SEBI issues Circular on Enhanced monitoring of Qualified Registrars to an Issue and Share Transfer Agents

Aug 11, 2018 | by Avantis RegTech Legal Research Team

Securities and Exchange Board of India (SEBI) vide circular dated August,10,2018 has clarified Enhanced monitoring of Qualified Registrars to an Issue and Share Transfer Agents.

The Qualified Registrars and Share Transfer Agents (QRTA)  are now advised to formulate and implement a comprehensive policy framework, approved by the Board of Directors (“BoD”) of the QRTAs, which shall include the following aspects:

     I.            Risk Management Policy:


The QRTAs are advised to establish a clear, thorough and a well-documented risk management policy, which shall include the following


a. An integrated and comprehensive view of risks to the QRTAs including those emanating from vendors, third parties to whom activities are outsourced, clients, etc.;

 b. List of all relevant risks, including Operational risk, Fraud risk, Technology risk, Cyber Security risk, and general business risks including Credit risk, Market risk, Legal risk, Reputation risk etc. as the BoD of QRTAs deems fit; and systems, policies and procedures to identify, assess, monitor and manage the risks that arise in or are borne by the QRTAs, including audit and reporting of the same to the BoD;

c. Responsibilities and accountability for risk decisions and decision making process in crises and emergencies.


   II.            Business Continuity Plan:

 QRTAs shall maintain Business Continuity Plan with a Center (BCP) situated at location other than primary processing location (off-site), which is capable to take over operations without disruption in case of any service failure at primary processing site.


QRTAs shall have written policy, protocols, processes and controls for BCP. QRTAs shall ensure business continuity and no adverse impact on investor servicing resultant of any data loss. The effectiveness of BCP to be tested periodically, and the gap between two tests (mock drills, etc.) shall not be more than twelve months


 III.            Manner of keeping records:

Where records are kept electronically by the QRTAs, they shall ensure that the integrity of the automatic data processing systems is maintained at all times. QRTAs shall also maintain accurate up to date records for investor servicing and take all precautions necessary to ensure that the records are not lost, destroyed or tampered with; and in the event of loss or destruction, ensure that sufficient back up of records is available at all times at a different place.


IV.            Wind-down Plan:

Every QRTA shall devise and maintain a wind-down plan. A 'wind-down plan' means a process or plan of action employed, for transfer of the entire operations of the QRTA to an alternative RTA/ QRTA registered with SEBI, that would take over the operations of the QRTA in scenarios such as erosion of net-worth of the QRTA or its insolvency or its inability to provide critical RTA operations or services.


  V.            Data Access and Data Protection Policy:

 QRTAs shall lay down appropriate protocols, processes and controls for its activities and also for entities who wish to connect with the database of the QRTAs electronically. QRTAs shall also have written agreements, confidentiality contracts, security protocols and such other relevant procedures for data integrity while facilitating electronic access.

 VI.            Ensuring Integrity of Operations:

QRTAs shall lay down the minimum standards, protocol and procedures for smooth running of operations, to protect the investor data and maintain information security. Further, the QRTAs shall have a detailed operations manual explaining all aspects of its functioning, including the interface and method of transmission of information between the depository, issuers, and others. The QRTAs shall have a mechanism in place to have Page 3 of 6 periodic replication of data with the concerned Mutual Funds / Issuer Companies / Real Estate Investment Trusts (REITs)/ Infrastructure Investment Trusts (InVITs).


VII.            Scalable infrastructure:

The BoD of QRTAs shall approve a policy framework for up-gradation of infrastructure and technology from time to time to ensure smooth functioning and scalability for delivering services to investors at all times. QRTAs shall at all times, maintain adequate technical capacity to process twice the peak transaction load encountered during past six months.


VIII.            Board of Directors (BoD) / Committees of BoD of QRTAs:

 The BoD of QRTAs shall seek reports on incidents having an impact on investor protection including data security breaches that can affect investor data, etc. QRTAs shall have Committees of the Board of Directors including Audit Committee, Nomination and Remuneration Committee and IT Strategy Committee.

IX.            Investor Services and Service Standards:

   a. QRTAs, servicing Mutual Funds investors, must have Investor Service Center in at least 100 cities based on investor population pertaining to the Mutual Funds clients they service. As regards servicing of corporate, REIT, InvIT investors, QRTA shall maintain adequate investor service centers based on investor population. This shall be reviewed from time to time by SEBI.

 b. QRTAs shall have online capabilities for investor queries, complaints and their redressal. The complaints redressal mechanism should be investor friendly and convenient. The same should have capabilities of being retrieved easily by the complainant online through complaint reference number, e-mail id, mobile no. etc.

c. QRTAs, handling corporate registry functions, shall develop facility for providing services for managing Shareholders General Meetings including shareholders voting / poll process and web streaming of all Annual General Meetings (AGMs) of all their listed client companies. QRTAs shall also look forward to providing other value added services and when required by SEBI.

 d. QRTAs must publish on its website, the service standards (eg: turnaround time for services rendered).

e. QRTAs should also carry out stakeholder/ investor satisfaction surveys annually, and the same should also be published on the website before March 31, every year. 

Ø  QRTAs shall formulate and implement the policy framework, and also comply with the additional reporting requirements within six months from the date of this circular. The first compliance with these guidelines shall be submitted within 30 days from the end of six months period.

Ø  The compliance report of the enhanced reporting norms shall be submitted to SEBI duly reviewed by the BoD of QRTAs, within 60 days of expiry of each calendar quarter. (Refer Annexure 1  of the circular)


[SEBI/HO/MIRSD/DoP/CIR/P/2018/ 119]




Mutual Funds

detailed operations manual

primary processing location

shareholders voting

date records

Business Continuity Plan

a. QRTAs

business continuity

Audit Committee

investor population


complaint reference


technical capacity

Reputation risk

Service Standards

poll process

turnaround time

Real Estate Investment Trusts

decision making

Enhanced monitoring

periodic replication

InvIT investors

e. QRTAs

third parties

Market risk

Technology risk


electronic access

Cyber Security


information security

calendar quarter

Management Policy


comprehensive policy framework

QRTAs deems

Refer Annexure

investor data

complaints redressal

months period

appropriate protocols

Funds investors

additional reporting requirements

smooth functioning


data security

compliance report


IT Strategy Committee


risk management

general business risks

primary processing site

Scalable infrastructure

data loss

service failure

Data Access

Remuneration Committee

other value


Exchange Board

Issuer Companies

Ensuring Integrity

security protocols


comprehensive view

smooth running

corporate registry functions

minimum standards

Credit risk


online capabilities

investor protection



adverse impact


investor servicing

enhanced reporting norms

relevant procedures

data integrity


Annual General Meetings

Investor Service Center


Share Transfer Agents

different place

regards servicing

service standards

Fraud risk

confidentiality contracts

Operational risk

peak transaction



Investor Services

investor queries

policy framework

entire operations

Qualified Registrars

Funds clients

automatic data processing systems



relevant risks

Legal risk

first compliance

risk decisions

client companies

web streaming

adequate investor service centers

RTA operations

Shareholders General Meetings


Data Protection Policy


mock drills

Related Updates

Alternate Text

Get updates on the go on RuleZbook Mobile App.