TMI BlogMaster Circular for DepositoriesX X X X Extracts X X X X X X X X Extracts X X X X ..... ptation of Aadhaar based e-KYC process 1.1.4 SARAL Account Opening Form for resident individuals 1.1.5 Clarifications with regard to KYC requirement for eligible Foreign Investors 1.1.6 Acceptance of third party address as correspondence address 1.2 Exemptions from and clarifications relating to mandatory requirement of PAN 1.3 Simplification of demat account opening process (DP-BO Rights and Obligation Document) 1.4 Opening of demat account in case of HUF 1.5 Operation of minor s demat account 1.6 Facility for a Basic Services Demat Account (BSDA) 1.7 Change of Name in the Beneficial Owner (BO) Account 1.8 Fees/Charges to be paid by BO 1.9 Safeguards on transfer of securities in dematerialized mode 1.10 Delivery Instruction Slip (DIS) Issuance and Processing 1.11 Transmission of shares 1.12 SMS alerts for demat accounts operated by Power of Attorney 1.13 Exemption from sending quarterly statements of transactions by depository participants (DPs) to clients in respect of demat accounts with no transactions and no security balances 1.14 Discontinuation of sending transaction statements by depository participants to clients 1.15 Exem ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ivity by Clearing House / Clearing Corporation (CH/CC) with the Depository Clarification 4.15 Computing and monitoring of the Aggregate Value of Portfolio of Securities (AVPS) of the BOs held in dematerialised form by Stock Broker DPs 4.16 Rajiv Gandhi Equity Savings Scheme, 2012 (RGESS) 4.17 Principles of Financial Market Infrastructures (PFMIs) 4.18 Annual System Audit of Depositories 4.19 Guidelines for Business Continuity Plan (BCP) and Disaster Recovery (DR) 4.20 (Information Technology) IT Governance For Depositories 4.21 Guidelines for inspection of Depository Participants (DPs) by Depositories 4.22 Activity of Demat of warehouse receipts 4.23 Voting rights in respect of securities held in pool account 4.24 Risk Management Policy at the Depositories 4.25 Outsourcing by Depositories 4.26 Cyber Security and Cyber Resilience framework of Depositories 4.27 Database for Distinctive Number (DN) of Shares 4.28 Ticker on Website - For Investor awareness 4.29 Separate mobile number/ email id for the clients of Depository Participants (DPs) SCHEDULE List of Circulars Communications Section 1: Beneficial Owner (BO) Accounts ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... to bring about operational flexibility and in order to ease the PAN verification process, the intermediaries may verify the PAN of their clients online at the Income Tax website without insisting on the original PAN card, provided that the client has presented a document for Proof of Identity other than the PAN card. Reference: Circular SEBI/MIRSD/01/2013 dated January 04, 2013 1.1.2 Proof of Address (PoA) Reference: Circular MIRSD/SE/Cir-21/2011 dated October 05, 2011 List of documents admissible as Proof of Address: (*Documents having an expiry date should be valid on the date of submission.) a. Passport/ Voters Identity Card/ Ration Card/ Registered Lease or Sale Agreement of Residence/ Driving License/ Flat Maintenance bill/ Insurance Copy. b. Utility bills like Telephone Bill (only land line), Electricity bill or Gas bill - Not more than 3 months old. c. Bank Account Statement/Passbook -- Not more than 3 months old. d. Self-declaration by High Court and Supreme Court judges, giving the new address in respect of their own accounts. e. Proof of address issued by any of the following: Bank Managers of Scheduled Commercial Banks/Scheduled Co-Operat ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... tails enabling client identification and authentication from UIDAI based on client authorisation, on voluntary basis, intermediaries who utilize the services of KYC Service Agencies (KSAs) would be registered as KYC User Agencies (KUA) with UIDAI. Reference: Circular: CIR/MIRSD/29/2016 dated January 22, 2016 i. For entering into account based relationship, the client may provide the following information to the intermediary: a) Name b) Aadhaar number c) Permanent Account Number (PAN) ii. The above information can be provided by the client electronically including through any web enabled device. iii. The intermediary shall perform verification of the client with UIDAI through biometric authentication (fingerprint or iris scanning). Mutual Funds can also perform verification of the client with UIDAI through One Time password (OTP) received on client s mobile number or on e-mail address registered with UIDAI provided, the amount invested by the client does not exceed ₹ 50,000 per financial year per Mutual Fund and payment for the same is made through electronic transfer from the client s bank account registered with that Mutual Fund. iv. PAN of such clie ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... December 31, 2010 and SEBI Circular on AML dated March 12, 2014 shall also continue to remain applicable for set of individual investors mentioned in paragraph (ii) above. iv. For these set of individual investors, it has been decided to simplify the requirement of submission of proof of address . The matter has been examined in the light of amendment to the PML Rules, 2005 and accordingly, the requirement of submission of proof of address is as follows: a. Henceforth, individual investor may submit only one documentary proof of address (either residence/correspondence or permanent) while opening a trading account and / or demat account or while undergoing updation. b. In case the proof of address furnished by the said investor is not the address where the investor is currently residing, the intermediary may take a declaration of the residence/correspondence address on which all correspondence will be made by the intermediary with the investor. No proof is required to be submitted for such correspondence/residence address. In the event of change in this address due to relocation or any other reason, investor may intimate the new address for correspondence to the interm ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... n or the Local Custodian may fill the KYC form, if authorized through the PoA. 3. PAN to be taken for individual promoters holding control - either directly or indirectly, Partners/Trustees, whole time directors/two directors in charge of day to day operations and persons authorized to deal in securities on behalf of company/firm/others. Not applicable. 4. For foreign nationals, (allowed to trade subject to RBI and FEMA guidelines), copy of passport/PIO Card/OCI Card is mandatory. Proof of Identity document duly attested by the entities authorized for the same as per SEBI Circular dated October 5, 2011 or authorised signatories as mentioned at point 1 above may be adequate in lieu of the passport copy. 5. For foreign entities, CIN is optional; and in the absence of DIN no. for the directors their passport copy should be given. CIN no. is provided as an example and requires the client s registration number in its respective country. If the foreign entity does not have CIN, the equivalent registration number of the entity may b ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... o be obtained based on risk profile of the client. 9. Name, residential address, photograph, POI and POA of Partners/Trustees, whole time directors/two directors in charge of day to day operations and individual promoters A. Not required if Global Custodian /Local Custodian gives an undertaking to provide the following documents as and when requested for by intermediary: 1 A resolution from the Board of Directors and power of attorney granted to its managers, officers or employees to transact on its behalf; and 2 An officially valid document in respect of managers, officers or employees holding an attorney to transact on its behalf. B. If Global Custodian/Local Custodian does not provide such undertaking as stated in A above, intermediary shall take required details from Foreign Investors. 