- 1 Law no. 51/2005/QH11 of November 29, 2005 on E-transactions
- 2 Law No. 67/2006/QH11 of June 29, 2006 on information technology
- 3 Law No.70/2006/QH11 of June 29, 2006 on securities
- 4 Decree No. 118/2008/ND-CP of November 27, 2008, defining the functions, tasks, powers and organizational structure of the Ministry of Finance.
MINISTRY OF FINANCE |
|
No. 50/2009/TT-BTC | |
CIRCULAR
GUIDING ELECTRONIC TRADING ON THE SECURITIES MARKET
Pursuant to the Law on Securities dated 29 June 2006;
Pursuant to the Law on E-Transactions dated 29 November 2005; Pursuant to the Law on Information Technology dated 29 June 2006;
Pursuant to Decree 27/2007/ND-CP of the Government dated 23 February 2007 on electronic transactions
in financial activities ("Decree 27");
Pursuant to Decree 118/2008/ND-CP of the Government dated 27 November 2008 on functions, duties, powers and organizational structure of the Ministry of Finance;
The Ministry of Finance hereby provides the following guidelines on a number of articles of Decree 27:
1. Governing scope
This Circular regulates the principles and procedures for conducting electronic trading during online securities trading activities, and for exchanging electronic information relevant to public offers of securities, to securities depository and listing; to administration of securities companies, fund management companies and securities investment companies; and to disclosure and announcement of information and other securities market activities in accordance with the Law on Securities.
2. Applicable entities
The provisions in this Circular apply to the State Securities Commission (SSC), Stock Exchanges (SE), Securities Trading Centres (STC), issuing organizations, listing organizations, securities companies, fund management companies, securities investment companies, public companies, investors and other intermediary organizations choosing to conduct securities trading and securities market activities electronically.
...
...
...
3.1. Electronic trading in the securities sector means electronically conducted transactions and electronically provided services in securities and the securities market including public offers of securities, securities depository and listing; administration of securities companies, fund management companies and securities investment companies; and disclosure and announcement of information and other securities market activities in accordance with the Law on Securities.
3.2. E-voucher in the securities sector means a data message about a professional securities activity which is created, sent, received and stored by electronic means in the course of online securities trading; in the course of exchange of electronic information relevant to public offers of securities, securities depository and listing; in the course of administration of securities companies, fund management companies and securities investment companies; and during disclosure and announcement of information and other securities market activities in accordance with the Law on Securities.
3.3. E-order means a data message recording data about a trading order which a client has placed via the data system (of the securities company where such client has opened a trading account) at a specific time when only that client is able to access such system via an access code and order placing code.
4. Principles for electronic trading in the securities sector
4.1. The conduct of electronic trading in the securities sector must comply with the principles on clarity, fairness, truthfulness, safety and effectiveness, and must also comply with article 5 of the Law on E- Transactions.
4.2. Electronic trading service providers in the securities sector must satisfy the conditions stipulated in clause 1.11 of Section II of Circular 78/2008/TT-BTC of the Ministry of Finance dated 15 September 2008 on electronic trading in financial activities ("Circular 78").
4.3. Electronic trading service users in the securities sector must satisfy the conditions stipulated in clause 1.22 of Section II of Circular 78.
Section II. SPECIFIC PROVISIONS
5. Online securities trading activities
...
...
...
5.1.1 Online securities trading services means services provided by a securities company to investors to open accounts, place orders, provide their requirements regarding securities trading or receive transaction results via the internet or by telephone.
5.1.2 Securities traded on a Stock Exchange shall be permitted to be traded online.
5.1.3 Securities companies must create a website with a fixed address on the internet in order to provide a portal for online trading services.
5.1.4 Any investor opening an account in accordance with law on the website of a securities company may use online trading services after registering and conducting the necessary legal procedures.
Investors may, when conducting online securities trading, use e-orders which satisfy the criteria stipulated in article 5 of Decree 27.
5.1.5 Securities companies may only directly provide online securities trading services for investors in that securities companies are not permitted to authorize or hire other organizations to provide online services by paying the latter service fees.
