9559179325 9559179325 Login
Implications of The New Outsourcing Framework For Non-Bank PSOs


Implications of The New Outsourcing Framework For Non-Bank PSOs – A Complete Guide

Implications of The New Outsourcing Framework For Non-Bank PSOs

The Payment system operators or Non-bank PSOs are a type of operator other than banks that render services regarding financial transactions and transfer of funds.  They provide such services via outsourcing payment and settlement-related activities to other entities. The Reserve Bank of India has recently introduced a new outsourcing Framework for Non-bank PSOs. The RBI has issued these guidelines for regulations for Payment Aggregators and gateways. A framework has been issued under Section 10(2), read with Section 18 of the Payments and Settlements Systems Act, 2007, to effectively manage risks involved in activities performed by all the Non-bank PSOs. All the Non-bank PSOs are required to ensure that all their existing outsourcing arrangements shall comply with the framework by March 31, 2022.

Kinds of risks involved in outsourcing 

The Non-bank PSOs shall make a note of some things before outsourcing services. They should critically evaluate and analyze the procedures and activities with respect to the selection of company or service providers. Neglecting these nuances can negatively impact one’s business.

Following are some of the risks associated with the outsourcing process: 

  • Operational risks
  • Contractual risks
  • Cyber security risks
  • Legal risks
  • Strategic risks
  • Systematic risks

New Outsourcing Framework for Non-bank PSOs

The new outsourcing framework applies to all non-bank payment system operators that outsource payment and processing activities to service providers and third-party operators. This framework does not apply to activities other than the payment-settlement system. The new provisions added in the latest Framework for Non-bank PSOs by the Reserve Bank of India:

  • The outsourced company shall not be directly or indirectly related/controlled by the directors of the Non-bank PSOs.
  • The outsourcing arrangements should not interfere with adequate supervision by Non- bank  PSOs and the Reserve Bank of India on such activities. 
  • Non-bank PSOs do not require prior approval by the RBI for outsourcing arrangements. 
  • The Non-bank PSOs have been given complete control over outsourcing arrangements. Hence, the board and senior management of such a PSO will be liable for any non-compliance regarding such activities by the service providers. Outsourcing does not reduce the obligations of such a PSO. 
  • The Non-bank PSOs are not allowed to outsource their core managerial functions. The core administrative functions include risk management, internal audit, compliance and decision-making powers concerning KYC norms. However, the auditors for internal audits can be outsourced on a contract.
  • While outsourcing certain services, the Non-bank PSO must exercise due diligence and maintain effective and responsive risk management practices for proper supervision. 
  • Non-bank PSOs are required to consider all the relevant rules, laws, guidelines and conditions of approval, licensing and registration.
  • The outsourcing arrangements must not affect the rights of its consumers.  All the responsibilities of non- breach of rights and proper grievance redressal mechanism rest with Non-bank PSOs, including activities they outsource.
  • If the grievance redressal department has been outsourced, then Non-bank PSOs shall access their nodal officials’ contact numbers, email IDs, or a postal address for its customers. Such details should be mentioned in their official websites, advertisements etc.
  • The brochure of  Non-bank PSOs must include the role of the service providers to enable customer’s knowledge about such a role.
  • For outsourcing any payment and settlement activity, the PSO must have a board-approved outsourcing policy. Such policy should be comprehensive, i.e., shall include the selection criteria for such activities, proper management structure to supervise such activities etc.
  • The PSO shall maintain a record of all the outsourcing arrangements, which should be accessible for periodical review by the board and senior management of such a PSO. Such records shall be updated regularly.
  • The terms and conditions of the contract between the Non-bank PSOs and the service provider shall be in writing and carefully verified by the PSO’s legal department. 
  • While outsourcing its activities, the Non-bank PSOs shall maintain the confidentiality of the customers. The private information should only be given on a ” need to know” basis.
  • The Non-bank PSOs are required to review the security practices of the service provider regularly.
  • If the services are outsourced from a service provider outside India, the Non-bank PSOs are required to monitor the government policies and legal environment of such a country before outsourcing. 
  • The Non- bank PSO shall have a board-approved mechanism that lays down the code of conduct for all the Direct Sales Agents or Direct Marketing Agents.
  • Upon termination of the contract with the outsourced service provider, The Non-bank PSOs shall give the information publicly to its customers.

Implications of the new Framework on  Non-bank PSOs

The Reserve Bank of India has modified the rules for the benefit of the Non-Bank PSOs. These frameworks will protect them against any risk attached to outsourcing services from a third party.  Proper compliance of rules and regulations laid down in the latest Framework for Non-bank PSOs by RBI will help the companies to manage smoothly and effectively.  However, the implementation of such rules by the company can be a problem. They have to alter their existing policies per the new framework leaving adverse effects in their operation. Such incorporation can be an obstacle in technological improvements as well. The companies will take time to adapt to the new policies, which can temporarily hinder the delivery of service.  However, these frameworks are done only for their benefit, for which they can bear the temporary inconvenience. 


The latest framework introduced by the Reserve Bank of India[1] is enriched with various risk-averse features. Upon proper compliance with such rules, the Non-bank PSOs can decrease the risks attached to the outsourcing services. The new Framework for Non-bank PSOs aims to put minimum standards for effective management of risks in the payment-settlement system. It will not only protects them from service providers in  India but also protect foreign service providers.

Read our article:Minimum Capital Requirement For Non-Banking Financial Company (NBFC)

Post Views:


Related Posts

Leave a Reply

Get Expert Assistance

Subscribe Our Newsletter.

We'll never share your email with anyone else.