The Reserve Bank of India has today placed on its website the draft Master Directions on Cyber Resilience and Digital Payment Security Controls for Payment System Operators for feedback from stakeholders. Comments / Feedback, if any, may be sent by email, or by post to the Chief General Manager, Department of Payment and Settlement Systems, Central Office, Reserve Bank of India, 14th Floor, Central Office Building, Shahid Bhagat Singh Road, Mumbai - 400 001, on or before June 30, 2023.

2. The draft Directions cover governance mechanism for identification, assessment, monitoring and management of cybersecurity risks including information security risks and vulnerabilities, and specify baseline security measures for ensuring safe and secure digital payment transactions.

3. It was announced in the Statement on Developmental and Regulatory Policies issued as part of Monetary Policy Statement dated April 08, 2022 that the Reserve Bank of India (RBI) will issue directions on Cyber Resilience and Payment Security Controls of Payment System Operators (PSOs).

(Yogesh Dayal)     
Chief General Manager

Cyber resilience draft mandates governance and baseline security controls for payment operators, inviting stakeholder comments by a set deadline. Draft directions require Payment System Operators to implement a governance mechanism for identifying, assessing, monitoring and managing cybersecurity and information security risks, and to adopt specified baseline security measures to ensure safe and secure digital payment transactions; the draft is published for stakeholder consultation with comments invited by a stated deadline.