5.1.6 Securities companies must issue their own Rules on conducting online trading services in conformity with the Law on E-Transactions, and must sign a written contract with clients stipulating the legal liabilities of the two parties including liability to pay compensation when risks eventuate. Securities companies must set out risks relevant to investors in the form of an Announcement of Risks.
5.1.7 Securities companies must store and maintain the original status quo of e-vouchers, e-orders, electronic data and telephone order recordings for at least ten (10) years.
5.1.8 Securities companies must preserve, in accordance with law, confidentiality of information on entities which trade online; and must not disclose, other than on their legitimate business website, programs and systems relevant to monetary accounts, securities and personal information or any other data about investors.
...
...
...
5.1.10Securities companies must regularly provide to investors trading online, written documents on their electronic transactions for comparative purposes.
5.1.11Securities companies must not provide online trading services for transferring financial resources or transferring, buying and selling securities on trust [or pursuant to authorization].
5.1.12Securities companies must disclose relevant risks in an Announcement of Risks and provide it on their official website and in application software provided to clients. The Announcement of Risks must state:
(a) [There is a risk] that trading orders may be suspended, delayed or corrupted during internet transmission;
(b) [There is a risk] that identification of organizations or investors may be inaccurate, and errors may occur regarding [protection of] confidentiality;
(c) [There is a risk] that errors may occur or inaccurate information provided about market prices and other information about securities;
(d) Any other risks which the securities administrative body and the securities company consider necessary to announce.
5.1.13Securities companies providing online trading business services must annotate or explain the effective date or time of lists of listed securities prices when sending them to clients, and must announce the source of other information about securities when providing it.
5.2. Technical requirements
...
...
...
5.2.2 Securities companies must ensure technical separation of information databases on investors who do not register for online services, from the online trading services system; and must set up systems which are internally restricted.
5.2.3 The online trading services system must contain technical solutions ensuring safety of the system and database back-up, and ensuring correction of faults to maintain quality of technical features and the safety, integrity and accuracy of client data.
5.2.4 Securities companies must allocate professionally qualified staff to manage and supervise the operation of their online trading services system, including IT expert staff managing their operating systems, databases, secret technical matters and network.
5.2.5 Online trading services systems must have tools for real-time management and blocking illegal access. The system must store in a reasonable manner, daily diary information and check the main software file copies of the system such as the network operating system, database management system and network management system.
5.2.6 Information about service users and trading orders and other sensitive information must be appropriately pass-worded for internet transmission.
5.2.7 Securities companies must apply reliable technical or administrative measures to accurately identify who are online investors and to block sham clients and sham securities companies.
5.2.8 Securities companies must apply technical or administrative measures to set up limits on purchase and sale of securities as stipulated by law for each investor using online trading services.
5.2.9 The main technical equipment for safe data transmission and identification on the online trading services system must be inspected and certified as to its level of safety by the competent State administrative authority. Digital signatures must be used during online trading, but if public digital signature certification service providers are not yet available, parties may agree in writing to use electronic signatures to ensure safe trading.
5.2.10The essential programming source code and compilation environment of software relating to the security of the system and of the main business operations must be escrowed with an independent organization recognized by the parties involved.
...
...
...
5.3.1 Securities companies wishing to be service providers must be members of a Stock Exchange ("SE") and must register as an online securities trading service provider with the State Securities Commission ("SSC").
5.3.2 The file for registration as a service provider shall contain:
(a) Request for registration officially sealed by the company and undertaking to comply with current regulations.
(b) List and curriculum vitae of experts satisfying the requirements in clause 5.2.4 above, who will manage the online trading system of the company.
(c) List of branches providing online trading services, with contact names and addresses and contact means.
(d) Standard form contract with clients including the Announcement of Risks and other data relevant to online trading services.
(dd) Summary analysis report and system design report on the online securities trading services system, containing the following main particulars: technical standards and strategy for complying with standards on network structure, on real-time management, on identification, on transfer of password during data transmission, on digital signatures, on network separation and risk prevention and resolution, on method of network-based communication and on method of network access, and containing diagrams of the network structure and functions.
(e) Report on system inspection including maximum capacity, reaction and latency parameters, fault tolerance, reliability, and other critical system configuration data.