10. Copy of SEBI registration certificate to be provided. Custodian shall verify the SEBI registration certificate copy with the originals or with the details available on SEBI website and provide duly certified copy of such verified SEBI registration certificate to the inte ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... nment and Government related foreign investors such as Foreign Central Banks, Governmental Agencies, Sovereign Wealth Funds, International/ Multilateral Organizations/ Agencies. II. a) Appropriately regulated broad based funds such as Mutual Funds, Investment Trusts, Insurance / Reinsurance Companies, Other Broad Based Funds etc. b) Appropriately regulated entities such as Banks, Asset Management Companies, Investment Managers/ Advisors, Portfolio Managers etc. c) Broad based funds whose investment manager is appropriately regulated. d) University Funds and Pension Funds e) University related Endowments already registered with SEBI as FII/Sub Account III. All other eligible foreign investors investing in India under PIS route not eligible under Category I and II such as Endowments, Charitable Societies/Trust, Foundations, Corporate Bodies, Trusts, Individuals, Family Offices, etc. Annexure C Document Type Category I Category II Category III ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ired Photographs Not required Not required required Ultimate Beneficial Owner ('UBO') List Exempt required - Can declare no UBO over 25% required Proof Of Identity Exempt Exempt Required Proof of Address Exempt Exempt Exempt Photographs Exempt Exempt Exempt 1.1.6 Acceptance of third party address as correspondence address Reference: Circular CIR/MRD/DP/37/2010 dated December 14, 2010 i. SEBI has no objection to a BO authorizing the capture of an address of a third party as a correspondence address, provided that the Depository Participant (DP) ensures that all prescribed Know Your Client norms are fulfilled for the third party also. The DP shall obtain proof of identity and proof of address for the third party. The DP shall also ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ce Circular MRD/DoP/Dep/Cir-09/06 dated July 20, 2006 UN entities/ multilateral agencies exempt from paying taxes/filing tax returns in India are also exempt from the mandatory requirement of submitting their PAN card details, subject to the DPs collecting documentary evidence in support of such claims. 1.2.5 FIIs/Institutional Clients Reference Circular MRD/DoP/Dep/SE/Cir-13/06 dated September 26, 2006 Custodians shall verify the PAN card details of institutional clients with the original PAN card and provide duly certified copies of such verified PAN details to the brokers. This requirement is applicable in respect of institutional clients, namely, FIIs, MFs, VCFs, FVCIs, Scheduled Commercial Banks, Multilateral and Bilateral Development Financial Institutions, State Industrial Development Corporations, Insurance Companies registered with IRDA and Public Financial Institution as defined under section 4A of the Companies Act, 1956. 1.2.6 HUF, Association of Persons (AoP), Partnership Firm, unregistered Trust, Registered Trust, Corporate Bodies, minors, etc. 15 The BO account shall be in the name of natural persons, PAN card details of the respective HUF, ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... sibility of the depository participant nor it shall be in conflict with any of the clauses in this Document, Rules, Bye-laws, Regulations, Notices, Guidelines and Circulars issued by SEBI and the Depositories from time to time. Any such clause introduced in the existing as well as new documents shall stand null and void. ANNEXURE Rights and Obligations of Beneficial Owner and Depository Participant as prescribed by SEBI and Depositories General Clause 1. The Beneficial Owner and the Depository participant (DP) shall be bound by the provisions of the Depositories Act, 1996, SEBI (Depositories and Participants) Regulations, 1996, Rules and Regulations of Securities and Exchange Board of India (SEBI), Circulars/Notifications/Guidelines issued there under, Bye Laws and Business Rules/Operating Instructions issued by the Depositories and relevant notifications of Government Authorities as may be in force from time to time. 2. The DP shall open/activate demat account of a beneficial owner in the depository system only after receipt of complete Account opening form, KYC and supporting documents as specified by SEBI from time to time. Beneficial Owner information ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... Busines Rules of the Depositories. Transfer of Securities 11. The DP shall effect transfer to and from the demat accounts of the Beneficial Owner only on the basis of an order, instruction, direction or mandate duly authorized by the Beneficial Owner and the DP shall maintain the original documents and the audit trail of such authorizations. 12. The Beneficial Owner reserves the right to give standing instructions with regard to the crediting of securities in his demat account and the DP shall act according to such instructions. Statement of account 13. The DP shall provide statements of accounts to the beneficial owner in such form and manner and at such time as agreed with the Beneficial Owner and as specified by SEBI/depository in this regard. 14. However, if there is no transaction in the demat account, or if the balance has become Nil during the year, the DP shall send one physical statement of holding annually to such BOs and shall resume sending the transaction statement as and when there is a transaction in the account. 15. The DP may provide the services of issuing the statement of demat accounts in an Electronic mode if the Beneficial Owner so des ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... e payment along with interest, if any. Liability of the Depository 21. As per Section 16 of Depositories Act, 1996, a. Without prejudice to the provisions of any other law for the time being in force, any loss caused to the beneficial owner due to the negligence of the depository or the participant, the depository shall indemnify such beneficial owner. b. Where the loss due to the negligence of the participant under Clause (1) above, is indemnified by the depository, the depository shall have the right to recover the same from such participant. Freezing/ Defreezing of accounts 22. The Beneficial Owner may exercise the right to freeze/defreeze his/her demat account maintained with the DP in accordance with the procedure and subject to the restrictions laid down under the Bye Laws and Business Rules/Operating Instructions. 23. The DP or the Depository shall have the right to freeze/defreeze the accounts of the Beneficial Owners on receipt of instructions received from any regulator or court or any statutory authority. Redressal of Investor grievance 24. The DP shall redress all grievances of the Beneficial Owner against the DP within a period of thirt ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... per law, in case of HUF, shares can be held in the name of Existing Karta on behalf of HUF. Therefore, HUF demat accounts can be opened in the name of Existing Karta but not in the name of Deceased Karta and HUF entity. 1.5 Operation of minor s demat account Reference: SMDRP/NSDL/4615 /2000 dated March 13, 2000 Under [The] Hindu Minority and Guardianship Act, 1956, permission of Court is required in the case of transfer by a natural guardian of immovable property of a minor. However, shares are not immovable properly. Section 2(7) of Sale of Goods Act, 1930 includes shares within the definition of goods''. Neither the Indian Contract Act nor the Sale of Goods Act provide for transfer by sale or otherwise by guardian /natural guardian of goods/movable property in the name of minor to the effect that permission of court is required in the matter of such transfer. In the case of accounts of minor in banks also, the guardian is entitled to open, operate and even close the account also. The DP account can, therefore, be operated by a natural guardian without any order from the court though the same is neither expressly permitted nor prohibited. 1.6 Facility for ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... aken in to account. The value of suspended securities may not be considered for the purpose of determining eligibility of demat account as BSDA. iii. If the value of holding in such BSDA exceeds the prescribed criteria at any date, the DPs may levy charges as applicable to regular accounts (non BSDA) from that date onwards. iv. The DPs shall assess the eligibility of the BOs at the end of the current billing cycle and convert eligible demat accounts into BSDA. 1.6.5 Services for Basic Services Demat Accounts : i. Transaction statements : a. Transaction statements shall be sent to the BO at the end of each quarter. If there are no transactions in any quarter, no transaction statement may be sent for that quarter. b. If there are no transactions and no security balance in an account, then no further transaction statement needs to be provided. c. Transaction statement shall be required to be provided for the quarter in which the account became a zero balance account. ii. Holding Statement : a. DP shall send atleast one annual physical statement of holding to the stated address of the BO in respect of accounts with no transaction and nil balance even aft ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ual Beneficial Owner s (BO) account, it has been decided that an individual BO may be allowed to change his/ her name, subject to the submission of following documents at the time of change of name of the individual in the BO account. i. In case of change in name on account of marriage following documents shall be submitted: Marriage Certificate or copy of Passport showing husband s name or publication of name change in official gazette. ii. In case of change in name on account of reasons other than marriage Publication of name change in official gazette. iii. In case of change in father s name: Publication of name change in official gazette. 