AI Drafter 
TaxTMI 
TaxTMI 
Guidelines on Outsourcing of Activities by Intermediaries
X X X X Extracts X X X X
X X X X Extracts X X X X
.... risks associated with outsourcing may be operational risk, reputational risk, legal risk, country risk, strategic risk, exit-strategy risk, counter party risk, concentration and systemic risk. In order to address the concerns arising from the outsourcing of activities by intermediaries based on the principles advocated by the IOSCO and the experience of Indian markets, SEBI had prepared a concept paper on outsourcing of activities related to services offered by intermediaries. Based on the feedback received on the discussion paper and also discussion held with various intermediaries, stock exchanges and depositories, the principles for outsourcing by intermediaries have been framed (Annexure I). These principles shall be followed by all intermediaries registered with SEBI. 5. Activities that shall not be Outsourced The intermediaries desirous of outsourcing their activities shall not, however, outsource their core business activities and compliance functions. A few examples of core business activities may be - execution of orders and monitoring of trading activities of clients in case of stock brokers; dematerialisation of securities in case of depository participants; investme....
X X X X Extracts X X X X
X X X X Extracts X X X X
....tion of risk concentrations, limits on the acceptable overall level of outsourced activities, risks arising from outsourcing multiple activities to the same entity, etc. 1.2 The Board shall mandate a regular review of outsourcing policy for such activities in the wake of changing business environment. It shall also have overall responsibility for ensuring that all ongoing outsourcing decisions taken by the intermediary and the activities undertaken by the third-party, are in keeping with its outsourcing policy. 2 The intermediary shall establish a comprehensive outsourcing risk management programme to address the outsourced activities and the relationship with the third party. 2.1 An intermediary shall make an assessment of outsourcing risk which depends on several factors, including the scope and materiality of the outsourced activity, etc. The factors that could help in considering materiality in a risk management programme include a. The impact of failure of a third party to adequately perform the activity on the financial, reputational and operational performance of the intermediary and on the investors / clients; b. Ability of the intermediary to cope up with the work, ....
X X X X Extracts X X X X
X X X X Extracts X X X X
....or redressal of the grievances received from investors arising out of activities rendered by the third party. 3.3 The facilities / premises / data that are involved in carrying out the outsourced activity by the service provider shall be deemed to be those of the registered intermediary. The intermediary itself and Regulator or the persons authorized by it shall have the right to access the same at any point of time. 3.4 Outsourcing arrangements shall not impair the ability of SEBI/SRO or auditors to exercise its regulatory responsibilities such as supervision/inspection of the intermediary. 4 The intermediary shall conduct appropriate due diligence in selecting the third party and in monitoring of its performance. 4.1 It is important that the intermediary exercises due care, skill, and diligence in the selection of the third party to ensure that the third party has the ability and capacity to undertake the provision of the service effectively. 4.2 The due diligence undertaken by an intermediary shall include assessment of: a. third party's resources and capabilities, including financial soundness, to perform the outsourcing work within the timelines fixed; b. compatibilit....
X X X X Extracts X X X X
X X X X Extracts X X X X
.... the responsibilities of the third party with respect to the IT security and contingency plans, insurance cover, business continuity and disaster recovery plans, force majeure clause, etc.; h. provides for preservation of the documents and data by third party ; i. provides for the mechanisms to resolve disputes arising from implementation of the outsourcing contract; j. provides for termination of the contract, termination rights, transfer of information and exit strategies; k. addresses additional issues arising from country risks and potential obstacles in exercising oversight and management of the arrangements when intermediary outsources its activities to foreign third party. For example, the contract shall include choice-of-law provisions and agreement covenants and jurisdictional covenants that provide for adjudication of disputes between the parties under the laws of a specific jurisdiction; l. neither prevents nor impedes the intermediary from meeting its respective regulatory obligations, nor the regulator from exercising its regulatory powers; and m. provides for the intermediary and /or the regulator or the persons authorized by it to have the ability to insp....