Imperative to the greater adoption of electronic payments are speed, efficiency and security, as also creating trust
and safety of operations in the minds of the users. In line with its vision of encouraging electronic payments in
the country and achieving a less-cash society, the Reserve Bank continued its endeavours in making the payment
systems safer and more secure, gearing its policies towards addressing risks, if any, in the payment systems. Several
initiatives for infrastructure enhancement during the year included introduction of white label ATMs, cardless
cash withdrawal facility for unbanked persons, introduction of next generation RTGS and enhancing the capacity
of the NEFT system for larger volumes and efficiency. The trend of greater acceptance of electronic payments over
paper cheques by the general public received further boost during the year
IX.1 The efforts made by the Reserve Bank in
migrating to electronic payments are reflected in
the high volumes witnessed under various electronic payment systems during the year
(Table IX.1). Alongside acceptance of electronic
payments, the volumes processed under paper- based clearing systems, relative to other non-cash
payment means, continued to show a declining
trend. Overall, the payment and settlement
systems registered a healthy growth in volumes
at 23.2 per cent and value at 14.2 per cent during
2013-14.
Table IX.1: Payment System Indicators - Annual Turnover |
Item |
Volume (million) |
Value (` billion) |
2011-12 |
2012-13 |
2013-14 |
2011-12 |
2012-13 |
2013-14 |
1 |
2 |
3 |
4 |
5 |
6 |
7 |
Systemically Important Financial Market infrastructures (SIFMIs) |
|
|
|
|
|
|
1. RTGS |
55.0 |
68.5 |
81.1 |
539,307.5 |
676,841.0 |
734,252.4 |
Total Financial Markets Clearing (2+3+4) |
1.9 |
2.3 |
2.6 |
406,071.2 |
501,598.5 |
621,569.6 |
2. CBLO |
0.1 |
0.2 |
0.2 |
111,554.3 |
120,480.4 |
175,261.9 |
3. Government Securities Clearing |
0.4 |
0.7 |
0.9 |
72,520.8 |
119,948.0 |
161,848.2 |
4. Forex Clearing |
1.3 |
1.4 |
1.5 |
221,996.1 |
261,170.1 |
284,459.5 |
Total SIFMIs (1-4) |
56.9 |
70.8 |
83.7 |
945,378.7 |
1,178,439.5 |
1,355,822.0 |
Retail Payments |
|
|
|
|
|
|
Total Paper Clearing (5+6+7) |
1,341.9 |
1,313.7 |
1,254.0 |
99,012.1 |
100,181.8 |
9,3014.8 |
5. CTS |
180.0 |
275.0 |
589.3 |
15,103.7 |
21,779.5 |
44,203.1 |
6. MICR Clearing |
934.9 |
823.3 |
439.0 |
65,093.2 |
57,504.0 |
31,129.8 |
7. Non-MICR Clearing |
227.0 |
215.3 |
225.7 |
18,815.1 |
20,898.3 |
17,681.8 |
Total Retail Electronic Clearing (8+9+10+11+12) |
512.5 |
694.1 |
1,108.3 |
20,575.3 |
31,881.1 |
47,856.3 |
8. ECS DR |
164.7 |
176.5 |
192.9 |
833.6 |
1,083.1 |
1,268.0 |
9. ECS CR |
121.5 |
122.2 |
152.5 |
1,837.8 |
1,771.3 |
2,492.2 |
10. EFT/NEFT |
226.1 |
394.1 |
661.0 |
17,903.5 |
29,022.4 |
43,785.5 |
11. Immediate Payment Service (IMPS) |
0.1 |
1.2 |
15.4 |
0.4 |
4.3 |
95.8 |
12. National Automated Clearing House (NACH) |
- |
- |
86.5 |
- |
- |
214.8 |
Total Card Payments (13+14+15) |
678.1 |
931.7 |
1,262.1 |
1,562.5 |
2,051.5 |
2,576.3 |
13. Credit Cards |
320.0 |
396.6 |
509.1 |
966.1 |
1229.5 |
1539.9 |
14. Debit Cards |
327.5 |
469.1 |
619.1 |
534.3 |
743.4 |
954.1 |
15. Prepaid Payment Instruments (PPIs) |
30.6 |
66.1 |
133.9 |
62.0 |
78.7 |
82.4 |
Total Retail Payments (5 to 15) |
2,532.4 |
2,939.5 |
3,624.4 |
121,149.9 |
134,114.4 |
143,447.4 |
Grand Total (1-15) |
2,589.3 |
3,010.2 |
3,708.0 |
1,066,528.5 |
1,312,554.0 |
1,499,269.4 |
- : Not applicable
Note: 1. Real time gross settlement system (RTGS) includes customer and inter-bank transactions only.
