RBI issues final directions on cybersecurity controls for non-bank PSOs
The Reserve Bank of India (RBI) on Tuesday issued final guidelines on cyber resilience and digital payment security controls for non-bank payment system operators (PSOs), wherein it has mandated different timelines for these entities, based on their sizes, to set up necessary compliance structures. These directions come into effect on July 30.
Large non-bank PSOs such as Clearing Corporation of India Limited (CCIL), National Payments Corporation of India (NPCI), Bharat Bill Payment Operating Units (BBPOUs), and Payment Aggregators (PAs), among others, need to abide by the directions by April 2025.