RBI PSS Compliance

Issues concerning consumer data security and the duties of service providers responsible for facilitating such transactions have grown dramatically as people's preference for cashless transactions has grown.

The Reserve Bank of India has created a framework for payment system providers that takes into account the needs of ordinary people as well as the hazards they may experience while using virtual transaction methods. RBI PSS compliance is the term for it. Customers may rely on secure and risk-free transaction procedures as a result of this.

How This ‘Compliance’ Came into Existence?

The Reserve Bank of India is in charge of overseeing India's financial payment and settlement system under the Payment Settlement Act 2007. As a result, the RBI issues a certificate of approval to every company setting up and operating a payment system in India. A payment company must meet RBI PSS compliance standards to maintain its authorization, ensuring that the technology used to run the payment system is safe, secure, and efficient, as well as following the approved process flow. An RBI PSS audit looks at security and controls, hardware, operating systems, applications, access controls, and disaster recovery.

This approach covers the following systems: Electronic Clearing Service Credit, Electronic Clearing Service Debit, Electronic Funds Transfer, Regional Electronic Clearing Service, Real Time Gross Settlement System, Pre-paid Payments System, and Mobile Banking System.

Essentials of the Compliance:

The audit should confirm that the technology used to operate the payment system is working in a safe, secure, and efficient manner in accordance with the approved RBI PSS compliance process flow to ensure the safety of the customers.

Hardware, structure, operating systems, and important applications should all be evaluated as part of a system audit.

The system providers must follow the contract that governs the interaction between the system participants as well as the rules and regulations that regulate the functioning of the payment system.

Any breach of the RBI's rules, as well as any deviation from its guidelines, are considered criminal offences. RBI may revoke the authorization if the system provider violates RBI PSS compliance rules and regulations, fails to follow orders and directives, or is found to be in violation of the terms and conditions under which the authorization was provided.