In a classic display of Nehruvian-socialist suspicion, Securities and Exchange Board of India has seen fit to demand that anyone who has the temerity to invest a sum as small as one lakh rupees (the tax-exempt limit for income tax purposes) in the stock market will have to provide fingerprints like a common criminal to get a MAPIN-UIN.
This applies not only to companies, directors, brokers and their relatives and direct investors in equity markets but oddly also to indirect equity market investors such as mutual fund investors.
However, despite their heavy involvement in the largest recent stock market scams, public sector companies have been exempted from this regulation, presumably in deference to the prejudices of left-party supporters of the current government.
One hopes that the sharp-minded Finance Minister realised that this intimidation will encourage the growth of black money, as those so inclined to avoid the taxpayer would rather hide their fingerprints along with their transactions.
If he did, then it would appear that a hamhanded act of bureaucracy has defeated the FM's sagacity and visited new rules on millions of ordinary investors for the sins of a handful of scamsters, most of whom have been unpunished to date.
As stated, this new requirement is to enable tracking of market manipulation, but in reality this is really mere perpetuation of the licence-permit raj in yet another form.
At a time when the Finance Minister and Prime Minister are seeking even greater investment from foreigners, another arm of the government is demanding that even citizen investors seek a licence to invest their own hard-earned money in a public company on a public market.
The egregious nature of such a licence is only further highlighted by the fact that the MAPI-UIN is needless, error-prone, capable of misuse and its stated objectives can be defeated easily.
Needless
First, the requirement for yet another identifier, which is what the MAPIN-UIN, is needless.
The existing laws require that all investments in market instruments including mutual funds be made by cheque if they exceed twenty thousand rupees, and so all such investments can be traced to a bank account with the requisite account-holder-photographs and address-proof requirements of those records.
Further, the Income Tax department already requires stock brokers and mutual fund managers to report all transactions over fifty thousand rupees together with the permanent account number of the investor.
As every market participant who trades over a lakh of rupees worth of shares or mutual funds would thus be covered by this requirement already, and as the PAN too is a unique identifier, where is the need for yet another identifier?
Why, each taxpayer is even required to obtain an identity card known as a PAN-card to show during a wide-ranging variety of transactions covering not only investments but also expenditures.
Error-prone
As terrifying a bogeyman as this Soviet-style practice of fingerprinting ordinary investors is, it is prone to errors. It is thus at best an imaginary monster to frighten simple-minded individual investors and pull the wool over the eyes of parliamentarians investigating stock market scams.
The current mechanism envisages numerous intermediaries obtaining supposedly incontrovertible proof of identity and recording photos and fingerprints on a personal computer.
First, there appears to be no independent audit of these records, so intermediaries can easily make mistakes and not be found out.
Secondly, digitised fingerprints and photos are just anonymous (not meaningfully searchable) strings of ones and zeros and so can easily be mis-associated with personal records of other unrelated persons by mistakes in processing.
This means that Mr X may be associated with Mr(s) Y's fingerprints or Mr(s) Z's photograph. Citizens who already have seen this happen to electoral cards and PAN cards, do not need further proof of this possibility.
How then can the MAPIN-UIN be used to trace people? Worse still, such erroneous records could survive for decades unchallenged as the donors of such information ordinarily have no way of discovering such errors in Sebi's computer records.
The problem of identifying who is in a group -- or single -- photo found in digitised form is a problem that is still keeping computer-science researchers and secret service analysts up at night.
Capable of misuse
The same ease of mis-associating fingerprints, photos and personal details lends itself to potential mischief and misuse. Imagine a low-level employee of one of the intermediaries being paid to deliberately mis-associate such records.
Imagine too a mobster or politician trying to launder his ill-gotten money, doing the same to ensure that his front companies are not traced back to him.
It is possible also to do a wholesale mismatch of records by employees within SEBI itself to sabotage the very objective of tracking. Can Sebi certify that every one of the employees working for them is utterly incorruptible and of highest integrity?
Basic principles of Information Security maintain that the greatest risk to any information in computers is from internal employees given legitimate access, albeit only for specific legitimate purposes.
Easy to get around
If it is easy to maintain erroneous or mischievous records for decades and never discover it, it is also easy to get around the regulation's intent.
Someone with a desire to manipulate the market need only register hundreds of shelf companies and get MAPIN-UINs for them.
Those in the media trying to unwind the tangled web of investment companies with cross holdings in the large private sector companies that have been in the news recently have already illustrated the anonymity-enhancing value of this.
Numerous concerted transactions to manipulate markets would still not be traceable to the individuals, as the transactions would appear to be from hundreds of different and apparently unrelated market participants.
It would take a determined effort to probe deeper into the second and deeper layers of information and unravel cross-holdings to discover the common manipulators.
However, such probes are unlikely as there would be no prima facie evidence of market manipulation to trigger such an extensive probe.
Conclusion
In conclusion, what SEBI needs to detect and investigate market manipulation is not a massive shot-gun regulation such as the MAPIN-UIN ruling but experienced sharp-shooter and data-analysis savvy investigators to investigate and data-mine market-transaction data.
Let the Registrar of Companies worry about recording the whereabouts of directors of companies to enable policemen to trace them when a crime is detected, instead of presuming that every private sector investor is congenitally devious.
In the meantime, SEBI should withdraw this egregious regulation or at the very least confine it to brokers and perhaps high-net-worth individuals who invest tens or hundreds of crores of rupees at a time directly in the markets.
