In exercise of the powers conferred by sub section 1 of Section 28 read with sub section 1 of Section 12 and sub section

REGD. No. D. L.-33004/99 The Gazette of India CG-GJ-E-16042025-262470 EXTRAORDINARY PART III-Section 4 PUBLISHED BY AUTHORITY No. 305] NEW DELHI, WEDNESDAY, APRIL 16, 2025/CHAITRA 26, 1947 2540 GI/2025 INTERNATIONAL FINANCIAL SERVICES CENTRES AUTHORITY NOTIFICATION Gandhinagar, the 11th April, 2025 International Financial Services Centres Authority (KYC Registration Agency) Regulations, 2025 F. No. IFSCA/GN/2025/004. In exercise of the powers conferred by sub-section (1) of Section 28 read with sub-section (1) of Section 12 and sub-section (1) of Section 13 of the International Financial Services Centres Authority Act, 2019 [Act 50 of 2019]; the International Financial Services Centres Authority hereby makes the following regulations, namely: - CHAPTER-I PRELIMINARY Short title and commencement 1. (1) These regulations may be called the International Financial Services Centres Authority (KYC Registration Agency) Regulations, 2025. (2) They shall come into force from the date of its publication in the Official Gazette. Definitions 2. (1) In these regulations, unless the context otherwise requires, the terms defined herein shall bear the meanings as assigned to them below, and their cognate expressions shall be construed accordingly- (a) "Act" means the International Financial Services Centres Authority Act, 2019 (50 of 2019); (b) "Associate", in relation to a person, shall include another person: (i) who, directly or indirectly, by himself or in combination with other persons, exercises control over the first person; (ii) who holds control of at least twenty per cent. of the total voting rights of the first person; (iii) who is a holding company or a subsidiary company of the first person; (iv) who is a relative of the first person; (v) who is a member of a Hindu Undivided Family wherein the first person is also a member; (vi) such other cases where the Authority is of the view that a person shall be considered as an associate based on the facts and factors including the extent of control, independence and conflict of interest. (c) "Authority" or "IFSCA" means the International Financial Services Centres Authority established under sub-section (1) of section 4 of the Act; (d) "Client", for the purpose of these regulations, means a person who is engaged in a financial transaction or activity with a Regulated Entity and includes a person on whose behalf the person engaged in the transaction or activity, is acting; (e) "Compliance Officer" means any senior officer, designated so and reporting to the board of directors who is capable of understanding the financial statements and the requirements for legal and regulatory compliances under these regulations and all applicable legal and regulatory requirements for the activities of the KYC Registration Agency in the IFSC, including compliance of policies, procedures, maintenance of records, risk management, and implementation of the applicable code of conduct specified in these regulations; (f) "Control" shall include the right to appoint majority of the directors or to control the management or policy decisions exercisable by a person or persons acting individually or in concert, directly or indirectly, including by virtue of their shareholding or management rights or shareholders agreements or voting agreements or in any other manner; (g) "Foreign Jurisdiction" means a country, other than India, whose securities market regulator is a signatory to International Organization of Securities Commission's Multilateral Memorandum of Understanding (Appendix A signatories) or a signatory to bilateral Memorandum of Understanding with the Authority, and which is not identified in the public statement of Financial Action Task Force as: (i) a jurisdiction having a strategic Anti-Money Laundering or Combating the Financing of Terrorism deficiencies to which counter measures apply; or (ii) a jurisdiction that has not made sufficient progress in addressing the deficiencies or has not committed to an action plan developed with the Financial Action Task Force to address the deficiencies; (h) "Group Entity" means an entity of a business group that consists of a parent company or of any other type of legal person exercising control over the rest of the group, together with branches and/or subsidiaries; (i) "Inspecting Authority" means one or more persons appointed by the Authority to undertake inspection of the books, accounts, records and documents of a KRA in terms of these regulations; (j) "International Financial Services Centre" or "IFSC" shall have the same meaning as assigned to it under clause (g) of sub-section (1) of section 3 of the Act; (k) "KYC Registration Agency (KRA)” means an entity which has been granted certificate of registration under these regulations; (1) "Net Worth" means the aggregate value of the paid-up share capital and all reserves created out of the profits, securities premium account and debit or credit balance of profit and loss account, after deducting the aggregate value of the accumulated losses, deferred expenditure and miscellaneous expenditure not written off, as per the balance sheet, but does not