BSEC Broker & Dealer Registration

by Tahmidur Remura Wahid | Nov 6, 2025 | Uncategorized | 0 comments

BSEC Broker & Dealer Registration in Bangladesh — The Complete TRW Law Firm Guide

Launching a brokerage in Bangladesh is a strategic move: retail participation is rising, digitization continues at the exchanges and the depository, and issuer pipelines (including SME/ATB) create long-term depth. But converting a great product idea into a compliant brokerage demands one thing above all: getting your BSEC Stock Broker & Stock Dealer registration right—and sequencing it correctly with TREC membership (DSE/CSE) and Depository Participant (DP) onboarding with CDBL.

This guide sets out, in practical detail, how a Bangladesh brokerage comes to life—end to end. It is written in TRW Law Firm’s process-driven style for founders, boards, investors, and compliance leaders who want an execution roadmap rather than broad platitudes.

For tailored advice or a readiness review, you can book a consultation with TRW’s Capital Markets & Securities team on our website: Tahmidur Remura Wahid (TRW) Law Firm.

What “Broker & Dealer” Means in Bangladesh (and why both matter)

A Stock Broker executes client orders on a recognized stock exchange (DSE/CSE). A Stock Dealer trades on its own account. In Bangladesh, most firms apply for both permissions together because:

Market access (broker) + market-making/prop flexibility (dealer) supports sustainable unit economics.
Exchanges and the depository expect uniform operational resilience regardless of whether trades are agency or principal.
Product roadmaps (e.g., odd-lot market, block trades, later margin or covered short frameworks if/when allowed) benefit from having both permissions.

Takeaway: If your plan includes a modern app with real liquidity features, apply for Broker + Dealer together unless you have a strong reason not to.

The Four Pillars of Authorization

BSEC Registration — grants you the regulatory license to act as Broker & Dealer.
TREC (Trading Right Entitlement Certificate) — gives your firm the right to access the trading system of DSE and/or CSE.
CDBL DP Admission — allows you to open and maintain BO (Beneficiary Owner) accounts, credit corporate actions, and settle trades.
Banking & Client Money Set-up — segregated client money accounts at approved banks, settlement accounts, and cash controls.

Think of these as interlocking gears: you cannot practically operate without all four aligned.

Eligibility and “Fit & Proper” Fundamentals

Before you draft a single form, confirm the following are in place:

Incorporation & Objects: Your Memorandum must clearly permit stock brokerage, stock dealing, depository participant activities (if applying), and allied capital-markets services.
Shareholding & Governance: Disclose ultimate beneficial owners (UBOs). Directors and significant shareholders must pass fit & proper (integrity, financial soundness, competence).
Capital: Paid-up capital adequate for broker/dealer permission and to meet ongoing net capital balance thresholds. Plan for a liquidity buffer (including tech and staffing).
Key Officers: Named Chief/Principal Executive, Compliance Officer, Operations Head, Finance Controller, and IT Lead/CISO (or vCISO) with CVs matching role expectations.
No disqualifications: No unresolved regulatory sanctions, criminal convictions involving dishonesty, or bankruptcies for controllers or key persons.

End-to-End Process at a Glance (Sequencing That Works)

Readiness & Gap Assessment (TRW’s kickoff): policy map, tech stack review, capital plan, and document checklist.
BSEC Application Dossier (Broker & Dealer) prepared and submitted.
Exchange Engagement for TREC: membership criteria, infrastructure tests, and undertakings.
CDBL DP Application: connectivity + operations manuals + sample reports.
Banking: client money accounts, board-approved client money policy, settlement arrangements.
Go-Live Testing: onboarding flows, KYC/AML controls, OMS/RMS integration, corporate action processing, incident drills.
Final Attestations & Approvals: receive certificates, whitelist system credentials, and open to clients.

The BSEC Application Dossier — What to Prepare (and How to Get It Right)

BSEC’s goal is to confirm you are competent, well-capitalized, well-controlled, and client-safe. Your dossier should be complete, internally consistent, and ready for scrutiny.

Core Corporate Pack

Certificate of Incorporation; MoA/AoA with appropriate objects.
Board resolution approving the application, appointments, and capital plan.
Share register, UBO declarations, and organizational chart (with reporting lines).

