SEBI has proposed new governance regulations for Market Infrastructure Institutions (MIIs) to ensure they prioritize public interest over commercial objectives. The proposals mandate that MIIs appoint at least two Executive Directors (EDs), in addition to the Managing Director (MD), to head their critical operations and regulatory functions. These EDs will also serve on the MII’s Governing Board, ensuring that crucial areas like risk management, compliance, and technology are represented at the highest level. The new rules also define the roles and responsibilities of the MD, EDs, and key managerial personnel, such as the Chief Technology Officer (CTO) and Chief Information Security Officer (CISO). Furthermore, SEBI has clarified the rules on external directorships for MDs and EDs to prevent conflicts of interest, restricting the MD to non-commercial roles and limiting EDs to subsidiary boards. These measures are designed to strengthen the governance and oversight of MIIs, which are essential public utilities in the securities market.
Securities and Exchange Board of India
Provisions relating to Strengthening Governance of Market Infrastructure Institutions (MIIs)
1. Objective
1.1. The significant growth observed in MIIs, highlighted by increased revenues, profits, an expanding network of intermediaries, and a rapidly growing investor base, necessitates a heightened focus to ensure that they operate primarily in public interest. To ensure the orderly functioning and development of the securities market, it is crucial that MIIs give priority to, and are seen to give priority to, public interest (represented by Vertical 1 – Critical Operations, and Vertical 2 – Regulatory, Compliance, Risk Management, and Investor Grievances, of the MII) over commercial interests and business development (Vertical 3). In view of the above, this memorandum captures the outcomes of the deliberations and consultations with respect to the following proposals:
1.1.1. Appointment of two Executive Directors (EDs) of appropriate stature as Heads of Vertical 1 and Vertical 2 respectively, who would also serve on the Governing Board of the MII;
1.1.2. Defining the roles and responsibilities of Managing Director (MD), EDs, and Specific KMPs (such as Chief Technology Officer (CTO), and Chief Information Security Officer (CISO));
1.1.3. Specifying what other directorships the MD and EDs of an MII can take on.
A. Part-A: Appointment of two EDs of appropriate stature and independence as Heads of Vertical 1 and Vertical 2 and also serve on the Governing Board of the MII
2. Background
2.1. MIIs serve as the backbone of the capital market, providing essential infrastructure for trading, clearing & settlement, and holding of securities. Their unique operating model empowers them to regulate their paying members and listed companies. While they operate as efficient and competitive commercial entities, their primary mandate is to serve as crucial public utilities acting in public interest.
2.2. The Governing Board of MIIs play a critical role towards ensuring that the objective of Public Interest is given primacy in the operation of an MII. The Governing Board of MIIs consists of Managing Director (MD), Non-Independent Directors (NIDs) and Public Interest Directors (PIDs). The role of PIDs is important in enhancing corporate integrity and governance standards in any MII. PIDs ensure that in pursuance of their business objectives, MIIs do not lose sight of responsibilities vested upon them as public utility infrastructure institutions and as first line regulators. Currently, SEBI mandates an equal or higher number of PIDs on the governing board to ensure primacy of public interest.
2.3. Regulatory oversight of MIIs is primarily governed by various Acts and Regulations, including the Securities Contracts (Regulation) Act, 1956, the SEBI Act, 1992, and the Depositories Act, 1996, along with specific regulations like Securities Contracts (Regulation) (Stock Exchanges and Clearing Corporations) Regulations, 2018 (hereinafter referred to as “SECC Regulations, 2018”), SEBI (Depositories and Participants) Regulations, 2018 (hereinafter referred to as “D&P Regulations, 2018”). SEBI approves the appointment of PIDs and the MD based on Governing Board recommendations, and the Governing Board approves the appointment, re-appointment, termination, and resignation of specific KMPs like the Compliance Officer (CO), Chief Risk Officer (CRiO), CTO, and CISO.
2.4. MIIs are mandated to segregate their functions into three verticals
2.4.1. Vertical 1: Critical Operations (e.g., trading, clearing & settlement, securities holding).
2.4.2. Vertical 2: Regulatory, Compliance, Risk Management, and Investor Grievances. 2.4.3. Vertical 3: Other functions, including business development.
