NEPSE Introduces IT Audit Guidelines for Brokerage Firms

The Nepal Stock Exchange (NEPSE) has introduced IT Audit Guidelines for trading members (brokerage firms) to provide a structured and comprehensive approach to evaluating their IT environment.

NEPSE has emphasised the importance of safeguarding the integrity, confidentiality, and availability of information systems, as trading members heavily rely on digital platforms for trading, settlement, and client data management.

The guidelines, formulated in accordance with the NEPSE Trading Operations Bylaw, 2079 (Fourth Amendment), are expected to serve as a practical tool to help trading members identify potential risks, implement appropriate controls, and strengthen their cyber-security posture in line with  industry best practices.

According to NEPSE, the primary objective of these guidelines is to establish a standardised framework for conducting information system audits across trading members firms.

The framework will help brokers ensure comprehensive assessment, risk mitigation, and regulatory compliance, while protecting sensitive client and business data, and ensuring operational resilience.

Additionally, the guidelines aims to promote continuous improvement in IT governance, risk management, and security practices, thus fostering trust and confidence among stakeholders in the country’s capital market ecosystem.