Paytm Payments Services Limited on Tuesday said it has received in-principle nod from the Reserve Bank of India (RBI) operate as an Online Payment Aggregator under the Payment and Settlement Systems Act, 2007.
The approval is subject to compliance with the RBI’s Guidelines on Regulation of Payment Aggregators and Payment Gateways issued on March 17, 2020, and related clarifications released on March 31, 2021, One97 Communications Ltd informed the exchanges.
The authorisation applies only to online payment aggregator activities defined in the guidelines and excludes transactions outside their ambit, such as ‘pay-out’ transactions for merchants through the designated escrow account.
As part of the conditions, RBI has advised PPSL to conduct a system audit, including a cyber security audit, through a CERT-In empanelled auditor, a Certified Information Systems Auditor (CISA) registered with ISACA, or a holder of the DISA qualification from the Institute of Chartered Accountants of India.
The audit must also assess compliance with the Master Direction on Cyber Resilience and Digital Payment Security Controls for non-bank payment system operators issued on July 30, 2024, and the RBI’s circular on payment system data storage dated April 6, 2018.
The company must submit the system audit report within six months from the date of the letter. Failure to do so will result in the in-principle authorisation lapsing automatically, and the final authorisation will not be considered, Paytm informed.
RBI has also advised PPSL to follow the July 4, 2022 guidelines on obtaining prior approval in cases of change in shareholding, acquisition of control, or transfer of payment system activities for non-bank payment system operators.
The approval is subject to compliance with the RBI’s Guidelines on Regulation of Payment Aggregators and Payment Gateways issued on March 17, 2020, and related clarifications released on March 31, 2021, One97 Communications Ltd informed the exchanges.
Finance
Value and Valuation Masterclass - Batch 4
Artificial Intelligence
AI For Business Professionals Batch 2
Finance
Value and Valuation Masterclass - Batch 3
Artificial Intelligence
AI For Business Professionals
Finance
Value and Valuation Masterclass - Batch 2
Finance
Value and Valuation Masterclass Batch-1
The authorisation applies only to online payment aggregator activities defined in the guidelines and excludes transactions outside their ambit, such as ‘pay-out’ transactions for merchants through the designated escrow account.
As part of the conditions, RBI has advised PPSL to conduct a system audit, including a cyber security audit, through a CERT-In empanelled auditor, a Certified Information Systems Auditor (CISA) registered with ISACA, or a holder of the DISA qualification from the Institute of Chartered Accountants of India.
The audit must also assess compliance with the Master Direction on Cyber Resilience and Digital Payment Security Controls for non-bank payment system operators issued on July 30, 2024, and the RBI’s circular on payment system data storage dated April 6, 2018.
The company must submit the system audit report within six months from the date of the letter. Failure to do so will result in the in-principle authorisation lapsing automatically, and the final authorisation will not be considered, Paytm informed.
RBI has also advised PPSL to follow the July 4, 2022 guidelines on obtaining prior approval in cases of change in shareholding, acquisition of control, or transfer of payment system activities for non-bank payment system operators.
