Under the new framework, members will have to pay INR 20,000 per day if the exchanges are not informed of the incident within the required timeline, BSE and NSE said in separate posts.

Leading stock exchanges BSE and NSE have developed comprehensive guidelines for dealing with technical vulnerabilities at the members’ end in order to prevent disruptions.

Under the new framework, members will have to pay INR 20,000 per day if the exchanges are not informed of the incident within the required timeline, BSE and NSE said in separate posts.

The Guidelines define the technology infrastructure and system requirements that a Member must put in place to prevent any business downtime caused by technical glitches.

Also, the Guidelines prescribe Standard Operating Procedures (SOP) for reporting technical malfunctions by members, dealing with business disruption, managing such business disruption, including declaring disaster and making provisions for disciplinary action in the event of non-compliance in reporting or Inadequate business disruption management.

Technical glitches include malfunctions of hardware, software, or any products or services offered by members.

The exchanges said that members with a client base of more than 50,000 unique registered clients across all exchanges will be required to compulsorily develop a business continuity or disaster recovery plan to ensure a well-defined continuity plan in the event of such trading disruptions.

The circulars issued on Wednesday pointed out that this step will ensure the continuation of work and stability in the members’ operations in the event of any technical malfunction, so that the interest of investors and the market in general is not affected.

Regarding reporting requirements, the exchanges required members to be informed of the incident within two hours of the onset of the malfunction.

In addition, an initial incident report will be submitted to the exchange within T + 1 day of the incident (T is the date of the incident). The report will include the date and time of the incident, details and impact, and immediate action taken.

Furthermore, the root cause analysis (RCA) of the problem must be submitted within 21 business days.

Regarding the timeline for preparing the Business Continuity Planning (BCP) / Disaster Recovery (DR) planning, BSE and NSE said that members with 50,000 unique registered customers (across all segments / exchanges) need to comply with the requirements within 12 months.

Those related to the Internal Policy for Technical Failure and Preventive Recovery – related to system control, network integrity, backup and recovery – should be completed by March 2022.

The exchanges said if the incident is not reported to the exchange (failure to submit the initial report and/or RCA), the members will be liable to pay a fine of INR 20,000 for each business day after the specified due date.

They added that if cases of non-compliance are repeated on two or more occasions, appropriate disciplinary action will be initiated, after legal procedures have been followed and the opportunity for a hearing has been given.

In the event that members fail to move to the DR site within the stipulated time, appropriate disciplinary action will be taken through the exchanges.

In July, the Securities and Exchange Board of India (SEBI) released a detailed framework for penalizing Market Infrastructure Institutions (MIIs), which include exchanges, clearing firms and depositors, for technical loopholes.

Financial Express Telegram Financial Express is now available on Telegram. Click here to join our channel And stay up-to-date with the latest Biz news and updates.

Source link

By admin

Leave a Reply

Your email address will not be published.