People & Governance

Fit & Proper forms for directors, key officers, and significant shareholders.
CVs, credentials, role descriptions, and signed statements of responsibility.
Conflict of Interest policy; staff trading policy; related-party transactions policy.

Capital & Financials

Paid-up capital evidence; bank statements; auditor letters.
Opening balance sheet; 12–24-month financial projections; capital adequacy framework.
Client Money Policy and segregation controls (dual authorization, daily reconciliations).

Compliance & Risk Framework

Compliance Manual (covering order handling, best execution, research vs. marketing, gifts & inducements, complaints).
AML/CFT Policy (risk-based KYC, sanctions/PEP screening, EDD, STR/SAR escalation, independent testing).
Risk Management Policy (market, liquidity, operational, vendor, cyber).
Outsourcing Policy (KYC vendors, cloud, data processors, OMS providers) with SLAs and audit rights.

Technology, Security & Continuity

Information Security Policy (aligned to ISO 27001 good practices): encryption at rest/in transit, key management, access control, SOC logging, SIEM, vulnerability management, secure SDLC.
Business Continuity & Disaster Recovery (BCP/DR): RTO/RPO targets, site failover plan, periodic drill evidence.
Incident Response Playbook: severity classification, regulatory notification triggers, client messaging templates.
OMS/RMS Architecture: pre-trade checks (cash/holdings), throttles, kill-switch, time synchronization (NTP), immutable order logs.

Client Documentation

Account Opening Form (with BO account annex), T&Cs, and privacy notice.
Risk Disclosure Statement (plain language; market/volatility/outage risks).
Order Types & Execution Policy Summary (including exchange venues).
Fees & Charges (transparent breakdown: brokerage, exchange, CDBL, stamp duty).

Evidence of Arrangements

Premises: office lease, disaster recovery seating plan.
Banking: client money and settlement accounts; authorized signatories.
Insurance: professional indemnity (where applicable).
Vendor Contracts: KYC IDV, sanctions screening, cloud hosting, SMS/OTP, penetration testing.

Quality rule: Every policy must line up with people, systems, and evidence. If your manual says you do X daily, show a template, a tool screenshot, or a register format to prove it.

TREC (DSE/CSE) — Trading Right & Membership Practicalities

The exchange evaluates you on capability to trade safely, financial soundness, and technology readiness. Typical expectations include:

OMS Connectivity: certified links to exchange gateways; throughput testing; order throttles.
RMS Controls: client-level and firm-wide limits; circuit breaker behavior.
Back Office: trade capture, allocations, contract notes, statements, and tax/fee computations.
Human Resources: certified or experienced dealers; segregation between dealing, risk, and back office.
Surveillance: logs and alerts for spoofing patterns, wash trades, and front-running (with staff trading restrictions).

A tight BSEC + TREC cadence saves months. TRW sequences technical and governance milestones so nothing sits idle.

CDBL Depository Participant (DP) — The Custody Engine

Without DP status (or a formal arrangement), you cannot open BO accounts, post ISIN credits, or process corporate actions. A complete DP pack includes:

DP Procedures Manual: BO onboarding, KYC validation, pledge/lien workflows, demat/remat, corporate actions posting, reconciliation.
Connectivity & File Formats: secure file exchange, reconciliation reports, exception handling.
Maker-Checker Controls: dual control for critical steps; four-eyes on BO master edits.
Daily Reconciliation: between CDBL balances, back office ledger, and client statements.
Corporate Actions Calendar: entitlements processing with cut-offs, reversals, and client notifications.
Data Privacy: PII handling for NID/TIN, retention/archival policy, and breach response.

Client Money & Asset Protection — Non-Negotiables

Your fiduciary duty to clients is operationalized through controls that regulators examine closely:

Segregated Client Money Accounts: distinct from the firm’s operating accounts; board-approved policy; daily reconciliations and break resolution procedures.
No Unauthorized Use: client funds are not your working capital; no lending or rehypothecation except as expressly permitted.
Withdrawal & Name-Match Controls: ensure beneficiary name matches client; cooling-off for first withdrawals; enhanced monitoring for high-risk flags.
Statements & Confirmations: T+0 trade confirmations; monthly statements; real-time in-app ledger.

