sebi
Published on 16 July 2025
SEBI Implements New Custodian Guidelines to Strengthen Risk Management
SEBI Tightens Norms for Custodians: Stronger Capital, Sharper Oversight, Clearer Boundaries
In a move that signals growing regulatory expectations for back-end market infrastructure, the Securities and Exchange Board of India (SEBI) has approved a comprehensive reform package for custodians of securities. The updated framework, finalised at SEBI’s board meeting on December 18, 2024, represents a major shift in how custodial entities will be governed, capitalised, and supervised going forward.
While custodians often operate quietly in the background, their role is pivotal—holding securities worth trillions in demat and physical form on behalf of investors, funds, and institutions. SEBI’s latest move reflects a broader effort to future-proof this critical segment in light of evolving digital, legal, and risk realities.
Key Reforms at a Glance
| Reform Area | Description |
|---|---|
| Net Worth Requirement | Raised to ₹75 crore, with a 3-year transition window |
| Governance Protocols | Mandatory risk frameworks, BCP, DR, and winding-down safeguards |
| Business Scope | Only SEBI/regulated incidental activities permitted; others must be hived off |
| Outsourcing Guidelines | Clear segregation of core vs non-core functions; CDSSF to standardise |
| Vault Oversight | Mandatory only for physical securities; client disclosures and consent required |
| Reporting | Removal of redundant filings; alignment across regulators |
A Capital Floor for Credibility
SEBI has raised the minimum net worth requirement for custodians to ₹75 crore, a significant hike aimed at ensuring only well-capitalised entities can operate in this sensitive space. The regulator has offered a three-year glide path for existing custodians to meet the requirement.
Why it matters:
A stronger capital base acts as a cushion against systemic and operational shocks, particularly in high-volume, high-value environments such as custodial clearing and cross-border settlement.
This move aligns custodian expectations more closely with norms applied to Qualified Stock Brokers (QSBs) and other systemically important intermediaries.
From Operational Readiness to Orderly Exit
In a clear message that custodial resilience is no longer optional, SEBI now mandates robust risk governance standards across the board:
- Business Continuity Plans (BCP)
- Disaster Recovery Protocols (DR)
- Orderly Winding-Down Mechanisms — similar to QSB requirements
- Enhanced Surveillance Architecture for transaction integrity
These safeguards aim to minimise service disruption, especially in the face of cyber threats, financial distress, or other black swan events.
Business Scope: Clarity and Containment
SEBI has clarified that custodians may only undertake permitted activities or SEBI-approved incidental services. Any non-regulated business—such as unrelated technology offerings, advisory services, or data analytics—must be spun off into a separate legal entity within two years.
This regulatory ring-fencing:
- Prevents reputational and operational spillovers
- Ensures regulatory accountability remains focused
- Blocks arbitrage across different financial sectors (SEBI, RBI, IRDAI, etc.)
Outsourcing: Guardrails for Delegation
As the custodial value chain becomes more digital and modular, outsourcing has become inevitable—but not without risk. SEBI is working through the Custodians and Depositories Standard Setting Forum (CDSSF) to draw a clear line between:
| Category | Examples |
|---|---|
| Core Functions | Asset servicing, transaction processing, reporting |
| Non-Core | Document scanning, customer service, logistics |
The final framework will include mandatory:
- Audit trails
- SLAs and exit clauses
- Contingency protocols for vendor failures
This approach enables scalability without compromising security or client accountability.
Vault Oversight for Physical Holdings
While the demat ecosystem dominates, a small portion of securities—particularly older or contested instruments—still exist in physical form. SEBI has clarified:
- Vaults are only mandatory if custodians handle physical certificates.
- CDSSF will define minimum vault standards (storage, access, surveillance).
- Client disclosures and consent are mandatory before using vault services.
This ensures custodians don’t default into legacy obligations without proper risk management.
Reporting Simplified, Redundancy Removed
In a welcome step toward regulatory efficiency, SEBI will eliminate duplicate compliance filings previously submitted to both SEBI and depositories (NSDL/CDSL). This harmonisation will extend across:
- Reporting formats
- Submission timelines
- Shared data access between regulators
The result: fewer compliance bottlenecks, better data consistency, and improved supervisory visibility.
Who Needs to Act — and How
| Stakeholder | What Changes |
|---|---|
| Custodians | Upgrade net worth, segregate unrelated business, implement new BCP/DR |
| Institutional Clients | Expect higher operational resilience from custodians |
| Financial Conglomerates | Must ring-fence custody from unrelated divisions |
| CDSSF | Define and enforce standards for outsourcing and physical custody |
| Regulators | Coordinate on unified reporting and risk-sharing protocols |
What Comes Next?
SEBI is expected to issue detailed circulars in FY2025–26 on:
- Net worth computation formats
- BCP/DR templates and checklists
- Vault implementation guidance
- Outsourcing service classifications and compliance formats
Final Word: Quiet Operators, Big Responsibility
While often out of sight, custodians are among the most systemically important players in India’s capital markets. They are the connective tissue between investors, issuers, depositories, and funds—and their failure, even momentary, can ripple across multiple layers of the financial ecosystem.
SEBI’s reform package signals a future-facing, integrity-first stance: only well-capitalised, operationally disciplined custodians will be trusted to guard India’s growing pool of securities.