1.7.2 The Depository Participants (DPs) shall collect the self attested copies of above documents and maintain the same in their records after verifying with the original document. 1.8 Fees/Charges to be paid by BO 1.8.1 Account opening, custody and credit of securities Reference Circular MRD/DoP /SE/Dep/Cir-4/2005 dated January 28, 2005 With effect from February 1, 2005 i. No investor shall pay any charge towards opening of a Beneficial Owner (BO) Account except for statutory charges as applicable; ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... thly AMC. 1.8.6 Dissemination of tariff/charge structure of DPs on the website of depositories Reference Circular MRD/Dep/Cir- 20/06 dated December 11, 2006 i. DPs shall submit to their depository the tariff/charge structure every year, latest by 30th April, and also inform the depository the changes in their tariff/charge structure as and when they are effected with a view to enabling the BOs to have a comparative analysis of the tariff/charge structure of various DPs. ii. For this purpose depositories shall put in place necessary systems and procedures including formats, periodicity, etc. for collection of necessary data from the DPs and dissemination of the same on their website which would enable the investors to have a comparative analysis of the tariff/charge structure of various DPs. 1.9 Safeguards to address the concerns of the investors on transfer of securities in dematerialized mode Reference Circular SEBI/MRD/Dep/Cir-03/2007 dated February 13, 2007 and Circular SEBI/MRD/Dep/Cir-03/2008 dated February 28, 2008 Following safeguards shall be put in place to address the concerns of the investors arising out of transfer of securities from the BO Acco ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... e system level checks by the depositories. b. Layout and size of DIS so as to facilitate scanning and easy retrievability of records ii. The DIS must bear a pre-printed serial number, DP ID, and a pre-printed/pre stamped Beneficial Owner (BO) ID. The depositories shall prescribe a standard method of serial numbering and ensure that serial numbers issued by a DP are unique within the DP-ID. iii. DPs shall ensure that a. same DIS shall not be used for giving both market and off-market instructions b. a single DIS shall not be used for transactions with multiple execution dates. Monitoring of DIS iv. Upon issuance of DIS booklets or loose slips to BO, the DPs shall make available immediately the following details of the DIS to the depository system electronically: a. the DIS serial number b. BO ID c. date of issuance, and d. any other relevant details as decided by the depository v. At the time of execution of DIS, DPs shall enter the serial number of DIS in the depository system for validation. The depositories shall make provisions in their systems to facilitate the same. vi. In respect of all the transfer instructions on a DIS, Depositorie ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... along with the Claim Form/TRF and copy of death certificate duly notarized/ attested by a Gazetted officer or Family Settlement Deed as an alternate to the NOC duly executed by all the legal heirs of the deceased Beneficial Owner, provided that: a. The Family Settlement Deed clearly vests the securities in favour of the person seeking transmission in his/ her name. b. Vesting of securities in favour of the person seeking transmission in his/ her name is not contingent upon any other onerous conditions in such Family Settlement Deed. Note: If the division of shares as per the Family Settlement Deed is amongst more than one person, then the Family Settlement Deed can be considered as an NOC for transmission of shares to each legal heirs applying for transmission. However, if DPs still have problems in comprehending the contents of the Family Settlement Deed, they should refer the matter to Depositories for necessary advice on case-to-case basis. 1.11.2 DP(s) shall automatically open new account in the name of the surviving members(s), in the same order as in the original account, on an application by the surviving member(s) based on existing documents required as per the ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ught: i. Affidavit made on appropriate non judicial stamp paper to the effect of identification and claim of legal ownership to the securities ii. For value of securities upto ₹ 2,00,000 (Rupees Two lakh only) per issuer company as on date of application, one or more of the following documents: a. No objection certificate [NOC] from all legal heir(s) who do not object to such transmission (or) copy of Family Settlement Deed duly notarized or attested by a Gazetted Officer and executed by all the legal heirs of the deceased holder. b. Indemnity made on appropriate non judicial stamp paper indemnifying the STA/Issuer Company. iii. For value of securities more than ₹ 2,00,000 (Rupees Two lakh only) per issuer company as on date of application: a. Succession certificate (or) Probate of will (or) Letter of Administration (or) Court decree. End of Annexure A 1.12 SMS alerts for demat accounts operated by Power of Attorney Reference: SEBI/MRD/DEP/VM/169784 /09 dated July 15, 2009 Subscription to SMS Alert facility for depository accounts operated through Power of Attorney (POA) would be mandatory except in case of accounts held by non-ind ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ion statements are returned undelivered and they need to communicate the proper (new) address. v. The DP ensures that on receipt of request for address modification from the client as per the stipulated procedure, the dispatch of transaction statements is immediately started. Further, the DP ensures that transaction statements that were not delivered and dispatched due to discontinuation are also dispatched immediately without any additional cost to the clients. 1.15 Exemption to Depository Participants (DPs) from providing hard copies of transaction statements to BOs Reference Circular MRD/DoP/Dep/Cir-27/2004 dated August 16, 2004 DPs are permitted to provide transaction statements and other documents to the BOs under Digital signature, as governed under the Information Technology Act, 2000, subject to the DP entering into a legally enforceable arrangement with the BO for the said purpose. While such practice in the aforesaid manner shall be deemed to be in compliance of the provisions of the Regulation 43 of SEBI (Depositories Participants) Regulations, 1996; if the BO is still desirous of receiving statements in hard copy, DPs shall be duty bound to provide the ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... and securities held in demat form with the Depositories. ii. The Depositories and the Asset Management Companies (AMCs)/ MF-RTAs shall put in place systems to facilitate generation and dispatch of single Consolidated Account Statements (CAS) for investors having MF investments and holding demat accounts. AMCs/ RTAs shall share the requisite information with the Depositories on monthly basis to enable generation of CAS. iii. Consolidation of account statement shall be done on the basis of PAN. In case of multiple holding, it shall be PAN of the first holder and pattern of holding. Based on the PANs provided by the AMCs/MF-RTAs, the Depositories shall match their PAN database to determine the common PANs and allocate the PANs among themselves for the purpose of sending CAS. For PANs which are common between depositories and AMCs, the Depositories shall send the CAS. In other cases (i.e. PANs with no demat account and only MF units holding), the AMCs/ MF-RTAs shall continue to send the CAS to their unit holders as is being done presently in compliance with the Regulation 36(4) of the SEBI (Mutual Funds) Regulations. iv. In case investors have multiple accounts across the two ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... mation on how to opt out of the facility if they do not wish to avail it. xi. Where such an option is exercised, the concerned depository shall inform the AMC/MF-RTA accordingly and the data with respect to the said investor shall not be shared by the AMC/MF-RTA with the depository. xii. If there is any transaction in any of the demat accounts of the investor or in any of his mutual fund folios, then CAS shall be sent to that investor on monthly basis. In case there is no transaction in any of the mutual fund folios and demat accounts then CAS with holding details shall be sent to the investor on half yearly basis. However, in case of demat accounts with nil balance and no transactions in securities and in mutual fund folios, the requirement to send physical statement shall be applicable as specified at para 1.6.5 and 1.6.6 of this chapter. xiii. Further, the holding statement dispatched by the DPs to their BOs with respect to the dormant demat accounts with balances shall also be dispatched half-yearly. xiv. The dispatch of CAS by the depositories to BOs would constitute compliance by the Depository Participants with requirement under Regulation 43 of SEBI (Depositorie ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... HENNAI 6. PUNE 7. KOLKATA 8. THANE 9. HYDERABAD 10. SURAT 11. JAIPUR 12. VADODARA 13. SECUNDARABAD 14. RAJKOT 15. INDORE ii. The incentive shall be provided at the end of the financial year only with respect to the new BSDA opened during the financial year and which displayed at least one credit in the account during the Financial Year. iii. Further to the above, in order to incentivize the DPs to promote holdings in the BSDA, the depositories may pay an amount of ₹ 2 per folio per ISIN to the respective depository participant (DP), in respect of the ISIN positions held in Basic Service Demat Accounts (BSDA). This incentive may be provided with respect to all the BSDA in the depository system. iv. The reimbursement to DPs shall be made on an annual basis at the end of the financia ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... cessary due diligence. 