You are on page 1of 19

Annual System Audit Report Format

(To be on the letterhead of the system auditor)

NSE Trading Member Name:


NSE Trading Member Code:
System Audit Report for NNF facility
(For the period from July 01, 2012 to March 31, 2013)
Part A
Controls / Processes

Test Case

The installed NNF systems (viz. CTCL/


IBT / DMA / SOR / STWT system)
features are as prescribed by the NSE.

Risk Management Tools


Should allow for risk management of the
orders placed and online risk monitoring
of the orders being placed

The installed NNF system parameters


are as per NSE norms

CTCL / IBT / DMA / SOR / STWT Version (as


applicable)
Order Gateway Version
Risk Administration / Manager Version
Front End / Order Placement Version

Location Confirmation for CTCL / IBT


/ DMA / SOR / STWT

Whether order routing server for CTCL / IBT /


DMA / SOR / STWT is located in India.

Trading Process
The installed NNF systems allow for
placing of trades only for authorized
clients

Provide address of the CTCL / IBT / DMA /


SOR / STWT server location (as applicable)
Client ID Verification
Only duly authorized clients orders are
allowed to be placed.

Results,
Observations
& Control
Risk

Auditors
Risk

Results

Opinions

Results

Opinions

Proprietary order entry mechanism


Order entry for Pro types of orders is executed
through specific NNF user ids.
Risk Management
The installed NNF systems are
capable of assessing the risk of the
client as soon as the order comes in
and
informs
the
client
of
acceptance/rejection of the order
within a reasonable period.

Order Parameters
There is online risk assessment of all orders
placed through the CTCL / IBT / DMA /
SOR / STWT system.

Market Data Feed for SOR system


The market data feed integrated to
the SOR system are received
directly from the recognized Stock

The market prices are received directly from


recognized stock Exchanges and are time
stamped
The market prices of all the recognized stock

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 1 of 19

Controls / Processes
Exchanges

Order /Trade Limit Controls


The
installed
NNF
systems
(including CTCL / IBT / STWT /
DMA / SOR)
provide a system
based control facility on the trading
limits of the clients and exposures
taken by the clients including set
pre-defined limits on the exposure
and turnover of each client.

Test Case

Results,
Observations
& Control
Risk

Auditors
Risk

exchanges to which the SOR facility routes


orders are consolidated for applying the Best
Execution Policy for routing orders

Quantity limit for each order


Value limit for each order
User value limit for each user ID
Branch value limit for each branch ID
Security wise limit for each user ID
Spread order Quantity and Value Limit
Cumulative Open order value check
(Unexecuted Orders)

Only orders that are within the parameters


specified by the risk management systems are
allowed to be placed
Order Reconfirmation Facility
The installed NNF system provides
for reconfirmation of orders which
are larger than that as specified by
the members risk management
system.

Execution of Orders / Order Logic


The installed NNF system provides a
system based control facility over
the order input process

The system has a manual override facility for


allowing orders that do not fit the system based
risk control parameters

Order Numbering Methodology


The system has an internal unique order
numbering system
Order Matching
The SOR system adheres to the Best
Execution Policy while routing the orders to
the exchange.
The SOR system routes orders to the
recognized stock exchanges in a neutral
manner
The system provides functionality for the
client who has availed of the SOR facility to
specify for individual orders for which they do
not want to route the order using SOR facility
The SOR system does not release orders to
venues other than the recognized stock
Exchange (Specify the list of recognized Stock
Exchange(s) and the market segments to
which SOR release orders)

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 2 of 19

Controls / Processes

Test Case

Results,
Observations
& Control
Risk

Auditors
Risk

The CTCL / IBT / DMA / STWT / SOR


system does not have any order matching
function and all orders are passed on to the
exchange trading system for matching
Whether Broker is using similar logic/
priorities as used by Exchange to treat CTCL /
IBT / DMA / SOR / STWT client orders.

