KuberGrow Team Recently, HDFC Securities, one of the leading finance brokers in India, has paid ₹65 lakh to the Securities and Exchange Board of India (SEBI) due to the settlement of the case involving serious IT system breakdowns, DR shortcomings, and poor cybersecurity measures on the part of the firm. This payment was made following SEBI’s notice dated 8 August 2024 regarding multiple breaches done by HDFC Securities and renewing existing cases already closed.
Regarding the mentioned lapses, the company was reported not meeting the minimum of 70% capacity alert generation, and failing to generate LAMA, or Log and Monitoring Alerts, on 47 of the 52 servers. In addition, the brokerage did not complete mandatory quarterly disaster recovery training, which is also termed as ‘weak’ in cybersecurity measures that had been put in place. According to SEBI, HDFC Sekurities also did, not, put in place the proper categorization of assets into critical and non-critical components required to protect relevant information so that effective risk management could be delivered.
In the wake of SEBI’s observations, HDFC Securities submitted a settlement application on 8 August 2024. SEBI’s Internal Committee (IC), which reviewed the application, recommended a settlement figure of ₹65 lakh. The High-Powered Advisory Committee (HPAC) reviewed the case on 24 December 2024, while the Whole Time Members (WTMs) of SEBI gave their final approval on 5 February, 2025. The payment was made successfully on 4 March 2025.
