OUR SUPPORT

Generally, the Broker warns clients to transact into any penny stocks as trading in such scrips is very risky. Further, the client is also required to adhere to exchange/members’ guidelines and due diligence while trading in such scrips. As such, we the broker, do hereby warn the client not to deal in any penny stocks. However, we at our sole discretion, may allow or disallow the clients (on case to case basis) to deal in penny stocks, subject to rules, regulations, articles,byelaws, circulars, directives and guidelines of SEBI and Exchanges as well as considering the prevalent market and other circumstances at related point of time.

The client’s combined limit for Capital and Derivatives market, is fixed as per the Ledger balance in line with respective client’s trade history/experience, if available, his financial capacity and/or credit worthiness and referrals. Further, Client’s Ledger Credit balance, Securities hold in Beneficiary Account, POA stock as well as margin amount etc. is also being considered. The limit can be increased / decreased based on credit balance of Funds / securities along with other criteria at Broker’s sole discretion.

The Broker discloses that it shall charge a brokerage at the rate being agreed by the client with Broker (including its branches or sub-brokers) depending upon market circumstances or as may be prescribed in KYC document / Back office Software. However, the Broker shall adhere to the maximum permissible limit (presently not to exceed 2.5 %) as may be prescribed by SEBI / Exchanges from time to time. On option segment of Exchange, it is hereby disclosed that brokerage shall not exceed 2.5% of the premium amount or Rs 100/- (per lot) whichever is higher.

The Client discloses that he/she/it is aware and agrees that pay-in of Securities or Funds are required to be delivered / made to Broker on T+2 day. In case of any default or if any amount is overdue from Client over such period as may be allowed by you, penalty / delayed payment charges @ 18 % p. a. (depending upon prevalent market rate) may be charged. However, this facility shall not be construed / resulted into permanent practice leading to funding by broker to client in contravention of applicable laws.

The Client also agree and confirm that in case of any delay (beyond permissible time limit as per SEBI’s or Exchange’s rules, regulations, byelaws, circulars and other applicable laws/ provisions) or in-ordinate delay in making the payment or clearance of or meeting up of any obligations, dues, debit balances, margin, MTOM debit balance etc. by client, then client’s open positions might be squared-off, credit balances of securities or securities lying with Broker might be sold off, credit balance of funds might be adjusted against client’s obligation, debit balances or liabilities WITHOUT ANY NOTICE from Broker as per prevalent RMS policy from time to time.

Clients are required to make Securities / Funds pay in on T+2 day.In case of default in security pay-in by the client and the shortage is at member level i.e. internal shortage, then the benefit calculated at 2 to 5 % on the next day’s Current Market Rate or Standard Rate of the day of sale whichever higher after pay-out day shall be recovered from the defaulting client and passed on to the respective beneficiary client.


In case of the default of securities pay-in by the client and the shortage is from the exchange, auction value of the respective exchange plus penalty (decided by the member from time to time) plus brokerage and other statutory charges shall be recovered from the defaulting client.


In the case of funds default by the client, the member shall be liquidating the stocks to recover the money. Any shortfall arising out of liquidating securities by the members shall also be recovered from the defaulting client along with interest (decided by the member from time to time).

Attention Investors:

1. Stock Brokers can accept securities as margin from clients only by way of pledge in the depository system w.e.f. September 1, 2020.

2. Update your mobile number & email Id with your stock broker/depository participant and receive OTP directly from depository on your email id and/or mobile number to create pledge.

3. Pay 20% upfront margin of the transaction value to trade in cash market segment.

4. Investors may please refer to the Exchange’s Frequently Asked Questions (FAQs) issued vide notice no. 20200731-7dated July 31, 2020 and 20200831-45 dated August 31, 2020 and other guidelines issued from time to time in this regard.

5. Check your Securities /MF/ Bonds in the consolidated account statement issued by NSDL/CDSL every month.

Use of Information Technology by securities market has grown rapidly and is now an important part of the operational strategy of securities. The number, frequency and impact of cyber incidents/attacks have increased manifold in the recent past, more so in the case of securities and financial sector including depositories. There is an urgent need to put in place a robust cyber security/resilience framework at stock broker or depositories to ensure adequate security of their assets on a continuous basis. It has, therefore, become essential to enhance the security of the institutions from cyber threats by improving the current defenses in addressing cyber risks.

Rapid technological developments in securities market have highlighted the need for maintaining robust cyber security and cyber resilience framework to protect the integrity of data and guard against breaches of privacy.

Since stock brokers and depository participants perform significant functions in providing services to holders of securities, it is desirable that these entities have robust cyber security and cyber resilience framework in order to provide essential facilities and perform systemically critical functions relating to securities market.

Cyber-attacks and threats attempt to compromise the Confidentiality, Integrity and Availability (CIA) of the computer systems, networks and databases (Confidentiality refers to limiting access of systems and information to authorized users, Integrity is the assurance that the information is reliable and accurate, and Availability refers to guarantee of reliable access to the systems and information by authorized users). Cyber security framework includes measures, tools and processes that are intended to prevent cyber-attacks and improve cyber resilience. Cyber Resilience is an organization’s ability to prepare and respond to a cyber-attack and to continue operation during, and recover from, a cyber-attack.

The SEBI has formulated certain guidelines vide Circular No. SEBI/HO/MIRSD/CIR/PB/2018/147 dated December 03, 2018  and SEBI/HO/MIRSD/TPD/P/CIR/2022/80 dated June 07, 2022  stating Cyber Security & Cyber Resilience framework for Stock Brokers / Depository Participants should be effective from April 01, 2019 includes:

•   Governance

The policy document is formulated, reviewed and approved by the Proprietor: Mr. Raj Kumar Agarwal of N. D. Shares & Securities (NDSS) at least annually and in case of any deviations, reason for such deviations should be provided in the Policy Document with the view to strengthen and improve its Cyber Security and Cyber Resilience framework.

NDSS appointed Mr. Anup Rajkumar Agarwal as the “Designated Officer” and “Chief Information Security Officer (CISO) whose function would be to assess, identify, and reduce security and Cyber Security risks, respond to incidents, establish appropriate standards and controls, and direct the establishment and implementation of processes and procedures as per the Cyber Security Policy.

NDSS constituted an Internal Technology Committee should review the implementation of the Policy    on a Half Yearly Basis approved by the proprietor. The review should be placed before the Proprietor for appropriate action.

NDSS should establish a reporting procedure to facilitate communication of unusual activities and events to Designated Officer in a timely manner.

The Designated officer and the technology committee of the NDSS should periodically review instances of cyber-attacks, if any, domestically and globally, and take steps to strengthen Cyber Security and cyber resilience framework.

NDSS should define responsibilities of its employees, outsourced staff, and employees of vendors, members or participants and other    entities, who may have privileged access or use systems / networks of NDSS towards ensuring the goal of Cyber Security.

• Identification

NDSS should identify and classify critical assets based on their sensitivity and criticality for business operations, services and data management. The critical assets should include business critical systems, internet facing applications /systems, systems that contain sensitive data, sensitive personal data, sensitive financial data, Personally Identifiable Information (PII) data, etc. All the ancillary systems used for accessing/communicating with critical systems either for operations or maintenance should also be classified as critical system. The Proprietor of NDSS should approve the list of critical systems.

To this end, NDSS should maintain up-to-date inventory of its hardware and systems, software and information assets (internal and external), details of its network resources, connections to its network and data flows.

NDSS should accordingly identify cyber risks (threats and vulnerabilities) that it may face, along with the likelihood of such threats and impact on the business and thereby, deploy controls commensurate to the criticality.

• Protection 

• Access controls

No person by virtue of rank or position should have any intrinsic right to access confidential data, applications, system resources or facilities.

Any access to our systems, applications, networks,databases, etc., should be for a defined purpose and for a defined period. NDSS should grant access to IT systems, applications,    databases and networks on a need-to-use basis and based on the principle of least privilege. Such access should be for the period when the access is required and should be authorized using strong authentication mechanisms.

NDSS should implement an access policy which addresses  strong  password  controls  for  users’  access  to  systems,  applications,         networks and databases.

All our critical systems accessible over the internet should have two-factor security (such as VPNs, Firewall controls etc.)

NDSS should ensure that records of user access to critical systems, wherever possible, are uniquely identified and logged for audit and    review purposes. Such logs should be maintained and stored in a secure location for a time period not less than two (2) years.

NDSS should deploy controls and security measures    to  supervise  staff  with  elevated  system  access  entitlements (such  as  admin  or privileged users) to NDSS Participant’s critical systems. Such controls and measures should inter-alia include restricting the number of privileged users, periodic review of privileged users’ activities, disallow privileged users from accessing systems logs in which their activities are being captured, strong controls over remote access by privileged users, etc.

Employees and outsourced staff such as employees of vendors or service providers, who may be given authorized access to the NDSS      critical systems, networks and other computer resources, should be subject to stringent  supervision, monitoring and access restrictions.

NDSS should formulate an Internet access policy to monitor and regulate the use of internet and internet based services such as social      media sites, cloud-based internet storage sites, etc. within the NDSS’s critical IT Infrastructure.

User Management must address deactivation of access of privileges of users who are leaving the organization or whose access privileges have been withdrawn.

• Physical Security       

Physical access to the critical systems should be restricted to minimum and only to authorized officials. Physical access of outsourced staff/visitors should be properly supervised by ensuring at the minimum that outsourced staff/visitors are accompanied at all times by authorized employees.

Physical access to the critical systems should be revoked immediately if the same is no longer required.

NDSS should ensure that the perimeter of the critical equipments room, if any, are physically secured and monitored by employing physical, human and procedural controls such as the use of security guards, CCTVs, card access systems, mantraps, bollards, etc. where appropriate.

• Network Security Management

NDSS should establish baseline standards to facilitate consistent application of security configurations to operating systems, databases,  network devices and enterprise mobile devices within their IT environment. The LAN and wireless networks should be secured within the NDSS premises with proper access controls.

NDSS should install network security devices, such as firewalls, proxy servers, intrusion detection and prevention systems (IDS) to protect  their IT infrastructure which is  exposed to  the internet, from security exposures originating from internal and external sources.

