What changed
RBI issued a circular on June 10, 2009, referencing the April 2009 Annual Policy, to reinforce the requirement for participants to have backup sites and participate in DR exercises. This is a reiteration of existing expectations, not a new rule.
What it means for you
Banks and other participants must ensure their own DR sites are operational and ready for drills. Non-compliance could risk system reliability and regulatory scrutiny. The RBI's own data centres have state-of-the-art backup, but participants' readiness is critical for end-to-end continuity.
What you must do
- Verify that your institution has functional backup sites for all critical payment systems interfacing with RBI data centres.
- Ensure your DR team is prepared to participate in RBI-conducted disaster recovery drills when called.
- Document and report compliance with this circular to your board and RBI as required.
Who it affects
All RTGS participant members, All NDS participant members, All CFMS participant members, Bank IT and operations heads
What systems are covered under this circular?
The circular applies to all critical payment systems that interact with RBI's data centres, specifically RTGS, NDS, and CFMS.
Do we need to set up a new DR site if we already have one?
If your existing DR site is adequate for the critical systems mentioned, no new site is needed. However, you must ensure it is ready and you participate in RBI drills.
What happens if we don't participate in DR drills?
The circular stresses full compliance. Non-participation may be viewed as a regulatory lapse, potentially affecting your institution's standing with RBI.