KYC/AML in Practice — What “Good” Looks Like

Risk-Based KYC with sanctions/PEP screening and liveness/face match at onboarding.
EDD for higher-risk customers (politically exposed, complex structures, cross-border flows).
Ongoing Monitoring: velocity checks, unusual trading patterns, rapid in/out cash movement.
Screening Refresh: periodic rescreening of the entire base; event-driven rescreening on key changes.
STR/SAR Escalation: documented thresholds, investigative templates, and reporting lines to the AMLCO and board.

Technology, Cybersecurity & Resilience — Passing the “Ops Due-Diligence” Test

Regulators and exchanges will ask how you keep clients safe on a bad day. Be ready to show:

High Availability: two availability zones, separate failure domains, load tests, capacity headroom during market opens.
Access Control: MFA, role-based access, least privilege; break-glass procedures with audit.
PII Protection: field-level encryption for NID/TIN; tokenization for bank data; KMS rotation.
Secure Development: code review, SAST/DAST, dependency scanning, supply-chain controls.
Monitoring & Logs: central SIEM; immutable order/trade logs; time synchronization for forensic replay.
DR Drills: documented RTO/RPO; drill minutes and remediation logs.

Payments, Wallets, and the Bangladesh Bank Perimeter

If your client funding model is direct bank transfer to the broker’s client money account, you typically sit outside the payment-service perimeter. The moment you introduce a stored-value balance, P2P features, or you operate rails that move customer funds, you may trigger PSP/PSO requirements and additional supervisory expectations.

Practical strategy for new brokers: avoid wallet features at launch. Show near-real-time balances by integrating to your back office and bank statements instead.

Products & Customer Experience — Stay on the Right Side of Rules

Whole-Share Trading: Bangladesh depository systems settle whole securities; avoid “fractionalization” unless you create a compliant fund/ETF structure.
Fair, Clear, Not Misleading: onboarding and marketing must not imply guaranteed returns. Avoid gamified prompts that nudge churn.
Research vs. Sales: keep analyst content independent; disclose conflicts; separate editorial from promotional copy.
Complaints Handling: publish channels; run a tracked ticketing process; set internal turnaround standards (e.g., 48 hours).

The 10 Documents TRW Drafts First (because they unlock everything else)

Compliance Manual (with reporting calendar).
AML/CFT Policy (with KYC playbooks and STR workflows).
Risk Policy (market/liquidity/operational/vendor).
Client Money & Asset Protection Policy.
Information Security Policy + Incident Response Plan.
BCP/DR Plan (targets, drills, evidence templates).
Outsourcing & Vendor Risk Policy + DPAs.
Best Execution & Order Handling Policy.
Client Agreement, Risk Disclosure, Privacy Notice (plain English).
Staff Dealing, Conflicts & Gifts Policy.

Each policy includes register templates (complaints, incidents, outages, conflicts, gifts/hospitality, staff trades) and evidence artifacts (reconciliation formats, alert triage forms) to satisfy inspections.

A Realistic Timeline (180 Days) from “Idea” to “Orders”

Days 0–30 — Planning & Dossier Build

Incorporation and board appointments.
TRW readiness assessment; capital & liquidity plan.
Draft core policies; design tech/security architecture.
Start BSEC application pack; pre-consult exchange on TREC prerequisites.

Days 31–60 — Submissions & Infrastructure

File BSEC Broker & Dealer application.
Advance TREC membership steps (technical certification calendar).
Begin CDBL DP application (manuals, connectivity plan).
Open client money and settlement bank accounts.

Days 61–90 — Controls that Prove Safety

Complete KYC/AML stack; integrate sanctions/PEP screening.
OMS/RMS pre-trade controls and kill-switch; immutable logging.
Draft client docs and fee schedules; finalize back-office reports.
Conduct tabletop cyber and DR drills; document minutes.

Days 91–120 — Parallel Testing & People

UAT: onboarding → deposit → order → fill → settlement → statement.
Hire/confirm Compliance Officer, Ops lead, dealers.
Staff training (AML, conduct, cyber).
Close any regulator/exchange queries.

