In a move to minimise cyber threats and protect investor data, SEBI has asked R&T agents like CAMS and Karvy Computershare to level up their cyber security system by maintaining a robust cyber security framework in the organisation.
The recent ransomware attacks and increasing cyber threats have catalysed this move. R&T agents acts as a storehouse for maintaining records of mutual fund transactions on behalf of the fund house through a wide network of their offices across the country.
Commenting on the same lines, SEBI said, “Since RTAs perform important functions in providing services to holders of securities, it is desirable that RTAs have robust cyber security and cyber resilience framework in order to provide essential facilities and perform systemically critical functions relating to securities market.”
The circular highlighted the broad norms such as authorised access to systems, annual audits, monitoring of suspicious activities and so on that R&T agents will follow. SEBI has clarified that the circular is applicable for R&T agents servicing more than two crore folios.
In an earlier interaction with Cafemutual, V Ganesh, CEO, Karvy Computershare had said that his company had a robust cyber security framework protecting investors data. He had said, “We work on virtual network which means that our desktops do not have a local hardware and hence downloading an email would not impact us to that extent. We have used filters and various anti-spam measures for our emails so that spam mail gets detected. We have also communicated with our staff not to open suspicious mails.”