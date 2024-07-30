Business Standard
Sensex (    %)
                             
Nifty (    %)
                             
Nifty Midcap (    %)
                             
Nifty Smallcap (    %)
                             
Nifty Bank (    %)
                             

RBI issues final directions on cybersecurity controls for non-bank PSOs

RBI has given different timelines to these entities, depending on their size, to set up compliance structures

RBI, Reserve Bank of India

Small PPI issuers and instant money transfer operators are required to comply with the guidelines by April 2028. (Photo: Reuters)

Ajinkya Kawale Mumbai
2 min read Last Updated : Jul 30 2024 | 8:25 PM IST

Listen to This Article

The Reserve Bank of India (RBI) on Tuesday issued final guidelines on cyber resilience and digital payment security controls for non-bank payment system operators (PSOs), wherein it has mandated different timelines for these entities, based on their sizes, to set up necessary compliance structures. These directions come into effect on July 30.

Large non-bank PSOs such as Clearing Corporation of India Limited (CCIL), National Payments Corporation of India (NPCI), Bharat Bill Payment Operating Units (BBPOUs), and Payment Aggregators (PAs), among others, need to abide by the directions by April 2025.
Click here to connect with us on WhatsApp

Medium non-bank PSOs such as cross-border (in-bound) money transfer operators under the Money Transfer Service Scheme (MTSS) and medium prepaid payment instrument (PPI) issuers have time until April 2026.

Small PPI issuers and instant money transfer operators are required to comply with the guidelines by April 2028.

According to the guidelines, entities are required to report incidents such as cyber-attacks, outages of critical systems, internal frauds, settlement delays, among others, to the RBI within six hours of the detection of the attack. Cyber security incidents are required to be reported to CERT-IN.

Additionally, the Board of Directors of the PSO would be responsible for ensuring adequate oversight over information security risks, including cyber risk and resilience. Such entities would also be required to prepare a board-approved cyber crisis management plan (CCMP) to detect, contain, respond, and recover from cyber threats and attacks.

PSOs would be required to conduct a cyber-risk assessment exercise with respect to the launch of new products or services, or while undertaking changes to existing systems infrastructure on their platform.

More From This Section

Navi Finserv closes $38 mn personal loan securitisation deal with JP Morgan

Indian Bank eyes recovery of Rs 7,000 cr this financial year: MD & CEO

Fake ITC claims detection by GST officers up 51% at Rs 36,374 cr in FY24

RBI Governor Das for reskilling, upskilling amid digitalisation push

Room for India's DPI to diversify digital trade, says RBI report


Periodic training programmes on information security issues for employees and vendors would be required to be conducted by non-bank PSOs.

Those entities who have subscribed to cloud services would be required to put in place a cloud operation policy.

A real-time or near real-time fraud monitoring solution to identify suspicious transactional behaviour and generate alerts would be required to be set up as per the latest directions.

Also Read

RBI issues norms to improve safety of payment systems with fraud monitoring

Reserve Bank of India must retain focus on food inflation, say economists

'Too big to fail' Big Techs pose risk profiling challenges: RBI report

Private banks' bottom line remains healthy in Q1, bad loans inch up

Average cost of data breaches in India hits $2.18 million: RBI report

Topics : RBI cybersecurity finance sector

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Jul 30 2024 | 8:25 PM IST

Explore News

Stock Market LIVEStocks to Watch TodayParis Olympics 2024 LIVEParliament Season LIVEWayanad landslide LIVEDelhi UPSC Aspirants Protest LIVEGold-Silver Price TodayBangladesh ProtestsOlympics 2024 Budget 2024
HOT STOCKS
TOP SECTIONS
KEY EVENTS
Copyrights © 2024 Business Standard Private Ltd. All rights reserved
LinkedIN Icon