Days 121–180 — Approvals & Soft Launch

Obtain BSEC registration, TREC membership, DP code activation.
Soft-launch with limited clients; run surveillance and complaint SLAs.
Finalize post-launch reporting cadence; board attestations.

Common Pitfalls (and How TRW Helps You Avoid Them)

Incomplete Dossier: Missing annexures or inconsistent statements extend queries. TRW runs a two-pass audit before filing.
Policy–Practice Mismatch: Manuals promise daily tasks your team doesn’t perform. We align policies to actual tooling and staffing.
Over-ambitious Product at Day 1: Fractional, margin, or wallet features without the right structure. We sequence features to avoid perimeter breaches.
Vendor Risk Blind Spots: KYC or cloud contracts without audit rights or breach SLAs. TRW embeds DPA clauses and vendor registers.
Weak Surveillance: No tooling for wash-trade or spoofing alerts. We implement alert libraries and escalation SOPs.
Client Money Leaks: Lax reconciliations or unclear withdrawal flows. We provide recon templates and name-match controls.

Illustrative Case Study (Generic Names)

Case 1 — “Delta Securities Limited” (New Applicant):
A Dhaka fintech sought a mobile-first broker. TRW re-drafted the MoA, prepared a full BSEC pack (policies, people, capital plan), synchronized TREC certification slots with DSE, and fast-tracked CDBL DP onboarding with working reconciliation templates. Outcome: a coordinated approval sequence and a clean soft launch.

Case 2 — “Eastern Brokerage PLC” (Upgrade & Remediation):
An established broker needed to modernize controls and add dealer permission. TRW remediated AML gaps, implemented incident response playbooks, added SIEM logging and quarterly DR drills, and managed the dealer permission and exchange attestations.

Case 3 — “Ananya Capital” (Aggregator to Full Broker):
Started as an introducing-broker app. TRW negotiated white-label arrangements, built compliant client docs (with explicit custody & execution disclosures), then executed a staged transition to full Broker & Dealer with TREC and DP, avoiding client disruption.

Frequently Asked Questions (Straight Answers)

Q. Do I need both Broker and Dealer?
You can start with Broker only, but most firms obtain both to support liquidity management and product evolution.

Q. How much capital should I plan for?
Beyond regulatory minima, set aside a liquidity buffer for 12 months of payroll, tech/security, and audits. Net capital rules require ongoing monitoring.

Q. Can I offer fractional shares?
Not through the core depository infrastructure. Fractional exposure usually needs a regulated pooled vehicle (e.g., fund/ETF). Offer whole shares at launch.

Q. Can residents buy US or other foreign shares through my app?
Cross-border retail equity flows are permissioned. If this is core to your thesis, plan a separate phase with authorized dealer bank pathways and prior approvals.

Q. Do I need a wallet license to show balances?
No, if funds move directly between client bank accounts and the broker’s segregated client money accounts. Wallet-like features may trigger PSP/PSO oversight.

Q. How long does approval take?
It varies with dossier quality and your technical readiness. Expect multiple rounds of clarifications if policies and evidence aren’t aligned. Our 180-day plan is a realistic, not guaranteed, working cadence.

Q. What must my tech team deliver for approvals?
Documented OMS/RMS, security, DR, and incident procedures; order logs; reconciliation artifacts; and evidence of successful failover or tabletop drills.

Minimal Viable Team (Getting to Go-Live)

Compliance Officer / AMLCO — regulator interface and reporting calendar.
Head of Operations — settlement, reconciliations, corporate actions, client statements.
Dealers & Back-Office — order entry vs. back-office segregation.
IT Lead / Security — access controls, logging, DR drills, vendor oversight.
Finance Controller — client money reconciliations, fee/tax postings.
Product/Support — onboarding UX, complaint desk SLAs.

Oversight Cadence — The TRW Compliance Calendar

Daily: client money reconciliation; trade blotter review; failed settlement exceptions; sanction alerts triage.
Weekly: complaints & outages review; vendor SLA spot-checks.
Monthly: internal audit sampling of KYC files and access rights.
Quarterly: DR drill; vulnerability management cycle; board risk review.
Annually: policy refresh; staff certifications; independent AML testing.

