- SEBI, vide circular dated 08th September, 2017, 15th October, 2019 and 27th May, 2022 prescribed framework for Cyber Security and Cyber Resilience of Qualified Registrars to an Issue and Share Transfer Agents (QRTAs).
- Further, SEBI vide its circular dated 06th July, 2022 made partial modifications in the paragraph 51 of Annexure -1 of SEBI Circular dated 08th September, 2017.
- SEBI in the Circular said that Qualified Registrars to an Issue and Share Transfer Agents (QRTAs) must notify the stock exchanges or depositories as well as SEBI of any cyberattacks, threats or breaches within six hours of them becoming aware of the incident or it being brought to their notice.
- The incidents must also be reported to the Indian computer emergency response team (CERT-In).
- SEBI further availed requirement to file quarterly report containing cyberattacks, threats or breaches experienced by QRTAs and measures taken for mitigation within 15 days from the quarter ended June, September, December and March.
- Further, Qualified Registrars to an Issue and Share Transfer Agents (QRTAs) shall take necessary steps for implementation of this Circular.
- The provisions of the Circular shall come into force with immediate effect.
About the Author