2.4 Printing of Grievances Redressal Mechanism on Delivery Instruction Form Book 52 To promote investor awareness regarding mechanism for redressing investor grievances, the information placed below shall be printed on the inside back cover of the Delivery Instruction Form (DIF) Book issued by all Depository Participants. In case you have grievances against a listed company or intermediary registered with SEBI, you should first approach the concerned company or intermediary against whom you have grievance. If you are not satisfied with their response, 52 Circular No. SEBI/MRD/DP/25/2012 dated September 21, 2012 you may approach SEBI or other regulatory bodies. You can approach SEBI for following type of grievances. Listed Companies Refund / Allotment/ Bonus/ Dividend/ Rights/ Redemption/ Interest Prelisting offer documents (shares) Prelisting offer documents (debentures and bonds) Delisting of Securities Buyback of Securities Takeover and Restructuring Corporate Governance and Listing conditions Brokers and stock exchanges Sto ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ed December 09,2015 i. With effect from April 27, 2011 depositories may levy and collect the charges towards custody from the issuers, on the basis of average no. of folios (ISIN position) during the previous financial year, as per the details given below: ii. Issuers to pay @ ₹ 11.00 (*) per folio (ISIN position) in the respective depositories, subject to a minimum as mentioned below: Nominal value of admitted securities (Rs.) Annual Custodial Fee payable by a Issuer to each Depository (Rs.) (*) Upto 5 crore 9,000 Above 5 crore and upto 10 crore 22,500 Above 10 crore and upto 20 crore 45,000 Above 20 crore 75,000 * Plus service tax as applicable iii. The average no. of folios (ISIN positions) for an Issuer may be arrived at by dividing the total number of folios for the entire financial year by the total number of working days in the said financial year. iv. Temporary ISIN shall not be considered for the purpose of computing the annual issuer charges. ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... August 23, 1999 In case of inter-Depository transfers of securities, the Registrars shall communicate the confirmation of such transfers within two hours, failing which such transfers shall be deemed to have been confirmed. The Registrars shall not reject inter-Depository transfers except where i. A Depository does not have adequate balance of securities in its account or ii. there is mismatch of transfer requests from the Depositories. 3.3.3 Common Registrars and Share Transfer agents Reference Circular SMDRP/Policy/Cir-28/99 dated August 23, 1999 Every company shall appoint the same Registrars and Share Transfer agents for both the depositories. 3.3.4 Dematerialisation requests 51 , Reference: D CC/ 1099 / 2002 dated November 01, 2002 i. Registrars and Share Transfer agents shall accept partial dematerialisation requests and will not reject or return the entire dematerialization request where only a part of the request had to be rejected. In cases where a DP has already sent information about dematerialisation electronically to a Registrar but physical shares have not yet been delivered, the Registrar shall accept the demat request and carry out ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ctronic Clearing System (ECS) facility 3.6.1 Use of ECS for refund in public/ rights issues. Reference Circular SEBI/MRD/DEP/Cir-3/06 dated February 21, 2006 and circular SEBI/CFD/DIL/DIP/29/2008/01/02 dated February 1, 2008 For locations where facility of refund through ECS is available details of applicants shall be taken directly from the database of the depositories in respect of issues made completely in dematerialised form. Accordingly, DPs shall maintain and update on real time basis the MICR (Magnetic Ink Character Recognition) code of Bank branch of BOs and other bank details of the applicants in the database of depositories. This is to ensure that the refunds through ECS are made in a smooth manner and that there are no failed/wrong credits. 3.6.2 Updation of bank accounts details, MICR code and IFSC of bank branches by Depository Participants (DPs) Reference: MRD/DEP/PP/123624 /2008 dated April 23, 2008 i. It has been informed by RBI that they have been receiving complaints from managers to the issues that the funds routed through the electronic mode are getting returned by destination banks because of incorrect or old account numbers provided by ben ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... By 1.00 pm Completion of custodial confirmation of trades to CC/CH. (There is no separate extended time limit for late confirmations). By 2.30 pm Completion of process and download obligation files to brokers/ custodians by the CC/CH. 3 T+2 By 11.00 am Pay-in of securities and funds . By 1.30 pm Pay-out of securities and funds. ii. All Depositories shall adhere to the aforementioned activity schedule to implement T+2 rolling settlement. DPs shall adhere to the designated activities within the prescribed time limits as under: a. DPs shall accept instructions for pay-in of securities from clients in the physical form atleast upto 4 p.m. and in electronic form atleast upto 6 p.m. on T+1. b. DPs shall complete execution of pay-in instructions latest by 10:30 a. m. on T+2. c. Depositories shall download the processed pay-in files to the Exchange / Clearing House / Clearing Corporation latest by 11:00 a.m. on T+2. d. Pay-out of securities by the Exchange / Clearing House / Clearing Corporation t ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... es at the client level by the end of the same day. 4.3 Deadline time for accepting non pay-in related instructions Reference: MRD/VSS/ARR/ 12255/2004 dated June 10, 2004 i. The depositories are advised that any overrun of the time specified for 'spot delivery contract' in the SCRA would result in the contract becoming illegal under section 16 of the SCRA (unless it is put through the stock exchange). The DP-BO agreement cannot add anything to or subtract anything from this position. However, it should be the responsibility of the DP to ensure that the client's contract is not rendered illegal on account of delayed execution of the delivery instruction. ii. Keeping the hardships to change all the existing DP-BO agreements to enforce the above into consideration, it is advised that suitable bye laws can be made under section 26(2)(e) and (d) of Depositories Act, 1996 for imposing such obligation on the DPs. Therefore, it is advised to amend/insert bye laws which should expressly provide that the DPs shall execute the non pay-in related instructions on the same day or on the next day of the instruction. Further, pending such amendment, suitable instructions m ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... there is a need to communicate to the BOs that any procedure followed other than as specified under the aforesaid provisions of law shall not be treated as pledge. ii. In order to clarify the same, the depositories are advised to issue a communiqu to the DPs advising them to inform BOs about the procedure for pledging of shares held in demat form as enumerated in the relevant sections of the Depositories Act and SEBI (Depositories and Participants) Regulations, 1996. Depositories may also advise DPs that an off-market transfer of shares leads to change in ownership and cannot be treated as pledge. Further, this issue may also be taken up in the investor awareness programs wherein the manner of creation of pledge can be effectively communicated to the BOs directly. 