2. Settlement of government securities clearing and forex transactions is through the Clearing Corporation of India Ltd. (CCIL).
3. Banks from 27 Magnetic Ink Character Recognition (MICR) Cheque Processing Centres (CPCs) and 67 non-MICR CPC locations; 20 MICR
CPCs and 3 non-MICR CPC locations; and 21 MICR CPCs and 1 non-MICR CPC locations are participating in CTS-Chennai, Mumbai and New
Delhi Grids respectively. Consequent upon migration of total cheque volume to cheque truncation system (CTS) in various CPC locations, the
total number of MICR CPCs in the country reduced from 66 to 19 (as on May 21, 2014).
4. The figures of cards are for transactions at point of sale (POS) terminals only.
5. The NACH system was started by National Payments Corporation of India (NPCI) (in December 29, 2012), to facilitate inter-bank, high volume,
electronic transactions which are repetitive and periodic in nature.
6. Figures in the columns might not add up to the total due to rounding off of numbers. |
TRENDS IN PAYMENT SYSTEMS
Paper clearing
IX.2 The on-going endeavour and efforts to
migrate from paper to electronic payments had a
positive impact, leading to a reduction in paperbased
transactions in volume as well as in value
terms. During 2013-14, in volume terms paperbased
transactions accounted for 34.6 per cent
(43.4 per cent during 2012-13) of total non-cash
transactions. In terms of value too, the share of
paper-based transactions reduced to 6.3 per cent
(7.6 per cent during 2012-13).
IX.3 The cheque clearing system at present
mainly comprises: (i) the grid based cheque
truncation1 system (CTS) at Chennai, Mumbai and
New Delhi, (ii) MICR CPCs at 19 large centres,
and (iii) express cheque clearing systems (ECCS)
at 1,339 smaller centres. Grid-CTS clearing
facilitate clearing of all cheques drawn on bank
branches within the grid jurisdiction as local
cheques, thus eliminating the levy of speed
clearing charges/outstation cheque collection
charges, etc. As of May 2014, the introduction of
grid CTS had enabled migration of the entire
volume of 47 MICR centres to the grid centre, thus
leading to their closure. The ECCS application
package is used at centres with low volumes and
also enables ‘local’ level clearing for participating
banks at that centre.
Electronic payments
IX.4 During 2013-14, the RTGS processed
around 81 million transactions valued at `734 trillion. As on April 30, 2014 the number of RTGSenabled
bank branches stood at 109,506.
IX.5 As on April 30, 2014, the national electronic
funds transfer (NEFT) facility was available at
111,619 branches of 158 banks. During 2013-14,
NEFT handled 661 million transactions valued at
around `44 trillion. In March 2014, NEFT processed
a record volume of 82.8 million transactions.
IX.6 During 2013-14, the electronic clearing
service (ECS) debit-handled 193 million
transactions valued at around `1,268 billion and
ECS credit processed 152 million transactions
valued at around `2,493 billion. With the gradual
expansion of the regional electronic clearing
service (RECS) operations, the volumes at many
ECS centres have completely subsumed to RECS
centres. The number of ECS centres now stands
at 34 in addition to the 12 RECS centres in various
centres and the national electronic clearing service
(NECS) in Mumbai.
IX.7 During 2013-14, 509 million transactions
valued at `1,539 billion were transacted through
credit cards, while 619 million transactions valued
at `954 billion were undertaken through debit cards.
IX.8 During the year, mobile banking services
handled 95 million transactions valued at around
`60 billion.
White label ATMs (WLAs)
IX.9 To supplement the efforts of banks in
providing banking services to people in unbanked/
under-banked areas, non-bank establishments
were permitted to install and operate ATMs with
greater focus on Tier III to Tier VI centres. Out of
the 18 applicants, 12 entities were given inprinciple
approval, of which 6 entities have been
granted final authorisation to install ATMs. A total
of 1,960 WLAs had been deployed as on April 30,
2014.
