NSE Circular Summary: Safer Participation of Retail Investors in Algorithmic Trading (May 2025)

📄 Overview

On May 5, 2025, the National Stock Exchange (NSE) released Circular Ref. No. 471/2025 implementing SEBI's directive (SEBI Circular Ref. No. SEBI/HO/MIRSD/MIRSD-PoD/P/2025/0000013) to enhance the safety and oversight of retail investors in algorithmic trading. This blog fully summarises the implementation standards from the NSE document.

🔑 A. API Access Standards

1. Static IP is mandatory for all API access:
   • Provided by clients for client-generated algos
   • Provided by vendor/client for vendor-generated algos
   • Provided by broker/client for broker-generated algos
2. Clients may provide one primary static IP and optionally a secondary for redundancy.
3. Multiple API keys are allowed but must be mapped to registered static IPs.
4. Non-registered algos can run only on designated API keys.
5. Static IP updates are limited to once per week (exceptions allowed).
6. Static IPs may be shared only among family accounts (with written or 2FA-verified consent).
7. Mandatory logout of all API sessions before each trading day.

⚙️ B. Unregistered Algo Standards

1. Clients may use APIs for automated systems but must stay within 10 orders per second (OPS).
2. If below 10 OPS, registration isn't required—but:
   • A generic Algo ID must be used
   • All Risk Management Systems (RMS) must be applied
3. Brokers must restrict unsupported order types/contracts.
4. Orders exceeding 10 OPS must be rejected.
5. Brokers must monitor OPS limits effectively.

🧠 C. Registered Client Algos

1. Clients exceeding 10 OPS must register their algos with exchanges.
2. Brokers will submit registration details and receive an Algo ID.
3. Changes in logic must be reported for re-registration.
4. Third-party usage of client algos must follow the same process.

🛠️ D. Broker-Generated Algos

1. All broker-created algos must be registered with exchanges.
2. Orders via these algos must use exchange-issued Algo IDs.
3. Any updates in logic must be re-submitted for approval.

🤝 E. Empanelled Algo Providers

1. Algo providers must be empanelled and registered with each exchange.
2. Each algo must receive a unique Algo ID.
3. Brokers and providers may have commercial/technical agreements.
4. Exchanges must be informed of such arrangements and terminations.
5. Brokers must perform due diligence and report violations.

📉 F. Threshold Order Per Second (OPS)

• The OPS threshold is 10 orders per second per exchange/segment.
• Brokers may impose stricter limits per client.

🏷️ G. Algo ID Tagging

• All algo orders must be tagged with an Algo ID.
• This applies to both registered and non-registered algos.

🔐 H. Risk Management Compliance

Brokers must follow standards for:

• Internet Based Trading (IBT)
• Securities Trading via Wireless Tech (STWT)
• Decision Support Tools
• NSE Circular Ref: NSE/MSD/67753 (April 29, 2025)

💻 I. Operational Specifications for API/IBT/STWT

1. Maintain a 5-year audit trail.
2. Ensure robust cybersecurity (as per SEBI guidelines).
3. Use OAuth or equivalent authentication.
4. Apply:
   • Password protection
   • 2FA
   • Automatic password expiry
5. Only whitelisted static IPs and vendor-specific keys permitted.
6. Brokers are fully responsible for all client/vendor activity.
7. All retail algos must be hosted on exchange-approved servers.

📌 J. Additional Points

• These standards do not apply to Direct Market Access (DMA).
• Brokers may charge API usage and algo registration fees.
• Exchanges can terminate rogue algos disrupting markets.

📘 Conclusion

These detailed guidelines ensure that algorithmic trading in India becomes more transparent, secure, and compliant for retail investors. If you use or offer algo trading solutions, adhering to these regulations is essential.

🔗 References

• www.fintrens.com
• Firefly Algo Docs
• Join Fintrens
• Fintrens WhatsApp Channel

Stay Compliant. Trade Smart.