Application Access Control


The installed NNF system provides a
system based access control over the
server as well as the risk
management and front end dealing
applications while providing for
security

Whether CTCL / IBT / DMA / SOR / STWT


orders are having unique flag/ tag as specified by
the Exchange and systems identify the orders
emanating from CTCL / IBT / DMA / SOR /
STWT by populating the 15-digit NNF field in
the order structure for every order.
Access controls
The system allows access to only
authorized NNF users
The system has a password mechanism
which restricts access to authenticate
NNF users
The system has appropriate authority
levels to ensure that the limits can be
setup only by persons authorized by the
risk / compliance manager

Session Security
The installed NNF system provides
for session security for all sessions
established with the server by the
front end application.

Session Security
The system uses session identification
and authentication measures to restrict
sessions to authorized NNF user only
The system uses session security
measures like encryption to ensure
confidentiality of sessions initiated
Session login details should not be
stored on the devices used for STWT
In case of no activity by the client, the
system provides for automatic trading
session logout for IBT / STWT systems

Database Security
The installed NNF system has
sufficient controls over the access to
and integrity of the database

Database Security
The access to the database is allowed
only to authorized NNF users /
applications
The database is hosted on a secured
platform
The database stores the user names /
passwords securely
Storage of passwords is encrypted with

Results

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 3 of 19

Opinions

Controls / Processes

Test Case

Results,
Observations
& Control
Risk

Auditors
Risk

appropriate encryption algorithm


Encryption
The installed NNF system uses
confidentiality protection measures
to ensure session confidentiality.

The installed NNF systems provides a


system based event logging and system
monitoring facility which monitors and
logs all activities / events arising from
actions taken on the gateway / database
server, authorized user terminal and
transactions processed for clients or
otherwise and the same is not
susceptible to manipulation.

The installed NNF system has User


Management system as per the
requirements of the NSE.

Session Encryption
The systems use SSL or similar session
confidentiality protection mechanisms
The systems use a secure storage
mechanism for storing of usernames and
passwords
The systems adequately protect the
confidentiality of the users trade data
The installed CTCL / IBT / DMA / SOR / STWT
systems has a provision for On-line surveillance
and risk management as per the requirements of
NSE and includes
Number of Users Logged in / hooked on
to the network incl. privileges of each

The installed CTCL / IBT / DMA / SOR / STWT


systems has a provision for off line monitoring
and risk management as per the requirements of
NSE and includes reports / logs on
Number of Authorized Users
Activity logs
Systems logs
Number of active clients
Approved Users
Only users approved by the NSE are
allowed to access the system and
documentation regarding the same is
maintained in the form of
User Approval Application
Copy of User Qualifications

Results

Opinions

Results

Opinions

User Creation
New User IDs are created as per the
guidelines.
User ID
All users are uniquely identified through issue
of unique user ids.
User Disablement
Users not compliant with the Exchange
requirements are disabled and event logs are
maintained
User Deletion
Users are deleted as per the NSE guidelines

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 4 of 19

Controls / Processes

The
installed
NNF
system
authentication mechanism is as per the
guidelines of the NSE

Test Case

Reissue of User Ids


User Ids are reissued as per the NSE
guidelines.
Locked User Accounts
Users whose accounts are locked are unlocked
only after documented unlocking requests are
made.
The installed CTCL / IBT / DMA / SOR / STWT
systems use passwords for authentication.

Results,
Observations
& Control
Risk

Results

Auditors
Risk

Opinions

The password policy / standard is documented.


The system requests for identification and new
password before login into the system.
The installed systems Password features include
The Password is masked at the time of
entry
System mandated changing of password
when the user logs in for the first time
Automatic disablement of the user on
entering erroneous password on three
consecutive occasions
Automatic expiry of password on expiry
of
14
calendar
days
for
CTCL/DMA/SOR systems
Automatic expiry of password on expiry
of reasonable period of time as
determined by member for IBT/STWT
systems
System controls to ensure that the
password is alphanumeric (preferably
with one special character), instead of
just being alphabets or just numerical
System controls to ensure that the
changed password cannot be the same as
of the last password
System controls to ensure that the Login
id of the user and password should not
be the same
System controls to ensure that the
Password should be of minimum six
characters and not more than twelve
characters
System controls to ensure that the
Password is encrypted at members end
so that employees of the member cannot
view the same at any point of time