Adequate controls must be deployed to address virus / malware / ransomware attacks.These  controls  may  include  host /  network /  application  based  IDS  systems, customized kernels for Linux, anti-virus and anti-malware software etc.

• Data Security

Critical data must be identified and encrypted in motion and at rest by using strong encryption methods.

NDSS  should  implement  measures  to  prevent unauthorized  access  or  copying  or  transmission  of  data       /  information  held  in contractual or fiduciary capacity. It should be ensured that confidentiality of information is not compromised during the process of exchanging and transferring information with external parties.

The information security policy should also cover use of devices such as mobile phones, faxes, photocopiers, scanners, etc., within their critical IT infrastructure, that can be used for capturing and transmission of sensitive data.

NDSS should allow only authorized data storage devices within their IT infrastructure through appropriate validation processes.

• Hardening of Hardware and Software

NDSS should only deploy hardened hardware /software, including replacing default passwords with strong passwords and disabling or      removing services identified as unnecessary for the functioning of the system.

Open ports on networks and systems which are not in use or that can be potentially used for exploitation of data should be blocked and measures taken to secure them.

• Application Security in Customer Facing Applications

Application security for Customer facing applications offered over the Internet such as IBTs  (Internet Based Trading applications), portals containing sensitive or private information and  Back  office  applications (repository  of  financial  and  personal information offered by Brokers to Customers) are paramount as they carry significant attack surfaces by virtue of being available publicly over the Internet for mass use.

• Certification of off-the-shelf products

NDSS should ensure that off the shelf products being    used for core business functionality (such as Back office applications) should bear Indian Common criteria certification of Evaluation Assurance Level 4. The Common criteria certification in India is being provided by (STQC) Standardisation Testing and Quality Certification (Ministry of Electronics and Information Technology).  Custom developed / in-house software and components need not obtain the certification, but have to undergo intensive regression testing, configuration testing etc. The scope of tests should include business logic and security controls.

• Patch Managements

NDSS should establish and ensure that the patch management procedures include the identification, categorization and prioritization of    patches and updates. An implementation timeframe for each category of patches should be established to apply them in a timely manner.

NDSS should perform rigorous testing of security patches  and  updates,  where  possible,  before  deployment  into  the  production         environment so as to ensure that the application of patches do not impact other systems.

• Disposal of data systems and storage devices

NDSS should frame suitable policy for disposal of storage media and systems. The critical data / Information on such devices and        systems should be removed by using methods such as crypto shredding / degauss / Physical destruction as applicable.

NDSS should formulate a data-disposal and data- retention policy to identify the value and lifetime of various parcels of data.

• Vulnerability Assessment and Penetration Testing

NDSS should carry out periodic Vulnerability Assessment and Penetration Tests (VAPT) which inter-alia include critical assets and infrastructure components like Servers, Networking systems, Security devices, load balancers, other IT systems pertaining to the activities done as NDSS etc., in order to detect security vulnerabilities in the IT environment and in-depth evaluation of the security posture of the system through simulations of actual attacks on its systems and networks.

NDSS should conduct VAPT at least once in a financial year. NDSS should engage only CERT-In empanelled organizations for conducting VAPT. The final report on said VAPT should be submitted to the Bombay Stock Exchange (BSE) after approval from Technology Committee of respective NDSS, within 1 month of completion of VAPT activity.

In addition, NDSS should perform vulnerability scanning and conduct penetration testing prior to the commissioning of a new system which is a critical system or part of an existing critical system.

In case of vulnerabilities discovered in off-the-shelf products (used for core business) or applications provided by exchange empanelled vendors, NDSS should report them to the vendors and the exchanges in a timely manner.

Any gaps/vulnerabilities detected should be remedied on immediate basis and compliance of closure of findings identified during VAPT should be submitted to the BSE within 3 months post the submission of final VAPT report.

• Monitoring and Detection

NDSS should establish appropriate security monitoring systems and processes to facilitate continuous monitoring of security events / alerts and timely detection of unauthorised or malicious activities, unauthorised changes, unauthorised access and unauthorised copying or transmission of data / information held in contractual or fiduciary capacity, by internal and external parties. The security logs of systems, applications and network devices exposed to the internet should also be monitored for anomalies.

Further, to ensure high resilience, high availability and timely detection of attacks on systems and networks exposed to the internet, NDSS should implement suitable mechanisms to monitor capacity utilization of its critical systems and networks that are exposed to the internet.

• Response and Recovery

Alerts   generated   from   monitoring   and   detection   systems   should   be   suitably investigated in order to determine activities that are to be performed to prevent expansion of such incident of cyber attack or breach, mitigate its effect and eradicate the incident.

The response and recovery plan of the NDSS should have plans for the timely restoration of systems affected by incidents of cyber-attacks or breaches, for instance, offering alternate services or systems to Customers. NDSS should have the same Recovery Time Objective (RTO)  and  Recovery  Point  Objective (RPO)  as  specified  by  SEBI  for  Market Infrastructure Institutions vide SEBI circular CIR/MRD/DMS/17/20 dated June 22, 2012 as amended from time to time.

The response plan should define responsibilities and actions to be performed by its employees and support / outsourced staff in the event of cyber-attacks or breach of Cyber Security mechanism.

Any incident of loss or destruction of data or systems should be thoroughly analyzed and lessons learned from such incidents should be incorporated to strengthen the security mechanism and improve recovery planning and processes.

NDSS should also conduct suitable periodic drills to test the adequacy and effectiveness of the aforementioned response and recovery plan.

• Sharing of Information

All Cyber-attacks, threats, cyber-incidents and breaches experienced by the NDSS shall be reported to the BSE & SEBI within 6 hours of noticing / detecting such incidents or being brought to notice about such incidents. 

The incident shall also be reported to Indian Computer Emergency Response team (CERT-In) in accordance with the guidelines / directions issued by CERT-In from time to time. Additionally, the NDSS whose systems have been identified as “Protected system” by National Critical Information Infrastructure Protection Centre (NCIIPC) shall also report the incident to NCIIPC.

The quarterly reports containing information on cyber-attacks, threats, cyber-incidents and breaches experienced by the NDSS and measures taken to mitigate vulnerabilities, threats and attacks including information on bugs / vulnerabilities, threats that may be useful for other Stock Brokers / Depository Participants / Exchanges /Depositories and SEBI shall be submitted to the BSE within 15 days from the quarter ended June, September, December and March of every year. The above information should be shared to SEBI through the dedicated e-mail id: sbdp-cyberincidents@sebi.gov.in.

• Training & Education

NDSS should work on building Cyber Security and basic system hygiene awareness of staff (with a focus on staff from non-technical disciplines).

NDSS should conduct periodic training programs to enhance knowledge of IT / Cyber Security Policy and standards among the employees incorporating up-to-date Cyber Security threat alerts. Where possible, this should be extended to outsourced staff, vendors etc.

The training programs should be reviewed and updated to ensure that the contents of the program remain current and relevant.

• Systems managed by vendors

Where the systems (IBT, Back office and other Customer facing applications, IT infrastructure, etc.) of NDSS are managed by vendors and NDSS may not be able to implement some of the aforementioned guidelines directly NDSS should instruct the vendors to adhere to the applicable guidelines in the Cyber Security and Cyber Resilience policy and obtain the necessary self-certifications from them to ensure compliance with the policy guidelines.

• Systems managed by MII’s

Where  applications  are  offered  to  customers  over  the  internet  by  MIIs (Market Infrastructure Institutions), for eg.: NSE’s NOW, BSE’s BOW, BSE’s BEST etc., the responsibility of ensuring Cyber Resilience on those applications reside with the MIIs and not with NDSS. NDSS is exempted from applying the aforementioned guidelines to such systems offered by MIIs such as NOW, BOW, BEST, etc.

• Periodic Audits

The Terms of Reference for the System Audit of Stock Brokers specified vide circular no.  CIR/MRD/DMS/34/2013 dated November 06, 2013, should accordingly stand modified to include audit of implementation of the aforementioned areas.

The   Depository   Participants   and   Type   I   Stock Brokers ( as defined  in CIR/MRD/DMS/34/2013  dated  November  06,  2013)   should  arrange  to  have  their systems audited on an annual basis by a  CERT-IN empanelled auditor  or an independent CISA/CISM qualified auditor to check compliance with the above areas and  should  submit  the  report  to  BSE  along  with  the comments of the Proprietor of NDSS within three months of the end of the financial year.

Further, NDSS should conduct comprehensive cyber audit at least once in a financial year. NDSS should submit with BSE a declaration from the Proprietor certifying compliance by NDSS with all SEBI Circulars and advisories related to Cyber security from time to time, along with the Cyber audit report

NDSS should also comply Illustrative measures includes Data Security on Customer Facing Applications, Data Transport Security and Application Authentication Security stated by SEBI vide Circular No. SEBI/HO/MIRSD/CIR/PB/2018/147 dated December 03, 2018 in a timely manner.

All Stock Brokers / Depository Participants are directed to communicate the status of the implementation of the provisions of circular vide SEBI/HO/MIRSD/TPD/P/CIR/2022/80 dated June 07, 2022 to BSE within 10 days from the date of this Circular.

NDSS should be required to be complied Cyber Security & Cyber Resilience framework.

Standard Operating Procedure (SOP) for handling cyber security incidents

As per SEBI Directives, NDSS  should maintain Standard Operating Procedures (SOP) with respect to    handling of Cyber Security Incidents.

