This is with reference to Exchange notice no. 20190716-9 dated 16 July 2019 and SEBI circular No. SEBI/HO/MIRSD/CIR/PB/2018/147; dated December 03, 2018, and SEBI/HO/MIRSD/DOP/CIR/P/2019/109 dated October 15, 2019, wherein members were informed to submit the Quarterly Cyber Security Incident reporting through BSE E-Filing System “BEFS” only, within 15 days from end of the quarter.
A. Quarterly Incident Reporting: -
Members are requested to submit digitally signed quarterly report on cyber alert / attacks for the quarter ending June 2024 through BSE E-Filing System “BEFS” only. Please note that the timeline for submission of the report shall be 15 days from the end of the quarter i.e. on or before July 15, 2024.
Web-Link of the Quarterly Incident Reporting system is given below:
https://befs.bseindia.com -> Cyber Incident Report -> Quarterly Incident Reporting
Further please note that submission process will be completed only when acknowledgement mail is received.
B. Immediate Incident Reporting: -
Members may please note that Immediate Incident Reporting to be done only if applicable as per Exchange notice no. 20220712-1 dated July 12, 2022, details of which are reproduced as below:
“Designated Officer on receipt of any information with respect to all Cyber-attacks, threats, cyber-incidents and breaches experienced as prescribed in the said SEBI Circular SEBI/HO/MIRSD/CIR/PB/2018/147 dated December 03, 2018, and SEBI/HO/MIRSD/TPD/P/CIR/2022/93 dated June 30, 2022, shall inform the Exchange within 6 hours of receipt of such information”.
Web-Link of the Immediate Incident Reporting system is given below:
https://befs.bseindia.com -> Cyber Incident Report> Immediate Incident Reporting
User manual for the reference has been attached.
In case of non-compliances observed, disincentives including financial disincentives and disciplinary action are applicable and can be referred to as per the Exchange Notice no 20230704-27 on 4th July 2023; summary details of which are listed in Table 1 below.
|
Table 1: Late-Submission and Related Actions
|
|
Details of Violation/contravention
|
Penalty/disciplinary actions
|
Penalty/disciplinary action in case of Repeat violation/contravention
|
|
Non-submission of Cyber Incident reporting (Quarterly Submission) within the time specified by the Exchange
|
1. For 1st week after due date, Charges of Rs. 2,500/- per day
2. Charges of Rs. 5000/- per day from second week after due date
3. In case of non-submission within three weeks from the due date of submission, new client registration to be prohibited and notice of 7 days for disablement of trading facility till submission of data/report. The disablement notice issued to the member shall be shared with all the Exchanges for information.
4. In case of non-submission within four weeks from the due date of submission, Member shall be disabled in all segments till submission of data/report
|
In case of a repeat instance by the Member, levy of applicable monetary penalty along with an escalation of 50%.
In case of non-submission within three weeks from the due date of submission, new client registration to be prohibited and notice of 7 days for disablement of trading facility till submission of data/report. The disablement notice issued to the member shall be shared with all the Exchanges for information.
In case of non-submission within Four weeks from the due date of submission, Member shall be disabled in all segments till submission of data/report.
|
|
Non-submission of Cyber Incident reporting (Immediate Submission) within the time (within 24 hours) specified by the Exchange.
|
If the incident not reported within 24 hours. Rs. 20,000/- per day till the incident is reported subject to a maximum of Rs.2 lakhs per incident.
|
In case of a repeat instance by the Member, levy of applicable monetary penalty along with an escalation of 50%.
|
Members are requested to take note of the above and ensure compliance.
In case of any queries/clarifications, you may contact us on the below numbers in Table 2 below.
|
Table 2 Contact Details
|
|
Sr. No
|
Purpose
|
Contact Nos.
|
Email ID
|
|
1
|
QCIR XBRL related issues
|
18002330445
|
Bse(dot)xbrl(at)bseindia.com
|
|
2
|
QCIR Process related
|
022-22725842
|
msc(dot)qcir(at)bseindia(dot)com
|
For and on behalf of BSE Ltd
|
Shri. Devendra Kulkarni
|
|
|
Additional General Manager
|
|
|