include reserves created out of revaluation of assets, write-back of depreciation and amalgamation; (m) "Principal Officer" means a designated employee of the KRA responsible for overall activities of the KRA; (n) "Regulated Entity" means an entity which has been granted license, recognition, registration or authorisation by the Authority; (0) "SEBI" means the Securities and Exchange Board of India established under section 3 of the Securities and Exchange Board of India Act, 1992. (2) Words and expressions used and not defined in these regulations but defined in the Act or Acts mentioned in the First Schedule to the Act, or the Companies Act, 2013 [18 of 2013], or any rules or regulations made thereunder shall have the same meanings respectively assigned to them in those Acts, rules or regulations or any statutory modification or re-enactment thereto, as the case may be. CHAPTER II REGISTRATION Application for grant of certificate of registration 3. An entity desirous of obtaining a certificate of registration as a KRA shall submit, electronically or otherwise, an application along with the application fees in such form and manner as may be specified by the Authority. Legal form of the Applicant 4. The applicant seeking registration as a KRA shall be set up in the IFSC in the form of a Company. Provided that an entity registered with the SEBI to undertake activities similar to those of a KRA may set up a wholly owned subsidiary or a branch in the IFSC. Net Worth requirements 5. (1) An entity seeking registration as a KRA shall maintain the Net Worth of at least USD 1 Million at all times. (2) Where a KRA is set up in the form of a branch by the entity registered with the SEBI, the minimum net worth requirement, as specified in sub-regulation (1), shall be earmarked and ringfenced by such entity. Fit and proper requirements 6. (1) A KRA shall ensure that the entity and its Principal Officer, directors/ key managerial personnel and controlling shareholders shall be fit and proper persons, at all times. (2) For the purpose of sub-regulation (1), a person shall be deemed to be a fit and proper person if, - (a) such person has a record of fairness and integrity, including but not limited to- (i) financial integrity; (ii) good reputation and character; and (iii) honesty. (b) such person has not incurred any of the following disqualifications (i) the person has been convicted by a court of law for any offence involving moral turpitude or any economic offence or any offence under the Act and the other Acts listed in Schedule-I of the Act; (ii) charge sheet has been filed against such person by any Indian enforcement agency in matters concerning economic offences and is pending; (iii) charges have been framed by a court of law or an equivalent institution in matters concerning economic offences; (iv) a recovery proceeding has been initiated against the person by a financial regulatory authority and is pending; (v) an order has been passed against the person for malfeasance; (vi) the person has been declared insolvent and not discharged; (vii)an order, restraining, prohibiting or debarring the person from accessing or dealing in financial product (s) or financial service (s), has been passed by any regulatory authority, in any matter concerning financial services market and such order is in force; (viii) any other order against the person, which has a material bearing on the financial services market, has been passed by the Authority or any other regulatory authority and a period of three years from the date of the order has not elapsed; Explanation. For the above provision, the decision to determine materiality shall be that of the Authority. (ix) the person has been found to be of unsound mind by a court of competent jurisdiction and the finding is in force; (x) the person is financially not sound or has been categorised as a willful defaulter; (xi) the person has been declared a fugitive economic offender; or (xii) any other disqualification as may be specified by the Authority. (3) Where any person has been declared as not 'fit and proper person' by an order of a regulatory authority, such a person shall not be eligible to apply for any registration, until she satisfies the fit and proper criteria. Appointment of Principal Officer, Compliance Officer and other human resources 7. (1) A KRA shall designate a Principal Officer, and a separate Compliance Officer based out of IFSC. (2) A KRA shall ensure that the Principal Officer and the Compliance Officer meet the following educational qualification requirements: (a) A professional qualification or post-graduate degree or post graduate diploma (minimum one year in duration) in finance, law, accountancy, business management, commerce, economics, capital market, banking, insurance or actuarial science from a university or an institution recognised by the Central Government or any State Government or a recognised foreign university or institution or association or a CFA or a FRM from Global Association of Risk Professionals or any other relevant educational qualifications as may be specified by the Authority: Provided that a graduation degree in any field from a university or an institution recognised by the Central Government or any State