The following aspects shall form part of the SOP which needs to be complied with NDSS

o   NDSS should document Cyber Security incident handling process document i.e. Standard Operating Procedure (SOP) in place.

o   NDSS should examine the incidents and classify the incidents into High / Medium / Low as per their cyber security incident handling document.

o   The cyber security incident handling document shall define Actions / Response Mechanisms for the incident based on severity.

o   NDSS should report the incident to Indian Computer Emergency Response Team (CERT-In).

o   NDSS should provide the reference details of the reported incident to the BSE and SEBI. NDSS should also provide details regarding whether CERT-In team is in touch with the members for any assistance on reported incident. If the incident is not reported to CERT-In, NDSS should submit the reasons for the same to the BSE and SEBI.

o   NDSS should communicate with CERT-In / MHA / Cybercrime police for further assistance on the reported incident.

o   NDSS should submit details on whether the incident has been registered as a complaint with law enforcement agencies such as Police or cyber security cell. If yes, details need to be provided to Exchange and SEBI. If not, reason for not registering complaint should also be provided to BSE and SEBI.

o   The details of reported incidents and submission to various agencies by the member shall also be submitted to Division Chiefs (in-charge of divisions at the time of submission) of DOS-MIRSD and CISO of SEBI.

The Designated Officer of the NDSS (appointed in terms of para 6 of the aforementioned SEBI Circular dated December 03, 2018) shall continue to report any unusual activities and events within 24 hours of receipt of such Information as well as submit the quarterly report on the cyber-attacks & threats within 15 days after the end of the respective quarter.

Cyber Security Advisory – Distributed Denial of Service (DDoS) attacks on systems

As per SEBI Directives, NDSS should ensure following measures towards prevention of Distributed Denial of Service (DDoS) attacks on systems.

• • Take review of the cyber security safeguards put in place, and any gaps found should be fixed on priority.
  • Adequate safety and security measures (like intrusion detection/prevention system, anti-virus, firewall, etc.) are in place to protect the critical data, infrastructure, and applications.
  • Review the communication links provisioned for trading, communications and other services exposed to the customers and partners on the internet / private networks. Ensure that all the internet links and services are adequately protected from cyber-attacks including DoS / DDoS attacks.
  • Continuously monitor the applications and services for their availability and response time.
  • Any cyber security incident is promptly reported to the relevant authorities. 

NDSS should adhere to cyber security guidelines / advisories issued by SEBI, CERT-In and NCIIPC from time to time.

Under any of the circumstances, such as, client’s failure to meet pay-in or margin obligations or clearance of Outstanding / debit balance with broker before permissible time limit or beyond such period as may be allowed by broker as per its RMS policy, the Client may not be permitted to take any fresh or further position until the full clearance of earlier dues, obligation, outstanding etc. Even, broker can firstly setoff or adjust the payment or securities towards various dues and obligation of the client and until the full clearance of the same, shall not allow the client to take further / fresh position.
Further, it would be the duty of the client to monitor his / her / its position with the Broker from time to time. In case of any delay or failure in meeting any obligation, margin requirements etc. from client side, broker might close the existing position or open position WITHOUT ANY FURTHER INTIMATION to the client as per RMS policy. Such Circumstances may include (but not limited to):

1. failure to meet pay-in obligation on T+2 day,
2. delay in meeting the pay-in or margin requirement,
3. delay or failure in clearance of outstanding or dues to the broker,
4. returning or frequent returning of cheques of the client,
5. Unnecessary / Unwarranted dispute from client without any substantial cause / reason,
6. Client’s attitude of not coming to an amicable settlement for any dispute that can be settled without involvement of Exchange and /or SEBI,
7. As per prevalent RMS policy of the Broker,
8. Any direction from SEBI/Exchange or such other authorities,
9. Under such other circumstances as the Broker might think just and proper on case to case basis.

The Broker and/or client may suspend Client’s Trading Account from further dealing in the securities market through the broker in following circumstances:

1. As per Client’s prior written request of at least 2 days submitted to Broker at its Mumbai R.O. duly acknowledged by Broker (subject to clearance of entire outstanding/obligations)
2. Dormant or in-active status of client account beyond specified time limit as may be prescribed by Broker.
3. Under any circumstances mentioned in (a) to (i) above.

As per Broker’s RMS policy, the account in which no transactions has took place during the period of 6 months from the date of last transaction, the same shall be considered as Dormant / In-active account. Such transaction date may relate to any of the following date, whichever is later:

1. Entry related to contract or bill generation for buy/sell transaction or
2. Entry related to payment of funds or securities by client or
3. Entry passed by the broker by way of JV due to any dues / obligation recoverable from client including but not limited to auction charges, any penalty amount whether or not imposed by Exchange or SEBI or other authorities etc.

To designate the client’s account as Dormant / In-active account, the period of 6 months shall be counted from the last day of respective month in which any of the aforesaid last transaction took place. In case Broker treats the account of client as a dormant / in-active account, the funds or securities lying with the broker shall be refunded / returned to clients immediately on demand by the client.

In order to reactive the account, client needs to instruct the Broker in writing at least 2 days in advance at its Mumbai R.O. The Broker will try to promptly reactivate the said account subject to fulfillment of such conditions as Broker may consider fit and proper. Such written request DULY SIGNED BY CLIENT may also by sent by way of email on grievance@ndshares.com to Mr. Anup Rajkumar Agarwal (Compliance officer) from client’s own e-mail account registered with Broker. However, Broker may , in its own discretion, waive / reduce the period of 2 days as the circumstances may warrant on case to case basis.

The Securities & Exchange Board of India (Prohibition of Insider Trading) Regulations, 1992, was amended on 22nd February 2002 (hereinafter referred to as “Regulations”) in terms of which a Stock Broker is required, inter alia, to frame a Code of Conduct for Prevention of Insider Trading by Employees of a Stock Broker, including its Directors.

In line with the said Regulations, the following Code of Conduct (hereinafter referred to as “the Code”) has been adopted by M/s. N.D.SHARES & SECURITIES. (hereinafter referred to as “NDSS”), Member of Bombay Stock Exchange Limited. 

Director :

1. NDSS has appointed a Compliance Officer who reports to the Managing Directors.
2. The Compliance Officer shall be responsible for setting Policies and Procedures and monitoring the Rules & Regulations for the preservation of “Price Sensitive Information”, pre-clearing of all Designated Employees and their Dependents Trades (directly or through respective Department heads as decided by the NDSS). Monitoring of Trades and the Implementation of the Code of Conduct under the overall Supervision of the Directors
3. The Compliance Officer shall maintain a record of all NDSS Employees and any Changes done in the Employees List from time to time & help to understand any Clarifications regarding SEBI (Prohibition of Insider Trading) Regulations, 1992 and NDSS’s Code.
   
   

Prevention of “Price Sensitive Information” :

1. Employees / Directors shall maintain the Confidentiality of all Price Sensitive Information & must not pass such Information directly or indirectly by way of making a Recommendation for the Purchase or Sale of Securities
2. Price Sensitive Information is to be handled on a “Need to Know” basis, i.e. Price Sensitive Information should be disclosed only to those within NDSS, who need the Information to discharge their Duty and whose Possession of such Information will not give rise to a Conflict of Interest or Appearance of Misuse of the Information.
3. All Files of NDSS, containing Confidential Information shall be kept Secure & all computer files must have Adequate Security of Login and Password, etc
4. To prevent the Misuse of Confidential Information, NDSS separates those Areas which routinely have access to Confidential Information, considered “Inside Areas” from those Areas which deal with Sale / Marketing / Investment Advise or other Departments providing Support Services, considered “Public Areas”.
5. The Employees in Inside Area may be physically segregated from Employees in Public Area.
6. The Employees in the Inside Area shall not communicate any Price Sensitive Information to anyone in Public Area.
   
   

Prevention of Misuse of Price Sensitive Information :

1. Employees / Directors shall not use Price Sensitive Information to Buy or Sell Securities of any sort, whether for their Own Account, their Relative’s Account, NDSS’s Account or a Client’s Account. The Trading Restrictions shall apply for Trading in Securities.
2. All Directors / Employees of NDSS, who intend to deal in the Securities of listed Companies where NDSS has some assignments shall pre-clear the Transactions as per the pre-dealing Procedure as described here below.
3. An Application may be made in such form as specify by NDSS in this regard, to the Compliance Officer indicating the Name and Estimated Number of Securities that the Employees / Director intends to deal in with details of Demat DP with which he has a Security Account, the Securities in such Depository Mode and any other details as may be prescribed by NDSS in his rule & regulations.
4. An Undertaking shall be executed in favor of NDSS by such Employees.
   
   Directors incorporating, the following Clauses, as may be applicable :
   
   
5. That the Employees / Director does not received any “Price Sensitive Information” at the time of signing the Undertaking.
6. That in case the employees / director / partner receives “Price Sensitive Information” after the signing of the undertaking but before the execution of the transaction he/she shall inform the Compliance officer of the change in his position and that he/she would completely refrain from dealing in the securities of listed companies.
7. That he / she has not contravened the Code of Conduct for prevention of Insider Trading as specified by NDSS.
8. That he / she has made a Full and True Disclosure in the matter.
   
   

Restricted / Grey List :

1. In order to monitor above Procedures and Trading in Client Securities based on Inside Information, NDSS shall restrict Trading in certain Securities and designate such List as Restricted / Grey List.
2. Security of a Listed Company shall be put on the Restricted / Grey List if NDSS is handling any Assignment for the Listed Company or preparing Appraisal Report.
3. Any Security, which is being purchased or sold or is being considered for Purchase or Sale by NDSS on behalf of its Clients shall be put on the Restricted / Grey List
4. As the Restricted List itself is a Highly Confidential Information it shall not be communicated to anyone outside NDSS. The Restricted List shall be maintained & kept by Compliance Officer.
   
   

Penalty for Contravention of the Code :

1. Any Employee / Director who trades in Securities or communicates any Information or counsels any Person Trading in Securities, will be treated as Contravention of the Code & conduct, may be penalized and appropriate Action may be taken by NDSS
2. Employees / Directors of NDSS, who violate the Code, may also be subject to Disciplinary Action by the Company.
3. The Action by NDSS shall not preclude SEBI from taking any Action in case of Violation of SEBI (Prohibition of Insider Trading) Regulations, 1992.
   
   

Information to SEBI in case of Violation of SEBI (Prohibition of Insider Trading) Regulations :

In case of any violation observed by NDSS / its Compliance Officer that there has been a Violation of these Regulations, NDSS shall inform the SEBI.

