RBI Guidelines for Payment Aggregators & Payment Gateways

Determine the effectiveness of IT Security Controls

PAs & PGs

PAs are entities that facilitate e-commerce sites and merchants to accept various payment instruments from customers for the completion of their payment obligations without the need for merchants to create a separate payment integration system of their own.

PGs are entities that provide technology infrastructure to route and facilitate the processing of an online payment transaction without any involvement in the handling of funds.

How it works?

Audit Methodology

We share audit charter with the auditee highlighting the roles and responsibilities of the audit function as well as the audit objectives.

Audit Initiation

We provide Auditee a DRL highlighting the required policies and further analysis of the same will be performed in line with the compliance.

Document
Requirement List

Quantitative/Qualitative Risk Assessment will be conducted for every business process in scope and risk will be analyzed.

Identification &
Analysis

Action points as well as risk response methodology will be suggested via GAP Assessment Report and an action plan will be asked from the auditee.

Risk Response

We conduct review again post-deployment of the mitigations.

Post-Deployment
Review

Do you know?

$179.3 billion
The global payment aggregator and gateway market is expected to reach.
9.9%
CAGR growing between 2016 and 2022.

Want a quick Audit?

RBI Circulars

Guidelines on Regulation of Payment Aggregators and Payment Gateways (DPSS.CO.PD.No.1810/02.14.008/2019-20 dated March 17, 2020)
Directions for opening and operation of Accounts and settlement of payments for electronic payment transactions involving intermediaries DPSS.CO.PD.No.1102 /02.14.08/ 2009-10
Clarification issued by RBI on circular DPSS.CO.PD.No.1810/02.14.008/2019-20 dated March 17, 2020 (as updated from time to time) on “Guidelines on Regulation of Payment Aggregators (PAs) and Payment Gateways (PGs)

Detect & prevent attacks, before they succeed.

Stay ahead of the rapidly evolving threat landscape and keep your data protected without having to spend a fortune.

What do you get?

Audit Draft
Report
Draft report of the audit emphasizing the initial discoveries/findings.
Remediation
Support
Through a GAP Assessment Report, remediations to the identified non-compliant controls will be advised.
Final Audit
Report
A comprehensive report that elaborates the final audit findings.
Compliance
Letter
A letter that confirms that the requirements are met and all the applicable controls/regulations are fulfilled.

Take a peek into sample report

Our deliverables are comprehensive in nature that addresses both technical and business audiences.

Businesses love us

Learn what our customers say about our work.

Have you implemented the right security practice?

BOT Force

Get Started!

Get-started-WebServices-API
Enter the Captcha

Take a peek into sample report

By failing to prepare, you are preparing to fail

Case Study Form
Enter the Captcha

Take a peek into sample report

Case Study Form
Enter the Captcha

Get Started!

Case Study Form
Enter the Captcha

By failing to prepare, you are preparing to fail

Case Study Form
Enter the Captcha

Take a peek into sample report

Case Study Form
Enter the Captcha

Get Started!

Case Study Form
Enter the Captcha

By failing to prepare, you are preparing to fail

Case Study Form
Enter the Captcha

Take a peek into sample report

Case Study Form
Enter the Captcha

Get Started!

Case Study Form
Enter the Captcha

Subscribe to Our Podcasts

Blog Write For Us

By failing to prepare, you are preparing to fail

Homepage: By failing to prepare, you are preparing to fail
Enter the Captcha

By failing to prepare, you are preparing to fail

Get Started!

Fixed Force

Get Started!

Get Started!

Get Started!

Get Started!

Get Started!

Get Started!

Get Started!

Get Started!

Get Started!

Get Started!

Get Started!

Take a peek into sample report

Get CERT-In Audit

Flex Force

navy_bubble.png