Search
RBI announces draft cyber security norms for payment system operators
June 05, 2023
In a move to ensure safety and security of digital payments amid emerging cyber risks, the Reserve Bank of India (RBI) on Friday announced draft regulations for payment system operators (PSOs).
It proposed that such norms would be implemented from April 1, 2024, for large non-bank-PSOs.
For medium-sized non-bank PSOs, the deadline for implementing the regulation will be April 1, 2026, and for smaller ones, it’s April 1, 2028.
The draft directions issued by the regulator covers robust governance mechanisms for identification, assessment, monitoring, and management of cyber security risks.
“The directions will also cover baseline security measures for ensuring system resiliency as well as safe and secure digital payment transactions,” the RBI said.
“However, they shall endeavour to migrate to the latest security standards. The existing instructions on security and risk mitigation measures for payments done using cards, Prepaid Payment Instruments (PPIs) and mobile banking continue to be applicable as hitherto,” it added.
According to the draft norms, the PSO will define appropriate key risk indicators (KRIs) to identify potential risk events and key performance indicators (KPIs) to assess the effectiveness of security controls.
Important Links:
- 4-IN-1 Professional Diploma in Banking, Financial Services & Insurance (PDBFSI): https://ask.careers/courses/4-in-1-professional-diploma-in-banking-financial-services-insurance-pdbfsi/
- Mumbai: https://ask.careers/cities/mumbai/
- TSCFM: https://ask.careers/institutes/tscfm/
