On the other hand, the risk management systems in the marketplace have been upgraded to ensure that the damage from any genuine technical snags, including in the algorithmic and high-frequency trades, is minimised and the issues are addressed on an urgent basis, Sebi Chairman U K Sinha said.
"What I am saying is that a technology snag can happen anywhere in the world. But our system is designed for how to minimise the impact of the snag," Sinha told PTI in an interview in Mumbai.
"If, it is deliberate, then we have a system for how to penalise the person. We will take stern action against the person who is found to be deliberately doing it."
Asked about a recent technical 'glitch' causing nearly four-hour halt at the New York Stock Exchange (NYSE), Sinha said the problems can happen anywhere including in India.
"Technology is always a double-edged sword and problems can happen. Problems have happened in India also in the past. On high-frequency trading, algorithmic trades, co-location, we have already put in place some restrictions and have issued a circular about penalties etc," he said.
On the issue of cyber-attacks, Sinha said the overall marketplace, the exchanges and the regulator itself need to be alert and Securities and Exchange Board of India (Sebi) is working on a detailed framework to deal with such cases.
"For matters like cyber-attacks, we have to be alert. We are in the process of sensitising everybody about this. "We are preparing the exchanges. We have some thoughts on this and we have told the exchanges to do certain things, but may be more needs to be done," he said, without disclosing any further details on this.
Talking in detail about the steps taken by Sebi to beef up the risk management systems to deal with technical snags as also with the deliberate manipulative attempts, Sinha said the regulator has taken a series of measures on order checks.
"You can not place an order for more than a certain limit. There are all kinds of checks, at client level, trader-level system-level, all those have been provided... If there is a genuine mistake in the algorithm system, we have got enough checks and safeguards. Then there is another situation, that is if trading is taking place and if an algorithm or a computer programme has gone bad, then how to minimise the damage? For that, we have systems and checks in place... These are the cases where there is a genuine mistake. There is also a situation, when question arises should the trade be cancelled or not. For that, we have come out with an annulment policy," he said.
"If somebody is doing it deliberately, we have a surveillance mechanism to take action against them. Whether we have enough mechanism to stop them, I would not claim that much. But we can certainly catch them and penalise them," Sinha added.
On the third dimension of cyber-attacks, the Sebi chief said, "Till 2-3 years back, nobody thought that there could be something like a cyber-attack to deliberately disturb the whole system. But there is a genuine worry now all over the world. So we have issued our guidelines on that as well. However, I would like to tell you that we are in constant dialogue with the exchanges, clearing corporations and depositories that how careful we need to be on this and how we should check that... That is a worry all over the world. Even in case of NYSE, the initial worry was that it is a cyber-attack but then they clarified that it was a technology snag."
The investigations in the US showed that the 'technical glitch' at NYSE was caused by some 'internal software upgrade' and despite initial worries, the regulators and other agencies ruled out any external reasons such as cyber-attacks. This was the biggest outage to hit the US markets in nearly two years after trading in all Nasdaq-listed stocks remained frozen for nearly three hours in August 2013.
While there have been several cases of such 'technical glitches' hitting the stock exchanges abroad, the Indian markets have been relatively better off on this front.
Sebi has been asking the stock exchanges and other market entities to take necessary steps from time to time to assess the robustness of their systems to avoid any software-related or other technical disruptions.
The regulator has also been conducting regular audits of the software systems in use to avoid any technical glitches. Earlier this month, Sebi issued a new set of guidelines for the stock exchanges and other market infrastructure institutions to safeguard their systems, networks, and databases from cyber-attacks.
Asking all exchanges, clearing corporations and depositories to implement necessary changes within six months, Sebi said these Market Infrastructure Institutions (MIIs) need to have a robust cyber-security framework to provide essential facilities and perform systemically critical functions of trading, clearing and settlement in securities market.