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 5 of 19

Controls / Processes

Test Case

Controls / Processes

Test Case

Vendor Certified Network diagram

Date of submission of network diagram to NSE

Results,
Observations
& Control
Risk

Auditors
Risk

Results,
Observations
& Control
Risk

Auditors
Risk

Results

Opinions

Results

Opinions

(Only in case of change in network setup,


member needs to submit revised scanned copy
network diagram along with this report)
Verify number of nodes in diagram with actual
Verify location(s) of nodes in the network
Physical Security

Are adequate provisions in respect of physical


security of the hardware / systems at the hosting
location and controls on admission of personnel
into the location (audit trail of all entries-exits at
location etc.)?

The Installed NNF system (CTCL / IBT


/ DMA / SOR / STWT system) backup
capability is adequate as per the
requirements of the NSE for
overcoming loss of product integrity.

Are backups of the following system generated &


files maintained as per the NSE guidelines?
At the server/gateway level
Database
Audit Trails
Reports
At the user level
Market Watch
Logs
History
Reports
Audit Trails
Does the audit trail for SOR capture the record of
orders, trades and data points for the basis of
routing decision?
Are backup procedures documented?
Are backup logs maintained?
Have the backups been verified and tested?
Are the backup media stored safely in line with
the risk involved?

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 6 of 19

Are there any recovery procedures and have the


same been tested?

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 7 of 19

Controls / Processes
Does the Organization have a suitable
documented Business Continuity or
Disaster
Recovery
or
Incident
Response process commensurate with
the organization size and risk profile to
ensure a high degree of availability of
the installed NNF system?

Test Case
Is there any documentation on Business
Continuity / Disaster Recovery / Incident
Response?

Results,
Observations
& Control
Risk
Results

Auditors
Risk
Opinions

Does a BCP / DRP plan exist?


If a BCP/DRP plan exists, has it been tested?
Are there any documented incident response
procedures?
Are there any documented risk assessments?
Does the installation have a Call List for
emergencies maintained?

How will the organization assure


customers prompt access to their funds
and securities in the event the
organization determines it is unable to
continue its business in the primary
location

Network / Communication Link Backup


Is the backup network link adequate in
case of failure of the primary link to the
NSE?
Is the backup network link adequate in
case of failure of the primary link
connecting the users?
Is there an alternate communications
path between customers and the firm?
Is there e an alternate communications
path between the firm and its
employees?
Is there an alternate communications
path with critical business constituents,
banks and regulators?

IBT / STWT Compliance

Does the brokers IBT / STWT system complies


with the following provisions :
The system captures the IP (Internet
Protocol) address (from where the orders
are originating), for all IBT/ STWT
orders
The system has built-in high system
availability to address any single point
failure
The system has secure end-to-end
encryption for all data transmission
between the client and the broker system
through a Secure Standardized Protocol.
A procedure of mutual authentication
between the client and the broker server
is implemented
The system has adequate safety features

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 8 of 19

to ensure it is not susceptible to internal/


external attacks
In case of failure of IBT/ STWT, the
alternate channel of communication has
adequate
capabilities
for
client
identification and authentication
Two-factor authentication for login
session has been implemented for all
orders emanating using Internet Protocol
In case of no activity by the client, the
system provides for automatic trading
session logout
The back-up and restore systems
implemented by the broker is adequate
to deliver sustained performance and
high availability. The broker system has
on-site as well as remote site back-up
capabilities

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 9 of 19

Part B
Controls / Processes

The installed system (viz. CTCL/ IBT /


DMA / SOR / STWT system) features
are as prescribed by the NSE.

