RBI Releases Draft on Master Directions on Cyber Resilience and Digital Payment Security Controls for Payment System Operators
RBI – RBI Releases Draft on Master Directions on Cyber Resilience – Digital Payment Security Controls – Payment System Operators – Cyber Resilience and Digital Payment Security Controls – TaxscanRBI – RBI Releases Draft on Master Directions on Cyber Resilience – Digital Payment Security Controls – Payment System Operators – Cyber Resilience and Digital Payment Security Controls – Taxscan
RBI – RBI Releases Draft on Master Directions on Cyber Resilience – Digital Payment Security Controls – Payment System Operators – Cyber Resilience and Digital Payment Security Controls – TaxscanRBI – RBI Releases Draft on Master Directions on Cyber Resilience – Digital Payment Security Controls – Payment System Operators – Cyber Resilience and Digital Payment Security Controls – Taxscan
The Reserve Bank of India (RBI) released the draft on RBI releases Draft on Master Directions on Cyber Resilience and Digital Payment Security Controls for Payment System Operators on June 2nd 2023.
The Directions are issued under Section 10 (2) read with Section 18 of the Payment and Settlement Systems Act, 2007. The draft covered directions that cover strong governance mechanisms for the identification, assessment, monitoring, and management of these risks. This will help to ensure that the authorised non-bank Payment System Operators (PSOs) are resilient to traditional and emerging information systems and cyber security risks.
According to the draft, the Master Directions shall be called the Reserve Bank of India (Cyber Resilience and Digital Payment Security Controls for PSOs) Master Directions, 2022 (Master Directions, Directions).
In order to provide adequate time to put in place the necessary compliance structure, a phased implementation approach1 is prescribed as under -
| Regulated Entity | Timeline |
| Large non-bank PSOs | April 1, 2024 |
| Medium non-bank PSOs | April 1, 2026 |
| Small non-bank PSOs | April 1, 2028 |
The aim of the directions was to improve the safety and security of the payment systems operated by PSOs by providing a framework for overall information security preparedness with an emphasis on cyber resilience.
Regarding the Governance Controls, the Board of Directors (Board) of the PSO shall be responsible for ensuring adequate oversight over information security risks, including cyber risk and cyber resilience. However, primary oversight may be delegated to a sub-committee of the Board which shall meet at least once every quarter.
The draft also suggests digital Payment Security Measures/Controls. Further, the draft also mentioned that Prepaid Payment Instruments (PPI) issuers are encouraged to communicate OTP and transaction alerts with users in a language of their choice, including vernacular languages.
To Read the full text of the Order CLICK HERE
Support our journalism by subscribing to Taxscan premium. Follow us on Telegram for quick updates