OVERVIEW

The Directives as outlined below provide a general background and summary of the main provisions of the applicable anti-money laundering and anti-terrorist financing legislations in India. They also provide guidance on the practical implications of the Prevention of Money Laundering Act, 2002 (PMLA). The Directives also set out the steps that a registered intermediary or its representatives shall implement to discourage and to identify any money laundering or terrorist financing.

These Directives are intended for use primarily by intermediaries registered under Section 12 of the Securities and Exchange Board of India Act, 1992 (SEBI Act), Stock Exchanges, Depositories and other recognised entities under the SEBI Act and Regulations and rules thereunder. While it is recognized that a “one- size-fits-all” approach may not be appropriate for the securities industry in India, each registered intermediary shall consider the specific nature of its business, organizational structure, type of clients and transactions, when implementing the suggested measures and procedures to ensure that they are effectively applied. The overriding principle is that they shall be able to satisfy themselves that the measures taken by them are adequate, appropriate and abide by the spirit of such measures and the requirements as enshrined in the PMLA.

BACKGROUND

As per the provisions of PMLA and the Prevention of Money-Laundering (Maintenance of Records) Rules, 2005 (Maintenance of Records Rules), as amended from time to time and notified by the Government of India, every reporting entity (which includes intermediaries registered under section 12 of the SEBI Act, i.e. a stock-broker, share transfer agent, banker to an issue, trustee to a trust deed, registrar to an issue, asset management company, depository participant, merchant banker, portfolio manager, investment adviser and any other intermediary associated with the securities market and registered under Section 12 of the SEBI Act and stock exchanges), shall have to adhere to the client account opening procedures, maintenance records and reporting of such transactions as prescribed by the PMLA and rules notified there.

The Maintenance of Records Rules empower SEBI to specify the information required to be maintained by the intermediaries and the procedure, manner and form in which it is to be maintained. It also mandates the reporting entities to evolve an internal mechanism having regard to any guidelines issued by the regulator for detecting the transactions specified in the Maintenance of Records Rules and for furnishing information thereof, in such form as may be directed by SEBI.

The PMLA inter alia provides that violating the prohibitions on manipulative and deceptive devices, insider trading and substantial acquisition of securities or control as provided in Section 12A read with Section 24 of the SEBI Act will be treated as a scheduled offence under schedule B of the PMLA.

ESSENTIAL PRINCIPLES

These Directives have taken into account the requirements of the PMLA as applicable to the intermediaries registered under Section 12 of the SEBI Act. The detailed Directives have outlined relevant measures and procedures to guide the registered intermediaries in preventing ML and TF. Some of these suggested measures and procedures may not be applicable in every Each intermediary shall consider carefully the specific nature of its business, organizational structure, type of client and transaction, etc. to satisfy itself that the measures taken by it are adequate and appropriate and follow the spirit of the suggested measures and the requirements as laid down in the PMLA and guidelines issued by the Government of India from time to time.

In case there is a variance in Client Due Diligence (CDD)/ Anti Money Laundering (AML) standards specified by SEBI and the regulators of the host country, branches/overseas subsidiaries of registered intermediaries are required to adopt the more stringent requirements of the two.If the host country does not permit the proper implementation of AML/CFT measures consistent with the home country requirements, financial groups shall be required to apply appropriate additional measures to manage the ML/TF risks, and inform SEBI.

OBLIGATION TO ESTABLISH POLICIES AND PROCEDURES

Global measures taken to combat drug trafficking, terrorism and other organized and serious crimes have all emphasized the need for financial institutions, including securities market intermediaries, to establish internal procedures that effectively serve to prevent and impede money laundering and terrorist The PMLA is in line with these measures and mandates that all registered intermediaries ensure the fulfilment of the aforementioned obligations.

Financial groups shall be required to implement group wide programmes for dealing with ML/TF, which shall be applicable, and appropriate to, all branches and majority owned subsidiaries of the financial group as under:

a. policies and procedures for sharing information required for the purposes of CDD and ML/TF risk management;

b. the provision, at group level compliance, audit, and/or AML/CFT functions, of customer, account, and transaction information from branches and subsidiaries when necessary for AML/CFT purposes. This shall include information and analysis of transactions or activities which appear unusual (if such analysis was done);

similar provisions for receipt of such information by branches and subsidiaries from these group level functions when relevant and appropriate to risk management; and

c. adequate safeguards on the confidentiality and use of information exchanged, including safeguards to prevent tipping-off.

To be in compliance with these obligations, the senior management of a registered intermediary shall be fully committed to establishing appropriate policies and procedures for the prevention of ML and TF and ensuring their effectiveness and compliance with all relevant legal and regulatory The registered intermediaries shall:

1. issue a statement of policies and procedures, on a group basis where applicable, for dealing with ML and TF reflecting the current statutory and regulatory requirements;
2. ensure that the content of these Directives are understood by all staff members;
3. regularly review the policies and procedures on the prevention of ML and TF to ensure their Further, in order to ensure the effectiveness of policies and procedures, the person doing such a review shall be different from the one who has framed such policies and procedures;
4. adopt client acceptance policies and procedures which are sensitive to the risk of ML and TF;
5. undertake CDD measures to an extent that is sensitive to the risk of ML and TF depending on the type of client, business relationship or transaction;
6. have a system in place for identifying, monitoring and reporting suspected ML or TF transactions to the law enforcement authorities; and
7. develop staff members’ awareness and vigilance to guard against ML and TF.

POLICIES AND PROCEDURES TO COMBAT ML AND TF 

1. Communication of group policies relating to prevention of ML and TF to all management and relevant staff that handle account information, securities transactions, money and client records whether in branches, departments or subsidiaries;
2. Client acceptance policy and client due diligence measures, including requirements for proper identification;
3. Maintenance of records;
4. Compliance with relevant statutory and regulatory requirements;
5. Co-operation with the relevant law enforcement authorities, including the timely disclosure of information; and
6. Role of internal audit or compliance function to ensure compliance with the policies, procedures, and controls relating to the prevention of ML and TF, including the testing of the system for detecting suspected money laundering transactions, evaluating and checking the adequacy of exception reports generated on large and/or irregular transactions, the quality of reporting of suspicious transactions and the level of awareness of front line staff, of their responsibilities in this regard; and,
7. The internal audit function shall be independent, adequately resourced and commensurate with the size of the business and operations, organization structure, number of clients and other such factors.

WRITTEN ANTI MONEY LAUNDERING PROCEDURES

Each registered intermediary shall adopt written procedures to implement the anti-money laundering provisions as envisaged under the Such procedures shall include inter alia, the following four specific parameters which are related to the overall ‘Client Due Diligence Process’:

1. Policy for acceptance of clients;
2. Procedure for identifying the clients;
3. Risk Management;
4. Monitoring of Transactions.

CLIENT DUE DILIGENCE (CDD)

The CDD measures comprise the following:

1. Obtaining sufficient information in order to identify persons who beneficially own or control the securities Whenever it is apparent that the securities acquired or maintained through an account are beneficially owned by a party other than the client, that party shall be identified using client identification and verification procedures. The beneficial owner is the natural person or persons who ultimately own, control or influence a client and/or persons on whose behalf a transaction is being conducted. It also incorporates those persons who exercise ultimate effective control over a legal person or arrangement;

2. Verify the client’s identity using reliable, independent source documents, data or information.Provided that in case of a Trust, the reporting entity shall ensure that trustees disclose their status at the time of commencement of an account based relationship;

3. Identifying beneficial ownership and control, i.e. determine which individual(s) ultimately own(s) or control(s) the client and/or the person on whose behalf a transaction is being conducted. The beneficial owner shall be determined as under-

a) where the client is a company, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has a controlling ownership interest or who exercises control through other means.

Explanation:- For the purpose of this sub-clause:-

i. “Controlling ownership interest” means ownership of or entitlement to more than ten per cent of shares or capital or profits of the company;

ii. “Control” shall include the right to appoint majority of the directors or to control the management or policy decisions including by virtue of their shareholding or management rights or shareholders agreements or voting agreements;

b) where the client is a partnership firm, the beneficial owner is the natural person(s) who, whether acting alone or together, or through one or more juridical person, has ownership of/ entitlement to more than ten percent of capital or profits of the partnership or who exercises control through other means.

Explanation:- For the purpose of this clause:-

“Control” shall include the right to control the management or policy decision;

c) where the client is an unincorporated association or body of individuals, the beneficial owner is the natural person(s), who, whether acting alone or together, or through one or more juridical person, has ownership of or entitlement to more than fifteen per cent of the property or capital or profits of such association or body of individuals;

d) where no natural person is identified under (a) or (b) or (c) above, the beneficial owner is the relevant natural person who holds the position of senior managing official;

e) Where the client is a trust, the identification of beneficial owner(s) shall include identification of the author of the trust, the trustee, the beneficiaries with ten per cent or more interest in the trust and any other natural person exercising ultimate effective control over the trust through a chain of control or ownership; and

f) where the client or the owner of the controlling interest is an entity listed on a stock exchange in India, or it is an entity resident in jurisdictions notified by the Central Government and listed on stock exchanges in such jurisdictions notified by the Central Government, or it is a subsidiary of such listed entities, it is not necessary to identify and verify the identity of any shareholder or beneficial owner of such entities.

g) Applicability for foreign investors: Registered intermediaries dealing with foreign investors’ may be guided by SEBI Master Circular SEBI/HO/AFD-2/CIR/P/2022/175 dated December 19,2022 and amendments thereto, if any, for the purpose of identification of beneficial ownership of the client;

h) The Stock Exchanges and Depositories shall monitor the compliance of the aforementioned provision on identification of beneficial ownership through half yearly internal audits. In case of mutual funds, compliance of the same shall be monitored by the Boards of the Asset Management Companies and the Trustees and in case of other registered intermediaries, by their Board of Directors.

