The Reserve Bank of India (RBI) on Tuesday said all RBI-regulated entities entering into a contract with third-party automated teller machine (ATM) switch application service providers (ASPs) need to comply with cybersecurity controls prescribed by the central bank. They also have to give access to the RBI for on-site or off-site supervision.
The RBI-regulated entities have to amend their contracts at the earliest or at the time of renewal, in any case not later than March 31, 2020.
In the fifth bi-monthly monetary policy statement of the RBI in December, the central bank had said that a number of commercial