SEBI – IS Audit of Share Brokers

Cyber-attacks have impacted the entire globe very hard in the recent decade. The primary reason behind this is the evolution of hackers by the time which is much ahead and above the existing security levels used by online merchants.

Internet based trading

Securities trading

Procedures and safeguards

SEBI – IS Audit of Share Brokers

Cyber-attacks have impacted the entire globe very hard in the recent decade. The primary reason behind this is the evolution of hackers by the time which is much ahead and above the existing security levels used by online merchants. Therefore, an important need for strict guidelines on cybersecurity was realized by the SEBI for brokers who are major game-changers in the securities investments.

As per SEBI- The stockbroker shall be bound by all the rules & regulations of SEBI and relevant notifications issued by the government from time to time. Given below are some of the key highlights from SEBI for brokers on cyber-security:

  • The stockbroker shall ensure that all ECNs (Electronic Communication) sent through the e-mail shall be digitally signed, encrypted, non-tamper able and in compliance with the provisions of the IT Act, 2000
  • The stockbroker would be responsible for keeping a backup of all the ECN in a soft and non-tamper able form as per the compliance provisions of the IT Act, 2000 and as per the rules/regulations/guidelines issued by SEBI from time to time
  • A stockbroker is eligible for providing Internet-based trading (IBT) and securities trading using wireless technology that shall include the use of devices such as mobile phone, laptop with a data card, etc. which use Internet Protocol (IP).
  • The broker shall bring to the notice of client the features, risks, responsibilities, obligations, and liabilities associated with securities trading through wireless technology/internet/smart order routing or any other technology should be brought to the notice of the client by the stockbroker.

The purpose of the audit should be

  • To ensure that the books of account, records and documents have been maintained in the manner required under the Securities Exchange Board of India Act, 1992.
  • To ascertain whether adequate internal control systems, procedures and safeguards have been established and are being followed by the intermediary to fulfil its obligations under the Securities and Exchange Board of India Act, 1992.
  • To ascertain whether any circumstances exist which would render the intermediary unfit or ineligible for dealing in the securities market.
  • To ascertain whether the provisions of the securities laws and the directions and/or circulars issued there under by SEBI/Exchange have been complied with
  • To ascertain, whether the provision of Bye-laws, notices, circulars, instructions or orders issued by stock exchanges have been complied with
  • To inquire suo motu into such matters as may be deemed fit by the auditor in the interest of investors or the securities market.