4. Verify the identity of the beneficial owner of the client and/or the person on whose behalf a transaction is being conducted, corroborating the information provided in relation to (iii);

5. Understand the ownership and control structure of the client;

6. Conduct ongoing due diligence and scrutiny, i.e. Perform ongoing scrutiny of the transactions and account throughout the course of the business relationship to ensure that the transactions being conducted are consistent with the registered intermediary’s knowledge of the client, its business and risk profile, taking into account, where necessary, the client’s source of funds;

7. Registered intermediaries shall review the due diligence measures including verifying again the identity of the client and obtaining information on the purpose and intended nature of the business relationship, as the case may be, when there are suspicions of money laundering or financing of the activities relating to terrorism or where there are doubts about the adequacy or veracity of previously obtained client identification data; and

8. Registered intermediaries shall periodically update all documents, data or information of all clients and beneficial owners collected under the CDD process such that the information or data collected under client due diligence is kept up-to-date and relevant, particularly for high risk clients.

No transaction or account-based relationship shall be undertaken without following the CDD procedure.

POLICY FOR ACCEPTANCE OF CLIENTS

All registered intermediaries shall develop client acceptance policies and procedures that aim to identify the types of clients that are likely to pose a higher than average risk of ML or TF. By establishing such policies and procedures, they will be in a better position to apply client due diligence on a risk sensitive basis depending on the type of client business relationship or transaction. In a nutshell, the following safeguards are to be followed while accepting the clients:

i) No registered intermediary shall allow the opening of or keep any anonymous account or account in fictitious names or account on behalf of other persons whose identity has not been disclosed or cannot be verified;

ii) Factors of risk perception (in terms of monitoring suspicious transactions) of the client are clearly defined having regard to clients’ location (registered office address, correspondence addresses and other addresses if applicable), nature of business activity, trading turnover and manner of making payment for transactions undertaken. The parameters shall enable classification of clients into low, medium and high risk. Clients of special category (as given below) may, if necessary, be classified even higher; Such clients require higher degree of due diligence and regular update of Know Your Client (KYC) profile;

iii) The registered intermediaries shall undertake enhanced due diligence measures as applicable for Clients of Special Category (CSC). CSC shall include the following:

a) Non – resident clients;

b) High net-worth clients;

c) Trust, Charities,      Non-Governmental      Organizations      (NGOs)and organizations receiving donations;

d) Companies having close family shareholdings or beneficial ownership;

e) Politically Exposed Persons (PEP). PEP are individuals who are or have been entrusted with prominent public functions in a foreign country, e.g., Heads of States or of Governments, senior politicians, senior government/judicial/military officers, senior executives of state-owned corporations, important political party officials, etc. The additional norms applicable to PEP as contained in the subsequent paragraph 14 of this circular shall also be applied to the accounts of the family members or close relatives of PEPs;

f) Clients in high risk countries. While dealing with clients from or situate in high risk countries or geographic areas or when providing delivery of services to clients through high risk countries or geographic areas i.e. places where existence or effectiveness of action against money laundering or terror financing is suspect, registered intermediaries apart from being guided by the FATF statements that inter alia identify such countries or geographic areas that do not or insufficiently apply the FATF Recommendations, published by the FATF on its website (fatf- gafi.org) from time to time, shall also independently access and consider other publicly available information along with any other information which they may have access to. However, this shall not preclude registered intermediaries from entering into legitimate transactions with clients from or situate in such high risk countries and geographic areas or delivery of services through such high risk countries or geographic areas.The intermediary shall specifically apply EDD measures, proportionate to the risks, to business relationships and transactions with natural and legal persons (including financial institutions) form countries for which this is called for by the FATF;

g) Non face to face clients. Non face to face clients means clients who open accounts without visiting the branch/offices of the registered intermediaries or meeting the officials of the registered Video based customer identification process is treated as face-to-face onboarding of clients;

h) Clients with dubious reputation as per public information available etc;

The above mentioned list is only illustrative and the intermediary shall exercise independent judgment to ascertain whether any other set of clients shall be classified as CSC or not.

iv) Documentation requirements and other information to be collected in respect of different classes of clients depending on the perceived risk and having regard to the requirements of Rule 9 of the PML Rules, Directives and Circulars issued by SEBI from time to time.

v) Ensure that an account is not opened where the intermediary is unable to apply appropriate CDD measures. This shall apply in cases where it is not possible to ascertain the identity of the client, or the information provided to the intermediary is suspected to be non – genuine, or there is perceived non – co-operation of the client in providing full and complete information. The registered intermediary shall not continue to do business with such a person and file a suspicious activity report. It shall also evaluate whether there is suspicious trading in determining whether to freeze or close the The registered intermediary shall be cautious to ensure that it does not return securities or money that may be from suspicious trades. However, the registered intermediary shall consult the relevant authorities in determining what action it shall take when it suspects suspicious trading.

vi) The circumstances under which the client is permitted to act on behalf of another person / entity shall be clearly laid down. It shall be specified in what manner the account shall be operated, transaction limits for the operation, additional authority required for transactions exceeding a specified quantity/value and other appropriate details. Further the rights and responsibilities of both the persons e. the agent- client registered with the intermediary, as well as the person on whose behalf the agent is acting shall be clearly laid down. Adequate verification of a person’s authority to act on behalf of the client shall also be carried out.

vii) Necessary checks and balance to be put into place before opening an account so as to ensure that the identity of the client does not match with any person having known criminal background or is not banned in any other manner, whether in terms of criminal or civil proceedings by any enforcement agency

viii) The CDD process shall necessarily be revisited when there are suspicions of ML/TF.

CLIENT IDENTIFICATION PROCEDURE

The KYC policy shall clearly spell out the client identification procedure (CIP) to be carried out at different stages i.e. while establishing the intermediary – client relationship, while carrying out transactions for the client or when the intermediary has doubts regarding the veracity or the adequacy of previously obtained client identification data.

Registered intermediaries shall be in compliance with the following requirements while putting in place a CIP:

i) All registered intermediaries shall proactively put in place appropriate risk management systems to determine whether their client or potential client or the beneficial owner of such client is a politically exposed person. Such procedures shall include seeking relevant information from the client, referring to publicly available information or accessing the commercial electronic databases of PEPs.

ii) All registered intermediaries are required to obtain senior management approval for establishing business relationships with PEPs. Where a client has been accepted and the client or beneficial owner is subsequently found to be, or subsequently becomes a PEP, registered intermediaries shall obtain senior management approval to continue the business

iii) Registered intermediaries shall also take reasonable measures to verify the sources of funds as well as the wealth of clients and beneficial owners identified as PEP.

iv) The client shall be identified by the intermediary by using reliable sources including documents / information. The intermediary shall obtain adequate information to satisfactorily establish the identity of each new client and the purpose of the intended nature of the relationship.

v) The information must be adequate enough to satisfy competent authorities (regulatory / enforcement authorities) in future that due diligence was observed by the intermediary in compliance with the directives. Each original document shall be seen prior to acceptance of a copy.

vi) Failure by prospective client to provide satisfactory evidence of identity shall be noted and reported to the higher authority within the intermediary.

SEBI has specified the minimum requirements relating to KYC for certain classes of registered intermediaries from time to time. Taking into account the basic principles enshrined in the KYC norms which have already been specified or which may be specified by SEBI from time to time, all registered intermediaries shall frame their own internal directives based on their experience in dealing with their clients and legal requirements as per the established practices.

Further, the intermediary shall conduct ongoing due diligence where it notices inconsistencies in the information The underlying objective shall be to follow the requirements enshrined in the PMLA, SEBI Act and Regulations, directives and circulars issued thereunder so that the intermediary is aware of the clients on whose behalf it is dealing.

Every intermediary shall formulate and implement a CIP which shall incorporate the requirements of the PML Rules Notification 9/2005 dated July 01, 2005 (as amended from time to time), which notifies rules for maintenance of records of the nature and value of transactions, the procedure and manner of maintaining and time for furnishing of information and verification of records of the identity of the clients of the banking companies, financial institutions and intermediaries of securities market and such other additional requirements that it considers appropriate to enable it to determine the true identity of its clients.

It may be noted that irrespective of the amount of investment made by clients, no minimum threshold or exemption is available to registered intermediaries (brokers, depository participants, AMCs etc.) from obtaining the minimum information/documents from clients as stipulated in the PML Rules/ SEBI Circulars (as amended from time to time) regarding the verification of the records of the identity of clients. Further no exemption from carrying out CDD exists in respect of any category of clients. In other words, there shall be no minimum investment threshold/ category-wise exemption available for carrying out CDD measures by registered intermediaries. This shall be strictly implemented by all registered intermediaries and non-compliance shall attract appropriate sanctions.

RELIANCE ON THIRD PARTY FOR CARRYING OUT CLIENT DUE DILIGENCE (CDD)

Registered intermediaries may rely on a third party for the purpose of-

i) identification and verification of the identity of a client and

ii) Determination of whether the client is acting on behalf of a beneficial owner, identification of the beneficial owner and verification of the identity of the beneficial Such third party shall be regulated, supervised or monitored for, and have measures in place for compliance with CDD and record-keeping requirements in line with the obligations under the PML Act.

Such reliance shall be subject to the conditions that are specified in Rule 9 (2) of the PML Rules and shall be in accordance with the regulations and circulars/ guidelines issued by SEBI from time to time. In terms of Rule 9(2) of PML Rules:

i) The registered intermediary shall immediately obtain necessary information of such client due diligence carried out by the third party;

ii) The registered intermediary shall take adequate steps to satisfy itself that copies of identification data and other relevant documentation relating to the client due diligence requirements will be made available from the third party upon request without delay;

iii) The registered intermediary shall be satisfied that such third party is regulated, supervised or monitored for, and has measures in place for compliance with client due diligence and record-keeping requirements in line with the requirements and obligations under the Act;

iv) The third party is not based in a country or jurisdiction assessed as high risk;

The registered intermediary shall be ultimately responsible for CDD and undertaking enhanced due diligence measures, as applicable.

RISK MANAGEMENT

RISK – BASED APPROACH

Registered intermediaries shall apply a Risk Based Approach (RBA) for mitigation and management of the identified risk and should have policies approved by their senior management, controls and procedures in this regard. Further, the registered intermediaries shall monitor the implementation of the controls and enhance them if necessary.

