The capital markets regulator has imposed a penalty of Rs 5 lakh on Reliance Securities after identifying several shortcomings in its cybersecurity systems and compliance processes. The action follows a detailed thematic inspection carried out by the Securities and Exchange Board of India to assess whether the stock broker was meeting the cybersecurity and cyber resilience framework requirements.
Reliance Securities is registered with the regulator and is a trading member of major exchanges including BSE, NSE, MCX and NCDEX. The inspection examined activities between April 1, 2023 and October 31, 2024 and focused on areas related to cybersecurity readiness, system resilience and responses to technical glitches.
During the inspection, the regulator found that the company did not conduct capacity planning based on peak load. It also could not show that its system capacity was 1.5 times higher than the highest observed load, which is a mandatory benchmark under guidelines issued by the regulator and the stock exchanges.
The inspection also revealed that Reliance Securities continued to depend on manual software testing. It had not created an automated testing environment or prepared a traceability matrix connecting software features to test cases. A significant delay of 453 days was recorded in the implementation of the Log Analytics and Monitoring Application system, which is required for real time monitoring of key system parameters. The regulator noted that the company was unable to present evidence of log preservation as required.
Another major concern was the absence of a proper Business Continuity Planning and Disaster Recovery Site setup. The regulator also pointed out that 336 endpoints were not included under Data Leakage Prevention controls, leaving critical systems exposed to risks.
Based on these findings, the regulator concluded that Reliance Securities did not comply with the rules governing stock brokers and violated several market regulations. The penalty has been imposed for these breaches and for the failure to meet cybersecurity and resilience standards.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.