Test Case

Main Features

Results,
Observations
& control
Risk

Auditors
Opinion

Results

Opinions

Results

Opinions

Price Broadcast
The system has a feature for receipt of price
broadcast data
Order Processing : The system has a feature :
Which allows order entry and
confirmation of orders
which allows for modification or
cancellation of orders placed
Trade Confirmation
The system has a feature which enables
confirmation of trades
The system has a feature which provides
history of trades for the day to the user

The installed system (viz. CTCL/ IBT /


DMA / SOR / STWT system)
parameters are as per NSE norms

Execution of Orders / Order Logic


The installed system provides a
system based control facility over
the order input process

Gateway Parameters
Trader ID
Market Segment - CM
CTCL ID
IP Address
(NSE Network)
VSAT ID
Leased Line ID
Market Segment F&O
CTCL ID
IP Address
(NSE Network)
VSAT ID
Leased Line ID
Market Segment CDS
CTCL ID
IP Address
(NSE Network)
VSAT ID
Leased Line ID
Order Entry
The system has order placement controls that
allow only orders matching the system
parameters to be placed.
Order Modification

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 10 of 19

Controls / Processes

Test Case

Results,
Observations
& control
Risk

Auditors
Opinion

The system allows for modification of orders


placed.
Order Cancellation
The system allows for cancellation of orders
placed.
Order Outstanding Check
The system has a feature for checking the
outstanding orders i.e. the orders that have not
yet traded or partially traded.
Trades Information
The installed NNF system provides a
system based control facility over
the trade confirmation process
Settlement of Trades
The installed NNF system provides a
system based reports on contracts,
margin requirements, payment and
delivery obligations
Additional Access Control Security
The installed NNF system provides a
dual factor authentication system
for access to the various NNF
components.

To ensure information security for the


Organization in general and the
installed system in particular policy
and procedures as per the NSE
requirements must be established,
implemented and maintained.

Trade Confirmation and Reporting Feature


Should allow confirmation and reporting
of the orders that have resulted in trade
The system has a feature which provides
history of trades for the day to the user
Margin Reports feature
Should allow for the reporting of client wise /
user wise margin requirements as well as
payment and delivery obligations.
Extra Authentication Security
The systems uses additional
authentication measures like smart
cards, biometric authentication or tokens
etc.
The system has a second level of
password control for critical features
Does the organizations documented policy and
procedures include the following policies and if
so are they in line with the NSE requirements and
whether they have been implemented by the
organization?
Information Security Policy
Password Policy
User Management and Access Control
Policy
Network Security Policy
Application Software Policy
Change Management Policy
Backup Policy
BCP and Response Management Policy
Audit Trail Policy
Capacity Management Plan

Results

Results

Opinions

Opinions

Does the organization follow any other policy or


procedures or documented practices that are

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 11 of 19

Controls / Processes

The system has been installed after


complying with the various NSE
circulars

Test Case

relevant?
Copy of Undertaking provided regarding the
CTCL system as per relevant circulars.

Results,
Observations
& control
Risk

Auditors
Opinion

Results

Opinions

Results

Opinions

Copy of application for approval of Internet


Trading, if any.
Copy of application for approval of Securities
trading using Wireless Technology, if any
Copy of application for approval of Direct
Market Access, if any.
Copy of application / undertaking provided for
approval of Smart Order Routing, if any.
Insurance
To ensure system integrity and stability
all changes to the installed system are
planned, evaluated for risk, tested,
approved and documented.

The insurance policy of the Member covers the


additional risk of usage of CTCL, Internet
Trading, STWT, SOR, and / or DMA as
applicable.
Planned Changes
Are changes to the installed system made in a
planned manner?
Are they made by duly authorized personnel?
Risk Evaluation Process
Is the risk involved in the implementation of the
changes duly factored in?
Change Approval
Is the implemented change duly approved and
process documented?
Pre-implementation process
Is the change request process documented?
Change implementation process
Is the change implementation process supervised
to ensure system integrity and continuity
Post implementation process
Is user acceptance of the change documented?
Unplanned Changes
In case of unplanned changes, are the same duly
authorized and the manner of change documented
later?
In case of members self-developed system
SDLC documentation and procedures if the
installed system is developed in-house.

