Introduction
On October 8, 2024, through a consultation paper released by the Securities and Exchange Board of India (“SEBI“) a new policy has been proposed on data-sharing for the purposes of research and analysis (“Policy“). The Policy is applicable to all intermediaries and Market Infrastructure Institutions (“MIIs“) and is aimed at streamlining business operations in India's financial markets while addressing critical data privacy challenges.
The ability to access real-time data, and accuracy of such information has significant impact on the decisions of businesses and investors in today's age. As digital financial transactions continue to grow, concerns over data privacy have intensified as improper handing or exposure of financial data may lead to severe repercussions, jeopardizing both individual investors and the overall integrity of the market. Through the Policy, SEBI's market data advisory committee (“MDAC“) intends to ensure that these concerns are addressed and that a robust data-sharing framework is implemented to enhance operational efficiency and minimise the risk of data breaches. This article analyses some of the crucial aspects of the policy, its impact on stakeholders, and some potential hurdles to its implementation.
Crucial Aspects of the Policy
- Segregation of Data: The Policy requires intermediaries and MIIs to segregate data into two categories: (a) data that can be shared with the public; and (b) data that cannot be publicly disclosed. The first category contains aggregated or analysed data that is publicly available through MIIs. The second category includes personal data including KYC information, holding details, trade logs etc. that may be used to specifically identify an entity or an individual. All stock exchanges, depositories and clearing corporations must clearly identify and categorise the data stored. Further, the publicly available data under the first category must be made accessible in a stakeholder friendly format.
- Data Sharing Policies: Through the Policy, MDAC has also suggested that stock exchanges, depositories and clearing corporations must establish their own policy for sharing data separately for research purposes, in accordance with the categorization of data as mentioned above.
- Accountability: The Policy mandates MIIs to share a list of data items under each category with SEBI within 60 (sixty) days of the issuance of the circular.
Impact on Intermediaries, MIIs and Investors
Intermediaries and MIIs will have to implement robust data protection mechanisms which will ensure data protection and security, thus allowing intermediaries and MIIs to be better adapted to safeguard their clients' data. The Policy also provides for operational efficiency as entities will have faster access to data and as a result, they will be more efficient in their data sharing practices.For investors too, the Policy is a significant step in the right direction. The Policy ensures that any data that relates to personal or financial information of a particular investor is secure. The risk of data breaches will also be reduced since all intermediaries and MIIs will be required to formulate their own data sharing policy and adhere by the same. Investors will also have faster access to their updates on their investments.
Potential Obstacles
It is anticipated that the intermediaries and MIIs will have to implement new technology to secure data sharing which may require significant financial and infrastructural investments. Entities may also need to adhere to additional compliance obligations which could prove to be burdensome. These financial, infrastructural and compliance requirements will be particularly more challenging for smaller entities in the short term. For the data-sharing framework to operate smoothly, as envisaged under the Policy, efficient cooperation will become crucial among intermediaries, MIIs and regulators, as lack of proper coordination may lead to inefficiencies or data silos, which would ultimately undermine the objectives of the Policy.
Conclusion
SEBI's data sharing Policy is a thus an imperative step to modernize the data management practices of intermediaries and MIIs while ensuring privacy is adequately safeguarded. By achieving a balance between streamlined business operations and enhanced data security, the Policy is expected to benefit all market stakeholders, fostering greater trust and efficiency in India's capital markets. As SEBI continues to improve and implement the Policy, businesses must actively upgrade their infrastructure and data sharing mechanisms in order to meet the new standards. The success of this Policy will largely depend on how efficiently the stakeholders adapt to the evolving data-sharing framework.
SEBI has sought public comments on the Policy until October 29, 2024.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.