+91 9594449393
+1 4847906355
+63 9208320598
+44 1519470017
+84 908370948
+7 9639173485
+62 81808037776
+90 5441016383
+66 993367171
+254 725235855
+256 707194495
+46 700548490
On July 30, 2024, the Reserve Bank of India (RBI) released the Reserve Bank of India (Cyber Resilience and Digital Payment Security Controls for Non-Bank PSOs) Master Directions, 2024. The new guidelines are designed to enhance the safety and security of payment systems operated by non-bank Payment System Operators (PSOs).
Key highlights of the new Directions include:
- Applicability : The provisions of these Directions are mandatory for all authorized non-bank PSOs.
- Risk Management with Unregulated Entities : To effectively manage cyber and technology-related risks, especially those arising from partnerships with unregulated entities like payment gateways, third-party service providers, and vendors within the digital payments ecosystem, PSOs must ensure compliance with these guidelines by such entities as well. Compliance must be established through a mutually agreed policy, approved by the PSO’s Board.
- Focus on Cybersecurity : The Directions aim to strengthen the information security preparedness of PSOs, with a particular focus on cybersecurity. The framework outlined in the Directions emphasizes robust governance mechanisms to identify, assess, monitor, and manage risks.
- System Resilience and Security : The Directions mandate PSOs to adopt baseline security measures that ensure system resilience and secure digital payment transactions. PSOs are encouraged to continuously migrate to the latest security standards.
- Existing Security Measures : The existing security and risk mitigation measures for card payments, Prepaid Payment Instruments (PPIs), and mobile banking remain in effect. In the event of any discrepancies between current guidelines and the new Directions, the instructions outlined in the Master Directions will take precedence.
These Directions reflect the RBI’s ongoing commitment to fortify the digital payments ecosystem, ensuring that PSOs maintain high standards of cybersecurity and risk management. Read the full release direction here : https://www.rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12715
