The Reserve Bank of India has issued a framework for non-bank Payment System Operators (PSOs), both located in India or elsewhere, for outsourcing of payment and settlement-related activities. The framework seeks to put in place minimum standards to manage risks in outsourcing of activities, including other incidental activities like onboarding customers, IT based services, etc and the PSOs are required to ensure that all their outsourcing arrangements are in compliance with this framework by 31 March 2022. The service provider, unless it is a group company of the PSO, shall not be owned or controlled by any director or officer of the PSO or their relatives. The framework says the PSO should ensure exercises of due diligence and put in place sound and responsive risk management for effective oversight. Outsourcing of activities shall not require prior approval from RBI. The PSOs shall not outsource core management functions, including risk management and internal audit, compliance and decision-making functions. The PSO shall be liable for the actions of its service providers and shall retain ultimate control over the outsourced activity.
