Compliance & Audits
At OneBanc, Compliance and Audits are a non-negotiable priority for us. Our products regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations, and audit reports to demonstrate compliance. We also blend security at multiple steps within our products with state of the art technology to ensure our systems maintain strong security measures.

All compliance/audit statuses will be regularly updated in this section in this policy. If you wish to make inquiries or complaints or have other concerns about our Compliance & Audits, you may write to us at compliance@onebanc.ai.
Digital Payment Security Controls (DPSC)
2 mins read
The Master Direction that establishes security controls for digital payments was released on 18th February 2021 by RBI. It covers areas such as Governance and Management of Security Risks, Generic Security Controls, Application Security Life Cycle (ASLC), Authentication Framework, Fraud Risk Management, Reconciliation Mechanism, Customer Protection, Awareness, and Grievance Redressal Mechanism, and specific controls related to Internet Banking, Mobile Payments Application Security Controls and Card Payments Security.
For detailed information
Last audited by Pioneer Management System
on 31 August , 2022
GDPR Compliance
3277 words · 16 mins read
We are committed to our customers' success and the protection of their data by ensuring that we comply with the General Data Protection Regulation (GDPR) and all privacy-related regulations. We have all the necessary documents and GDPR appropriate technical and organizational measures in place to ensure a high level of personal data protection.

Our Data Processing Addendum (DPA) meets GDPR requirements and reflects our data privacy and security commitments.
For detailed information
Last audited by Pioneer Management System
on 25 July, 2022
ISO 27001:2013 Certified
3 mins read
We are an ISO 27001:2013 certified company and have implemented required Information Systems Management System policies and procedures to maintain industry standard best practices and applicable controls. ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO/IEC 27002 best practice guidance. We are an ISO 27001:2013 certified company and have implemented required Information Systems Management System policies and procedures to maintain industry standard best practices and applicable controls.
For detailed information
Last audited by Quality Control Certification
on 21 June, 2021
PCI DSS Compliance
1 min read
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard administered by the PCI Security Standards Council.

We have already achieved PCI DSS v3.2.1 compliance which means we have implemented applicable industry standard security controls governed by PCI council that helps us protect all our customer’s card data in a highly secure manner.
Last audited by Pioneer Management System
on 07 September, 2022
SOC 2 Type 2 Compliance
3 mins read
SOC 2 reports are based on the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA) existing Trust Services Criteria (TSC). The purpose of the report is to evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality, and privacy.

We’re pleased to announce our successful completion of the System and Organizational Controls (SOC) 2 Type 2 audit in consultation with a professional and independent third-party audit firm.

OneBanc is proud to announce the completion of its SOC 2 Type 2 compliance conducted by a reputable certified public accountant (CPA) firm. The audit included examination of policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas of the business. The audit firm also evaluated whether our compliance controls are designed appropriately, were in operation on a specified date, and were operating effectively over a specified time.
For detailed information
Last audited by Cyborgenic
on 30 August, 2022
Vulnerability Assessment and Penetration Testing
3 mins read
We have an inhouse network security team which uses industry leading products to conduct manual and automated VAPT activities & we also leverage CERT-IN certified auditors to do periodic external security testing and audits.
For detailed information
Last audited by Pioneer Management System
on 13 July, 2022
Cookies Policy
687 words · 4 mins read
Cookies are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a site and allow a site to recognize your device. Read More Read more right arrow
Last reviewed by Compliance Head - OneBanc
on 15 July, 2022
Privacy Policy
3469 words · 17 mins read
We do not sell your personal information to or share it with unaffiliated third parties for their own advertising or marketing purposes without your explicit consent. Read More Read more right arrow
Last reviewed by Compliance Head - OneBanc
on 15 July, 2022
Terms & Conditions
11503 words · 57 mins read
At OneBanc we are creating a system that strives to reward high trust and creditworthy individuals of India, inspiring others to be like them. Read More Read more right arrow
Last reviewed by Compliance Head - OneBanc
on 15 July, 2022