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 12 of 19

Controls / Processes

How will the organization assure


customers prompt access to their funds
and securities in the event the
organization determines it is unable to
continue its business in the primary
location

Test Case

System Failure Backup


Are there suitable backups for failure of any of
the critical system components like

Gateway / Database Server

router
Network Switch

Results,
Observations
& control
Risk

Auditors
Opinion

Results

Opinions

Results

Opinions

Infrastructure breakdown backup


Are there suitable arrangements made for the
breakdown in any infrastructure components like
Electricity
Water
Air Conditioning
Primary Site Unavailability
Have any provision for alternate physical location
of employees been made in case of nonavailability of the primary site
Disaster Recovery
Are there suitable provisions for Books and
records backup and recovery (hard copy and
electronic).

Are documented practices available for


various system processes

Have all mission-critical systems been identified


and provision for backup for such systems been
made?
Day Begin
Day End
Other system processes
Audit Trails
Access Logs
Transaction Logs
Backup Logs
Alert Logs
Activity Logs
Retention Period
Misc

Is a log of success / failure of the


process maintained

Day Begin
Day End

In case of failure, is there an escalation


procedure implemented?

Other system processes


Details of the various response procedures incl.
for

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 13 of 19

Controls / Processes

Test Case

Access Control

Access Control failure


Day Begin failure
Day End failure
Other system Processes failure
As given in Area (e)

Firewall

Is a firewall implemented?

Results,
Observations
& control
Risk

Results

Auditors
Opinion

Opinions

Are the rules defined in the firewall adequate to


prevent unauthorized access to IBT/DMA/STWT
systems
Anti-virus

Is a malicious code protection system


implemented?
If Yes, then
Are the definition files up-to-date?
Any instances of infection?
Last date of virus check of entire system

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 14 of 19

PART C
Sr.

Area of Audit

No
.
1

Compliance
Part C

Whether the required details of all the NNF user ids created in the server of the trading
member, for any purpose (viz. administration, branch administration, miniadministration, surveillance, risk management, trading, view only, testing, etc) and any
changes therein, have been uploaded as per the requirement of the Exchange?

Remarks (if
No)

YES / NO

If no, please give details.


2

Whether all the NNF user ids created in the server of the trading member have been
mapped to 12 digit codes on a one-to-one basis and a record of the same is
maintained?

YES / NO

If no, please give details.


3

All the audit recommendations given in relation to the system audit certificate for the
year ended June 30, 2012 have been duly implemented. IF NOT, please give details.

YES / NO

All orders routed through CTCL / IBT / STWT / DMA / SOR are routed through
electronic / automated Risk Management System of the broker to carry out appropriate
validations of all risk parameters before the orders are released to the Exchange.

YES / NO

The system and system records with respect to Risk Controls are maintained as
prescribed by the Exchange which are as follows :

YES / NO

The limits are setup after assessing the risks of the corresponding user ID and
branch ID

The limits are setup after taking into account the members capital
adequacy requirements

All the limits are reviewed regularly and the limits in the system are up to
date

All the branch or user have got limits defined and that No user or branch
in the system is having unlimited limits on the above stated parameters

Daily record of these limits is preserved and shall be produced before the
Exchange as and when the information is called for

Compliance officer of the member has certified the above in the quarterly
compliance certificate submitted to the Exchange

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 15 of 19

SUMMARY OF SPECIAL OBSERVATIONS / NON-COMPLIANCE (IF ANY) IN THE


REPORT AND RECOMMEDATIONS:
S No.

Special Observations / Non-compliance

Recommendations

DECLARATION:
I) All the branches where CTCL/IBT/DMA/SOR/STWT facility is provided have been audited
and ONE consolidated report has been submitted for all segments.
II) All the audit recommendations given in relation to the system audit certificate for the year
ended June 30, 2012 have been duly implemented. If not, the same have been reported
hereunder:
1)
2)
III) There is no conflict of interest with respect to the member being audited. If any such instance
arises, it shall be brought to the notice of the Exchange immediately before undertaking the
audit.
_______________________________
Signature
(Name of the Auditor & Auditing firm)
CISA/CISSP/DISA/ISA Reg. No. :
Date:
Place:
Stamp/Seal:

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 16 of 19

SUMMARY SHEET

(The detailed findings are grouped under the broad categories as below and classified as
Strong, Medium or Weak and overall audit rating has been given)
NAME OF THE AUDIT FIRM: ____________________________________________________
Sr.
No.

