FOUNDATION MAGAZINE FINANCIAL ADVICE STOCKLETTERS PORTFOLIO PMS BOOKS
BUY
SEBI Penalises Anand Rathi Share and Stock Brokers ₹10 Lakh for Cyber Security and Compliance Lapses
Moneylife Digital Team 13 March 2026
Investor Interest
Market regulator Securities and Exchange Board of India (SEBI) has imposed a penalty of ₹10 lakh on Anand Rathi Share and Stock Brokers Ltd (ARSSBL) for multiple compliance failures related to cybersecurity controls, IT governance and operational safeguards. The penalty was imposed under Section 15HB of the SEBI Act following a detailed inspection of the broker’s systems and processes. 
 
SEBI conducted a thematic inspection between 6 January 2025 and 10 January 2025 at the broker’s registered office to assess compliance with the cybersecurity and cyber resilience framework applicable to stock brokers. 
 
The inspection revealed several lapses in the broker’s IT security and operational processes. Among the key findings was that ARSSBL had set system capacity alerts at 85% and 95% utilisation, whereas SEBI guidelines require brokers to receive alerts once system usage exceeds 70% of installed capacity, so preventive action can be taken in time. The regulator found that such monitoring is critical to ensuring uninterrupted service to clients and concluded that the broker had failed to deploy adequate monitoring mechanisms. 
 
SEBI also found deficiencies in critical cybersecurity practices. The broker had not properly implemented data leakage prevention mechanisms during the inspection period. Although ARSSBL later deployed a new solution, SEBI observed that corrective measures were introduced only after the inspection, indicating that the necessary safeguards were not in place earlier.
 
Another issue related to password security policies. While ARSSBL’s internal information security policy required passwords to be at least 15 characters long, the actual system configuration allowed passwords with only eight characters. SEBI noted that the broker had failed to follow its documented policy, thereby weakening security and increasing the risk of cyber-attacks.
 
The regulator further observed weaknesses in privileged access management. Eight users were found to have access to certain systems without multi-factor authentication (MFA), which is required under SEBI’s cybersecurity framework. The broker later rectified the issue after it was flagged during the inspection, but SEBI says such controls should have been implemented earlier.
 
SEBI also highlighted issues relating to governance and IT controls. The broker did not have formal board approval for certain policies such as business continuity and disaster recovery (BCP-DR) during the inspection period. Given the critical nature of these policies for ensuring operational resilience and continuity of services to investors, SEBI considered the lapse significant.
 
In addition, the regulator found that the broker had used an API meant for its stockbroking business to support know-your-customer (KYC) validation in its mutual fund distribution business, indicating inadequate segregation of business activities and a lack of due diligence in operational controls.
 
While determining the penalty, SEBI noted that there was no quantifiable investor loss arising from the violations. However, the regulator also observed that some of the lapses were repetitive in nature and that the broker had previously been penalised by SEBI, which warranted regulatory action to ensure stricter compliance going forward. 
 
 
 
Taking all factors into account, Amit Kapoor, adjudicating officer (AO) imposed a monetary penalty of Rs10 lakh on Anand Rathi Share and Stock Brokers for violations of SEBI regulations and circulars.
Comments
vram2311
2 months ago
This will be the story across most financial institutions . The penalty must be substantial
Reply
ICICI Pru
ICICI Bank credit card
  • EDITORS'
    PICKS
  • MOST
    POPULAR
  • MOST
    READ
Free Helpline
Legal Credit
Feedback
Buy Now!

Absolute Power

Inside story of the National Stock Exchange’s amazing success, leading to hubris, regulatory capture and algo scam

View Options

The Scam: Now in it's 12th Printing

29 Years Of The Scam: The Perennial Bestseller, reads like a Thriller!
#Scam92: Read the actual story.

Buy Now Gift Know More

Moneylife Online Magazine

Fiercely independent and pro-consumer information on personal finance.

1-year online access to the magazine articles published during the subscription period.
Access is given for all articles published during the week (starting Monday) your subscription starts. For example, if you subscribe on Wednesday, you will have access to articles uploaded from Monday of that week.
This means access to other articles (outside the subscription period) are not included.
Articles outside the subscription period can be bought separately for a small price per article.

Buy Now Gift Know More

Monthly Digital Access

Fiercely independent and pro-consumer information on personal finance.

30-day online access to the magazine articles published during the subscription period.
Access is given for all articles published during the week (starting Monday) your subscription starts. For example, if you subscribe on Wednesday, you will have access to articles uploaded from Monday of that week.
This means access to other articles (outside the subscription period) are not included.
Articles outside the subscription period can be bought separately for a small price per article.

Buy Now Know More

Full Archive access

Fiercely independent and pro-consumer information on personal finance.
Complete access to Moneylife archives since inception ( till the date of your subscription )

Buy Now

Stockletters in 5 Flavours

Outstanding research that beats mutual funds year after year

Buy Now Know More

MAS: Complete Online Financial Advisory

(Includes Moneylife Online Magazine)

Buy Now Know More
We are listening!
Reset
Success!

To continue

Please

or

With