Sebi asks mutual funds to set up committee to review cyber security

Markets regulator Sebi Thursday came out with revised guidelines for system audit to be conducted by mutual funds and asset management companies (AMCs). The guidelines come after "considering the importance of system audit in technology driven asset management activity and to enhance and standardise the system audit", Sebi said in a circular.

Besides, mutual funds (MFs)/ AMCs have been directed to constitute a technology committee entrusted with the task of reviewing the cyber security and cyber resilience framework for mutual funds and AMCs, Sebi said in a separate circular.

Sebi said the committee will comprise experts proficient in technology with at least one independent external expert with adequate experience in the area of technology in MF industry or BFSI, it added.


The regulator has asked MFs and AMCs to conduct system audit on an annual basis by an eligible independent auditor.

The audit should include the audit of systems and processes related to fund accounting system for calculation of net asset values, financial accounting and reporting system for AMC.

Moreover, audit related to unit-holder administration and servicing systems for customer service, funds flow process, system processes for meeting regulatory requirements, prudential investment limits and access rights to systems interface shall also be done.

Further, MFs and AMCs are required to submit a report regarding exceptions observed in the system audit to the technology committee for review in the prescribed format.

The committee after reviewing the report shall place it before the AMC & Trustee Board. The report along with trustee's comments should be communicated to Sebi within six months of the respective financial year, starting from 2019-20. SRS VHP ANU ANU