2.5. Functions under Verticals 1 and 2 must be given higher priority in resource allocation, with MIIs periodically assessing their adequacy. While regulatory frameworks are regularly reviewed, changes are introduced calibrately to foster innovation and overall economic growth. Therefore, governance norms must be carefully tailored to ensure market safety and reliability while preserving the MIIs’ ability to innovate.
3. Need for Review
3.1. The phenomenal growth in the securities market over recent years, driven by increased market capitalization, trading volumes, technology adoption, investor base, and market intermediaries has significantly amplified the role of MIIs to act primarily in public interest. Any failure or mis-governance in these critical institutions could have an adverse impact on the securities market and the broader economy.
3.2. Evidence of this growth is clearly visible in various parameters such as financials of MIIs, number of demat accounts & assets under custody with depositories, total funds pay-in by clearing corporations, derivatives turnover of exchanges, amount of primary market resource mobilization, technology related expenses and dividend paid to shareholders by MIIs.
3.3. This growth unequivocally demonstrates that the role of MIIs as first-line regulators has become more critical, making the prioritization of public interest (Vertical 1 and Vertical 2) over commercial interests (Vertical 3) even more imperative for market integrity.
3.4. Currently, the MD holds overall authority for all three Verticals. Further, there is often a significant gap in authority, stature, and compensation between the MD and other KMPs, with only the MD currently serving on the Governing Board of MIIs.
3.5. To ensure adequate resource allocation to Verticals 1 and 2, and also to ensure that these critical functions are not constrained by commercial considerations, capable and empowered KMPs of stature are needed to head these verticals. These KMPs would be vital for maintaining appropriate compliance, risk management, technology infrastructure, and information security.
3.6. Having these senior executives on the Governing Board may also ensure timely addressing of operational concerns related to Verticals 1 and 2, facilitating timely communication to the Governing Board, Statutory Committees, and SEBI where necessary, for corrective actions. Furthermore, their presence on the Board will aid in effective succession planning. This practice of including senior executives beyond the MD on the Board is also prevalent in many top 100 listed companies.
4. Consultation
4.1. Based on the foregoing, public consultation was done and public comments were invited on the proposal of “Appointment of two EDs of appropriate stature and independence as Heads of Vertical 1 and Vertical 2 and also on the Governing Board of MIIs”. A total of 30 comments were received out of which 20 broadly agreed with the proposal for mandatory appointment of two EDs to Head Verticals 1 & 2 and also serve on the Governing Board of the MII.
4.2. Few of the important concerns raised in the public comments and SEBI comments on the same are as under:
4.2.1. The existing reporting structure of KMPs such as Compliance Officer (CO), Chief Risk Officer (CRiO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO), to MD and various statutory committees needs reexamination in light of the proposed EDs.
4.2.2. Authority of MD should not be compromised with the proposed EDs on the Governing Board.
4.3. Taking into account the public comments received, the comments of SEBI are as under:
4.3.1. As the specific KMPs (CO, CISO, CTO and CRiO) of Verticals 1 & 2 may report to the proposed EDs, the existing reporting structure of such KMPs may be modified from MD to ED. However, the Statutory Committees shall continue to hold separate meetings with such KMPs at least once a quarter without the presence of the MD and ED.
4.3.2. There should not be any compromise on the authority of the MD, as he shall continue to oversee and responsible for the overall affairs of MII and the proposed ED of Verticals 1 and 2 shall report to MD.
4.3.3. Practice of having ED on governing board is a common practice across major listed companies in India as it also ensures robust succession planning.
4.3.4. Significant growth of markets over the years necessitates board level presence for Verticals 1 and 2 for MIIs being public utilities.
5. Recommendations of SMAC: The proposal was also deliberated in Secondary Market Advisory Committee of SEBI (SMAC) meeting on August 19, 2025. SMAC agreed with the proposal subject to the following:
5.1. The proposed EDs shall report to the MD of the MII for all purposes. The reporting of EDs to SEBI may be limited to matters concerning their respective verticals, if any.
