BSEIndia
      Close  
NOTICES
Notice No.   20240629-2   Notice Date   29 Jun 2024
Category   Compliance   Segment   General
Subject   Quarterly incident reporting for the period ended on June 30, 2024, through BEFS only (BSE Electronic Filling System)
Attachments   Member User Manual for Cyber Incident Reporting (CIR).pdf ;
Content

 

This is with reference to Exchange notice no. 20190716-9 dated 16 July 2019 and SEBI circular No. SEBI/HO/MIRSD/CIR/PB/2018/147; dated December 03, 2018, and SEBI/HO/MIRSD/DOP/CIR/P/2019/109 dated October 15, 2019, wherein members were informed to submit the Quarterly Cyber Security Incident reporting through BSE E-Filing System “BEFS” only, within 15 days from end of the quarter.

 

A. Quarterly Incident Reporting: -

Members are requested to submit digitally signed quarterly report on cyber alert / attacks for the quarter ending June 2024 through BSE E-Filing System “BEFS” only. Please note that the timeline for submission of the report shall be 15 days from the end of the quarter i.e. on or before July 15, 2024.

Web-Link of the Quarterly Incident Reporting system is given below:

https://befs.bseindia.com -> Cyber Incident Report -> Quarterly Incident Reporting

Further please note that submission process will be completed only when acknowledgement mail is received.

B. Immediate Incident Reporting: -

Members may please note that Immediate Incident Reporting to be done only if applicable as per Exchange notice no. 20220712-1 dated July 12, 2022, details of which are reproduced as below:

“Designated Officer on receipt of any information with respect to all Cyber-attacks, threats, cyber-incidents and breaches experienced as prescribed in the said SEBI Circular SEBI/HO/MIRSD/CIR/PB/2018/147 dated December 03, 2018, and SEBI/HO/MIRSD/TPD/P/CIR/2022/93 dated June 30, 2022, shall inform the Exchange within 6 hours of receipt of such information”.

Web-Link of the Immediate Incident Reporting system is given below:

https://befs.bseindia.com -> Cyber Incident Report> Immediate Incident Reporting

User manual for the reference has been attached.

In case of non-compliances observed, disincentives including financial disincentives and disciplinary action are applicable and can be referred to as per the Exchange Notice no 20230704-27 on 4th July 2023; summary details of which are listed in Table 1 below.

 

Table 1: Late-Submission and Related Actions

Details of Violation/contravention

Penalty/disciplinary actions

Penalty/disciplinary action in case of Repeat violation/contravention

Non-submission of Cyber Incident reporting (Quarterly Submission) within the time specified by the Exchange

1. For 1st week after due date, Charges of Rs. 2,500/- per day

 

2. Charges of Rs. 5000/- per day from second week after due date

 

3. In case of non-submission within three weeks from the due date of submission, new client registration to be prohibited and notice of 7 days for disablement of trading facility till submission of data/report. The disablement notice issued to the member shall be shared with all the Exchanges for information.

 

4. In case of non-submission within four weeks from the due date of submission, Member shall be disabled in all segments till submission of data/report

In case of a repeat instance by the Member, levy of applicable monetary penalty along with an escalation of 50%.

 

In case of non-submission within three weeks from the due date of submission, new client registration to be prohibited and notice of 7 days for disablement of trading facility till submission of data/report. The disablement notice issued to the member shall be shared with all the Exchanges for information.

 

In case of non-submission within Four weeks from the due date of submission, Member shall be disabled in all segments till submission of data/report.

 

Non-submission of Cyber Incident reporting (Immediate Submission) within the time (within 24 hours) specified by the Exchange.

 

If the incident not reported within 24 hours. Rs. 20,000/- per day till the incident is reported subject to a maximum of Rs.2 lakhs per incident.

 

In case of a repeat instance by the Member, levy of applicable monetary penalty along with an escalation of 50%.

 

 

Members are requested to take note of the above and ensure compliance.

In case of any queries/clarifications, you may contact us on the below numbers in Table 2 below.

 

Table 2 Contact Details

Sr. No

Purpose

Contact Nos.

Email ID

1

QCIR XBRL related issues

18002330445

Bse(dot)xbrl(at)bseindia.com

2

QCIR Process related

022-22725842

msc(dot)qcir(at)bseindia(dot)com

 

For and on behalf of BSE Ltd

 

   Shri. Devendra Kulkarni

       

Additional General Manager