QRC Assurance And Solutions Pvt. Ltd.

RBI Payment And Settlement Systems

RBI PSS Audit

With the trend of increase in cashless transactions, fuelled by demonetization and then the on-going pandemic, there has been a significant concern over the security of customer’s data. To address this and specify the responsibilities of payment service providers, the Reserve Bank of India (RBI) has laid down a framework for the payment system providers to introduce and upgrade safe and efficient modes of payment.

Under Payment Settlement Act 2007, Reserve Bank of India is responsible for controlling the Banking Payment and Settlement System in the country and authorizes any company that wants to operate a payment system in India. Payment companies need to comply with the RBI requirements stipulated in time, to ensure that the technology deployed to operate the systems are safe and follow the approved process flow.

RBI PSS Audit evaluates security & controls, hardware, operating systems, applications, access controls, and disaster recovery, among other aspects. The security framework aims at safeguarding payment systems in a geographic area that has a vast network of banking systems that facilitate such transactions, to maintain safe and risk-free transaction methods.

The payment systems falling under this procedure are :

  • Electronic Clearing Service Credit

  • Electronic Clearing Service Debit

  • Electronic Funds Transfer

  • Regional Electronic Clearing Service

  • Real Time Gross Settlement System

  • Pre-paid Payments System

  • Mobile Banking System

Any divergence from the rules and violation of regulations laid down by RBI are punishable offences leading to revocation of the authorization.

Audit Approach

Working alongside RBI & NPCI Guidelines, QRC assesses your organization with a wholesome approach, dealing with Payment Systems and Settlement Systems controls. Our approach for audit is as follows:

RBI PSS Audit

Business Understanding

Evaluating business process and environment to understand the in-scope elements

RBI PSS Audit

Audit Scope Finalization

Detailed questionnaire is shared with your teams along with other documentation, and evidence is collected on the architecture, implementation and controls.

RBI PSS Audit

Initial/Readiness Assessment

Conduct an initial audit to understand the infra of the organization and help our clients in identifying all the storage locations which comprise of any payment related data.

RBI PSS Audit

Risk Assessment

Identifying and analysing the risks in the information security posture.

RBI PSS Audit

Data Flow Assessment

Conducting thorough systems analysis to evaluate data flow and possible leakages

RBI PSS Audit

Remediation Support

Support you by recommending solutions to compliance challenges

RBI PSS Audit

Scans And Testing

Identify critical vulnerabilities in your system with a robust testing approach

RBI PSS Audit

Evidence Review

Review of the evidence collected to assess their maturity, in line with the compliance

RBI PSS Audit

Final Audit

Identify critical vulnerabilities in your system with a robust testing approach

RBI PSS Audit

Concise Reporting

Our team documents a comprehensive report detailing all findings covered during the assessment cycle.

frequently asked questions

RBI payment and settlement systems refer to the digital payment and settlement systems governed by the Reserve Bank of India (RBI). These systems ensure smooth and efficient payment transactions between various entities in the Indian financial system.

RBI regulates various payment systems, including Real-Time Gross Settlement (RTGS), National Electronic Funds Transfer (NEFT), Immediate Payment Service (IMPS), Unified Payment Interface (UPI), Bharat Bill Payment System (BBPS), and Aadhaar-enabled Payment System (AePS).

RBI Payment and Settlement Systems security compliance refers to the adherence to the security standards and guidelines issued by the Reserve Bank of India (RBI) for payment and settlement systems. These standards are aimed at ensuring the confidentiality, integrity, and availability of payment systems and protecting the interests of customers and stakeholders.

All entities involved in payment and settlement systems, including banks, financial institutions, payment aggregators, and payment gateway providers, are responsible for RBI Payment and Settlement Systems security compliance.

The key security requirements under RBI Payment and Settlement Systems security compliance include secure network architecture, access control, encryption, vulnerability management, incident response, and security awareness and training.

RBI enforces compliance with Payment and Settlement Systems security guidelines through regular audits, inspections, and assessments of payment system operators and service providers. Non-compliance can result in penalties and sanctions.

Read More

Related Updates


2019 What's In Store For The Payment And Security.

As we close out the year of 2018,we have to recognise the year gone by as one that brought us closer...

Read More


Copyright 2022 @ QRC Assessments Services Pvt. Ltd. | All Rights Reserved.

LinkedIn Facebook Twitter Youtube

We use cookies to enhance your user experience. By continuing to browse, you hereby agree to the use of cookies. Know more Privacy Policy & Cookies Policy.

X