4.7 Foreign investments in infrastructure companies in securities markets Reference Circular MRD/DSA/SE/Dep/Cust/Cir-23/06 dated December 22, 2006 i. Pursuant to Government of India Policy, foreign investments in infrastructure companies in the securities markets, namely Stock Exchanges, Depositories and Clearing Corporations shall be as under: a. Foreign investment shall be allowed in such companies u ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... mployee heading the complaint services division/cell/department. Contact detail (i.e. phone no., email id, postal address) of the said contact person be made widely available for e.g. on the websites of Depositories. b. address/redress the complaints within a period of 15 days upon receipt of complaint on SCORES. In case additional information is required from the complainant, the same shall be sought within 7 days of receipt on SCORES. In such case, the period of 15 days will be counted upon the receipt of additional information. c. maintain a monthly record of the complaints which are not addressed/redressed within 15 days from the date of receipt of the complaint/information, alongwith the reason for such pendency. d. Upload/update the ATR on the SCORES. Failure to do so shall be considered as non-redressal of the complaint and the complaint shall be shown as pending. 4.11 Limitation period for filing an arbitration reference Reference Circular CIR/MRD/DP/4/2011 dated April 7, 2011 i. It is decided that the limitation period for filing an arbitration reference shall be governed by the law of limitation, i.e., The Limitation Act, 1963. The modified limitation ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... 2 3 ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... N Total ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... N *including against authorized persons, employees, etc. **Non actionable means the complaint that are incomplete / outside the scope of Depository (Arrange the DPs in descending number of complaints filed against them during the period) Report 2A: Details of Arbitration Proceedings (where BO is a party) during 2008-09: Updated on mmm dd yyyy (to be updated every quarter) (In excel sheet) Sl. No. Name of Arbitrator No. of Awards Passed No. of Awards in favor of BOs No. of Awards appealed No. of Awards Implemented No. of cases pending for redressal at the end of period ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... No. of cases pending for redressal at the end of period Filed by DP Filed by BO Pending For more than 6 months For more than 3 months, but less than 6 months 1 2 3 ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... N Report 3B: Penal Actions against Depository Participants (DPs) during 2009-10: Updated on mmm dd yyyy (to be updated every quarter) (in excel sheet) Sl. No. Name of DP Registration No. No. of Complaints received Action against DP, its authorized person and employees together No. of Penal Orders issued Monetary Penalties levied (Rs. lakh) No. of Arbitration Awards issued against DP For complaints For others For complaints For others 1 2 ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... N Total *Non actionable means the complaint that are incomplete / outside the scope of Depository (Arrange the companies in descending number of complaints filed against them during the period) Report 4B: Redressal of Complaints lodged by investors against Listed Companies during 2009 -10: Updated on mmm dd yyyy (to be updated every quarter) (In excel format) Sl. No. Name of the Company No. of Complaints Received Redressed through Depository Non-Actionable* Pending for R ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... I d Non Acceptance of demat/remat request Type III Transaction Statement Related III a Delay in/ Non-Receipt of Statements from DP III b Discrepancy in Transaction statement Type IV Improper Service Related IV a Insistence on Power of Attorney in its favour IV b Deactivation/ Freezing/ Suspension related IV c Defreezing related IV d Transmission Related IV e Pledge Related IV f SMS Related IV g Non-updation of changes in account (address/ signatories/bank details/ PAN/ Nomination etc.) Type V Charges Related V a Wrong/ Excess Charges V ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ards issued since April 1, 2007. Further, all regulatory orders and arbitration awards as and when issued shall be posted on their website immediately. 4.14 Establishment of connectivity by Clearing House / Clearing Corporation (CH/CC) with the Depository Clarification Reference: MRD/DoP/ Dep/82334 /2006 dated December 14, 2006 i. On examination of the provisions of Regulations 19(a) and 31 of the SEBI (Depositories and Participants) Regulations, 1996, it is advised that registration of a CC/CH of a stock exchange as a DP with SEBI is not mandatory and a pre-requisite for it to obtain connectivity with the depositories. However, if the CC/CH of a stock exchange desires to function as any other Depository Participant , i.e. to open BO accounts for investors or clearing member account, registration as DP with SEBI is mandatory. ii. In view of the above, Depositories are advised to provide continuous electronic means of communication / connectivity to the CH/CC of the Exchanges without insisting for a mandatory registration as DP with SEBI with a condition that such entities would not be permitted to open BO accounts for investors or clearing member account. 4.15 ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... s and Mutual Fund schemes. c. Section 6(c) of the notification states that the eligible securities brought into the demat account will automatically be subject to lock-in during the first year, unless the new investor specifies otherwise and for such specifications, the new retail investors shall submit a declaration in Form B indicating that such securities are not to be included within the above limit of investment. It is clarified that such declaration shall be submitted by an investor to its Depository Participant within a period of one month from the date of transaction. d. For transactions undertaken by investors through their RGESS designated demat account, Depositories may seek necessary transactional details from stock exchanges viz. Actual Trade value, Trading date, Settlement number, etc, for the purpose of enforcing lock-in and for generating reports mandated vide MoF notification on RGESS. On receipt of such request from depositories, stock exchanges shall provide the details to depositories on an immediate basis. It shall also be ensured that a uniform file structure is used by stock exchanges and depositories for such intimation of transaction details. e. Wi ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... 12 Conversion (compulsory)* Involuntary 13 Conversion (optionally)* Involuntary 14 Redemption Involuntary (voluntary, if there is option to continue with revised terms) 15 Dividend on Mutual Fund Involuntary 16 Redemption of Mutual Fund Involuntary on maturity (voluntary, if there is option to shift between different scheme(s) or on account of exit option due to change in fundamental attributes of scheme) * Considering any conversion into equities (e.g.: Conversion of warrants into equities) End of Annexure A Annexure B Illustration of lock-in period in RGESS I. RGESS lock-in period if investments are brought in at once Annexure B Illustration of lock-in period in RGESS I. RGESS lock-in period if investments are brought are in installments 4.17 Principles of Financial Market Infrastructures (PFMIs) Reference Circular SEBI/MRD/DRMNP/26/2013 dated September 04, 2013 B ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... tically important institutions responsible for providing clearing, settlement and recording of monetary and other financial transactions. The different categories of FMIs, as identified under PFMIs, are listed below - Payment Systems (PSS) A payment system is a set of instruments, procedures, and rules for the transfer of funds between or among participants. The system includes the participants and the entity operating the arrangement. Payment systems are typically based on an agreement between or among participants and the operator of the arrangement, and the transfer of funds is effected using an agreed-upon operational infrastructure. Central Securities Depositories (CSD) Central securities depository provides securities accounts, central safekeeping services, and asset services, which may include the administration of corporate actions and redemptions, and plays an important role in helping to ensure the integrity of securities issues (that is, ensure that securities are not accidentally or fraudulently created or destroyed or their details changed). A CSD can hold securities either in physical form (but immobilised) or in dematerialised form (that is, they exis ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ant function of a TR is to provide information that supports risk reduction, operational efficiency and effectiveness, and cost savings for both individual entities and the market as a whole. Such entities may include the principals to a trade, their agents, CCPs, and other service providers offering complementary services, including central settlement of payment obligations, electronic novation and affirmation, portfolio compression and reconciliation, and collateral. Adoption of Principles of Financial Market Infrastructures vi. All CPSS and IOSCO members are required to strive to adopt the PFMIs and implement them in their respective jurisdictions. vii. SEBI as a member of IOSCO is committed to the adoption and implementation of the new CPSS-IOSCO standards of PFMIs in its regulatory functions