RBI Issues New Framework for Payment System Operators (PSOs) – Check All Faqs Here!

Hello People!

In today’s blog we will be discussing the new framework for Payment System Operators. Recently, the Reserve Bank of India issued a framework for payment and settlement related activities by the PSOs. The framework is issued under the provisions of Payment and Settlement Systems Act, 2007.

Further in the blog we will let you know about what Payment System Operators are and the new rules issued by the RBI. 

What are PSOs? 

Payment System Operators (PSOs) largely outsource their payment and settlement-related activities to different other entities due to the services they provide and the models on which they operate. They are authorized by RBI under Payment and Settlement Systems Act, 2007 for setting up and operating payment systems in India. 

What is Outsourcing?

Outsourcing is defined as the employment of a third party (i.e. service provider) to do activities that would ordinarily be performed by the PSO itself on a regular basis, either now or in the future.

Objective:

Its goal is to establish minimum standards for managing risks associated with the outsourcing of payment and/or settlement-related operations including other incidental activities like on-boarding customers, IT based services, etc.

Key Points

Applicability off the new framework:

• This framework is applicable to the non-bank PSOs as it relates to their payment and settlement related activities.
• It is not applicable to activities such as internal administration, housekeeping or similar functions.
• It is applicable to all service providers whether located in India or elsewhere.

Framework over Outsourcing

• PSOs are restricted from outsourcing Core management functions. Core management functions include risk management and internal audit; compliance and decision-making functions, such as determining compliance with KYC regulations.
• The PSO will carefully review the requirement to outsource its critical processes and operations. The selection of service provider(s) should be based on a detailed risk assessment.

PSOs Role and Supervisory Requirements

• Outsourcing of any activity does not reduce the obligation of PSOs and its board and senior management. They are ultimately responsible for the outsourced activity.
• Outsourcing shall not affect the rights of a customer of a payment system against the PSO. Also PSO will be responsible for addressing the grievances of its customers in respect of the service provided by the outsourced agency.
• In case a PSO has outsourced its grievance redressal function it must provide the customer with direct access to its nodal officials for raising complaints.
• Outsourcing shall not obstruct or interfere with the PSO’s capacity to properly oversee and manage its activities, nor with RBI’s ability to carry out its supervisory tasks and objectives. 

Confidentiality and Security

• PSO is responsible for the security and confidentiality of client information in the service provider’s custody or possession.
• Any breach of security or exposure of confidential information about consumers must be reported to the PSO immediately. In such a case, the PSO would be responsible for any damage caused to its consumers.

Requirements for Off-shore outsourcing

• The PSO is exposed to country risk when it engages a service provider in another country. 
• To manage such country risk, the PSO must keep a close eye on government policies, as well as political, social, economic, and legal conditions in the countries. Sound procedures must be established for dealing with country risks.

Responsibility of Direct Sale Agents (DSAs)

• The PSOs must ensure that the DSAs are adequately trained to handle their responsibilities with care and sensitivity, especially in regards to factors such as soliciting clients, calling hours, customer privacy, communicating the right terms and conditions of the products on offer, and so on.

Recording and reviewing 

• A central record of all outsourcing arrangements must be kept and made easily available for review by the PSO’s board of directors and senior management. 
• The record must be updated on a regular basis, and half-yearly reviews must be presented to the board or senior management.

About Reserve Bank of India (RBI)

Established – 1st April, 1935

Headquarters – Mumbai, Maharashtra

Governor – Shaktikanta Das

India is the world second-fastest digital adaptor, out of 17 most digital economies globally. Therefore it is necessary to boost cybersecurity and create a layered security system. We covered all the relevant points of the framework issued by RBI and its importance. 

Stay tuned for more such detailed blogs!