The Reserve Bank of India (RBI) on Tuesday laid down a framework for outsourcing of processes by payment system operators (PSOs), excluding functions like risk management, internal audit and compliance from the ambit of outsourcing. The framework also mandates the formulation of a code of conduct for direct selling agents (DSAs) working with PSOs.
The central bank said outsourcing of any activity by a PSO shall not reduce its obligations, and those of its board and senior management, who are ultimately responsible for the outsourced activity. “This framework is applicable to non-bank PSOs insofar as it relates to their payment and/ or settlement-related activities.
It seeks to put in place minimum standards to manage risks in outsourcing of payment and/ or settlement-related activities (including other incidental activities like on-boarding customers, IT based services),” the RBI said in a notification on its website.
Outsourcing arrangements shall not affect the rights of a customer of a payment system against the PSO, as well as those of a payment system participant against the PSO, the central bank said. The responsibility of addressing the grievances of its customers shall rest with the PSO, including in respect of the services provided by the outsourced agency.
The circular mandated that a PSO which has outsourced its customer grievance redressal function must also provide its customers the option of direct access to its nodal officials for raising or escalating complaints. Such access should be enabled through adequate phone numbers, e-mail ids, and postal addresses, details of which shall be displayed prominently on the PSO’s website, mobile applications and advertisements, the RBI said.
To outsource any of its payment and settlement-related activities, PSOs will be required to have a board-approved comprehensive outsourcing policy, which incorporates criteria for selection of outsourced activities and service providers, parameters for grading the criticality of outsourcing, delegation of authority depending on risks and criticality, and systems to monitor and review the operation of these activities.
“The PSOs shall ensure that the DSAs/ DMAs (direct marketing agents) are properly trained to handle their responsibilities with care and sensitivity, particularly for aspects such as soliciting customers, hours of calling, privacy of customer information, conveying the correct terms and conditions of the products on offer,” the RBI said. The PSOs must also put in place a board-approved code of conduct for DSAs / DMAs and obtain their undertaking to abide by the same.