of oversight, supervision and governance of the key financial market infrastructures under its purview. viii. Depositories and Clearing Corporations regulated by SEBI are FMIs in terms of the criteria described above. These systemically important financial infrastructures provide essential facilities and perform systemically critical functions in the market and shall hence be ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ld accept collateral with low credit, liquidity, and market risks. An FMI should also set and enforce appropriately conservative haircuts and concentration limits. Principle 6: Margin A CCP should cover its credit exposures to its participants for all products through an effective margin system that is risk-based and regularly reviewed. Principle 7: Liquidity risk An FMI should effectively measure, monitor, and manage its liquidity risk. An FMI should maintain sufficient liquid resources in all relevant currencies to effect same- day and, where appropriate, intraday and multiday settlement of payment obligations with a high degree of confidence under a wide range of potential stress scenarios that should include, but not be limited to, the default of the participant and its affiliates that would generate the largest aggregate liquidity obligation for the FMI in extreme but plausible market conditions. Settlement Principle 8: Settlement finality An FMI should provide clear and certain final settlement, at a minimum by the end of the value date. Where necessary or preferable, an FMI should provide final settlement intraday or in real time. Principle 9: Mon ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... iple 16: Custody and investment risks An FMI should safeguard its own and its participants assets and minimise the risk of loss on and delay in access to these assets. An FMI s investments should be in instruments with minimal credit, market, and liquidity risks. Principle 17: Operational risk An FMI should identify the plausible sources of operational risk, both internal and external, and mitigate their impact through the use of appropriate systems, policies, procedures, and controls. Systems should be designed to ensure a high degree of security and operational reliability and should have adequate, scalable capacity. Business continuity management should aim for timely recovery of operations and fulfillment of the FMI s obligations, including in the event of a wide-scale or major disruption. Access Principle 18: Access and participation requirements An FMI should have objective, risk-based, and publicly disclosed criteria for participation, which permit fair and open access. Principle 19: Tiered participation arrangements An FMI should identify, monitor, and manage the material risks to the FMI arising from tiered participation arrangements. Princi ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... d annually to ensure that the process is comprehensive effective: 1. The Audit shall be conducted according to the Norms, Terms of References (TOR) and Guidelines issued by SEBI. 2. Stock Exchange / Depository (Auditee) may negotiate and the board of the Stock Exchange / Depository shall appoint the Auditors based on the prescribed Auditor Selection Norms and TOR. The Auditors can perform a maximum of 3 successive audits. The proposal from Auditor must be submitted to SEBI for records. 3. Audit schedule shall be submitted to SEBI at-least 2 months in advance, along with scope of current audit previous audit. 4. The scope of the Audit may be extended by SEBI, considering the changes which have taken place during last year or post previous audit report 5. Audit has to be conducted and the Audit report be submitted to the Auditee. The report should have specific compliance / non-compliance issues, observations for minor deviations as well as qualitative comments for scope for improvement. The report should also take previous audit reports in consideration and cover any open items therein. 6. The Auditee management provides their comment about the Non-Conformities ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ntenance access - Vendor engineers. Physical access - Permissions, logging, exception reporting alerts. Environmental controls - Fire protection, AC monitoring etc. Fault resolution mechanism. Folder sharing and Back-up controls - Safeguard critical information on local desktops Incidences of violations in last year corrective actions taken 2. Software Change Control - It must include User awareness Processing of new feature request Fault reporting / tracking mechanism process for resolutions Testing of New releases / Bug-fixes - Testing process (automation level) Version Control - History, Change Management process etc. Development / Test/ Production environment - Segregation New release in Production - Promotion, Release note approvals Production issues / disruptions reported during last year corrective actions taken. 3. Data communication / Network controls - It must include Network Administration - Redundancy, Monitoring, breakdown resolution etc. WAN Management - Connectivity provisions for business continuity. Encryption - Router based as well as during transmission Connection Pe ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ort Guidelines The Audit report should have explicit coverage of each Major Area mentioned in the TOR, indicating any Nonconformity (NCs) or Observations (or lack of it). For each section - auditors should also provide qualitative input about ways to improve the process, based upon the best practices observed. The report should also include tabulated data to show NCs / Observations for each Major Area in TOR. Fully detailed report should be submitted, along with an Executive Summary in tabulated form including following information: Issue Log Column Heading Description Responsibility Major Area Major area/relevant clause in Terms of Reference against which compliance is being audited Auditor Description of Finding/ Observation Describe the findings in sufficient detail, referencing any accompanying evidence (e.g. procedure annual, interview notes, reports etc.) Auditor Reference Reference to the section in detailed report where full background information about the findings are ava ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... disasters. iv. The manpower deployed at DRS / NS should have similar expertise as available at PDC in terms of knowledge / awareness of various technological and procedural systems and processes relating to all operations such that DRS / NS can function at short notice, independently. v. Configuration of DRS / NS with PDC a) Hardware, system software, application environment, network and security devices and associated application environments of DRS / NS and PDC should have one to one correspondence between them. b) Exchanges / Depositories should have Recovery Time Objective (RTO) and Recovery Point Objective (RPO) not more than 4 hours and 30 minutes, respectively. c) Solution architecture of PDC and DRS / NS should ensure high availability, fault tolerance, no single point of failure, zero data loss, and data and transaction integrity. d) Any updates made at the PDC should be reflected at DRS / NS immediately (before end of day) with head room flexibility without compromising any of the performance metrics. e) Replication architecture, bandwidth and load consideration between the DRS / NS and PDC should be within stipulated RTO and ensure high availabili ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... k exchanges and depositories are advised to submit their BCP - DR policy to SEBI within 3 months from the date of this circular. Further, they should also ensure that point 1 (vi) (f) mentioned above is also included in scope of system audit as mentioned in the circular no. CIR/MRD/DMS/13/2011 dated November 29, 2011. These guidelines will be applicable to depositories, stock exchanges having nation-wide terminals and stock exchanges having trading on their own platforms. Further stock exchanges, currently having no trading on their own platforms, will be required to comply with these guidelines before recommencement of trading on their own platforms in terms of Circular No. MRD/DSA/SE/Cir-12/09 dated October 07, 2009. 4.20 (Information Technology) IT Governance For Depositories Reference: MRD/DMS/03/2014 dated January 21, 2014 i. SEBI constituted the Depository System Review Committee (DSRC) to undertake a comprehensive review of the Indian depository system. Based on the recommendations of DSRC, following guidelines are issued to strengthen the information Technology (IT) governance framework of depositories. ii. Depositories shall formulate an IT strategy committ ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... tioned in Annexure - I. During inspection, depositories shall cover implementation of circulars / guidelines issued by SEBI and guidelines / operating instructions / directions by depositories in respect of these areas. In addition, Depositories may include such other areas as felt appropriate. iv. For the purpose of determining the size of sample, depositories shall be guided by 'Adaptive Sample Size determination methodology' as mentioned at Annexure - II. Categorization / Risk Rating of DPs v. For the purpose of computing total risk score of DPs, depositories shall be guided by DP Rating Model / Categorization as mentioned at Annexure III. vi. Depositories should periodically undertake risk - impact analysis for each of the inspection areas, assign appropriate risk weightage, calculate risk scores for each DPs in the lines mentioned below. a. Risk Weightage: Depositories shall assign risk weights for each of inspection areas after taking into consideration following factors: 1. Operational risks in each of the inspection areas. 