functioning of the Critical Operations i.e., Vertical 1 and Regulatory, Compliance, Risk Management and Investor Grievances i.e., Vertical 2 in every meeting. Additionally, in the meeting it is to be discussed that in order to have a smooth functioning of Verticals 1 & 2, the adequacy of the resources (both financial and human) needs to be addressed. The proper procedures or steps taken by MII on observations by SEBI must be considered. Other compliance suggestions in this circular for addressing the proper accountability of the PIDs includes, PIDs being members of various other committees must inform about the working of the committees to other PIDs. Subsequently, the outcome of these meetings shall be submitted to SEBI and the Governing Board of the MII within 30 days of such meeting.

Other compliance requirement states that on a quarterly basis i.e., within 45 days from the end of the quarter, the Compliance Officer (“CO”) has to submit a report of any non-compliance of any Acts, rules, etc. under Regulation 30(3) of the SECC Regulations & regulation 81(3) of the D&P Regulations. The format of the report for CO is attached as Annexure-A1 and Annexure A-2 of the circular. Under Regulation 30A(2) of SECC Regulations and Regulation 81A(2) of D&P Regulations mandates Chief Risk Officer (“CRiO”) to submit the report half yearly i.e., within 90 days from the end of the half year to the SEBI. The format for the report for CRiO is attached as Annexure-B to the circular.

Regulation 33(7) of the SECC Regulations and Regulation 31(7) of the D&P Regulations mandates the MIIs to disclose the information regarding the agenda and minutes of the meetings on their websites with respect to compliance, regulatory, risk management and investor grievance areas. The MIIs are subjected to devise the internal Standard Operating Procedures (“SOPs”) for taking disciplinary actions against the KMPs for non-compliance with the regulatory guidelines and provisions.

Moreover, the disclosure requirements and corporate governance norms as there for listed companies shall mutatis mutandis apply to all MIIs. The disclosure requirements of Whistle Blower for as specified under Regulation 22 of the SEBI (LODR) Regulations, 2015 titled “Vigil Mechanism.”

Strengthening Supervision & Monitoring Mechanism of MIIs

The circular also substantiates over strengthening of the monitoring mechanism of the MIIs by installing advanced technologies such as Regulatory Technologies (“RegTech”) and Supervisory Technologies (“SupTech”). Additionally, the MIIs should have policies for appointment and monitoring of these back-office vendors or outsourced agencies.

Knowledge Upgradation of Directors on Governing Board

The regulations of SECC Regulations, 2018 and D&P Regulations mandates the MIIs to provide 7 days of training in a year to all the directors.

Policy on Data Sharing

The SECC Regulations and D&P Regulations mandates the MII to have an internal policy for sharing and monitoring of confidential and sensitive data, all the methods of data sharing online and offline including e-mails and social media for proper delegation of powers for sharing of data. The data sharing should be done on a non-discriminatory basis.

Appointment or Reappointment of Directors

As per the SECC Regulations and D&P Regulations, MIIs are required to forward at least two names to SEBI for further approval from the governing board. MIIs need to submit brief profiles of at least two prospective candidates. MII shall collect all the information and documents required from the shortlisted candidate and submit the same information to the SEBI.

KMPs-Reporting lines

The various KMPs that the SEBI regulations and circulars includes are CO and CRiO who shall be responsible for identification and mitigation of risks being faced. The Chief Technology Officer (“CTO”) focusses on the organization’s overall technology strategy and technical infrastructure. Chief Information Security Officer (“CISO”) is responsible for safeguarding data and information through cybersecurity practices.

Conclusion

This circular is issued by the SEBI within the powers conferred under Section 11(1) of the SEBI Act, 1992 read with Regulation 51 of the SECC Regulations and Regulation 97 of the D&P Regulations. This circular was introduced with the objective to protect the interests of investors in securities and to promote the development of and regulate the securities market. These guidelines by SEBI help and encourage investment as they provide protection to the investors. Particularly, the guidelines hold accountabilities in MIIs and KMPs for non-compliance of any regulatory framework.