Sebi Alerts Listed Banks To Tighten Internal Controls To Guard UPSI

"As a fiduciary, the bank frequently comes into possession of UPSI concerning other listed companies —information that could directly impact the stock market if misused or leaked," Sebi chairman Tuhin Kanta Pandey said in an interaction with MD / CEOs of Listed Banks on the subject “Strengthening Compliance with PIT(prohibition of insider trading) Regulations in Listed Banks.

"Sebi mandates that sharing of all unpublished price-sensitive information be recorded in a secure, time-stamped, and tamper-proof system," said Sebi chairman Tuhin Kanta Pandey.

"UPSI must always be handled on a need-to-know basis. If an employee does not require the information for legitimate business purposes, they should not have access to it. Informal sharing —even casually in meetings or over emails —must be treated as a serious breach. Remember, in today’s hyper-connected world, a single leak can travel across digital networks in seconds and there is no way to undo the damage —to stock prices, to investor confidence, or to your bank’s reputation. This is why strict access protocols, information walls, and secure digital systems are essential," Pandey said.

"Unlike ordinary corporations, banks shoulder a dual responsibility as they possess UPSI of other listed companies," Pandey said citing specific corporate developments that banks handle:

"When a bank sanctions a major loan to a listed company, it gains access to financial information well before the market does. During debt restructuring negotiations or repayment settlements, sensitive data on a company’s liquidity position becomes available to the bank. When participating in Committee of Creditors proceedings for stressed assets, banks often learn about strategic corporate decisions much before they are publicly disclosed."

"All this information, if leaked, even unintentionally, could move markets, impact shareholder wealth, and erode investor trust. This is why your role as Managing Directors is not limited to overseeing your bank’s own compliance. It extends to ensuring that information about other companies, which you hold as fiduciaries, is protected with the same rigour and confidentiality as your own organization’s sensitive data," Sebi chief said.

As banks grow in scale and complexity, technology can be your strongest ally in ensuring compliance, Sebi chief said.

"Structured Digital Database (SDD) is a critical tool. Sebi mandates that sharing of all unpublished price-sensitive information be recorded in a secure, time-stamped, and tamper-proof system. For listed banks, this means maintaining two sets of SDDs: One for bank’s internal UPSI and another for UPSI bank hold in a fiduciary capacity for other listed companies, Pandey said.

"SDD creates a clear, auditable trail of every instance where sensitive information changes hands. When employees and executives know that every UPSI transaction is logged and traceable, the risk of deliberate leaks or insider trading reduces significantly. Further, when a regulatory authority comes knocking, bank's ability to instantly and comprehensively demonstrate who knew what, and when, will be bank's greatest defense. It is the SDD that demonstrates whether your bank acted with integrity, discipline, and full transparency and Sebi views SDD non-compliance with zero tolerance, Sebi chief warned.

Further Sebi holds compliance officer's role as crucial in adhering to PIT Regulations, Sebi conveyed to bank's top management . "Bank's boards must ensure that the Compliance Officer is not a symbolic position but a fully empowered authority with the tools, training, and backing of leadership to enforce PIT regulations effectively. And above all, never bypass the Compliance Officer’s oversight," Pandey said.