2. Category of DPs (such as stock broker DPs, bank DP, etc) 3. Size of Operation 4. Repetitive violations 5. ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ns / Directions from depositories on the areas mentioned below. 2. In case there are built in system checks at the depository that ensure compliance of any of the inspection areas / sub areas with regard to point 1.1 and 1.2 above, the depository may decide on the including the same during the inspection of DPs Inspection Areas A. Account Opening / KYC Documents A.1. Account Opening forms A.2. KYC Documents A.2.1. PAN Verification A.2.2. In-person verification A.2.3. Forwarding of Documents to KYC Registration Agency (KRA) A.3. Proof of Identity (POI) A.4. Proof of Address A.5. Correspondence Address A.6. Authorized Signatories A.7. Completeness / Validation of data entered into DPM with data provided in the Account Opening forms A.8. Minor BO / Joint / HUF accounts A.9. Account Activation A.10. PMS Accounts A.11. Nomination A.12. Any other area as may be specified by the depository B. Basic Service Demat Account (BSDA) B.1. Procedures and Checks pertaining to BSDA B.2. Any other area as may be specified by the depository C. Client Data Modification (CDM) C.1. Procedure for CDM C.2. Any other area as m ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... place(s) of record keeping I.2. Outsourcing of record keeping activities I.3. Any other area as may be specified by the depository J. Service Centre Opening and closing/ modification of service centers J.1. Procedure for Opening /Closure of Service centers J.2. Details of Service centre on Depository website J.3. Qualified persons at service centers J.4. Any other area as may be specified by the depository K. Information Technology areas K.1. Hardware, Software and Network requirements / configurations K.2. Logical and Physical restrictions / safeguards K.3. IT Security K.4. Procedure for alteration of parameters / configurations K.5. Redundancy K.6. Any other area as may be specified by the depository L. Power of Attorney (POA) L.1. Documents executed L.2. Maintenance of POA Register L.3. Clauses of POA L.4. Registration of BO for SMS Alert facility for POA L.5. Any other area as may be specified by the depository M. Inter Depository Transfers (IDT) M.1. Processing of IDT M.2. Checks pertaining to IDT M.3. Any other area as may be specified by the depository N. Account Transfer N.1. Procedure f ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... final sample size, then 100% of the samples shall be verified. DP Rating / Categorization Multiplier High risk 3 Medium High risk 2 Medium risk 1.5 Low risk 1 The selected sample shall maintain the proportion of new accounts opened in each category, except for Account Opening Forms (AOF) relating to FIIs where it shall be checked on a 100% basis. 2. Sample Size for inspection area relating to DIS Base sample size: 10% of total DIS processed or 200 processed DIS whichever is higher, with a maximum cap of 1000 DIS. Final Sample Size: The sample size shall also be dependent on rating / categorization of DP. The following multipliers shall be used to determine the final sample size for the current inspection. In case the total number of instances / cases is less than the final sample size, then 100% of the samples shall be verified. DP Rating / Categorization Multiplier High risk 3 ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... l be verified. Annexure-III DP Rating / Categorization Model I. Quantitative Score Calculation : Specific weights shall be assigned to each area as decided by each depository. The Total Quantitative Score shall be the summation of all individual inspection scores. Table: Indicative Table for calculation of Quantitative Score Sr No Inspection Areas Weight (A) B = No of Instances divided by Sample size Inspection Score IS = A*B A. Inspection Area 1 A.1. Inspection Sub Area A 1 A.2. Inspection Sub Area 2 Total Score for Inspection Area 1 B. Inspection Area 2 B.1. Inspection Sub Area B 1 B.2. Inspection Sub Area B 2 B.3. Inspection Sub Area B 3 ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... es (eg. Broking / custodian / banks etc) Total Qualitative Score = (Area Scores) Following indicative factors shall be taken into account for arriving at above mentioned qualitative score: (a) Ownership and Governance 1. Constitution of Board of DP Number of promoter directors, Independent Directors etc. 2. Role of non-executive directors / Independent directors. (b) Quality of Management 1. Experience, Fit and Proper and Qualification of Key Personnel. 2. Existence of Succession planning for top management especially in control functions. 3. Chinese walls between the activities in terms of manpower, resources etc. 4. Training and development of employees. 5. Adequacy of staff strength. 6. Compliance level of previous inspection observations/ directions of regulatory bodies (c) IT security and Business Continuity 1. High Availability. 2. Appropriate Interconnected Architecture. 3. Appropriate Recovery Time Objective (RTO) and Recovery Point Objective (RPO) and near Zero Data Loss . 4. Periodic drills that simulate the real life disaster scenarios on ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... d decision making process in crises and emergencies. ii. The Depositories shall put in place mechanism to implement the Risk Management Framework through a Risk Management Group/Committee which shall be headed by a Chief Risk Officer (CRO). The responsibilities of the said Committee shall include the following: a) t shall review and update the risk management framework periodically. The Board of the depository shall approve the Risk Management Framework and the Chief Risk Officer shall have access to the Board. The CRO shall be responsible, accountable and answerable to the board on overall risk management issues. 4.25 Outsourcing by Depositories Reference: CIR/MRD/DP/19/2015 dated December 09, 2015 Based on recommendations by DSRC, the depositories are advised to ensure the following: i. Depositories shall formulate and document an outsourcing policy duly approved by their Board based on the guidelines given below and the principles outlined in the SEBI circular CIR/MIRSD/24/2011 dated December 15, 2011. Core activities of Depositories ii. Core and critical activities of depositories shall not be outsourced. The core activities of the deposito ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... Audit of Depositories. 4.26 Cyber Security and Cyber Resilience framework of Depositories Reference: Circular CIR/MRD/DP/13/2015 dated July 06, 2015 i. SEBI as a member of IOSCO has adopted the Principles for Financial Market Infrastructures (PFMIs) laid down by CPMI-IOSCO and has issued guidance for implementation of the principles in the securities market. ii. Principle 17 of PFMI that relates to management and mitigation of Operational risk requires that systemically important market infrastructures institutions should identify the plausible sources of operational risk, both internal and external, and mitigate their impact through the use of appropriate systems, policies, procedures, and controls. Systems should be designed to ensure a high degree of security and operational reliability and should have adequate, scalable capacity. Business continuity management should aim for timely recovery of operations and fulfilment of the FMI s obligations, including in the event of a wide-scale or major disruption. iii. Depositories (hereafter referred as Market Infrastructure Institutions or MIIs) are systemically important market infrastructure institutions. As part ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... e controls, tools and measures, c. Detect incidents, anomalies and attacks through appropriate monitoring tools / processes, d. Respond by taking immediate steps after identification of the incident, anomaly or attack, e. Recover from incident through incident management, disaster recovery and business continuity framework. 