Your Action Checklist (Use This With Your Team)

Corporate & Governance
■ Update MoA objects; pass board resolutions; file shareholding & UBO disclosures.
■ Appoint key officers; finalize org chart and statements of responsibility.

Capital & Banking
■ Fund paid-up capital; set net-capital monitoring; open client money & settlement accounts.
■ Approve Client Money Policy; implement daily reconciliation templates.

BSEC Dossier
■ Compile corporate, people, financial, and policy packs with annexures.
■ Align policies with actual tools and staff; include evidence templates.

TREC & Exchange
■ Book OMS certification; finalize RMS limits; dealer certifications; back-office reports.
■ Prepare surveillance playbooks and alert handling.

CDBL DP
■ Author BO onboarding procedures; test corporate actions posting; finalize reconciliation cadence.
■ Implement maker-checker and audit logs for BO edits.

Technology & Security
■ Lock MFA and role-based access; configure SIEM; time-sync all order logs.
■ Run DR tabletop; remediate findings; document minutes.

Client Experience
■ Plain-English client agreement, risk disclosure, privacy notice.
■ Transparent fees; in-app statements and T+0 confirms.
■ Complaint channels with published turnaround.

Why TRW Law Firm

Capital-Markets Specialists: We live and breathe Bangladesh exchange/depository mechanics and the regulator’s expectations.
Policy + Evidence, Not Just Paper: Our packs include operational registers, templates, and screenshots so you pass real inspections.
Tech-Fluent Lawyers: We align legal requirements with your architecture (OMS, DP back-office, bank feeds, SIEM).
Sequenced Execution: BSEC, TREC, and DP timelines are integrated—saving you months.
Scale-Ready: We design for future features (ATB/SME, research independence, margin frameworks) without breaching today’s perimeter.

If you want a turn-key path, TRW can serve as your project manager, policy drafter, and regulatory liaison, from concept to live trading.

Summary Table — BSEC Broker & Dealer Registration (Bangladesh)

Topic	What it is	Your tasks	TRW deliverables	Timing focus
Regulatory licenses	BSEC registration as Stock Broker & Stock Dealer	Confirm eligibility; assemble dossier; respond to queries	Full application pack; Q&A handling; board papers	Days 0–60 filing; rolling clarifications
Exchange access	TREC with DSE/CSE	OMS certification; RMS; dealer staffing; surveillance	TREC checklist; dealer SOPs; surveillance playbooks	Parallel with BSEC
Custody	CDBL DP admission	DP manual; BO flows; reconciliations; corporate actions	DP procedures; reconciliation templates; evidence pack	Parallel with TREC
Client assets	Segregated client money & securities	Bank mandates; daily recon; withdrawal controls	Client Money Policy; recon formats	Daily/ongoing
Compliance & AML	Manuals, registers, STR/SAR	KYC/AML tooling; screening; training	AML policy; KYC playbooks; training decks	Before go-live
Technology & Cyber	OMS/RMS, SIEM, DR, incident	Implement MFA, logging, DR drills	IS policy; IR plan; DR drill scripts	Before certifications
Client docs	Agreement, Risk Disclosure, Privacy	Plain-English docs; fee transparency	Drafting + localization; execution policy	Before UAT
Operations	Statements, complaints, tax	Back-office reports; complaint SLAs	Templates; monthly report packs	UAT + BAU
Governance	Board oversight & attestations	Calendar, registers, internal audit	Compliance calendar; attestation formats	Quarterly/annual

TRW Law Firm — Get in Touch

Tahmidur Remura Wahid (TRW) Law Firm — Capital Markets & Securities
We advise on licensing, TREC membership, DP onboarding, client asset protection, AML, and technology governance for Bangladesh brokerages.

Contact Numbers:
+8801708000660
+8801847220062
+8801708080817

Emails:
[email protected]
[email protected]
[email protected]

Global Law Firm Locations:

Dhaka: House 410, Road 29, Mohakhali DOHS
Dubai: Rolex Building, L-12 Sheikh Zayed Road
London (UK): 330 High Holborn, London WC1V 7QH, United Kingdom

Loading…

Loading… | 5 MIN READ | BY TAHMIDUR REMURA WAHID