Government or a foreign university would suffice where the Principal Officer or the Compliance Officer has a work experience of at least fifteen years in the financial services market: Provided further that a person who has a qualification of Bachelor of Law from a university, or an institution recognised by the Central Government or any State Government or a recognised foreign university or institution or association is also eligible for appointment as a Compliance Officer. Explanation. For the purposes of these regulations, the professional qualification shall include membership of Institute of Chartered Accountants of India, Institute of Company Secretaries of India, Institute of Cost Accountants of India or any institution equivalent thereto in a Foreign Jurisdiction. (3) A KRA shall ensure that the Principal Officer and Compliance Officer meet the following experience requirements: (a) A Principal Officer shall have an experience of at least ten years in the financial services market; and (b) A Compliance Officer shall have an experience of at least five years in the financial services market. (4) The Compliance Officer shall immediately and independently report to the Authority any non-compliance. (5) A KRA shall have adequate manpower commensurate with its business activities in the IFSC. Registration Requirements 8. The Authority shall take into account all matters which it deems relevant for grant of registration to the entity seeking registration as KRA and in particular the following, namely, whether: a) the applicant or its Principal Officer and Compliance Officer have the specified qualification and adequate work experience; b) the applicant has the necessary infrastructure like adequate office space, equipment, communication facilities and manpower to effectively discharge its activities; c) the applicant satisfies the eligibility criteria and Net Worth requirements as specified under these regulations; d) the applicant has satisfactory financial credit worthiness; e) the applicant and its Principal Officers, directors, key managerial personnel and controlling shareholders are fit and proper persons; f) the applicant or any of its Associates have in the past been refused certificate by the Authority and if so, the ground for such refusal; and g) the applicant or its Principal Officers, directors, key managerial personnel and controlling shareholders are subject to any proceeding for breach of law by the Authority. Grant of Registration 9. (1) An entity shall be eligible to be registered as KRA only if it belongs to one of the following categories, namely: (a) a wholly owned subsidiary of a stock exchange regulated in India, in the IFSC or in a Foreign Jurisdiction; (b) a wholly owned subsidiary of a depository regulated in India, in the IFSC or in a Foreign Jurisdiction; or (c) a wholly owned subsidiary of an entity undertaking activities similar to those of a KRA and regulated by SEBI or regulated in a Foreign Jurisdiction; Provided that a branch of an entity undertaking activities similar to those of a KRA and regulated by SEBI shall also be eligible to be registered as a KRA; Provided further that any conflict of interest does not exist between the role of the applicant as KRA and other commercial activities of the applicant, its Associates and Group Entities. (2) The Authority may, after considering the application and on being satisfied that the applicant has complied with the conditions laid down in these regulations and is eligible to act as a KRA, and upon receipt of specified registration fees grant registration to the applicant subject to the conditions as the Authority may deem fit. (3) If the Authority is of the opinion that the registration cannot be granted, it shall communicate the deficiencies to the Applicant giving it thirty days' time to rectify them. (4) If the Applicant fails to rectify such deficiencies to the satisfaction of the Authority within the specified time, the Authority may refuse to grant registration and shall communicate the same to the Applicant, giving reasons for such refusal: Provided that no such refusal shall be made by the Authority without giving the Applicant an opportunity to make written submissions on the grounds on which the registration is proposed to be refused. (5) The KRA shall comply with any other condition as may be imposed by the Authority as it deems fit in the interest of the investors or orderly development of the securities market or for regulating the working of the KRA, in the IFSC. (6) The registration granted to a KRA may be withdrawn by the Authority after giving an opportunity of being heard. Period of validity 10. The certificate of registration of a KRA shall be valid unless it is suspended or cancelled by the Authority or surrendered by the KRA and accepted by the Authority. Surrender of Registration 11. A registered KRA may file an application with the Authority for surrender of its registration: Explanation: The voluntary surrender of certificate of registration shall be effective only after its acceptance by the Authority. Code of Conduct 12. A KRA shall abide by the Code of Conduct as specified in Schedule I. Maintenance of books of account, records and other documents 13. (1) A KRA shall