Regulatory Alerts2025-04-30
Clarifications to Cybersecurity and Cyber Resilience Framework for SEBI Regulated Entities
The Securities and Exchange Board of India has issued clarifications to revise the categorization thresholds and compliance requirements for the Cybersecurity and Cyber Resilience Framework applicable to various regulated entities. The document establishes specific criteria based on parameters such as client numbers, trading volumes, and assets under management to classify entities into Qualified, Mid-size, Small-size, or Self-certification categories, while granting exemptions for smaller entities. Additionally, it mandates the implementation of Hardware Security Modules for high-risk entities, assigns BSE Limited as the reporting authority for Investment Advisers and Research Analysts, and sets the compliance deadline for June 30, 2025.
Share