Structured Digital Database (SDD)

The SDD requirement was introduced through the SEBI (Prohibition of Insider Trading) (Amendment) Regulations 2018 under Regulation 3(5) and 3(6) of the PIT Regulations. The amendment recognised that the absence of a formal audit trail made it difficult to investigate insider trading instances, since proving that a particular person possessed UPSI required reconstructing informal communication chains.

All listed companies, their advisors, and intermediaries (investment banks, law firms, auditors, and consultants engaged in transactions involving UPSI) are required to maintain an SDD containing the names and permanent account numbers (PANs) or any other identifier of persons who share and receive UPSI, the nature of the information, the date and purpose of sharing, and the relationship between the sharer and recipient.

The database must be maintained with adequate security, internally, and must not be outsourced to third-party service providers in a manner that compromises data integrity or security. SEBI required that the SDD be maintained for a minimum of eight years.

Companies must ensure the SDD captures all sharing instances, including those with external advisors during M&A due diligence processes, financing discussions, strategic partnerships, and other corporate activities. The SDD effectively creates a chain of custody for UPSI, enabling SEBI's investigation teams to trace the flow of information when suspicious trading patterns are detected.

In investigation proceedings, the SDD is a key evidentiary document. SEBI has issued supplementary guidance clarifying that companies should capture not just formal communications but also verbal communications where UPSI was shared, to the extent these can be documented.

Failure to maintain the SDD or maintaining it in an incomplete or tampered manner constitutes a violation of the PIT Regulations independently of whether any actual insider trading occurred, and can result in penalties against the company and its compliance officer.