maintain and preserve the following books of accounts, records and documents, in electronic retrieval form for a minimum of eight years, namely: - (a) a copy of the balance sheet at the end of each accounting period; (b) a copy of profit and loss account for each accounting period; (c) a copy of the auditor's report on the accounts for each accounting period; (d) a statement of Net Worth for each quarter; (e) documentation relating to compliance with International Financial Services Centres Authority (Anti Money Laundering, Counter-Terrorist Financing and Know Your Customer) Guidelines, 2022; (f) documents relating to account opening of each Client and any power of attorney or signature authority forms of the Clients; (g) relevant records and documents relating to its activities; and (h) such other books of accounts, records and documents as may be specified by the Authority from time to time. (2) A KRA shall retain the KYC documents of the Client, in electronic form for the period specified by the Prevention of Money Laundering Act, 2002 (15 of 2003) or the rules issued thereunder, as well as ensuring that retrieval of KYC information is facilitated within stipulated time period. Information to the Authority 14. (1) A KRA shall immediately furnish to the Authority any material change in the information or particulars previously furnished along with the application, which has a bearing on the certificate of registration granted to it. (2) A KRA shall intimate to the Authority any change in Principal Officer, Compliance Officer or key managerial personnel to the Authority, within 15 days of such change. (3) A KRA shall furnish such reports, returns, statements and particulars, in such manner, interval and form, as may be specified by the Authority from time to time. Grievance Redressal 15. (1) A KRA shall take adequate steps for redressal of the grievances of the consumers in accordance with the requirements as may be specified by the Authority. (2) The KRA shall maintain records regarding investor grievances received by it and redress of such grievances. Dispute Resolution 16. Any dispute arising out of or in relation to the activities of the KRA in IFSC shall be resolved in accordance with the dispute resolution mechanism as may be specified by the Authority. Business Continuity Plan 17. (1) A KRA shall maintain a business continuity plan identifying procedures relating to an emergency or significant business disruption. (2) A KRA shall update its business continuity plan in the event of any material change to operations, structure, business, or location. (3) A KRA shall conduct an annual review of its business continuity plan. Cyber Security and Cyber Resilience 18. A KRA shall have robust cyber security and cyber resilience framework in accordance with the requirements as may be specified by the Authority from time to time. Risk Management and Internal Controls 19. (1) A KRA shall have a sound risk management system for comprehensively managing risks. (2) A KRA shall have adequate internal procedures and controls, given the types of business in which it engages (including any activities which have been outsourced) with the aim of protecting the interests of Clients and their assets and ensuring proper management of risk. Change in Control 20. (1) Where a KRA is set up in the IFSC in the form of a Company, it shall seek prior approval of the Authority in case of any direct or indirect change in control of the KRA. (2) Where a KRA is operating in the form of a branch in the IFSC, it shall intimate the Authority within fifteen days of any direct or indirect change in control of the KRA. Payment of Fees 21. A KRA shall pay the fees as may be specified by the Authority. Annual Audit 22. (1) A KRA shall have an annual audit conducted in respect of compliance with these regulations, by a member of the Institute of Chartered Accountants of India or a member of the Institute of Company Secretaries of India or a member of the Institute of Cost Accountants of India or any person authorised to conduct audit in a Foreign Jurisdiction. (2) A copy of such audit report for a financial year shall be furnished to the Authority by the 30th of September of the next year. (3) A KRA shall have additional audits conducted and submit such reports as may be specified by the Authority. CHAPTER III FUNCTIONS AND OBLIGATIONS OF KRA AND REGULATED ENTITY Documents to be received by the KRA for the purpose of KYC 23. A KRA shall receive the KYC documents of the Client from the Regulated Entity in terms of the International Financial Services Centres Authority (Anti Money Laundering, Counter-Terrorist Financing and Know Your Customer) Guidelines, 2022 or any circulars, directions etc. issued under the said Guidelines or any other relevant statute for Prevention of Money Laundering, from time to time. Functions and obligations of the KRA 24. A KRA shall perform its functions and discharge its obligations as under- (a) A KRA shall have electronic connectivity and with other KRA(s) in the IFSC in order to establish inter- operability among KRAS. (b) A KRA may also have electronic connectivity with the KRA(s) registered with other financial sector regulators to establish inter-operability with KRAs of other