5.2. The appointment of the EDs should not be mandated to be approved by the shareholders of the MII. (However, SEBI is not accepting this recommendation, since we would want the process for ED appointment to be identical to that of MD. It may be noted that MD appointment is subject to shareholder approval.)
5.3. As the EDs shall be part of the MII management heading Vertical 1 and 2, they may not be liable to retire by rotation like shareholder directors. (However, since this would mark a departure from what is specified in respect of the MD, the same is not being accepted.)
5.4. In order to ensure a smooth implementation a glide path may be considered where the 1st ED may be appointment within 6 months from the date of implementation of the proposed mechanism and the 2nd ED may be appointed within 9 months from the date of implementation of the proposed mechanism.
5.5. Appointment of ED for heading Vertical 3 of the MII is optional for the MII.
6. Proposals: In view of the public comments received, recommendations of SMAC and internal deliberations, the following are proposed:
6.1. Appointment of EDs
6.1.1. In addition to the MD, MIIs shall appoint at least two KMPs, designated as EDs (or equivalent), to head Vertical 1 and Vertical 2, respectively. These EDs shall be members on the Governing Board of the MII.
6.1.2. MIIs may, at their discretion, appoint an ED for Vertical 3.
6.1.3. The stature of these EDs would be similar to that of the MD.
6.1.4. The appointment, re-appointment and termination process for these EDs will be similar to that of the MD, requiring prior SEBI approval, subject to shareholder approval and as specified by SEBI from time to time. Further the tenure and maximum permissible age limit for these EDs will be at par with the MD.
6.1.5. In order to ensure a smooth implementation a glide path may be considered where the 1st ED may be appointment within 6 months from the date of implementation of the proposed mechanism and the 2nd ED may be appointed within 9 months from the date of implementation of the proposed mechanism.
6.2. Reporting Structure for EDs
6.2.1. EDs of vertical 1 and 2 shall report to the MD of the MII for all purposes.
6.2.2. The Standing Committee on Technology (SCOT) shall hold separate quarterly meetings with the ED of Vertical 1, without the MD’s presence. The SCOT shall independently assess the performance of the ED, and the Nomination and Remuneration Committee (NRC) shall consider inputs of both the SCOT and the MD in finalising the appraisal of the ED of Vertical 1.
6.2.3. The Regulatory Oversight Committee (ROC) and Risk Management Committee (RMC) shall hold separate quarterly meetings with the ED of Vertical 2, without the MD’s presence. The ROC and RMC shall independently assess the performance of the ED, and the NRC shall consider inputs of the ROC, RMC and the MD in finalising the appraisal of the ED of Vertical 2.
6.2.4. EDs will be required to report to the Governing Board on a quarterly basis, concerning their respective verticals. In addition, where deemed necessary and important, EDs may bring matters directly to the attention of SEBI.
6.3. Reporting to EDs
6.3.1. All Heads of Department within Vertical 1, including the CTO and CISO, shall report to the ED of Vertical 1. Similarly, all Heads of Department within Vertical 2, including the CO and CRiO, shall report to the ED of Vertical 2.
6.3.2. As the specific KMPs (CO, CISO, CTO and CRiO) of Verticals 1 & 2 may report to the proposed EDs, the existing reporting structure of such KMPs may be modified from MD to ED. However, the Statutory Committees shall continue to hold separate meetings with such KMPs at least once a quarter without the presence of the MD and ED.
6.4. Recognizing the heterogeneous nature of MIIs (size, financial health, growth stage), MIIs facing practical difficulties in complying with these provisions may seek exemptions from SEBI, which will be evaluated on a case-by-case basis.
B. Part-B: Roles and Responsibilities of MD, EDs, and Specific KMPs (CTO, and CISO)
7. Background
7.1. Current SECC Regulations, 2018, and D&P Regulations, 2018, define the MD and outline the roles and responsibilities of CO and CRiO, as well as a Code of Conduct for Directors and KMPs. While through certain circulars the roles and responsibilities of the MD, CTO and CISO in specific areas have been prescribed, there is no comprehensive provision in the Regulations covering their overall roles and responsibilities.
7.2. It is imperative to embed these definitions and roles within the Regulations to ensure management’s unwavering focus on its core public interest mandate such as prioritizing technological resilience, market integrity, risk management and compliance over commercial considerations. Furthermore, the broad roles and responsibilities of the proposed EDs for Verticals 1 and 2 also need to be clearly prescribed.