4. The Cyber security policy should encompass the principles prescribed by National Critical Information Infrastructure Protection Centre (NCIIPC) of National Technical Research Organisation (NTRO), Government of India in the report titled Guidelines for Protection of National Critical Information Infrastructure and subsequent revisions, if any, from time to time. 5. MII should also incorporate best practices from standards such as ISO 27001, ISO 27002, COBIT 5, etc., or their subsequent revisions, if any, from time to time. 6. MII should designate a senior official as Chief Information Security Officer (CISO) whose function would be to assess, identify and reduce cyber security risks, respond to incidents, establish appropriate standards and controls, and direct the establishment and implementation of processes and procedures as per th ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... urces or facilities. 15. Any access to MII s systems, applications, networks, databases, etc., should be for a defined purpose and for a defined period. MII should grant access to IT systems, applications, databases and networks on a need-to-use basis and based on the principle of least privilege. Such access should be for the period when the access is required and should be authorized using strong authentication mechanisms. 16. MII should implement strong password controls for users access to systems, applications, networks and databases. Password controls should include a change of password upon first log-on, minimum password length and history, password complexity as well as maximum validity period. The user credential data should be stored using strong and latest hashing algorithms. 17. MII should ensure that records of user access are uniquely identified and logged for audit and review purposes. Such logs should be maintained and stored in encrypted form for a time period not less than two (2) years. 18. MII should deploy additional controls and security measures to supervise staff with elevated system access entitlements (such as admin or privileged users). Such ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... nating from internal and external sources. 29. Anti-virus software should be installed on servers and other computer systems. Updation of Anti-virus definition files and automatic anti-virus scanning should be done on a regular basis. Security of Data 30. Data-in motion and Data-at-rest should be in encrypted form by using strong encryption methods such as Advanced Encryption Standard (AES), RSA, SHA-2, etc. 31. MII should implement measures to prevent unauthorised access or copying or transmission of data / information held in contractual or fiduciary capacity. It should be ensured that confidentiality of information is not compromised during the process of exchanging and transferring information with external parties. 32. The information security policy should also cover use of devices such as mobile phone, faxes, photocopiers, scanners, etc. that can be used for capturing and transmission of data. 33. MII should allow only authorized data storage devices through appropriate validation processes. Hardening of Hardware and Software 34. Only a hardened and vetted hardware / software should be deployed by the MII. During the hardening process, MII should ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... d timely detection of unauthorised or malicious activities, unauthorised changes, unauthorised access and unauthorised copying or transmission of data / information held in contractual or fiduciary capacity, by internal and external parties. The security logs of systems, applications and network devices should also be monitored for anomalies. 44. Further, to ensure high resilience, high availability and timely detection of attacks on systems and networks, MII should implement suitable mechanism to monitor capacity utilization of its critical systems and networks. 45. Suitable alerts should be generated in the event of detection of unauthorized or abnormal system activities, transmission errors or unusual online transactions. Response and Recovery 46. Alerts generated from monitoring and detection systems should be suitably investigated, including impact and forensic analysis of such alerts, in order to determine activities that are to be performed to prevent expansion of such incident of cyber attack or breach, mitigate its effect and eradicate the incident. 47. The response and recovery plan of the MII should aim at timely restoration of systems affected by incide ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... n thereof, the Depositories are advised to create and maintain a database of distinctive numbers (DN) of equity shares of listed companies with details of DN in respect of all physical shares and overall DN range for dematerialised shares. 3. The DN database shall make available, information in respect of issued capital, such as DN Range, number of equity shares issued, name of stock exchange where the shares are listed, date of in-principle listing / final trading approval / dealing permission, shares held in physical or demat form, date of allotment, shares dematerialized under temporary (frozen) ISIN (International Securities Identification Number) or Permanent (active) ISIN etc., at one place. 4. Based on consultations with the Depositories and Stock Exchanges, the following guidelines are given for the operationalisation of the DN database - 4.1. Instructions to the Depositories 4.1.1. The depositories shall create and maintain a database to capture DN in respect of all physical equity shares and overall DN range for dematerialised equity shares issued by listed companies. 4.1.2. The depositories shall provide an interface to the Stock Exchange, Issuers/RTAs f ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ), (vi) and (vii) of 5.1.3], immediately upon granting of such permissions. ii. In respect of further issue of shares by listed companies, consequent to update of DN information by Issuers/RTAs, the stock exchange shall validate the DN information updated by the Issuer/RTA and update the date of in-principle listing approval, date of final trading approval / dealing permission and trading start date [as per point nos. (v), (vi) and (vii) of 5.1.3], immediately upon granting of such permissions. iii. In respect of companies coming out with initial public offer or new listings on stock exchanges, the stock exchange shall update the DN database with the total number of equity shares for which final trading approval / dealing permission has been granted. iv. In respect of companies whose capital is changed/altered for any reason other than further issuance of shares such as buy-back of shares, forfeiture of shares, capital reduction, etc., the stock exchange shall confirm such change/alteration in the capital as updated by the Issuer/RTA in the DN database. 4.2.3. In case the DN data on listed shares as per the records of Issuers/RTAs does not match with records of the St ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... r/ email id for the clients of Depository Participants (DPs) Email on Separate mobile number/ email id for the clients of Depository Participants (DPs) dated January 16, 2015. i. It has been observed that DPs do not have the procedure to check that separate mobile number/ email id is uploaded for each client. ii. In view of the same Depositories are advised to instruct their participants to ensure that separate mobile number/E-mail address is uploaded for each client. However, under exceptional circumstances, the participants may, at the specific written request of a client, upload the same mobile number/E-mail address for more than one client provided such clients belong to one family. Family for this purpose would mean self, spouse, dependent children and dependent parents. SCHEDULE CIRCULARS 1. Circular No. SMDRP/Policy/Cir-28/99 dated August 23, 1999. 2. Circular No. SMDRP/Policy/Cir-05/2001 dated February 1, 2001. 3. Circular No. D CC/FITTC/Cir-09/2002 dated July 4, 2002. 4. Circular No. D CC/FITTC/Cir-10/2002 dated September 25, 2002. 5. Circular No. D CC/FITTC/Cir-13/2002 dated November 1, 2002. 6. Circular No. D CC/FITTC/CIR - 12/ ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... ber 29, 2011. 43. Circular No. CIR/MRD/DMS/12/2012 dated April 13, 2012 44. Circular No. CIR/MRD/ DMS/17/2012 dated June 22, 2012 45. Circular No. CIR/MRD/ICC/16/2012 dated June 15, 2012. 46. Circular No. CIR/MRD/DP/21/2012 dated August 02, 2012. 47. Circular No. CIR/MIRSD/09/2012 dated August 13, 2012. 48. Circular No. CIR/MRD/DP/22/2012 dated August 27, 2012. 49. Circular No. CIR SEBI/MIRSD /11/2012 dated September 05, 2012. 50. Circular No. CIR/MRD/DP/24/2012 dated September 11, 2012. 51. Circular No. CIR/MRD/DP/DA/25/2012 dated September 21, 2012. 52. Circular No. CIR/MRD/DP/27/2012 dated November 01, 2012. 53. Circular No. CIR/MRD/DP/32/2012 dated December 06, 2012. 54. Circular No. CIR SEBI/MIRSD/01/2013 dated January 04, 2013. 55. Circular No. CIR/MRD/DP/10/2013 dated March 21, 2013. 56. Circular No. CIR SEBI/MRD/DRMNP/26/2013 dated September 04, 2013. 57. Circular No. CIR SEBI/MIRSD /07/2013 dated September 12, 2013. 58. Circular No. CIR SEBI/MIRSD/09/2013 dated October 08, 2013. 59. Circular No. CIR/MIRSD/10/2013 dated October 28, 2013. 60. Circular No. CIR SEBI/MIRSD/ 12/2013 dated December 04, 2013. 61. Circular No ..... X X X X Extracts X X X X X X X X Extracts X X X X
|