Authorisation of payment systems
IX.10 During 2013-14, with the addition of 17 new
entities, the number of authorised payment system
operators grew to 58, comprising prepaid payment
instrument issuers, cross-border money transfer
service providers, WLA operators, ATM networks
and card payment networks besides CCIL and the
National Payments Corporation of India (NPCI). In
addition, 8 other entities were issued ‘in-principle
authorisation’ to issue and operate prepaid payment
instruments (PPIs). During the year, 3 payment
system operators (PSOs) issuing PPIs were put
under the ‘winding down’ process. Operations of
one overseas principal engaged in the cross-border
in-bound remittance service under money transfer
service scheme (MTSS) ceased completely due to
non-compliance of guidelines. NPCI which operates
the 24x7 Immediate Payment Service (IMPS) was
accorded permission to introduce multiple
settlement sessions. In-principle approval was also given for setting up cardless cash withdrawal
systems (Box IX.1).
POLICY INITIATIVES
Cheque clearing systems: Checks and balances
IX.11 Over the years, the Reserve Bank first
automated all clearing houses for settlement
purposes and then leveraged the core banking
solution (CBS) of banks for enabling processing of
outstation cheques locally under speed clearing.
Later, CTS and grid-based CTS were introduced
for building further efficiency in cheque clearing.
However, even after years, non-CTS 2010 standard
cheques continued to be presented at CTS grids
posing risks. A system of separate clearing at less
frequent intervals was hence introduced at the 3
grid CTS locations from January 1, 2014 for noncompliant
cheques still in circulation. Banks were
advised against the continued use of post-dated
cheques in locations where the ECS facility was
available.
Box IX.1
Cardless Cash Withdrawal Facility for Unbanked Persons
During the year, 2 entities were granted ‘in-principle
authorisation’ to set up a payment system in India which will
facilitate unbanked persons to withdraw remittances initiated
by ‘senders/remitters’ from their bank accounts. The
proposition behind the cardless service is to enable bank
account holders to transfer/remit funds, within permissible
limits, to an unbanked beneficiary using a mobile number as
the identification of the receiver and pin codes for enabling
withdrawal. The service will be made operational on
submission of system audit reports by the said entities. A
brief schema of the approved systems is given below.
Remittance will be possible by an account holder to a nonaccount
holder using the internet or his debit card at an ATM.
The sender will use any participating bank’s ATM to transfer
funds to the receiver by activating a special button. Thereafter
he will be prompted to provide the following information:
• Receiver/beneficiary’s mobile number
• 4-digit sender code of his choice
• Amount to be remitted
• Own (sender’s) mobile number
The beneficiary will be able to withdraw the money in full at
any of the ATMs of the participant banks using a set of pin
codes - one received from the bank and the other from the
remitter. At the ATM, the beneficiary will need to activate the
special button and provide the following information:
• His own (receiver) mobile number
• The sender’s code (received on phone/short message
service (SMS) from remitter)
• The transaction pin (generated by the bank and sent to
him by SMS)
• The amount (also received from the bank and remitter
by SMS)
On successful completion of the transaction, the remitter will
get an SMS of successful delivery of the value. The service
will be chargeable to the sender. The withdrawal can also be
enabled through a micro ATM (hand held device with a
business correspondent (BC)) to extend the reach of the
system.
IX.12 As a customer service measure, banks
were advised that cheque return charges should
be levied only in cases where the customer is at
fault and responsible for such returns, and not
otherwise. An arrangement of uniform holidays was
put in place at the 3 grid-CTS locations for
streamlining the procedures and ensuring faster
cheque realisations across different states covered
by the grid.
Enhancing efficiency and security of electronic
payments
IX.13 The NEFT system was enhanced for
handling larger volumes and efficiency. To improve
customer service, banks were advised to adhere
to the NEFT procedural guidelines concerning
charges to customers, adherence to return
discipline, facilitation of remittance for walk-in
customers and suo moto payment of compensation
for delayed credit or return.
IX.14 Banks were advised to facilitate quicker
lodging of complaints relating to ATM transactions
and proactively registering mobile numbers/e-mail
IDs of customers for sending alerts. As a fraud
control measure, banks were also advised to
enable time-out sessions for all screens/stages of
ATM transactions keeping in view the time required
for such functions in the normal course.