jurisdictions. Explanation: Inter-operability means the ability of the KRA to determine whether the KYC documents of the Client are in the custody of another KRA. (c) A KRA shall have a secure data transmission link with other KRA(s) and with each Regulated Entity that uploads the KYC documents on its system and relies upon its data. (d) A KRA shall be responsible for storing, safeguarding and retrieving the KYC documents and submit to the Authority or any other statutory authority as and when required. (e) A KRA shall carry out an independent validation of the KYC records uploaded onto its system by the Regulated Entity in such a manner as specified by the Authority from time to time. (f) Any information updated about a Client shall be disseminated by KRA to all intermediaries that avail of the services of the KRA in respect of that Client. (g) A KRA may prepare the operating instructions in co-ordination with other KRA(s) and issue the same to implement the requirements of these regulations. (h) KRA(s) shall ensure that the integrity of the automatic data processing systems for electronic records is maintained at all times. (i) A KRA shall take all precautions necessary to ensure that the KYC documents/records are not lost, destroyed or tampered with and that sufficient back up of electronic records is available at all times at a different place. (j) A KRA shall have adequate mechanisms for the purposes of reviewing, monitoring and evaluating its controls, systems, procedures and safeguards. (k) A KRA shall cause an audit of its controls, systems, procedures and safeguards to be carried out periodically and take corrective actions for deficiencies, if any and report to Authority. (1) A KRA shall take all reasonable measures to prevent unauthorised access to its database and ensure audit of its systems, controls, procedures and safeguards at regular intervals as specified by the Authority from time to time. (m) A KRA shall ensure compliance with the provisions of the Digital Personal Data Protection Act, 2023, and any other applicable laws governing data protection. (n) A KRA shall have relevant checks built into its system to ensure that a Regulated Entity has access to the documents/records or information, of its Clients only and with the consent of the Client. (0) A KRA shall intimate to each Client after receipt of the KYC documents from the Regulated Entity, confirming the Client's details thereof. (p) A KRA shall maintain an audit trail of any upload/ modification /download regarding the KYC records of each Client. Functions and Obligations of a Regulated Entity 25. The Regulated Entity shall have the following functions and obligations (a) The Regulated Entity shall perform the initial KYC/due diligence of the Client, upload the KYC information with proper authentication on the system of the KRA, furnish the scanned images of the KYC documents to the KRA, and retain the physical KYC documents. (b) The Regulated Entity shall upload the KYC information on the system of KRA within 3 working days from the date of completion of KYC process or any other timeline as specified by the Authority from time to time. (c) When the Client approaches another Regulated Entity subsequently, the Regulated Entity shall verify and download the Client's details from the system of KRA: Provided that upon receipt of information on change in KYC details and status of the Clients by the Regulated Entity or when it comes to the knowledge of the Regulated Entity, at any stage, the Regulated Entity shall be responsible for uploading the updated information on the system of KRA and retaining the physical documents. (d) A Regulated Entity shall not use the KYC data of a Client obtained from the KRA for purposes other than it is meant for; nor shall it make any commercial gain by sharing the same with any third party including its affiliates or Associates. (e) A Regulated Entity shall have the ultimate responsibility for the KYC of its Clients, by undertaking enhanced KYC measures commensurate with the risk profile of its Clients. (f) The Regulated Entity shall integrate its systems with the KRA to facilitate seamless movement of KYC documents to and from the Regulated Entity to the KRA. Provided that the Authority may, after taking into consideration the relevant factors, exempt certain classes of Regulated Entities from the applicability of these regulations. Sharing of KYC information in the financial sector 26. (1) A KRA may permit access to its systems to the entities regulated by other financial sector regulators specified by the Authority, for undertaking KYC of their Clients. (2) A KRA may connect its systems to any central KYC registry authorised by the Central Government for the purpose of collation and sharing of the KYC information in the financial sector. CHAPTER IV INSPECTION Inspecting Authority 27. (1) The Authority may suo motu or upon receipt of information or complaint at any time appoint one or more persons as Inspecting Authority to undertake the inspection of the books, accounts, records, documents, infrastructure, procedures, systems of a KRA, for any purpose, including the purposes as specified under sub- regulation (2). (2) The purposes referred to in sub-regulation (1) may include, - (a) to