Apply Now

Policy On Advanced Supervisory Monitoring System Of RBI

Version Date of Approval
V1 24th January 2024

1. Background:

The Reserve Bank of India (“RBI”) has been taking various initiatives in strengthening supervision, which among other initiatives include adoption of latest data and analytical tools as well as leveraging technology for implementing more efficient and automated work processes. With the intention to make the supervisory process more efficient and robust, RBI introduced an Advanced Supervisory Monitoring System to be termed as DAKSH. It is a web-based interface for RBI which allow RBI to monitor the compliance which are applicable on the Regulated entities and to focus for improving the compliance culture within the company. As per the guidelines issued by the RBI, DAKSH system provides various functionalities such as inspection, planning and execution, compliance submission & monitoring, complaint handling & processing, cyber incident reporting and calling of ad-hoc information via returns.

In order to achieve the aforesaid objective in the supervisory ecosystem, the Reserve Bank of India (“RBI”) vide notification bearing Ref. No. CO.DOS.RSD. No. S438/31-01-105/2023-24 dated April 24, 2023 prescribed certain guidelines for the implementation and usage of DAKSH by the regulated entities including PayMe India Financial Services Private Limited (“the company”).

Accordingly, the Board of Directors of the company has formulated a policy for the implementation of the DAKSH guidelines to be called as Policy on Advanced Supervisory Monitoring System of RBI.

2. Guidelines for DAKSH:

For achieving the desired objectives from the advanced supervisory monitoring system, Reserve Bank of India has prescribed the guidelines for the usage of the portal. The company shall ensure the following with regard to compliance with the DAKSH:

  1. That the senior management shall continue to familiarize itself with the features/ workflows available in DAKSH for smooth rollout and effective adoption of DAKSH.
  2. That the contents shared in DAKSH by the Regulatory and by the Supervised Entity users are secured and are suitably protected against the unauthorized access.
  3. The Company shall ensure that the usage of DAKSH is being done in secure and authorized environment and the content of the portal is suitably protected against unauthorized access and the network/ the operating system are protected through updated anti-virus solutions.
  4. The access to the DAKSH shall be made through representatives who have been authorized by the company through user creation/ updation form which is duly authorized by the specified personnel.
  5. The roles of the different verticals within the company shall be specified who shall be created as the users for the DAKSH portal only to the extent of the area of work assigned to them. The users/roles which have been created shall be reviewed periodically by the Information System Audit process of the company and changes if any required shall be affected in accordance with the RBI circular.

3. Guidelines for User Creation:

The working on the DAKSH portal shall be based on the Maker/ Checker User principle. The Users to whom the company has allocated the marker rights can only enter/ edit the data on the module forms. Further the company shall designate the Users with checker rights who shall review the module forms filled by the User Maker and consequently approve or reject the submissions. Single user can have multiple roles (in the same module or across module). The details of the Admin User and the Admin Checker shall be registered with the RBI and any change in the information, including the change in the users shall be informed to the RBI immediately. These Admin User and the Checker shall on the basis of the internal approval as per the process herein below shall process the onboarding of the other users / checkers to the DAKSH including the assignment of the roles.

As per the directions of RBI, the Company shall follow the following process for user creation and maintenance, along with the framework for mandatory filing of user creation/ update/ de-activation form and approval for the same from the appropriate authority.

The person who is to be designated with any role shall be required to submit a written declaration to the company (as per the Annexure 1) to the affect that he shall use the user id of the DAKSH only for the intended purpose for which he has been authorized by the company and agree to abide by all the applicable guidelines issued with regard to the DAKSH portal. The signed form shall also cover the employment details, date of User creation/ deactivation, roles assigned etc.

The details of the user as per above shall be submitted to the approving authority who shall approve the same by capturing the details as covered in Annexure 2. The approver of the user creation/update/deactivation shall be as under:

  1. User update shall be approved by the Chief Compliance Officer (CCO)
  2. User update for the CCO/CISO/CFO/CRO/CTO/COO/CEO the approval shall be provided by any two members of them except the designation which is being appointed as the user

The approver shall ensure that:

  1. Only individual corporate email accounts are being used for the user creation.
  2. The user is compulsorily the employee of the company.
  3. The user who is being on boarded shall give his own registered mobile number

4. Nodal Officer:

With a view to ensure proper implementation and usage of the DAKSH, the RBI has advised that the Company shall ensure to designate a Senior Level Officer as the Nodal Officer.

Nodal Officers shall be the point of contact for DAKSH related communications with RBI. In accordance with the same, the Company has appointed the Mr. Manav Munjal, the Director of the Company, as the Nodal Officer.




ANNEXURE-1

USER CREATION/ UPDATE/ DEACTIVATION FORM FOR DAKSH

Applicant details
Name of the Supervised Entity
Name and designation of applicant
E-mail ID of applicant (individual corporate account only
Registered Mobile Number of the applicant
Whether an employee? YES (non-employees are not allowed on DAKSH)
Employee ID/No. of the applicant
Date of joining the organization
Date of user creation/ update/ deactivation
Reason for user creation/ update/ deactivation
Role(s) to be assigned/ updated to the user.
SE Admin role to be assigned to sufficiently senior position.
Ticket Reference no. (created in Ticketing application)
End User Acknowledgement
I shall use the user ID assigned for the intended purpose only and agree to abide by all applicable guidelines.
Name:
Signature:
Date:



ANNEXURE-2

To be filled by Approving Officer of SE User
(please refer to the guidelines under para 3 below)
Name of the Approver
Designation of the Approver
Applicant’s user details and the roles to be assigned to the user verified (Y / N)
Approved (Y / N)
Remarks / Reason for approval
Contact number of the approver
E-mail ID of the approver
Signature and Date