IX.15 The facility of e-KYC for opening accounts,
available to banks, was also extended to non-bank
entities authorised to issue PPIs. PPI guidelines,
first issued in April 2009 were amended and
consolidated in March 2014. To address the
concerns of operational risks, the revised guidelines
tightened the entry point norms in terms of capital
and net worth requirements for entities seeking
authorisation as issuers of PPIs, outlining the
permissible debits and credits to escrow accounts
which were put in place to ensure protection of
customer funds.
IX.16 To ensure safety and security of card
payments, the Reserve Bank has mandated the
migration to Europay, MasterCard and Visa (EMV) chip and personal identification number (PIN) for
all international cards as also the need for a PIN
for all debit card transactions at point of sale (POS)
terminals. While these requirements were to be
complied by card issuing banks, similar
requirements were placed on the banks which have
installed card acceptance infrastructure for
compliance to payment card industry data security
standards (PCI-DSS), terminal line encryption
(TLE) and unique key per terminal (UKPT)/ derived
unique key per terminal (DUKPT) security. Banks
were also advised that customer losses accruing
on account of non-adherence were to be borne by
the banks responsible for such losses. Over a
period of time, both card-not-present and cardpresent
transactions have been strengthened
through the use of the additional factor of
authentication (AFA).
IX.17 As on May 31, 2014, 86 banks, including
10 RRBs and 19 UCBs, had been permitted to
launch mobile banking services (Box IX.2).
Clearing Corporation of India Limited (CCIL)
IX.18 The Reserve Bank issued a policy
document on ‘Regulation and Supervision of
Financial Market Infrastructure’ (FMI) describing
in detail the criteria for designating a FMI, its
oversight and other related aspects. CCIL has been
advised to adopt the principles for financial market
infrastructures (PFMIs) issued jointly by the
Committee on Payment and Settlement Systems
(CPSS) and the International Organisation of
Securities Commission (IOSCO). CCIL was
declared a qualified central counterparty (QCCP)
in the Indian jurisdiction on January 1, 2014.
IX.19 During the year, CCIL has been granted
several permissions/approvals: i) doing away with
physical exchange of confirmation for trades in the
currency options, ii) commencement of interest
rate swaps (IRS) guaranteed settlement, iii) inprinciple
approval for introduction of the payment
vs payment (PvP) model in USD/INR settlement,
and iv) portfolio compression in USD-INR forex forward trades for members. CCIL is being
monitored for compliance against PFMIs. PFMI
suggests that ‘FMIs may use the assessment
methodology to periodically conduct, full or partial,
self-assessments of observance of the principles’.
Accordingly, CCIL has been advised to carry out
self-assessment against the ‘PFMIs-disclosure
framework and assessment methodology’ document issued by CPSS-IOSCO in December
2012.
Box IX.2
Technical Committee on Mobile Banking
With a view to leveraging the high mobile density in the
country and to study the feasibility of providing an affordable
means of carrying out payment transactions to enhance the
financial inclusion objective through this medium, a Technical
Committee on Mobile Banking was constituted under the
Chairmanship of Shri B. Sambamurthy. The committee
submitted its report in January 2014.
The committee identified the challenges faced by banks in
providing mobile banking services to customers, including
customer enrolment, technical issues and SMS/unstructured
supplement service data (USSD)/application-based mobile
banking. The report emphasised the need for a standardised
and simplified procedure for registration/authentication of customers, a cohesive awareness programme and adoption
of a common application platform across all banks to be
delivered to the customers independent of the handset being
used. The report has indicated the use of SMS and USSD
with encryption technology for providing the necessary level
of security in financial transactions.
The issuance of necessary guidelines by the Telecom
Regulatory Authority of India (TRAI) prescribing the optimum
service parameters, as also the ceiling on transaction costs
for extension of the USSD services by telecom operators to
banks and their agents, has been appreciated and the
committee has recommended that the implementation of
TRAI’s regulations must be expedited by all the stakeholders.
IX.20 As per the on-going monitoring, CCIL was
advised to carry out a comprehensive review of its
bye-laws, rules and regulations. CCIL had reviewed
its bye-laws and rules and regulations with respect
to forex forwards and IRS segments (Box IX.3).