It is generally recognized that certain clients may be of a higher or lower risk category depending on the circumstances such as the client’s background, type of business relationship or transaction As such, the registered intermediaries shall apply each of the client due diligence measures on a risk sensitive basis. The basic principle enshrined in this approach is that the registered intermediaries shall adopt an enhanced client due diligence process for higher risk categories of clients. Conversely, a simplified client due diligence process may be adopted for lower risk categories of clients. In line with the risk- based approach, the type and amount of identification information and documents that registered intermediaries shall obtain necessarily depend on the risk category of a particular client.

Further, low risk provisions shall not apply when there are suspicions of ML/FT or when other factors give rise to a belief that the customer does not in fact pose a low risk.

RISK ASSESSMENT

Registered intermediaries shall carry out risk assessment to identify, assess and take effective measures to mitigate its money laundering and terrorist financing risk with respect to its clients, countries or geographical areas, nature and volume of transactions, payment methods used by clients, etc

The risk assessment carried out shall consider all the relevant risk factors before determining the level of overall risk and the appropriate level and type of mitigation to be applied. The assessment shall be documented, updated regularly and made available to competent authorities and self-regulating bodies, as and when required.

The risk assessment shall also take into account any country specific information that is circulated by the Government of India and SEBI from time to time, as well as, the updated list of individuals and entities who are subjected to sanction measures as required under the various United Nations’ Security Council Resolutions.

MONITORING OF TRANSACTIONS

Regular monitoring of transactions is vital for ensuring effectiveness of the AML This is possible only if the intermediary has an understanding of the normal activity of the client so that it can identify deviations in transactions/ activities.

The intermediary shall pay special attention to all complex unusually large transactions / patterns which appear to have no economic The intermediary may specify internal threshold limits for each class of client accounts and pay special attention to transactions which exceeds these limits. The background including all documents/office records /memorandums/clarifications sought pertaining to such transactions and purpose thereof shall also be examined carefully and findings shall be recorded in writing. Further such findings, records and related documents shall be made available to auditors and also to SEBI/stock exchanges/FIU-IND/ other relevant Authorities, during audit, inspection or as and when required.

The registered intermediaries shall apply client due diligence measures also to existing clients on the basis of materiality and risk, and conduct due diligence on such existing relationships appropriately. The extent of monitoring shall be aligned with the risk category of the client.

The intermediary shall ensure a record of the transactions is preserved and maintained in terms of Section 12 of the PMLA and that transactions of a suspicious nature or any other transactions notified under Section 12 of the Act are reported to the Director, FIU-IND. Suspicious transactions shall also be regularly reported to the higher authorities within the intermediary.

Further, the compliance cell of the intermediary shall randomly examine a selection of transactions undertaken by clients to comment on their nature i.e. whether they are in the nature of suspicious transactions or not.

SUSPICIOUS TRANSACTION MONITORING AND REPORTING

Registered Intermediaries shall ensure that appropriate steps are taken to enable suspicious transactions to be recognized and have appropriate procedures for reporting suspicious While determining suspicious transactions, registered intermediaries shall be guided by the definition of a suspicious transaction contained in PML Rules as amended from time to time.

A list of circumstances which may be in the nature of suspicious transactions is given below. This list is only illustrative and whether a particular transaction is suspicious or not will depend upon the background, details of the transactions and other facts and circumstances:

i) Clients whose identity verification seems difficult or clients that appear not to cooperate;

ii)Asset management services for clients where the source of the funds is not clear or not in keeping with clients’ apparent standing /business activity;

iii) Clients based in high risk jurisdictions;

iv) Substantial increases in business without apparent cause;

v) Clients transferring large sums of money to or from overseas locations with instructions for payment in cash;

vi) Attempted transfer of investment proceeds to apparently unrelated third parties;

vii) Unusual transactions by CSCs and businesses undertaken by offshore banks/financial services.

Any suspicious transaction shall be immediately notified to the Designated/Principal Officer within the intermediary. The notification may be done in the form of a detailed report with specific reference to the clients, transactions and the nature /reason of suspicion. However, it shall be ensured that there is continuity in dealing with the client as normal until told otherwise and the client shall not be told of the report/ In exceptional circumstances, consent may not be given to continue to operate the account, and transactions may be suspended, in one or more jurisdictions concerned in the transaction, or other action taken. The Designated/ Principal Officer and other appropriate compliance, risk management and related staff members shall have timely access to client identification data and CDD information, transaction records and other relevant information.

It is likely that in some cases transactions are abandoned or aborted by clients on being asked to give some details or to provide It is clarified that registered intermediaries shall report all such attempted transactions in STRs, even if not completed by clients, irrespective of the amount of the transaction

Paragraph 12 (iii) (f) of this Circular categorizes clients of high risk countries, including countries where existence and effectiveness of money laundering controls is suspect or which do not or insufficiently apply FATF standards, as ‘CSC’. Registered intermediaries are directed that such clients shall also be subject to appropriate counter measures. These measures may include a further enhanced scrutiny of transactions, enhanced relevant reporting mechanisms or systematic reporting of financial transactions, and applying enhanced due diligence while expanding business relationships with the identified country or persons in that country etc.

RECORD MANAGEMENT

INFORMATION TO BE MAINTAINED

Registered Intermediaries are required to maintain and preserve the following information in respect of transactions referred to in Rule 3 of PML Rules:

i) the nature of the transactions;

ii) the amount of the transaction and the currency in which it is denominated;

iii) the date on which the transaction was conducted; and

iv) the parties to the transaction.

RECORD KEEPING

Registered intermediaries shall ensure compliance with the record keeping requirements contained in the SEBI Act, 1992, Rules and Regulations made thereunder, PMLA as well as other relevant legislation, Rules, Regulations, Exchange Byelaws and Circulars.

Registered Intermediaries shall maintain such records as are sufficient to permit reconstruction of individual transactions (including the amounts and types of currencies involved, if any) so as to provide, if necessary, evidence for prosecution of criminal behaviour.

In case of any suspected laundered money or terrorist property, the competent investigating authorities would need to trace through the audit trail for reconstructing a financial profile of the suspect To enable this reconstruction, registered intermediaries shall retain the following information for the accounts of their clients in order to maintain a satisfactory audit trail:

i) the beneficial owner of the account;

ii) the volume of the funds flowing through the account; and

iii) for selected transactions:

   a) the origin of the funds

   b) the form in which the funds were offered or withdrawn, e.g. cheques, demand drafts etc.

   c) the identity of the person undertaking the transaction;

   d) the destination of the funds;

   e) the form of instruction and authority.

Registered Intermediaries shall ensure that all client and transaction records and information are available on a timely basis to the competent investigating authorities. Where required by the investigating authority, they shall retain certain records, e.g. client identification, account files, and business correspondence, for periods which may exceed those required under the SEBI Act, Rules and Regulations framed thereunder PMLA, other relevant legislations, Rules and Regulations or Exchange byelaws or circulars.

More specifically, all the registered intermediaries shall put in place a system of maintaining proper record of the nature and value of transactions which has been prescribed under Rule 3 of PML Rules as mentioned below:

i) all cash transactions of the value of more than ten lakh rupees or its equivalent in foreign currency;

ii) all series of cash transactions integrally connected to each other which have been individually valued below rupees ten lakh or its equivalent in foreign currency where such series of transactions have taken place within a month and the monthly aggregate exceeds an amount of ten lakh rupees or its equivalent in foreign currency;

It may, however, be clarified that for the purpose of suspicious transactions reporting, apart from ‘transactions integrally connected’, ‘transactions remotely connected or related’ shall also be considered.

iii) all cash transactions where forged or counterfeit currency notes or bank notes have been used as genuine or where any forgery of a valuable security or a document has taken place facilitating the transactions;

iv) all suspicious transactions whether or not made in cash and including, inter-alia, credits or debits into or from any non-monetary account such as demat account, security account maintained by the registered intermediary.

Where the registered entity does not have records of the identity of its existing clients, it shall obtain the records forthwith, failing which the registered intermediary shall close the account of the clients after giving due notice to the client.

Explanation: For this purpose, the expression “records of the identity of clients” shall include updated records of the identification date, account files and business correspondence and result of any analysis undertaken under rules 3 and 9 of the Prevention of Money-laundering (Maintenance of Records) Rules, 2005.

RETENTION OF RECORDS

Registered intermediaries shall take appropriate steps to evolve an internal mechanism for proper maintenance and preservation of such records and information in a manner that allows easy and quick retrieval of data as and when requested by the competent authorities. Further, the records mentioned in Rule 3 of PML Rules have to be maintained and preserved for a period of five years from the date of transactions between the client and intermediary.

As stated in paragraph 13 and 14, registered intermediaries are required to formulate and implement the CIP containing the requirements as laid down in Rule 9 of the PML Rules and such other additional requirements that it considers Records evidencing the identity of its clients and beneficial owners as well as account files and business correspondence shall be maintained and preserved for a period of five years after the business relationship between a client and intermediary has ended or the account has been closed, whichever is later.

In situations where the records relate to on-going investigations or transactions which have been the subject of a suspicious transaction reporting, they shall be retained until it is confirmed that the case has been closed.

Registered Intermediaries shall maintain and preserve the records of information related to transactions, whether attempted or executed, which are reported to the Director, FIU– IND, as required under Rules 7 and 8 of the PML Rules, for a period of five years from the date of the transaction between the client and the intermediary.

PROCEDURE FOR FREEZING OF FUNDS, FINANCIAL ASSETS OR ECONOMIC RESOURCES OR RELATED SERVICES

The Stock exchanges and the registered intermediaries shall ensure that in terms of Section 51A of the Unlawful Activities (Prevention) Act, 1967 (UAPA) and amendments thereto, they do not have any accounts in the name of individuals/entities appearing in the lists of individuals and entities, suspected of having terrorist links, which are approved by and periodically circulated by the United Nations Security Council (UNSC).

In order to ensure expeditious and effective implementation of the provisions of Section 51A of UAPA, Government of India has outlined a procedure through an order dated February 02, 2021 (Annexure 1) for strict compliance. These guidelines have been further amended vide a Gazette Notification dated June 08, 2021 (Annexure 2).