(g) Backup system in the event of a breakdown to ensure a replacement information transmission and trading method, and measures for restoration of data and the system.
...
...
...
(i) Website address for accessing online trading services of the company.
(k) Plan on risk management including technical and managerial methods for online trading services risk management.
(l) Technical data on network access facilities, on network integration equipment, on hardware and software systems and on other relevant equipment or facilities.
5.3.3 The SSC shall, within 45 days from the date of receipt of a complete and valid application file, issue a decision on approval or non-approval of provision of online securities trading services, and in a case of non-approval shall provide a written response specifying its reasons.
5.3.4 When a securities company is approved to provide online services, it must send the SSC and SE data and a report on how it proposes to upgrade and change its systems such as major upgrade of operating systems in order to provide online services; major changes to its business administration system; or operation of a technical system and online business principles for any branch not yet providing online services. This report must be lodged at least seven (7) business days prior to the securities company undertaking the system upgrade or change.
5.3.5 Securities companies approved to provide online services must send an annual report to the SSC on provisions of such services prior to 31 January of the following year.
5.3.6 The SSC and the SE shall announce on their websites a list of securities companies satisfying the conditions and authorized to provide online securities trading services.
6. Exchange of electronic information
6.1. Activities being exchange of electronic information means exchange of information via the internet between market management bodies (comprising the State Securities Commission, Stock Exchanges and Securities Trading Centres), securities companies, fund management companies and securities investment companies [on the one hand] with entities registered to use such services [on the other hand].
...
...
...
6.3 The following shall be eligible to register to use electronic information exchange services ["eligible entity"]:
(a) Public companies and organizations registered to make a public offering of securities.
(b) Organizations and individuals conducting securities registration and/or securities depository;
(c) Organizations registering to list securities;
(d) Organizations applying for permission to establish a securities company, fund or securities investment company.
(
6.4 Any eligible entity must lodge an application for registration and complete the necessary procedures in order to be able to use any one electronic information exchange service on the website of a market management body.
6.5. Market management bodies must issue specific Rules on electronic information exchange services and in necessary cases must sign a contract with an applicant stipulating the legal responsibilities of the two parties and the risks which may occur when clients use the services of an electronic information exchange service provider.
6.6. Management bodies must create a website on the internet in order to provide a portal for their electronic information exchange services.
...
...
...
6.8. Information and data transmitted via an electronic information exchange system must satisfy the condition stipulated in article 4 of Decree 27.
6.9. Procedures for registration to provide electronic information exchange services must comply with clause 2 of
Section III. DEALING WITH BREACHES
Any organization or individual participating in electronic trading in the securities sector who commits a breach of law shall, depending on the nature and seriousness of the breach, be subject to an administrative penalty and must pay compensation for loss, or shall be subject to criminal prosecution in accordance with Decree 27, the Law on Securities and other relevant laws.
Section IV. ORGANIZATION OF IMPLEMENTATION
1. This Circular shall be of full force and effect 45 days after the date of its promulgation.
2. Securities companies already providing or which had provided online securities trading services [before the effective date of this Circular] must complete registration procedures in order to obtain approval from the SSC within six (6) months from the date on which this Circular takes effect.
3. The State Securities Commission, Stock Exchanges and Securities Trading Centres, issuing organizations, listing organizations, securities companies, fund management companies, securities investment companies and other related entities shall be responsible for implementation of this Circular.
...
...
...
- 1 Decree No. 118/2008/ND-CP of November 27, 2008, defining the functions, tasks, powers and organizational structure of the Ministry of Finance.
- 2 Circular No. 78/2008/TT-BTC of September 15, 2008, guiding the implementation of a number of contents of the Government''s Decree No. 27/2007/ND-CP of February 23, 2007, on e-transactions in financial activities.
- 3 Decree of Government No. 27/2007/ND-CP of February 23, 2007 on e-transactions in financial activities
- 4 Law No. 67/2006/QH11 of June 29, 2006 on information technology
- 5 Law No.70/2006/QH11 of June 29, 2006 on securities
- 6 Law no. 51/2005/QH11 of November 29, 2005 on E-transactions