The amendments include a new chapter on bankruptcy in CCIL, bye-laws which cover CCIL
default and members’ right to set-off in such
circumstances.
Box IX.3
Forex Forward Trade Compression
Trade compression is a risk mitigating process carried out
by reducing the notional amount of trades outstanding in
the market by a process of termination/partial termination
of economically redundant trades. By trade compression,
members off-set between the trades, which causes significant
reduction in their outstanding trades and associated risks.
Members who desire to participate in the portfolio
compression exercise have to indicate to the service
provider their willingness and acceptance of the defined
parameters. The participants generally specify a threshold
limit for mark-to-market (MTM) loss/gain caused due to
the early termination of trades and the trades eligible for
early termination based on these tolerances. This involves
execution of a mathematical algorithm to arrive at the
optimum solution. The compressions are executed as
‘cycles’. Generally, the live cycle is preceded by a mandatory
trial run and the entire exercise is spread over 4 to 5 business
days.
The benefits arising from this new strategy include reduction
of counterparty credit risks, operational risks, costs, risk
weighted assets and balance sheet size of the financial
institutions. Portfolio compression is recognised globally
as an important risk mitigating tool. Periodic portfolio
compression will eliminate the capital charge for risk
weighted assets appearing on the balance sheets of banks/
financial institutions.
CCIL, based on the approval of the Reserve Bank has been
providing trade compression for interest rate swaps (IRS)
only.
CCIL has now been accorded approval for carrying out
portfolio compression in USD-INR forex forward trades for
members of the segment. CCIL will remain responsible
for settlement of all these trades whether through portfolio
compression or at the time of settlement of those trades on
maturity.
Oversight of payment systems
IX.21 The oversight framework is based on three
parameters: monitoring, assessment and inducing
change. It is managed through self-assessment by
the authorised entity, evaluation of the selfassessment
and on-site inspection by the
supervisors, complemented by off-site monitoring
and market intelligence.
Committee on Payment and Settlement
Systems (CPSS)
IX.22 CPSS promotes the safety and efficiency
of payments, clearing, settlement and related
arrangements, thereby supporting financial stability
and the wider economy. It serves as a forum for
central bank cooperation in related oversight, policy and operational matters including the provision of
central bank services. India continues to be a
member of this important forum.
PFMI implementation and monitoring
IX.23 In April 2012, CPSS and IOSCO issued the
‘Principles for Financial Market Infrastructures’
(PFMIs) (Box IX.4). The scope of PFMIs is to
enhance safety and efficiency in payments,
clearing, settlement and recording arrangements,
and more broadly to limit systemic risks and foster
transparency and financial stability. CPSS and
IOSCO members are required to strive to adopt
PFMIs in their respective jurisdictions. CPSSIOSCO
started the process of monitoring the
implementation of PFMIs with the intention of
promoting consistency in implementation across
jurisdictions. The first stage of implementation
monitoring (Level-I) assessed whether the
jurisdictions have completed the process of adopting the legislation and other policies for
implementing the 24 principles for FMIs and the
responsibilities for authorities.
Box IX.4
Financial Market Infrastructure Framework
Financial market infrastructure (FMI) is defined as a
multilateral system among participating institutions including
the operator of the system, used for the purposes of clearing,
settling or recording payments, securities, derivatives or other
financial transactions. The term FMI generally refers to
systemically important payment systems, central securities
depositories (CSDs), securities settlement systems (SSSs),
central counterparties (CCPs) and trade repositories (TRs)
that facilitate the clearing, settlement and recording of
financial transactions.
As a member of the Financial Stability Board (FSB) and of
CPSS, the Reserve Bank is committed to the adoption and
implementation of the ‘Principles for Financial Market
Infrastructures’ (PFMIs). The policy on supervision and
regulation of FMIs regulated by RBI describes in detail the
criteria for designating a FMI, applicability of PFMIs to FMIs,
oversight of FMIs and other related aspects. Hitherto the
oversight was based on international standards such as Core
Principles for Systemically Important Payment Systems
(CPSIPS), Recommendations for Securities Settlement
Systems (RSSS) and Recommendations for Central Counter
Parties (RCCP).