Area of Audit

Compliance

Compliance

Part A

Part B

S/M/W

S/M/W

Are existing features and NNF system


parameters implemented in the system in place
at the members premises

2.

Are all the Risk Management checks as specified


by the Exchange in place and the system and
system records with respect to Risk Controls are
maintained as prescribed by the Exchange

Are input, processing and output controls in


respect of NNF operations adequate

Is the application security commensurate to the


size and nature of application

Is Event logging and system monitoring


observed.

Are User management norms defined and


observed

NA

Are Password policy/standards defined and


observed

NA

Are working processes in adherence with the


policies and procedures defined

NA

NA

Is the Network managed adequately in relation


to size and nature of operations and are
necessary controls present

Are Change management and version controls


documented and practiced?

10

Are Backup systems present, of adequate size


and are procedures for backup prescribed

11

Is there a Business continuity and disaster


recovery plan in place and made known to all
employees

Report
Reference

NA
NA
NA

NA

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 17 of 19

12

Is documentation for system processes


maintained

13

Are Security features such as access control,


network, firewalls and virus protection present
and updated regularly

14

Is there any other area/aspect which in the


auditors opinion is not complied with and which
is significant and material in relation to the size
and the nature of the operations

NA

NA

NA

Overall rating: Strong / Medium / Weak


Note: Process Area Controls Evaluation Criteria
Control Evaluation Criteria
Strong

Description
The controls are defined as Strong if the following criteria are met
Implemented controls fully comply with the stated objectives and
no material weaknesses are found.

Medium

The controls are defined as Medium if the following criteria are met
Implemented controls substantially comply with the stated
objectives and no material weakness result in substantial risk
exposure due to the non-compliance with the criteria
Compensatory controls exist which reduce the risk exposure to
make it immaterial vis--vis the non-compliance with the criteria.

Weak

The controls are defined as Weak if the following criteria are met
Implemented controls materially fail to comply with the stated
control objectives.
Compensating controls fail to reduce the risk so as to make it
immaterial vis--vis the non-compliance with the compliance
criteria.

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 18 of 19

(To be on the letter head of the AUDITOR)


To,
CTCL Department
National Stock Exchange of India Limited
Exchange Plaza, Bandra-Kurla Complex,
Bandra (E), Mumbai 400 051
As confirmed by the trading member <TM code> < TM Name>, following is the list of
applications approved by the Exchange. This is to certify that we have conducted the system
audit on the following applications for the trading member for the year ended March 31, 2013.
S.
No.

Name of the
application

Version

Type of the product


(CTCL/ IBT / DMA /
STWT / SOR)

Segment

Developed by (Name
of empanelled
vendor / In-house)

1
2
3
Signature
(Name of the Auditor & Auditing firm)
CISA/CISSP/DISA/ISA Reg. No. :
Date:
Place:
Stamp/Seal:
1. We confirm and certify that the softwares have undergone tests by us and we are satisfied
about the same. Further, we undertake to comply with and be bound by the Rules, Bye-laws,
Regulations of the Exchange, SEBI, RBI, any other statutory and regulatory body(ies) as may
be applicable from time to time.
2. We undertake that any modifications / Change to the software to be effected only on prior
approval of Exchange.
3. We certify that all the statements are true and correct to the best of our knowledge. We are
aware that in case any of the statements are found to be incorrect or false, we are liable for
disciplinary action
Countersigned, sealed and delivered by the Authorized representative of the MEMBER.
Date:
Place:

Regd. Office : Exchange Plaza, BandraKurlaComplex, Bandra (E), Mumbai 400 051
Page 19 of 19