LIST OF DESIGNATED INDIVIDUALS/ENTITIES

The Ministry of Home Affairs, in pursuance of Section 35(1) of UAPA 1967, declares the list of individuals/entities, from time to time, who are designated as ‘Terrorists’. The registered intermediaries shall take note of such lists of designated individuals/terrorists, as and when communicated by SEBI.

All orders under section 35 (1) and 51A of UAPA relating to funds, financial assets or economic resources or related services, circulated by SEBI from time to time shall be taken note of for compliance.

An updated list of individuals and entities which are subject to various sanction measures such as freezing of assets/accounts, denial of financial services , as approved by the Security Council Committee established pursuant to various United Nations’ Security Council Resolutions (UNSCRs) can be accessed at its website at https://press.un.org/en/content/press-release. The details of the lists are as under:

i) The “ISIL (Da’esh) &Al-Qaida Sanctions List”, which includes names of individuals and entities associated with the Al-Qaida. The updated ISIL & Al-Qaida Sanctions        List                              is                             available    at: https://www.un.org/securitycouncil/sanctions/1267/press-releases.

ii) The list issued by United Security Council Resolutions 1718 of designated Individuals and Entities linked to Democratic People’s Republic of Korea www.un.org/securitycouncil/sanctions/1718/press-releases.

Registered intermediaries are directed to ensure that accounts are not opened in the name of anyone whose name appears in said Registered intermediaries shall continuously scan all existing accounts to ensure that no account is held by or linked to any of the entities or individuals included in the list.

The Stock Exchanges and the registered intermediaries shall maintain updated designated lists in electronic form and run a check on the given parameters on a regular basis to verify whether the designated individuals/entities are holding any funds, financial assets or economic resources or related services held in the form of securities with them.

The Stock exchanges and the registered intermediaries shall also file a Suspicious Transaction Report (STR) with FIU-IND covering all transactions carried through or attempted in the accounts covered under the list of designated individuals/entities under Section 35 (1) and 51A of UAPA.

Full details of accounts bearing resemblance with any of the individuals/entities in the list shall immediately be intimated to the Central [designated] Nodal Officer for the UAPA, at Fax 011-23092551 and also conveyed over telephone No. 011-23092548. The particulars apart from being sent by post shall necessarily be conveyed on email id: jsctcr-mha@gov.in.

The Stock exchanges and the registered intermediaries shall also send a copy of the communication mentioned above to the UAPA Nodal Officer of the State/UT where the account is held and to SEBI and FIU-IND, without delay. The communication shall be sent to SEBI through post and through email (sebi_uapa@sebi.gov.in) to the UAPA nodal officer of SEBI, Deputy General Manager, Division of FATF, Market Intermediaries Regulation and Supervision Department, Securities and Exchange Board of India, SEBI Bhavan II, Plot C7, “G” Block, Bandra Kurla Complex, Bandra (E), Mumbai 400 051. The consolidated list of UAPA Nodal Officers is available at the website of Government of India, Ministry of Home Affairs.

JURISDICTIONS THAT DO NOT OR INSUFFICIENTLY APPLY THE FATF RECOMMENDATIONS

FATF Secretariat after conclusion of each of it’s plenary, releases public statements and places jurisdictions under increased monitoring to address strategic deficiencies in their regimes to counter money laundering, terrorist financing, and proliferation financing In this regard, FATF Statements circulated by SEBI from time to time, and publicly available information, for identifying countries, which do not or insufficiently apply the FATF Recommendations, shall be considered by the registered intermediaries.

The registered intermediaries shall take into account the risks arising from the deficiencies in AML/CFT regime of the jurisdictions included in the FATF However, it shall be noted that the regulated entities are not precluded from having legitimate trade and business transactions with the countries and jurisdictions mentioned in the FATF statements.

REPORTING TO FINANCIAL INTELLIGENCE UNIT-INDIA

In terms of the PML Rules, registered intermediaries are required to report information relating to cash and suspicious transactions to the Director, Financial Intelligence Unit-India (FIU-IND) at the following address:

Director, FIU-IND,

Financial Intelligence Unit – India

6th Floor, Tower-2, Jeevan Bharati Building, Connaught Place, New Delhi-110001, INDIA Telephone : 91-11-23314429, 23314459

91-11-23319793(Helpdesk) Email:helpdesk@fiuindia.gov.in (For FINnet and general queries)

ctrcell@fiuindia.gov.in

(For Reporting Entity / Principal Officer registration related queries) complaints@fiuindia.gov.in

Website: http://fiuindia.gov.in

Registered intermediaries shall carefully go through all the reporting requirements and formats that are available on the website of FIU – IND under the Section Obligation of Reporting Entity – Furnishing Information – Reporting Format     (https://fiuindia.gov.in/files/downloads/ html). These documents contain detailed directives on the compilation and manner/procedure of submission of the reports to FIU-IND.

The related hardware and technical requirement for preparing reports, the related data files and data structures thereof are also detailed in these documents. While detailed instructions for filing all types of reports are given in the instructions part of the related formats, registered intermediaries shall adhere to the following:

i) The Cash Transaction Report (CTR) (wherever applicable) for each month shall be submitted to FIU-IND by 15th of the succeeding month.

ii) The Suspicious Transaction Report (STR) shall be submitted within 7 days of arriving at a conclusion that any transaction, whether cash or non-cash, or a series of transactions integrally connected are of suspicious nature. The Principal Officer shall record his reasons for treating any transaction or a series of transactions as It shall be ensured that there is no undue delay in arriving at such a conclusion.

iii) The Non Profit Organization Transaction Reports (NTRs) for each shall be submitted to FIU-IND by 15th of the succeeding month.

iv) The Principal Officer will be responsible for timely submission of CTR, STR and NTR to FIU-IND;

v) Utmost confidentiality shall be maintained in filing of CTR, STR and NTR to FIU-IND.

vi) No nil reporting needs to be made to FIU-IND in case there are no cash/ suspicious/non-profit organization transactions to be reported.

Registered Intermediaries shall not put any restrictions on operations in the accounts where an STR has been made. Registered intermediaries and their directors, officers and employees (permanent and temporary) shall be prohibited from disclosing (“tipping off”) the fact that a STR or related information is being reported or provided to the FIU-IND. This prohibition on tipping off extends not only to the filing of the STR and/ or related information but even before, during and after the submission of an STR. Thus, it shall be ensured that there is no tipping off to the client at any level. Confidentiality requirement does not inhibit information sharing among entities in the group.

It is clarified that the registered intermediaries, irrespective of the amount of transaction and/or the threshold limit envisaged for predicate offences specified in part B of Schedule of PMLA, 2002, shall file STR if they have reasonable grounds to believe that the transactions involve proceeds of crime.

It is further clarified that “proceeds of crime” include property not only derived or obtained from the scheduled offence but also any property which may directly or indirectly be derived or obtained as a result of any criminal activity relatable to the scheduled offence.

DESIGNATION OF OFFICERS FOR ENSURING COMPLIANCE WITH PROVISIONS OF PMLA

Appointment of a Principal Officer: To ensure that the registered intermediaries properly discharge their legal obligations to report suspicious transactions to the authorities, the Principal Officer would act as a central reference point in facilitating onward reporting of suspicious transactions and for playing an active role in the identification and assessment of potentially suspicious transactions and shall have access to and be able to report to senior management at the next reporting level or the Board of Directors. Names, designation and addresses (including email addresses) of ‘Principal Officer’ including any changes therein shall also be intimated to the Office of the Director-FIU-IND. In terms of Rule 2 (f) of the PML Rules, the definition of a Principal Officer reads as under:

Principal Officer means an officer designated by a registered intermediary;

Provided that such officer shall be an officer at the management level.

APPOINTMENT OF A DESIGNATED DIRECTOR: In addition to the existing requirement of designation of a Principal Officer, the registered intermediaries shall also designate a person as a ‘Designated Director’. In terms of Rule 2 (ba) of the PML Rules, the definition of a Designated Director reads as under:

“Designated director means a person designated by the reporting entity to ensure overall compliance with the obligations imposed under chapter IV of the Act and the Rules and includes –

a) the Managing Director or a Whole-Time Director duly authorized by the Board of Directors if the reporting entity is a company,

b) the managing partner if the reporting entity is a partnership firm,

c) the proprietor if the reporting entity is a proprietorship firm,

d) the managing trustee if the reporting entity is a trust,

e) a person or individual, as the case may be, who controls and manages the affairs of the reporting entity if the reporting entity is an unincorporated association or a body of individuals, and

f)such other person or class of persons as may be notified by the Government if the reporting entity does not fall in any of the categories above”.

In terms of Section 13 (2) of the PMLA, the Director, FIU – IND can take appropriate action, including levying monetary penalty, on the Designated Director for failure of the intermediary to comply with any of its AML/CFT obligations.

Registered intermediaries shall communicate the details of the Designated Director, such as, name designation and address to the Office of the Director, FIU – IND.

HIRING AND TRAINING OF EMPLOYEES AND INVESTOR EDUCATION

HIRING OF EMPLOYEES:The registered intermediaries shall have adequate screening procedures in place to ensure high standards when hiring They shall identify the key positions within their own organization structures having regard to the risk of money laundering and terrorist financing and the size of their business and ensure the employees taking up such key positions are suitable and competent to perform their duties.

TRAINING OF EMPLOYEES:The registered intermediaries shall have an ongoing employee training programme so that the members of the staff are adequately trained in AML and CFT procedures. Training requirements shall have specific focuses for frontline staff, back office staff, compliance staff, risk management staff and staff dealing with new clients. It is crucial that all those concerned fully understand the rationale behind these directives, obligations and requirements, implement them consistently and are sensitive to the risks of their systems being misused by unscrupulous elements.

INVESTOR EDUCATION:Implementation of AML/CFT measures requires registered intermediaries to demand certain information from investors which may be of personal nature or has hitherto never been called for. Such information can include documents evidencing source of funds/income tax returns/bank records etc. This can sometimes lead to raising of questions by the client with regard to the motive and purpose of collecting such information. There is, therefore, a need for registered intermediaries to sensitize their clients about these requirements as the ones emanating from AML and CFT framework. Registered intermediaries shall prepare specific literature/ pamphlets etc. so as to educate the client of the objectives of the AML/CFT programme.