In line with international developments, and as indicated in
the ‘Payment Systems in India: Vision 2012-15’, the Reserve
Bank has adopted the standards set out in PFMIs for
regulating and supervising FMIs under the aegis of the Board
for Regulation and Supervision of Payment and Settlement
Systems (BPSS). All the FMIs determined by the Reserve
Bank are expected to comply with PFMI requirements as
applicable to them. The FMIs regulated by RBI are RTGS,
SSS, CCIL and Negotiated Dealing System-Order Matching
(NDS-OM). RTGS and SSS for government securities are
owned and operated by the Reserve Bank.
The assessment of FMIs, including those operated by the
Reserve Bank, will be against the PFMIs as per the document
‘PFMIs-Assessment Methodology’ published by CPSSIOSCO
in December 2012.
The oversight of FMIs is carried out through a combination
of off-site supervisions which include self-assessment, call
for information, system of alerts, external and/or internal
audits of control measures and prior approval of changes,
on-site inspection and other measures which include periodic
meetings with the boards and the senior managements of
FMIs to discuss developments, oversight concerns and
expectations.
IX.24 The purpose is to identify gaps between
implementation measures and the principles,
keeping in mind the materiality of the impact of the
gaps. In the Level-1 assessment report, India was
rated2 as ‘1’ in adopting PFMI principles and ‘4’ in
adherence to the responsibilities of FMIs in the
survey results published in August 2013.
Consequently, steps were taken by the Reserve
Bank as also by the Securities and Exchange
Board of India on making it public on adoption and
applicability of PFMIs to the FMIs. The second
round of the survey was published in May 2014
wherein India has been rated ‘4’ for both adherence
to principles as also responsibilities.
Legal Entity Identifier (LEI) and Local Operating
Unit (LOU)
IX.25 The Reserve Bank is a member of the
Regulatory Oversight Committee (ROC) as also
its executive committee. CCIL has been accorded
approval to act as a LOU for issuing globally
compatible LEIs in India. As a LOU, CCIL will be
issuing unique identifier codes to all eligible and
desirous legal entities participating in the financial
market.
SAARC Payment Council (SPC) meeting
IX.26 The Reserve Bank hosted the 14th meeting
of the SPC in Kerala on December 9, 2013. SPC
came out with a roadmap for developing payment
systems in the SAARC region and identified 8
major areas of focus: i) implementation/improvement
in high-value payment and settlement systems;
ii) development of electronic retail payment
systems; iii) risk mitigation measures for payment
and settlement systems; iv) promotion of competition among market participants/access to new
participants; v) improvement in the legal and
regulatory framework; vi) improvement in the
governance structure; vii) commencement of a
financial literacy programme (first programme
was subsequently held in Nepal on the sidelines
of the 15th SPC meeting in May 2014); and
viii) improvement of cross-border payment and
settlement systems. Further, SAARC formed a
technical committee and came out with a concept
paper on the harmonisation of payment systems
in the region, covering two areas for harmonised
payments: i) card payments: inter-connectivity of
main switches of ATMs of a country to route crossborder
transactions; and ii) connecting e-payment
gateways to enable integration of POS gateways
between regional countries for acceptance of
payment cards.
INFORMATION TECHNOLOGY INITIATIVES
FOR THE BANKING SYSTEM
Automated data flow
IX.27 Under automated data flow (ADF), banks
were advised to submit automated returns to
ensure flow of data from their CBS or other IT
systems to the Reserve Bank in a straight-through
manner without any manual intervention. To ensure
continuity and sustenance of ADF implementation,
banks have been advised to set up internal returns
governance groups to constantly monitor progress.
Next-generation real time gross settlement
system (NG-RTGS)
IX.28 The new RTGS system was launched on
October 19, 2013. The system settled a record
number of 0.48 million transactions on March 28,
2014. Globally, it is for the first time that the ISO
20022 message formats are being used for
transmitting RTGS messages. The RTGS system is highly scalable with new functionalities viz.
advance liquidity features including a gridlock
resolution mechanism and hybrid settlement
facility, facility to accept future value dated
transactions and options to process multi-currency
transactions. The new RTGS system provides 3
access options to participants: thick-client, web-
API (through INFINET or any other approved
network) and the payment originator module.
Participants have the choice to decide on the mode
of participation in the system based on the volume
of transactions and the cost of setting up the
infrastructure. With implementation of the new
RTGS system, the old RTGS system ceases to
exist and the RTGS System Regulations 2013 have
replaced the RTGS (Membership) Business
Operating Guidelines, 2004 and RTGS
(Membership) Regulations, 2004.
