The Securities and Exchange Board of India (SEBI) is upgrading its Information Technology (IT) resources with a particular focus on data analytics to improve its supervision of the securities market, it said in its annual report for 2019-20. Over the course of the coming year, the markets regulator will build a new data centre, which will host a dedicated private cloud infrastructure as well.
“SEBI has started work on a data lake project which would have the capability to store and retrieve quickly, a large amount of structured, semi structured and unstructured data. This data lake project will support advanced analytical tools, such as artificial intelligence and machine learning (AI/ML), deep learning, big data analytics, pattern recognition, processing of structured and unstructured data, text mining and natural language processing thereby significantly augmenting surveillance capabilities,” said Ajay Tyagi, chairman, SEBI.
As part of its supervisory functions, SEBI has developed an in–house automated system to detect misuse of client securities by brokers, and is in the process of implementing a project to automatically inspect and surveil mutual fund activity, Tyagi said. “Further, in order to detect possible market manipulation and strengthen market supervision through technology solutions, SEBI has initiated a Data Analytics and Data Models Project,” he added.
Cloud Strategy and Data Centre
SEBI has adopted private cloud strategy for a large part of its infrastructure. “The proposed private cloud solution will be the enabling technology which will be scalable, inter-operable, and elastic and support big data analytics. Going forward, the private cloud solution will provide infrastructure, storage and computing capacity to many existing and upcoming projects,” it said.
The private cloud strategy will help the markets regulator optimise its resource utilisation and provide flexibility across various hardware devices and softwares. It will also allow the markets regulator to integrate, host and scale new or existing applications much faster, it said. This cloud strategy will have the highest level of security and will be integrated to SEBI’s SOC-NOC, the regulator added.
SEBI will implement a large scale tier 3+ data centre this year, at its Bandra Kurla Complex office in Mumbai. As part of building the data centre, existing infrastructure from other data centres in Mumbai will be consolidated to the new data centre, SEBI said. It added that the new data centre will also host the regulator’s private cloud infrastructure.
Building Data Analytics
“Given the increasing volume and complexity of activity in the securities market and the resultant explosion in volume and complexity of data, SEBI has felt an increasing need to develop data analytics capability within the organization,” SEBI said. The regulator hopes this initiative will help in policy formulation, surveillance and investigations and automating various functions going forward.
The markets regulator said that it has adopted a ‘Hub and Spoke’ model as part of its data analytics initiative. While the data warehouse team of the IT department will act as a Hub for data residing with the regulator, individual data analytics teams in each of SEBI’s various departments will be the Spokes. It plans to use this model to implement two projects, namely off-site inspection of brokers and offsite inspection of mutual funds.
SEBI also plans to implement a data lake in 2021, which will leverage artificial intelligence, machine learning and deep learning that will analyse and process vast amounts of structured, semi structured and unstructured data.
In June 2019, the Ministry of Corporate Affairs and SEBI signed an Memorandum of Understanding (MoU) to create a digital mechanism to share information bi-laterally. The regulator will sign the next MoU with the Central Board of Direct Taxes in the coming months, it said.
Cyber Security Initiatives
“Considering the increasing trend of cyber frauds and attacks across the globe especially in financial institutions, it was decided to strengthen further, the cyber security controls and processes in SEBI,” the markets regulator said. It has created a Security Operations Center/ Network Operations Center (SOC-NOC), which will function 24×7 to give real-time visibility on SEBI’s entire IT system. The SOC also creates automated alerts against suspicious or malicious activity on SEBI’s computers, as well as on sensitive data residing in databases when hackers attempt to attack it.
SEBI also implemented intrusion prevention systems, encrypted traffic management systems in addition to end-point protection solutions on its computers, servers, email system and for its staff’s mobile phones. The markets regulator now has an advanced anti-malware software as well as anti-phishing software. It also implemented new solutions to prevent Distributed Denial of Service and Domain Name Server attacks, it said.
“Having consolidated and integrated security systems for threat feed, forensic analysis, malware analysis, and so on, SEBI can make better security decisions with intelligence-driven analytics available with SOC… SOC at SEBI consists of multiple cyber security technologies and services. It is designed to secure processes and technologies and will help SEBI to protect confidentiality and privacy of regulatory and market data at various end points in SEBI… Cyber-attacks on such applications can be detected and mitigated proactively in an efficient and effective way through the SOC,” SEBI Annual Report 2019-20
- SEBI now allows individuals to participate in regulatory sandbox for capital markets
- SEBI paper proposes easing listing norms for startups
- SEBI opens door for fintechs to enter mutual fund industry