The committee consulted various stakeholders, including public interest directors, chief regulatory officers, representatives of MIIs and other relevant persons. It also took into consideration the past committee reports on the governance of MIIs.
According to SEBI, the Mahalingam committee considered that MIIs, in pursuance of their business objectives, should not lose sight of their regulatory roles vested upon them as first line regulators. "At the same time, the committee acknowledged that tightening the norms should not deter innovation or cause unintended consequences for the MIIs. Hence, a rule-based approach for the regulation of MIIs should be balanced with a principle-based approach in order to achieve the intended outcomes."
Here are the key recommendations made by the Committee:
1. The functions of MIIs should be categorised into three verticals, viz. critical operations; regulatory, compliance and risk management; and other functions including business development. The key managerial persons (KMPs) heading the functions under the first two verticals should be at par in the hierarchy with the KMPs heading the third vertical.
2. In terms of resource allocation and utilisation, the functions under the first two verticals separately should be given higher priority by MIIs over functions under the third vertical. The resources including the human as well as financial and technology resources deployed by MIIs for each of the core functions under different verticals should be quantified and disclosed in the annual report of the MIIs.
3. To ensure greater independence of the Board of the MII, at least two-third members of the Board of the MII shall comprise of PIDs. The roles and responsibilities of all directors should be clearly outlined especially their responsibilities towards regulatory, compliance and risk management functions.
4. The existing process of appointment of PIDs, Non-Independent Directors (NID) and Managing Director (MD) should be rationalised by mapping certain skill-sets/ expertise to PIDs while maintaining an overall balance of expertise required in the Board. Further, provisions in SECC Regulations, 2018 and D&P Regulations 2018 should be incorporated to enable SEBI to appoint PIDs on the Board of the MII.
5. The role of the Board of the MII and its senior management team in upholding a strong culture in the MIIs should be clearly outlined through a set of guiding principles, especially focused on regulatory, compliance, risk and conduct related aspects.
6. The existing Board level Statutory Committees at MIIs should be rationalised with respect to their composition and functioning.
7. In order to enhance transparency, the MIIs should disclose the agenda and minutes
of meetings of their Board, keeping in mind their role as a 'first-level regulator'. To begin with, agendas related to regulatory, compliance & risk management areas may be disclosed on the website of the MII.
8. The Board of the MII or the Chairperson of the Board (without the presence of the MD and any other executive director), on a periodic basis as specified by SEBI, should meet the Chief Regulatory Officer (CRO)/ Compliance Officer, the Chief Risk Officer (CRiO), the Chief Information Security Officer (CISO), the Statutory Auditor of the MII and any other person as determined by the PIDs and NIDs to discuss important issues concerning the MII.
9. The PIDs should continue to meet twice a year and submit to SEBI a periodic report highlighting issues of importance/ concern to MIIs.
10. The definition of KMPs should be changed to cover employees based on importance of activities carried out by them and their relative hierarchy within the MII. Further the MII must clearly delineate and segregate the roles and responsibilities of such identified KMPs within each function (especially their responsibilities towards regulatory, compliance and risk management functions) in order to improve overall accountability.
11. Accountability and objective appraisals of the Board of MIIs, Directors and Board level Statutory Committees and KMPs are essential. Video and audio recordings of the meetings of the Board of the MII should be made mandatory. Apart from the usual self-appraisals, an external agency should also be appointed to independently assess the performance of the Board and Statutory Committees of the MII.
12. The regulations should be amended to provide for a minimum (25%) as well as maximum (50%) amount as variable component of the KMPs' compensation. For each KMP, due weightage should be provided to the regulatory, risk management and compliance related aspects including Code of Conduct/Ethics for determining variable pay.
13. If any KMP or Board member becomes/ is aware of any acts of wrongdoing and fails to report the same to the Board of the MII or to SEBI, respectively, then such person should be held accountable.
14. The existing Code of conduct and Code of ethics for the directors and KMPs of the MIIs may be rationalised into a single code of conduct to specifically include regulatory, compliance and risk management, good governance and due diligence as important components of operations.
15. The Board of the MII should be responsible for monitoring compliance with the Code of Conduct by the members of the Board of the MII. The Regulatory Oversight Committee should be responsible for monitoring compliance with the Code of Conduct by the KMPs and the other members on the committees of the MIIs.
16. A code of conduct for Stock Exchanges and Clearing Corporations similar to the existing code of conduct for Depositories may be introduced.
17. Considering the phenomenal growth in the market capitalisation, trading volumes, investor base and number of market intermediaries linked to MIIs, the MIIs' net worth may additionally include a variable component to cover various risks associated with their operations and level of activity of the MIIs.
18. Keeping the interest of investors in mind, the adequacy of Investor Protection Fund and Settlement Guarantee Fund should be periodically reviewed and a specific percentage of profits should be shifted to IPF in consultation with SEBI.
19. There should be continuous supervision by MIIs of all its members by leveraging technology. Information that is material to investors related to members of MIIs should be made public in a consolidated and structured manner on the website of the MII.
20. Use of technology (such as RegTech and SupTech) should be further enhanced by the MIIs to implement a transparent governance framework.
21. The MII's policy should adequately cover all methods of data sharing (including emails and social media) with appropriate delegation of powers for sharing data. The MIIs should develop escalation matrix for sharing confidential and sensitive information for any legitimate purpose.
22. The scope of SEBI's powers under SECC Regulations, 2018 and D&P Regulations 2018 should include levy of penalty and taking other disciplinary action (like suspension, barring to attend meetings etc.) on individuals of MII, including its directors, members of statutory committees, KMPs, employees and other persons associated with the MIIs, for any contravention of regulations.
23. In exceptional cases (including repeated breaches or violations), SEBI may explore the harsher options of debarring MIIs from the introduction of new products/ services, restricting MIIs' existing activities, products and services etc. Further, the SCRA, the SEBI Act, and the Depositories Act may be reviewed by SEBI to increase the penalty amount that may be applicable for MII and relevant persons associated with MII.
24. Any activity being carried out by any of MII's investee companies which is in conflict with its role as a first line regulator should be phased out in a time-bound manner.
SEBI has sought public comments on the report by 30 November 2022.