Persona: Compliance Officer / CCO

You sign the half-yearly compliance certificate that says the broker is compliant with every applicable SEBI / exchange / depository / RBI rule. To sign it honestly, you need to know what the rules are, where the evidence lives, when the deadlines fall, and which way the regulatory wind is blowing.

The site has 884 indexed circulars, 400 verifiable compliance touchpoints, and dedicated deep-dives on SCORES / IGRC / ODR / audits / CSCRF / inspections / AP framework. This page is your shortcut.

What you’ll find useful here

Three layers matter most:

• The Compliance Blueprint — 400 obligations across 16 domains. Your master inventory.
• The Regulatory Circulars index — 884 entries across 13 issuers. Your citation source.
• Compliance & Audit deep-dives — SCORES procedure, IGRC, ODR, concurrent / system / cyber audit, inspection types, AP framework.

The narrative layer (broker process, lifecycle) is useful background; the field atlas and integration DAG are engineering territory.

Suggested reading path (in this order)

1. Compliance Blueprint — read the TL;DR and conceptual overview. Then skim domain headers. Bookmark this. You’ll return to specific rows as deadlines approach.

2. Regulatory Circulars master — the highlight panel of 12 most-impactful circulars + the per-issuer sub-page index. Skim.

3. Circulars Changelog — what’s new vs the prior 37-entry baseline. Your “what changed recently” reference.

4. SCORES Procedure deep-dive — the portal, the 21-day SLA, the escalation, the monthly MIS. You own this.

5. IGRC deep-dive + ODR deep-dive — your investor-grievance escalation path.

6. Concurrent Audit deep-dive + System Audit deep-dive + CSCRF deep-dive — the audit cycles you scope and respond to.

7. Inspection Types deep-dive — exchange / SEBI / depository inspection mechanics and response procedure.

8. AP Framework deep-dive — Authorized Person registration, supervision, NSE/COMP chain.

9. Member Compliance deep-dives — BMC / ABC, fit-and-proper, KMP changes, membership renewal. These are continuing-compliance obligations under your watch.

10. Lifecycle Overview — re-KYC periodicity, modifications, transmission. The lifecycle pages tie into the KYC obligations under your domain.

That’s the foundation. The breadth-reference layer (specific circulars, specific blueprint rows) is searchable.

Caution

The half-yearly compliance certificate is the moment of truth. Build a master compliance calendar from the Compliance Blueprint’s frequency column and the Recurring Cycles DAG. By April / October each year (the half-yearly cycle ends), every obligation under your watch must have a verifiable evidence artefact. The site’s Compliance Blueprint gives you the obligation list; you assemble the evidence binder.

Common questions in your role

• A SCORES complaint is on day 19 of 21 — what’s the escalation? → SCORES procedure deep-dive — escalation section.
• An AP exceeded the turnover threshold — what’s required? → AP Framework deep-dive — supervision and reporting obligations.
• CSCRF cyber audit is due — what’s the scope? → CSCRF deep-dive — categorization (Qualified RE / Mid-size RE / Small RE), VAPT cadence, Type I/II/III audits.
• A client died — what’s the transmission procedure? → Lifecycle: Transmission.
• A new SEBI circular was published — does it affect us? → Regulatory Circulars — find the issuer page, then read the in-force-date and applies-to fields.
• Quarterly running-account settlement deadline approaching — what’s required? → Compliance Blueprint client-funds domain + Broker Process Narrative Section 5.
• An employee on the designated person list traded a restricted security — what’s the procedure? → Compliance Blueprint member-comp domain — insider trading code.
• An exchange inspection notice arrived — what’s the response window? → Inspection Types deep-dive — response window varies by exchange and inspection scope.
• PMLA / FATCA filings are due — where are the formats? → Compliance Blueprint AML domain + FIU-IND destination page + FIU-IND circulars.

What to skip (and why)

• Integration DAG technical detail — engineer territory; you only need to know that the dependency structure exists when an engineer escalates.
• Field Atlas destination pages other than KRA / CKYC / FIU — engineer territory.
• OMS / RMS / SPAN deep-dives — Head of OMS/RMS territory; you only need to know what evidence the regulator expects.
• Most of the appendix — already woven into your domain via blueprint.

When you’d hand off

• “This is a tax / GST question” → Finance / CFO reading path.
• “This is an integration / system bug that’s causing the compliance failure” → Backend Engineer reading path.
• “This audit observation requires operational changes” → Operations Lead reading path.
• “This is a regulatory inspection — call the senior compliance counsel” → external; out of this site’s scope.

Verified through

2026-05-14

---

AI-generated and not legal, financial, or compliance advice. See the project README for full disclaimer.