SEBI Asks Brokers, Depository Participants To Submit Quarterly Reports On Cyber Attacks

The Securities and Exchange Board of India on Tuesday asked stock brokers and depository participants to submit quarterly reports, containing information on cyber-attacks and threats experienced by them, in 15 days after the end of the quarter.

"Effective from quarter ending on Dec. 31, 2019, the time period for submission of the report shall be 15 days after the end of the quarter," SEBI said in separate circulars.

For the quarter ended on Sept. 30, 2019, quarterly reports need to be submitted not later than Nov. 30 this in a specified format.

Apart from stock brokers and depository participants, SEBI said that registrars to an issue and share transfer agents would also need to follow this timeline.

The regulator, in December 2018, came out with cybersecurity framework for stock brokers and depository participants.

Under the framework, stock brokers and depository participants need to submit quarterly reports containing information on cyber attacks and threats experienced by them and measures taken to mitigate such vulnerabilities, threats and attacks including information on bugs.

SEBI said that mode of submission of such reports by the stock brokers and depository participants would be prescribed by exchanges and depositories, while registrars to an issue and share transfer agents would submit the report through e-mail.