Sebi penalises Reliance Securities for cybersecurity, stock broker rules violations

Capital markets regulator Sebi on Wednesday imposed a fine of Rs 5 lakh on Reliance Securities for multiple breaches of the cybersecurity and cyber resilience framework applicable to stock brokers.

Reliance Securities is a Sebi-registered stock broker and a trading member of BSE, NSE, MCX and NCDEX.

The order came after the Securities and Exchange Board of India (Sebi) conducted a thematic inspection of Reliance Securities Ltd (noticee) with respect to cybersecurity and cyber resilience and framework on technical glitches applicable to specified members.

The period covered in the inspection was from April 1, 2023, to October 31, 2024.

The regulator found that Reliance Securities failed to carry out capacity planning based on peak load calculations and could not demonstrate that its installed capacity was 1.5 times the highest observed load as required under Sebi and NSE guidelines.

During inspection, Sebi further observed that Reliance Securities continued to rely on manual software testing and had not yet set up an automated environment and created a traceability matrix between software functionalities to test cases.

The market watchdog noted that a delay of 453 days in the implementation of the Log Analytics and Monitoring Application (LAMA) system was mandated for real-time reporting of key parameters. It also recorded the absence of evidence of log preservation as required under the norms.

In addition, Sebi also highlighted that Reliance Securities (Stock Broker) has failed to establish Business Continuity Planning (BCP) and Disaster Recovery Site (DRS) during the inspection and that 336 endpoints were not covered under Data Leakage Prevention (DLP) controls.

Accordingly, Sebi found that Reliance Securities flouted the Stock Brokers' rules and other market norms.