Report on ‘Enabling Public Key Infrastructure
(PKI) in Payment System Applications’
IX.29 The Reserve Bank constituted a group in
September 2013 to prepare an approach paper for
enabling PKI for payment system applications in
India. The group comprised representatives from
banks, the IDRBT-Certifying Authority, the Controller
of Certifying Authority and departments of the
Reserve Bank. The group also interacted with
Indian Banking Association (IBA). The final report
of the technical committee was released in April
2014.
IX.30 The report recommended the need for all
banks’ internet banking applications to create an
authentication environment for a password-based
2-stage authentication as well as a PKI-based
system for authentication and transaction
verification for online banking transactions and its
implementation in phases. It also suggested that
banks provide the option to their customers for
enabling PKI for their online banking transactions.
INFORMATION TECHNOLOGY WITHIN THE
RESERVE BANK
IT Sub-Committee (ITSC) to the Central Board
IX.31 ITSC was constituted to advise the Reserve
Bank on its overall IT strategy, infrastructure,
applications and security and to oversee the
implementation of the recommendations of the IT
vision document 2011-17. ITSC met twice during
the year focusing on issues relating to procedures
to be followed for implementing IT projects, need
for enterprise architecture, strengthening the role
of the chief information security officer (CISO), an
information security (IS) audit, an IT subsidiary of
IDRBT, IS policy guidelines and disaster recovery
(DR) drills conducted by the Reserve Bank.
Information security policy for the Reserve
Bank
IX.32 The revised information security policy and
related sub-policies have been approved by ITSC.
The operational guidelines relevant to administer
the policy were released in April 2014.
The electronic document management system
(EDMS)
IX.33 A steering committee to implement EDMS
with an objective of organising the documents in
a systematic manner in electronic form has been
formed. An approach paper for time bound
implementation of EDMS has been prepared.
Enterprise knowledge portal (EKP)
IX.34 The revamped EKP with advanced features
including interactive functionalities to enhance
knowledge sharing initiatives inthe Reserve Bank
was inaugurated in November 2013. It provides a
more focussed approach to knowledge sharing
efforts in the Reserve Bank and has recorded
increased level of visits by its staff.
Upgrading of the video conferencing (VC)
system
IX.35 The work related to VC upgradation, which
would inter alia provide for executive VC rooms at
select locations, classroom VC facility in training
colleges, high definition technology for better
quality, video streaming facility and video-ondemand
facility has been rolled out at almost all
identified locations within the Reserve Bank.
Perimeter security solution (PSS)
IX.36 PSS aims to provide a mechanism to
protect the information systems in the Reserve
Bank from all threats/attacks from the external
cyber world. The solution includes routers,
switches, firewalls, intrusion detection and
prevention systems. The project was implemented
in two separate phases. In the first phase,
procurement and replacement of networking
components such as switches, routers and
implementing auto fail over (AFO) of switches was
completed and in the second phase
operationalisation of firewalls and intrusion
prevention system (IPS) was completed.
Information security operations centre (iSOC)
IX.37 An advanced iSOC system to proactively
detect security related incidents which have an
impact on the Reserve Bank, other banks and the
financial sector and manage and coordinate responses to such incidents is being implemented
in the Reserve Bank. An expression of interest
(EoI) for supplying, installing, configuring,
maintaining and operating iSOC has been issued.
The project is expected to be completed by
December 2015.
Mail messaging solution (MMS)
IX.38 The Reserve Bank’s corporate MMS was
reinforced with an advanced archival solution to
provide better access, storage and retrieval of
mails to the users. With archival facility, it will be
possible to retrieve any mail from MMS. The
solution will also eliminate the need for regular
increase in mail box size for users at frequent
intervals. Archival will also facilitate retention of
mails to fulfil legal/statutory requirements. The
process to upgrade MMS has also been initiated
and is expected to be completed by March 2015.
Committee on data standardisation
IX.39 The Reserve Bank’s IT vision 2011-17
document emphasised the importance of both
quality and timeliness of data for its processing into
useful information for MIS and decision making
purposes. To achieve this, uniform data reporting
standards are of vital importance. A committee has
been constituted for data standardisation which
inter alia will bring about synergy and uniformity in
the areas of data reporting.
|