Common Irregularities observed during inspection by Exchange
Common irregularities observed by the Exchange in the books of Trading Members for the period April 2024 to September 2024 are as follows:
| SR NO | HEADS | VIOLATION |
|---|---|---|
| 1 | Margin/settlement related | Incorrect reporting of margin/ MTM loss collection from clients to Exchange. |
| Delay in issuance of Daily Margin Statement to clients. | ||
| Issuance of Daily Margin Statement to clients with incorrect/incomplete details. | ||
| Non settlement of client funds on First Friday and/or Saturday of every month/ every quarter. | ||
| Non settlement of client funds within 3 working days, who have credit balance and not done any transaction in 30 calendar days since the last transaction. | ||
| Delay in settlement of client funds. | ||
| Trading member has not sent an intimation, including the details about the transfer of funds to clients by SMS and email at the time of running account settlement of funds. | ||
| Discrepancies observed in the retention statement sent to clients with respect to ledger balance, retention of funds and pledged securities. | ||
| Non-issuance/ Delay in issuance of statement of accounts & retention statement at the time of settlement of client accounts. | ||
| Pay-out of funds made to clients in excess of their available balances. | ||
| Passing on penalty to clients on account of short/non-collection of upfront margins. | ||
| 2 | Reporting of data to the Exchange | Incorrect reporting of data towards "Segregation and Monitoring of Collateral at Client Level" to Clearing Member/Clearing Corporation. |
| Incorrect reporting of data by the Member with respect to Client Level Holding Statement on a weekly/daily basis is not correct. | ||
| Incorrect reporting of data by the Member towards the weekly monitoring of client funds. | ||
| Incorrect reporting submitted by the Member towards Risk Based Supervision (RBS). | ||
| Non reporting of the closure of the Bank & DP accounts to the Exchange within one week of the closure. | ||
| 3 | Maintenance of records by the Trading member | Appropriate evidences not obtained in respect of the orders placed by clients. |
| Non maintenance of evidence of physical/electronic applications submitted by investors for placement of bids for initial public offering (IPO). | ||
| Bids are placed in primary market without obtaining prior consent from the clients. | ||
| Non-Maintenance of Register of Securities, Holding Statement, Bank Book and Client Ledger in the prescribed standard format. | ||
| Non maintenance of the payout request received from the clients for part payment of the credit balance clients. | ||
| Non-Maintenance of well documented risk management policy. | ||
| 4 | Authorised person (AP) related | Non conduct of inspection of Branches/Registered Authorised persons (APs) as per the applicable guidelines. |
| Trading Member has not ensured that their Authorised Persons are engaged only in permitted activities and are undertaking any business which is disallowed under the Byelaws. | ||
| 5 | Margin Trading Facilty (MTF) related | Incorrect reporting of Daily margin trading file (MTR file). |
| Non collection of adequate margin by the Member in the form of cash, cash equivalent or Group I equity shares, with appropriate hair cut. | ||
| Non adherence to leverage and exposure limits while granting the Margin trading facility. | ||
| 6 | Bank transfers related | Non permissible of transfer of funds between the bank accounts of the members. |
| Non-maintenance of daily reconciliation statement for fund transfers between own and client bank accounts. | ||
| 7 | Terminal related | Trading terminals situated at the place of inspection were not operated by approved users/persons. |
| Non-upload/ Error in upload of trading terminal details to the Exchange. | ||
| 8 | Other areas | Discrepancy in computation of Net-worth. |
| Delay in issuance of Contract notes /Issuance of contract notes to clients in other than the prescribed format. | ||
| Non-display of Notice Board & SEBI registration certificate at the inspection location/ Display of Notice Board which do not confirm to the regulatory requirements. | ||
| Non maintenance of adequate systems to ensure that the margin requirement payable in derivative segment is in proportion to the income proof declared by client. | ||
| 9 | KYC related | Contravening clauses incorporated in client registration documents by the Trading Member. |
| Client registration documents containing all the prescribed mandatory documents were not obtained and all the details were not properly filled in. | ||
| 10 | UCC related | Execution of the trades by the Trading members in the UCCs which were not permitted to trade. |
| Mapping of wrong category in case of NRI client in UCC Database. | ||
| 11 | Demat related | Pledging of fully paid securities in Client unpaid securities pledgee account (CUSPA). |
| Non communication (Email/SMS) to the clients after creation of pledge to CUSPA, informing them about their funds obligations and also rights of the members to sell such securities in event of failure by client to fulfill their obligation. | ||
| 12 | Cybersecurity related | Two Factor authentication is not enabled/enabled but not validated on important systems, used for both trading and administration. |
| Inadequate Password policy. | ||
| Configuration of DLP in Monitoring mode instead of prevention mode leading to inadequate configuration. | ||
| Non integration of all assets and end point devices in the DLP tool. | ||
| Lack of integration of all assets under Firewall, non retention of logs for appropriate period and non review for the logs. | ||
| 13 | VAPT related | End to end VAPT not covered, only and only network infrastructure covered. |
| Non coverage of all the broad areas in the VAPT scope (APIs, Mobile application, web application, Wi-Fi) as mentioned in the circular. | ||
| Non identification of multiple issues related to access control (IDOR), session management, biometric bypass, etc. | ||
| Non implementation of appropriate rate limits and throttling of requests for functionalities such as OTP generation and emails. | ||
| Usage of obsolete version of applications even after updated/upgraded version are available. | ||
| 14 | Upstreaming of client's funds | Non-compliance with respect to tenure of FDR made out of clients’ funds. |
Updated on: 19/12/2024
