Brief Overview:
RBI has, pursuant to the draft guidelines published in October 2022, issued the final Reserve Bank of India (Information Technology Governance, Risk, Controls and Assurance Practices) Directions, 2023 (“Directions”). The Directions aim to incorporate, update and consolidate the instructions relating to Information Technology (“IT”) Governance and Controls, Business Continuity Management, and Information Systems Audit.
Technical Details:
(collectively the “Regulated Entities”)
5) Information Systems Audit.
Effective Date: 1st April 2024
Exceptions: The Directions are not applicable to Local Area Banks and NBFC – Core Investment Companies.
JC takeaway:
With the increasing use of digital channels by banking customers and outsourced IT service arrangements by Regulated Entities, the comprehensive Directions issued by the RBI are a step towards mitigating the associated financial and operational risks.
For further details, please see:
https://rbi.org.in/Scripts/BS_ViewMasDirections.aspx?id=12562
For any queries/clarifications, please feel free to ping us and we will be happy to chat:
● Mr. Ankit Sinha (ankit.sinha@jclex.com)
● Ms. Rupul Jhanjee (rupul.jhanjee@jclex.com)