REPEAL AND SAVINGS 

On and from the issue of this Circular, the circulars listed out in the Appendix to this Circular shall stand rescinded. Notwithstanding such rescission, anything done or any action taken or purported to have been done or taken, shall be deemed to have been done or taken under the corresponding provisions of this Master Circular.

APPENDIX

 The following Circulars shall stand rescinded from the date of issuance of this Circular

1.    SEBI/HO/MIRSD/DOP/CIR/P/2019/113 dated October 15, 2019 – Guidelines on Anti-Money Laundering (AML) Standards and Combating the Financing of Terrorism(CFT) / Obligations of Securities Market Intermediaries under the Prevention of Money Laundering Act, 2002 and Rules framed thereunder

2.    SEBI/HO/MIRSD/DOP/CIR/P/2021/36 dated March 25, 2021– Combating Financing of Terrorism (CFT) under Unlawful Activities (Prevention) Act, 1967 –Directions to Stock Exchanges, Depositories and all registered intermediaries

3.    SEBI/HO/MIRSD/DOP/CIR/P/2019/69 dated May 28, 2019 – Combating Financing of Terrorism (CFT) under Unlawful Activities (Prevention) Act, 1967 –Directions to stock exchanges, depositories and all registered intermediaries

4.    CIR/MIRSD/1/2014 dated March 12,2014 – Anti-Money Laundering/Countering the Financing of Terrorism (AML/CFT) Obligations of Securities Market Intermediaries under the Prevention of Money-laundering Act, 2002 and Rules framed there under

5.    ISD/AML/CIR/1/2010 dated February 12, 2010 – Anti Money Laundering (AML) Standards/Combating Financing of Terrorism (CFT)/Obligations of Securities Market Intermediaries under Prevention of Money Laundering Act, 2002 and Rules framed there-under- Master Circular on AML/CFT

6.    ISD/AML/CIR-2/2009 dated October 23, 2009 – Combating Financing of Terrorism (CFT) under Unlawful Activities (Prevention) Act, 1967 – Directions to stock exchanges, depositories and all registered intermediaries.

1. In exercise of the powers conferred by the Prevention of Money-Laundering Act, 2002 (15 of 2003), rules have been made for maintenance of records of the nature and value of transactions, the procedure and manner of maintaining and time for furnishing of information and verification of records of the identity of the clients of the reporting entities, and called “The Prevention of Money-Laundering (Maintenance of Records Rules), 2005” 

   Rule 7: Procedure and manner of furnishing information. –

   7(3) Every reporting entity shall evolve an internal mechanism having regard to any guidelines issued by regulator, for detecting the transactions referred to in clauses (A),(B),(BA),(C),(D), (E) and (F) of sub-rule (1) of rule 3 and for furnishing information about such transactions in such form as may be directed by its Regulator.

   Rule 3 : Maintenance of records of transactions (nature and value)

   3(1) Every reporting entity shall maintain the record of all transactions including, the record of

   (A) all cash transactions of the value of more than rupees ten lakhs or its equivalent in foreign currency;

   (B) all series of cash transactions integrally connected to each other which have been individually valued below rupees ten lakh or its equivalent in foreign currency where such series of transactions have taken place within a month and the monthly aggregate exceeds an amount of ten lakh rupees or its equivalent in foreign currency;

   (BA) all transactions involving receipts by non-profit organisations of value more than rupees ten lakh, or its equivalent in foreign currency;

   (C) all cash transactions where forged or counterfeit currency notes or bank notes have been used as genuine or where any forgery of a valuable security or a document has taken place facilitating the transactions;

   (D) all suspicious transactions whether or not made in cash and by way of-

   (i) deposits and credits, withdrawals into or from any accounts in whatsoever name they are referred to in any currency maintained by way of:

   (a) cheques including third party cheques, pay orders, demand drafts, cashiers cheques or any other instrument of payment of money including electronic receipts or credits and electronic payments or debits, or
   (b) travellers cheques, or
   (c) transfer from one account within the same banking company, financial institution and intermediary, as the case may be, including from or to Nostro and Vostro accounts, or
   (d) any other mode in whatsoever name it is referred to;

   (ii) credits or debits into or from any non-monetary accounts such as d-mat account, security account in any currency maintained by the banking company, financial institution and intermediary, as the case may be;

   (iii) money transfer or remittances in favour of own clients or non-clients from India or abroad and to third party beneficiaries in India or abroad including transactions on its own account in any currency by any of the following:-

   (a) payment orders, or
   (b) cashiers cheques, or
   (c) demand drafts, or
   (d) telegraphic or wire transfers or electronic remittances or transfers, or
   (e) internet transfers, or
   (f) Automated Clearing House remittances, or
   (g) lock box driven transfers or remittances, or
   (h) remittances for credit or loading to electronic cards, or
   (i) any other mode of money transfer by whatsoever name it is called;

   (iv) loans and advances including credit or loan substitutes, investments and contingent liability by way of:

   (a) subscription to debt instruments such as commercial paper, certificate of deposits, preferential shares, debentures, securitized participation, interbank participation or any other investments in securities or the like in whatever form and name it is referred to, or
   (b) purchase and negotiation of bills, cheques and other instruments, or
   (c) foreign exchange contracts, currency, interest rate and commodity and any other derivative instrument in whatsoever name it is called, or
   (d) letters of credit, standby letters of credit, guarantees, comfort letters, solvency certificates and any other instrument for settlement and/or credit support;

   (v) collection services in any currency by way of collection of bills, cheques, instruments or any other mode of collection in whatsoever name it is referred to.

   (E) all cross border wire transfers of the value of more than five lakh rupees or its equivalent in foreign currency where either the origin or destination of fund is in India;

   (F) all purchase and sale by any person of immovable property valued at fifty lakh rupees or more that is registered by the reporting entity, as the case may be;

BACKGROUND :

N.D.SHARES & SECURITIES. a Trading Member of Bombay Stock Exchange Ltd. (BSE) on CM and F&O segments segment. As per the requirements of Exchanges and SEBI, the company has designed a risk management policy for extending trading facilities to its clients and in the respective segments of the exchanges. 

POLICY :

The Company shall on its discretion and as per the requirements of the Governing and Regulatory Bodies collect Initial, Exposure, SPAN and Mark to Market margins from the clients from time to time for their intended trading activities. The Initial Margin is compulsorily payable upfront for any trades to be executed on the F&O segment as per the prescribed rates of the respective Stock Exchanges. In addition, the margins so collected can be topped up as required and exposures of the clients so be adjusted that can vary from client to client on the basis of past experience of the Company with the client. For the CM (Cash) segment the company would collect margins within the prescribed limits based on the internal risk assessment of the client. 

However at no point in time the client would be required / asked to maintain / pay margins in excess of the amount as prescribed/calculated and levied by the exchange on the Gross Open positions of the clients. The client may be allowed to maintain additional amounts with the company to be used by them for any future exposures and any unused amount can be called by the client as and when he wishes to do so. 

The Company shall on its discretion accept non-cash component (as approved and prescribed by the respective exchanges with any applicable haircuts) from the client as a percentage of the cash component that may add-up to make the capital and the same can vary from client to client, based on the past experiences. The company is allowed to take the above decisions and the same is monitored by the RMS Software being used by the company.

RISKS CONTROL :

The client is given a composite exposure for all exchanges and all segments for which he is enrolled. The available capital calculated as per the policy mentioned above is allocated based on the flow of orders/execution of trades as placed by the clients, so as to do optimal utilization of the available capital.

The trading rights of the clients for all exchanges and all segments shall cease once the client utilizes 100% of the allocated exposure unless he provides additional capital by way of transfer of funds to the designated bank accounts of the company and further he would be intimated to reduce exposures on MTM reaching 50% to the capital computed for exposure calculation, and he would be repeatedly informed till MTM of 75%.

Upon the MTM reaching 75% of the capital loss, the company may at its discretion square off 50% of the positions on random basis, subject to client not infusing clear funds to its capital requirements and/or to cover its loss. Upon the MTM reaching 95% of the capital loss, the company may at its discretion square off the entire positions, subject to client not infusing clear funds to its capital requirements and/or to cover its loss. 

In case of the benchmark points being breached on previous days open positions in any of the exchange or segments the company can square off the positions as mentioned above and also sell any additional securities available so as to cover up the losses only, under no circumstances the company would sell exceeding 3% of the debits to be covered. All these are subject to client not infusing clear funds to its capital requirements and/or to cover its loss. 

In case of clients who undertake delivery based transactions on the CM segment and fail to make payments or deliver shares within the pay-in due date the company would have a right to hold back earlier settlement payouts of funds and /or securities to cover up for the losses that may be incurred because of the close-out/sale of securities that are unpaid for. However penalty / delayed payment charges @ 18 % p. a. (depending upon prevalent market rate) to be charged 

The above guidelines can vary and/or may be altered based on clients relationships, at the sole discretion of the Company. 

SYSTEMIC CONTROL AND CLIENT CLASSIFICATION : 

The clients’ shall be classified as low, medium and high risks, based on the information captured through the KYC, client trading patterns, past experiences of the company with them and on their funds flow system. The same shall be as per the internal control and assessment system of the Company, this information would be kept confidential and would be accessible only to the authorized personnel only. 

RESTRICTION OF TRADES IN ILLIQUID SECURITIES/ PENNY STOCKS : 

The RMS department/cell of the company would adopt a stringent policy for allowing trades in Illiquid Securities/ Penny stocks. Generally the orders placed for any securities classified as Illiquid Securities/Penny stocks from time to time. The company reserves the right to refuse undertaking/placing orders in such stocks classified as Illiquid securities / penny stocks without assigning any specific reasons. A list of Illiquid securities is given by the respective exchanges every month and the company would update its system for Illiquid Securities / Penny Stocks from the latest list available. Same can be accessed from the website of www.bseindia.com.