ensure that the books of account, records and documents are being maintained in the manner as required under these regulations; (b) to ensure that the provisions of the Act, the regulations and circulars made thereunder, are complied with; (c) to ascertain whether adequate internal control systems, procedures and safeguards have been established or are being followed by the KRA to fulfil its obligations under these regulations; (d) to ascertain whether any circumstances exist which would render the KRA unfit or ineligible; (e) to inquire into the complaints received from the investors, Clients, other market participants, or any other person on any matter having a bearing on the activities of the KRA; and (f) to inquire suo motu into such matters as may be deemed fit in the interest of investors or the financial services market in the IFSC. (3) Before undertaking an inspection under sub-regulation (1), the Inspecting Authority shall issue a prior notice to the KRA: Provided that where the Inspecting Authority is satisfied that in the interest of the investors no such notice should be given, it may, for reasons to be recorded in writing, dispense with the requirement of such notice. Obligations upon inspection by the Authority 28. (1) Where an inspection of a KRA is undertaken by the Authority, such KRA and every Principal Officer, director, chairperson, CEO, key managerial personnel, officer, employee and any agent of the KRA shall provide all assistance and cooperate with the Inspecting Authority and shall furnish books of accounts, records and documents to the Inspecting Authority with such statements and information relating to its activities within such time as decided by the Inspecting Authority. (2) The KRA shall give all assistance as may be required in connection with the inspection and allow the Inspecting Authority to have reasonable access to its premises and extend reasonable facility for examining any books of accounts, records and documents in its possession, and also provide copies of records or documents or other material which in the opinion of the Inspecting Authority are relevant for the purposes of the inspection. (3) The Inspecting Authority, in the course of inspection, shall be entitled to examine or record the statements of any Principal Officer, director, chairperson, CEO, key managerial personnel, officer, employee and any agent of a KRA. (4) It shall be the duty of every Principal Officer, director, chairperson, CEO, key managerial personnel, officer, employee and any agent of a KRA to give to the inspecting officer all assistance in connection with the inspection, which the inspecting officer may require. 29. Inspection by third parties (1) The Authority may appoint a professional to inspect the books of account, records, documents infrastructures, systems and procedures or affairs of a KRA: Provided that such professional so appointed shall have the same powers of an Inspecting Authority: Provided further that a KRA and its employees shall have the same obligations towards the third party professional as they have towards the Inspecting Authority, as specified in regulation 27 with respect to such inspection. (2) The Authority shall be entitled to recover expenses including fees paid to the third party professional as may be incurred by it relating to such inspection from the KRA. 30. Submission of report The Inspecting Authority shall submit an inspection report including interim reports to the Authority, and the Authority may take such action as it may deem fit and appropriate, on such report: Provided that if directed to do so by the Authority, the Inspecting Authority may submit an interim report. CHAPTER V ACTION IN CASE OF DEFAULT Suspension, cancellation of registration or any other actions 31. (1) A KRA who contravenes any of the provisions of these regulations, guidelines, circulars or direction made thereunder, shall be liable for enforcement action under the Act, including suspension or cancellation of registration. (2) No enforcement action as referred to in sub-regulation (1) shall be taken without giving reasonable opportunity to the KRA to make its submissions. CHAPTER VI MISCELLANEOUS 32. Power to call for information The Authority may call for any information, documents or records from a KRA. 33. Power to remove difficulties In order to remove any difficulties in the interpretation or application of the provisions of these regulations, the Authority may issue directions through guidance notes or circulars. 34. Power to relax strict enforcement of the regulations (1) The Authority may, for reasons to be recorded in writing, in the interest of development of financial services market in the IFSC, relax the strict enforcement of any requirements of these regulations. (2) For seeking relaxation under sub-regulation (1), an application giving details and the grounds on which such relaxation has been sought, shall be filed with the Authority along with a non-refundable fee as may be specified by the Authority. (3) The Authority shall process such application within thirty days of the date of receipt of the application, complete in all respects, including responses to clarifications sought and shall record reasons for acceptance or refusal of the relaxations sought by the applicant. 