Payment System Operators (PSOs) should not outsource essential management operations such as risk management and internal audit, compliance and decision-making functions such as evaluating compliance with KYC regulations, according to the Reserve Bank of India on Tuesday.
Announcing the framework for outsourcing payment and settlement-related activities by PSOs, the RBI said the objective is to put in place minimum standards to manage risks in outsourcing of payment and settlement-related activities including tasks such as onboarding customers and IT-based services.
“This framework is applicable to non-bank PSOs insofar as it relates to their payment and settlement-related activities,” the RBI said, adding that it is applicable to all service providers, whether located in India or abroad.
The Reserve Bank said core management functions would include management of payment system operations such as netting and settlement, transaction management like reconciliation, reporting and item processing, according sanction to merchants for acquiring, managing customer data, risk management, information technology and information security management.
The service provider, unless it is a group company of the PSO, should not be owned or controlled by any director or officer of the PSO or their relatives.
The RBI framework has further said that the PSO will carefully evaluate the need for outsourcing its critical processes and activities and also the selection of service providers based on comprehensive risk assessment.