New Delhi: Access to information on “switching on time”, “co-location facilities”, “backup servers”, and an absence of “load balancers” — this is what led to the alleged manipulation of the server of India’s largest stock market, National Stock Exchange.
According to a Central Bureau of Investigation (CBI) probe, all of this was done in connivance with NSE officials and led to “wrongful gains” to a company and “wrongful loss” to other brokers and traders.
Bribes were paid not only to NSE but also officials of the Securities and Exchange Board of India (SEBI) for a favourable report after the alleged tampering of servers and facts related to preferential access of data came to light, the investigators told ThePrint.
On Sunday, the CBI arrested Chitra Ramkrishna, who was NSE chief executive and managing director between 2013 and 2016, in the case of bourse manipulation. She has been arrested for her alleged role in the co-location scam. While the CBI’s FIR doesn’t name Ramkrishna, a SEBI report released last month hinted at her alleged involvement.
Ramkrishna allegedly shared crucial and confidential information of NSE with an individual she called a “Himalayan yogi”, investigators said. The CBI suspects that the yogi is Anand Subramanian, former group operating officer (GOO) at the stock exchange, who was arrested last month.
Subramanian was first appointed as chief strategic adviser at the NSE in 2013, and Ramkrishna promoted him to GOO in 2015. The market regulator, SEBI, had pointed out in a report earlier this month that the appointment of Subramanian was one of the decisions that Chitra Ramkrishna took under the influence of the ‘yogi’.
What is the alleged scam being probed by the CBI? What is a co-location facility? What is switching on time and how is it relevant? What are load balancers and how was the system manipulated to allegedly give preferential access to a particular company? ThePrint explains.
‘Access to switching on time’
It was in 2018 that the CBI first received source-based information, alerting it about the alleged scam.
According to the central agency, there was information that between 2010 and 2014, Sanjay Gupta, owner and promoter of Delhi-based stock broker OPG Securities, connived with officials of NSE and abused its server architecture.
Gupta, with the help of his brother-in-law Aman Kokrady, who is also named in the FIR registered by CBI, and other unknown persons, allegedly roped in the NSE data centre staff, which passed on information regarding “switching on time” of the exchange servers, for monetary benefits, sources said.
“This is what helped OPG Securities and gave them an edge over the others. Given this advantage, they were the first ones to login on the exchange server of the NSE and would get access to all relevant leads, which gave them a clear advantage,” said a source.
NSE officials also allegedly gave OPG Securities access to servers that had the latest technology and were the least-crowded at that particular point in time.
Logging into the system early would ensure that the broker is able to take advantage of dissemination of price data on shares/stocks before others.
There was a prescribed limit of 30 connections for each port of the server from which the NSE disseminated price data to trading members. However, this limit was not adhered to and the number of connections on one port often exceeded 30. This put members who were on more crowded ports at a disadvantage.
What a co-location server is, and how it works
According to CBI sources, Gupta was also given unfair access to the NSE co-location facility between 2010 and 2014, giving his company an advantage over the others.
A co-location set-up allows the broker’s computer to be located in the same area in which the server of the stock exchange is located. This gives approximately a ten-fold speed advantage in comparison to other brokers.
According to CBI sources, until 2014, information was disseminated by the NSE server to the brokers attached with co-location facility through a tick by tick (TBT)-based system architecture. In this architecture, data was disseminated in a “sequential manner”, whereby the stock broker who connected first to the exchange server received ticks — meaning market feed — before the stockbroker who connected later.
“The source had informed CBI that Sanjay Gupta had unfair access to the co-location facility of NSE between 2010 and 2014 that enabled his company OPG Securities to login first to the secondary server and get the data before everyone else, which allowed a split-second faster access to the data feed of NSE,” the source quoted above told ThePrint.
“Even a split-second faster access is considered to result in huge gains for any stock trader,” the source added.
The CBI was also informed that initially, NSE did not have the system of starting its TBT servers at a fixed time everyday. But Gupta allegedly managed to lure the NSE data centre staff into giving him the information regarding switching-on time of exchange servers, leading to illegal gains to his company, sources said.
‘Imbalance load factor’
In October 2012, NSE improved the system of imbalance load factor among different TBT co-location servers and introduced “load balancer” among various TBT co-location servers, the source quoted above told ThePrint.
According to the source, the load balancer ensures even distribution of load among the TBT servers.
Even after the NSE introduced the load balancer, Gupta, allegedly in connivance with the NSE data centre staff, got his firm connected to the exchange’s backup servers, which had “zero load”, the source said.
The NSE makes these backup servers available for providing connection to the brokers’ servers, only in case the primary servers have some technical glitch or failure.
However, while servers of all other brokers were connected to the primary servers of NSE, Gupta allegedly fraudulently managed to get access and be connected with the backup servers, with the help of data centre staff. This helped Gupta to get “market feed before other brokers and led to a wrongful gain to his company”, said the source.
“The backup servers were with zero load and therefore provided far better and faster access to the market feed to Gupta’s company in comparison to other brokers,” the source added.
After receiving complaints of the ‘compromised’ TBT architecture by OPG Securities surfaced, the SEBI conducted an inquiry into the alleged misgovernance at NSE, sources in the CBI said. The regulator’s Technical Advisory committee (TAC) report said: “OPG Securities gained materially by exploiting the TBT architecture of NSE”.
According to CBI sources, the TAC report also revealed that OPG Securities had consistently logged in first on selected TBT servers on most of the trading days between 2010 and 2014, and also had access to servers that had better hardware.
Deloitte Touche Tohmatsu, which did a forensic review of the NSE’s co-location facility, found that OPG Securities was the first to log in, in most cases during trading session, showed the FIR, accessed by ThePrint.
The Deloitte forensic report, which was submitted to NSE in December 2016, also observed that the absence of load balancers appears to have created “advantages for certain members due to manual intervention”.
‘Influenced SEBI officials for favorable report’
To ensure a favourable report from SEBI in the ongoing enquiry and get off the hook, Gupta even influenced and bribed the officials of SEBI, the source quoted above said.
“We received information that bribes were paid to officials of NSE and SEBI to cover the TBT exploitation. Moreover, our information also said that Gupta also directed his employees to delete some important mails, text messages, logs, which were related to co-location controversy with the intention of destroying electronic evidence against him and his company,” the source said.
According to the FIR, a man named Ajay Narottam Shah had also been instrumental in exploitation of NSE TBT architecture.
Shah allegedly collected NSE trade data in the name of carrying out research, and subsequently, passed it to private persons who in turn developed an algo software named ‘Chanakya’. This software was then sold to selected brokers including OPG Securities, who benefited by exploiting the TBT architecture of NSE using this software, the FIR said.
With inputs from Shubham Batra
(Edited by Amit Upadhyaya)