The Securities and Exchange Board of India (“SEBI”) in exercise of powers conferred under Section 11(1) of Securities and Exchange Board of India Act, 1992 read with the provisions of Regulation 20 of SEBI (Credit Rating Agencies) Regulations, 1999, vide Circular No. SEBI/HO/DDHS/DDHS-PoD-2/P/CIR/2025/68,[1] dated May 14, 2025, (“Circular”), expanded the internal audit team eligibility of Credit Rating Agencies (“CRAs”). The provisions of this Circular shall come into force with immediate effect.
Previously, SEBI had amended the eligibility criteria for professionals who can be part of the internal audit team of CRAs. This change is intended to provide CRAs with access to a wider pool of qualified professionals for conducting internal audits.
Key highlights of the Circular are as follows:
Previously, the audit team was required to include a Chartered Accountant and an Information Systems Auditor. However, with the latest update, SEBI has added the following qualifications to the list of acceptable credentials:
- Cost Accountants holding ACMA or FCMA designations from the Institute of Cost Accountants of India.
- Professionals with a Diploma in Information System Security Audit (DISSA) from the same institute.
As a result, CRAs now have flexibility to include either a Chartered Accountant or a Cost Accountant, along with any one of the accepted information systems audit qualifications (CISA, DISA, or DISSA).
[1]https://www.sebi.gov.in/legal/circulars/may-2025/composition-of-the-internal-audit-team-for-cras_93917.html