7.3. Industry Norms
7.3.1. SEBI (Mutual Funds) Regulations, 1996: The CEO of an Asset Management Company (AMC) is responsible for ensuring compliance, safeguarding unit holder interests in investments, and overseeing the overall risk management function. The CEO must also ensure adherence to the Code of Conduct for Fund Managers and Dealers, with any breaches reported to the Board and Trustees.
7.3.2. Banking Regulations Act, 1949: Section 10B (1) mandates that every banking company appoint a whole-time Chairman or MD to manage its entire affairs.
7.3.3. These industry norms demonstrate that the roles and responsibilities of the MD/CEO are broadly defined in other regulated sectors.
8. Consultation
8.1. Based on the foregoing a consultation paper outlining the broad roles and responsibilities of the MD, the proposed EDs and specific KMPs such as the CTO and CISO was issued seeking public comments. A total of 16 comments were received out of which 14 broadly agreed with the proposal.
9. Recommendations of SMAC: The proposal was also deliberated in SMAC meeting held on August 19, 2025. SMAC agreed with the proposal subject to the following:
9.1. The roles and responsibilities of CISO may also include those areas specified by National Critical Information Infrastructure Protection Centre (NCIIPC) from time to time.
9.2. The technology audit of the MII i.e. the System Audit and Cyber Security Audit may be handled by the Chief Risk Officer (CRiO) of the MII. The CRiO should be invitees to the meetings of the SCOT.
10. Proposals: Based on the recommendations of SMAC and public comments received and internal deliberations the proposals are given as under:
10.1. Broad roles and responsibilities of the MD
10.1.1. The MD shall be entrusted with the overall management of the affairs of the MII.
10.1.2. The MD shall ensure the MII’s compliance with all applicable Acts, Rules and Regulations, circulars, guidelines or directions issued thereunder.
10.1.3. The MD shall ensure that functions under Verticals 1 and 2 operate in the interest of the securities market, guided by public interest, and without revenue-oriented objectives.
10.1.4. The MD shall be responsible for the MII’s overall risk management, and 10.1.5. The MD shall at all times ensure that the MII has adequate infrastructure and systems in place for efficient functioning.
10.2. Broad roles and responsibilities of the EDs
10.2.1. The EDs shall be responsible for the overall affairs of their respective Verticals.
10.2.2. The EDs shall ensure that functions under their respective Vertical operate in the interest of the securities market, guided by public interest, and without revenue-oriented objectives, and
10.2.3. The ED of Vertical 1 shall also be responsible for the required infrastructure and systems in place for efficient function of the MII and the ED of Vertical 2 shall also be responsible for the MII’s overall risk management.
10.3. Broad roles and responsibilities of the CISO
10.3.1. Assess, identify, and reduce cybersecurity risks; respond to incidents; establish appropriate standards and controls; direct the establishment and implementation of processes and procedures as per the cybersecurity and cyber resilience policy approved by the governing board; and responsible for cyber security efforts and initiatives including planning, developing, maintaining, reviewing and implementation of Information Security Policies.
10.4. Broad roles and responsibilities of the CTO
10.4.1. Oversee and manage overall technology-related system design, infrastructure, and operations; be accountable for managing risks in all information technology related functions; responsible for information technology policy and the information technology risk management framework; and resolution and mitigation of observations of technology audits.
10.5. Other Proposals
10.5.1. The technology audit of the MII i.e. the System Audit and Cyber Security Audit shall be handled by the Chief Risk Officer (CRiO) of the MII and
10.5.2. The CRiO shall also be an invitee to the meetings of the SCOT along with CTO and CISO.
C. Part-C: Directorships of MD and EDs of an MII in Companies other than Subsidiaries
11. Background
11.1. Regulation 25, Clause 4 of the SECC Regulations, 2018, restricts the MD of a recognized stock exchange or recognized clearing corporation from being a shareholder or associate of a shareholder, a trading or clearing member or their associate/agent, or holding concurrent positions in a subsidiary or any other associated entity, with a proviso allowing directorship (but not as MD) in a subsidiary. Similar provisions exist for MDs of depositories under D&P Regulations, 2018.