35. Power to specify procedures and issue clarifications For the purposes of implementation of these regulations and matters incidental thereto, the Authority may specify norms, procedures, processes, additional requirements etc. by way of circulars or guidelines or directions. Schedule-I CODE OF CONDUCT (Regulation 12) 1. A KRA shall make all efforts to protect the interest of its Clients. 2. A KRA shall maintain high standards of integrity, dignity and fairness in the conduct of its business. 3. A KRA shall fulfill its obligations in a prompt, ethical and professional manner. 4. A KRA shall at all times exercise due diligence, ensure proper care and exercise independent professional judgment. 5. A KRA shall ensure that any change in registration status/any penal action taken by the Authority or any material change in financial position which may adversely affect the interests of Clients is promptly displayed on its website. 6. A KRA shall not divulge to anybody either orally or in writing, directly or indirectly, any confidential information about the Clients which has come to its knowledge, without taking prior permission of its Clients, except where such disclosures are required to be made in compliance with any law for the time being in force. 7. A KRA shall not indulge in any unfair competition. 8. A KRA shall display on its website adequate and appropriate information about its business, including contact details of persons and services available to Clients. 9. A KRA shall ensure that grievances of Clients are redressed in a timely and appropriate manner. 10. A KRA shall make reasonable efforts to avoid misrepresentation and ensure that the information provided to the Clients and intermediaries is not misleading. 11. A KRA shall abide by the provisions of the Act and the rules, regulations issued by the Government and the Authority, from time to time, as may be applicable. 12. A KRA shall not make untrue statement or suppress any material fact in any documents, reports, papers or information furnished to the Authority. 13. A KRA shall ensure that the Authority is promptly informed about any action, legal proceeding, etc., initiated against it in respect of any material breach or non-compliance by it, of any law, rules, regulations and directions of the Authority or of any other regulatory body. 14. A KRA or any of his employees shall not render, directly or indirectly, any investment advice about any security in the publicly accessible media. 15. A KRA shall not make a recommendation to any Client who might be expected to rely thereon to acquire, dispose of or retain any securities. 16. A KRA shall ensure that any person it employs or appoints to conduct business is fit and proper and otherwise qualified to act, in the capacity so employed or appointed including having relevant professional training or experience. 17. A KRA shall have internal control procedures and financial and operational capabilities which can be reasonably expected to protect its operations, its Clients from financial loss arising from theft, fraud, and other dishonest acts, professional misconduct or omissions. 18. A KRA shall be responsible for the acts or omissions of its employees in respect to the conduct of its business. 19. A KRA shall provide adequate freedom and powers to its Compliance Officer for the effective discharge of its duties. 20. A KRA shall ensure that the senior management, particularly decision makers have access to all relevant information about the business on a timely basis. 21. A KRA shall ensure that good corporate policies and corporate governance are in place. 22. A KRA should have adequately trained staff and arrangements to render fair, prompt and competence services to its Clients. 23. A KRA shall develop its own internal code of conduct for governing its internal operations and laying down its standards of appropriate conduct for its employees and officers in the carrying out of their duties. Such a code may extend to the maintenance of professional excellence and standards, integrity, confidentiality, objectivity, avoidance of conflict of interests, disclosure of shareholdings and interests, etc. 24. A KRA shall not be party to- (a) creation of false market; (b) price rigging or manipulation; (c) passing of unpublished price sensitive information in respect of securities which are listed and proposed to be listed in any stock exchange to any person. 25. A KRA shall maintain proper inward and outward system for all types of mail received and dispatched in all forms. 26. A KRA shall implement an automated system with validation mechanisms minimizing manual intervention to ensure data accuracy. 27. A KRA shall not indulge in manipulative, fraudulent practices in the process of identification, verification and updation of a Client's KYC information with a view to distort market equilibrium or making personal gains. K. RAJARAMAN, Chairperson [ADVT.-III/4/Exty./37/2025-26] Uploaded by Dte. of Printing at Government of India Press, Ring Road, Mayapuri, New Delhi-110064 and Published by the Controller of Publications, Delhi-110054. SARVESH KUMAR Digitally signed by SARVESH KUMAR SRIVASTAVA SRIVASTAVA Date: 2025.04.16 22:46:40-