RBI PSS Compliance
With the increased inclination of people towards cashless transactions, the concerns over the security of customer’s data and the responsibility of the service providers accountable for facilitating such transactions has increased considerably.
Keeping in mind the interest of common people and the risks they would subject themselves to while availing the facilities of virtual transaction methods, the Reserve Bank of India has laid down a framework for the payment system providers so that the customers can rely on the proper and risk-free transaction methods.
What Is RBI PSS Compliance?
Reserve Bank of India is responsible for controlling the Banking Payment and Settlement System in India under Payment Settlement Act 2007. Accordingly, RBI provides a certificate of authorization to any company setting up and operating a payment system in India. In order to remain authorized, a payment company must comply with stipulated RBI requirements to ensure that the technology deployed to operate the payment system is safe, secure and efficient, and as per the approved process flow. An RBI PSS audit evaluates security and controls, hardware, operating systems, applications, access controls, and disaster recovery, among other aspects.
The systems included under this procedure are Electronic Clearing Service Credit, Electronic Clearing Service Debit, Electronic Funds Transfer, Regional Electronic Clearing Service, Real Time Gross Settlement System, Pre-paid Payments System, Mobile Banking System.
Any divergence from the rules and violation of regulations laid down by RBI are punishable offences. In case, the system provider contravenes with the rules and regulations or fails to fall in compliance with the orders and directions or is found to violate the terms and conditions under which the authorization was granted to them; then the authorization can be revoked by RBI.
Key Requirements for RBI PSS Compliance
- All payment systems, authorized under the Payment and Settlement Systems Act 2007, need to get done a periodic auditing of their systems
- Every system provider shall operate the payment system in accordance with the provisions of the PSS Act and the rules and regulations which deal with the operation of payment system
- The system providers shall disclose the terms and conditions, including the charges and limitations of liability to their existing or potential system participants
- To ensure the safety of the customers, the audit should ensure that the technology deployed for the operation of the payment system is working in a safe, secure and efficient manner in accordance with the approved process flow
- The evaluation of hardware, structure, operating systems, and critical application should be considered under the scope of system audits
- The system providers are required to act in accordance with the contract governing the relationship between the system participants and the rules and regulations which deal with the operation of payment system
- The services should also include security and controls to be in place, increased access controls in key applications, a proper disaster recovery plan, training of personnel managing systems and applications, among other things
Why Should SISA Be The One For You?
We are the payment security specialists marking our presence in about 30 countries, including the US, Asia Pacific, Europe and the Middle East. Being the authorized assessors for various payment standards, we provide our services, training, and products to over two thousand organizations across the globe.
Our Synergistic Security model helps the organizations to enhance their security posture at an optimum cost. Being a Certified Information System Auditor (CISA) and registered with ISACA, we exhibit a strong capability for conducting RBI PSS Audit and have been conducting PSS audits, and other auditing works for the leading payment companies in India.
We aim at manifesting the five Cs- Coverage, Convenience, Confidence, Convergence, and Cost- as aspired by RBI through its policies. Our customer base is spread throughout various domains including banks, ITES, insurance, e-commerce and payment service providers, among other fields.
We help the organizations in embracing the compliance rules and establish a framework for risk assessment and security testing considered from all perspectives.
Keeping in compliance with the regulatory requirements, we ensure the timely detection of any irregularity or security lapses that are likely to arise in any condition.
Our Approach at SISA
With our efficient systems, SISA makes it easier for the payment systems to help customers easily transfer money to other bank accounts through their debit or credit cards.
We have, through our various plans and proposals, taken many initiatives towards the introduction and upgrading of safe and efficient programs to enhance the security level of the payment providers, which in turn works to the benefit of the customers. The main motive of our work is to provide safe, secure, sound and efficient services which will increase the reliability of people on the service providers.
We operate for various retail payment systems and pursue to bring greater efficiency by bringing uniformity, standardization and a secure environment for retail payments. This helps the service providers in expanding their reach of existing payment products and coming up with new innovative forms to enhance the convenience of the customers, without any safety concerns hovering around.
Certain unforeseen risks may arise, owing to default and other technical probabilities that may emanate, in the due course of the settlement processes. We are the providers of continuous mechanisms and help you to decrease the risks involved in the settlement transactions.
The following things are kept in perspective while approaching towards security measures:
- The technical standards and the design of the proposed system by the organization
- The term and conditions of the operations of the service providers and their own security procedures
- The manner in which the transfer of funds may be effected within the payment system
- The procedure for fabrication of payment instructions affecting the payment obligations under payment system
- The financial status experience and the integrity of the managing services
- The monetary and credit policies of the payment service providers
- The interests of the consumers, including the terms and conditions governing their relationship with payment providers.
Our mechanism keeps into account the process of submitting trade instructions and offers the services which are customized to local requirements and extends the perks of flexibility, efficiency, and values to the payment service providers.
Talk to our experts today for RBI PSS Compliance.