11.2. Currently, there are no clear norms on external directorships of MD of an MII in companies other than subsidiaries. Given the MD’s full-time role and the significant growth of the securities market, the MD’s role as the head of the first-line regulator has become increasingly critical. The absence of clear provisions in this regard could lead to various risks, including conflicts of interest, divided focus, and reputational risk.
11.3. The Banking Regulations Act, 1949, specifically Sections 10B (2) and (4), place significant restrictions on the directorships of a whole-time Chairman or MD of a banking company in other companies, firms, or commercial concerns, with an exception for directorships in subsidiaries or Section 25 (now Section 8) companies. Section 8 of the Companies Act, 2013, pertains to companies formed with charitable objects, where profits are applied to promote these objects, and no dividends are paid to members.
12. Consultation
12.1. The matter was discussed in the SMAC meeting held on February 24, 2025 and where the Committee had recommended that in addition to a subsidiary company, the MD of an MII should be permitted to serve as a non-executive director of a company registered under Section 8 of the Companies Act, 2013, and an unlisted State/Central Government Company not engaged in any commercial activity.
12.2. Based on the foregoing a consultation paper outlining the norms for directorship of the MD and proposed EDs was issued seeking public comments. A total of 16 comments were received and all of which broadly agreed with the proposals.
12.3. Recommendations of SMAC: The proposal was again deliberated in SMAC meeting held on August 19, 2025. SMAC agreed with the proposal with the recommendation the following:
12.3.1. The MD of the MII may be permitted to be appointed as a non-executive director of the MII, on the board of:
12.3.1.1. A company registered under Section 8 of the Companies Act, 2013, and
12.3.1.2. An unlisted state or central government company that is not involved in any commercial activities like Universities, Educational Institutions, etc.
12.3.2. The EDs of an MII shall not serve on the board of any other company, except for a subsidiary of the MII.
13. Proposals: In view of the public comments received, recommendations of SMAC and internal deliberations, the following are proposed:
13.1. The MD of the MII may be appointed as:
13.1.1. Non-executive director on the board of a company registered under Section 8 of the Companies Act, 2013;
13.1.2. Non-executive director on the board of an unlisted government company not engaged in any commercial activity;
13.1.3. Chairperson or member (non-executive capacity) of the governing board of an educational institution established by the Central Government, the State Government, a government company, or a statutory body;
13.1.4. Chairperson or member (non-executive capacity) of the governing board of a university established or incorporated by or under a Central Act or a State Act.
13.2. The EDs of an MII shall not serve on the board of any other company, except for a subsidiary of the MII.
13.3. Further, before taking the directorships prior approval of the governing board of the MII shall be obtained.
D. Part-D: Proposals for consideration and approval of the Board
14. The Board may consider and approve the proposals at paragraphs 6 of Part-A; paragraph 10 of Part-B; and paragraph 13 of Part-C above.
15. If approved,
15.1. Proposals at paragraphs 6.1.1 to 6.1.4 of Part A, paragraphs 10.1 to 10.4 of Part B and paragraphs 13 of Part C above may be implemented by way of amendments to SECC Regulations, 2018 and D&P Regulations, 2018. The existing and proposed amendments to SECC Regulations, 2018 and D&P Regulations, 2018 is placed at Annexure A.
15.2. The draft notification for amendments to SECC Regulations, 2018 and D&P Regulations, 2018 are placed at Annexure B and Annexure C respectively.
15.3. The proposals may be effective from 30th days from the date of notification of amendments to regulations.
15.4. Proposals at paragraphs 6.1.5, 6.2, 6.3 and 6.4 of Part A; and paragraph
10.5 of Part B above may be implemented by way of issuance of circular.
16. The Board may authorize the Chairman to take steps to implement the proposals with consequential, incidental and appropriate changes, as may be required in this regard, and any subsequent revisions thereto based on the evolving market context.
Annexure-A
(This has been excised for reasons of confidentiality)
Annexure-B
(Amendments shall be notified after following the due process)
Annexure-C
(Amendments shall be notified after following the due process)
