RBI released extensive guidelines for the outsourcing of IT services by financial sector organisations
- ByStartupStory | April 11, 2023
To ensure that such arrangements do not undercut their duties and commitments to customers, the Reserve Bank of India released extensive guidelines for the outsourcing of IT services by banks, NBFCs, and other regulated financial sector organisations.
The RBI stated that Regulated Entities (REs) have been heavily utilising IT and IT-enabled Services (ITeS) to support their business models, goods, and services given to their consumers. This was stated in its “Master Guidance on Outsourcing of Information Technology Services.”
In an effort to promote efficient risk management, the central bank requested in February of last year that appropriate regulatory rules be issued regarding the outsourcing of IT services. Draft standards were released later. The guiding concept of the directives, according to RBI, is to make sure that outsourcing arrangements don’t make it harder for REs to fulfil their duties to customers or prevent the central bank from effectively supervising them.
The rules will take effect on October 1, 2023, giving REs enough time to comply with the standards.
RE must take action to ensure that the service provider uses the same high standard of care when providing the services as RE would have used if the identical activity had not been outsourced.
According to the central bank, a RE shouldn’t work with an IT service provider whose reputation might be harmed or damaged.
According to RBI, REs should make sure that outsourcing should not hinder or interfere with their ability to efficiently oversee and manage their activities, regardless of whether the service provider is based in India or elsewhere.
Also, REs have been instructed to determine if outsourcing IT services is necessary based on a thorough analysis of the advantages, risks, and availability of appropriate methods to manage such risks.
In terms of governance, the RBI stated that any RE planning to outsource any of its IT activities should have a comprehensive board-approved IT outsourcing policy.
Financial institutions should also implement an outsourcing risk management framework that addresses the processes and responsibilities for identifying, measuring, mitigating, managing, and reporting risks associated with IT service outsourcing arrangements.
REs should also request that their service providers develop and implement a solid framework for documenting, maintaining, and testing their business continuity and disaster recovery plans.
A RE may also outsource any IT activity/IT-enabled service within its business group/conglomerate, subject to the conditions specified in the Master Direction.
Calling all entrepreneurs, investors and business owners! The wait is finally over. The 2nd edition of Startup Story B2B Connect is back with a bang – and this time, we’re taking it up a notch. With more startups, more investors and bigger opportunities than ever before, this is your chance to connect, collaborate and take your business to the next level. Get ready for an unforgettable networking experience that’s set to change the game. Stay tuned for all the exciting updates! Register Now Here.
Follow Startup Story
Related Posts
