Compliance & Audits
At OneBanc, Compliance and Audits are a non-negotiable priority for us. Our products regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations, and clear audit reports to demonstrate compliance. We also blend security at multiple steps within our products with state of the art technology to ensure our systems maintain strong security measures.
All compliance/audit statuses will be regularly updated in this section. If you wish to make inquiries, complaints or have other concerns about our Compliance & Audits, you may write to us at compliance@onebanc.ai.
All compliance/audit statuses will be regularly updated in this section. If you wish to make inquiries, complaints or have other concerns about our Compliance & Audits, you may write to us at compliance@onebanc.ai.
Digital Payment Security Controls (DPSC)
2 mins read
The Master Direction that establishes security controls for digital payments was released on 18th February 2021 by RBI. It covers areas such as Governance and Management of Security Risks, Generic Security Controls, Application Security Life Cycle (ASLC), Authentication Framework, Fraud Risk Management, Reconciliation Mechanism, Customer Protection, Awareness, Grievance Redressal Mechanism, and specific controls related to Internet Banking, Mobile Payments Application Security Controls and Card Payments Security.
For detailed information
Last audited by Pioneer Management System
on 31st August , 2022
on 31st August , 2022
GDPR Compliance
3277 words · 16 mins read
We are committed to our customers' success and the protection of their data by ensuring that we comply with the General Data Protection Regulation (GDPR) and all privacy-related regulations. We have all the necessary documents and GDPR appropriate technical and organizational measures in place to ensure a high level of personal data protection.
Our Data Processing Addendum (DPA) meets GDPR requirements and reflects our data privacy and security commitments.
Our Data Processing Addendum (DPA) meets GDPR requirements and reflects our data privacy and security commitments.
For detailed information
Last audited by Pioneer Management System
on 25th July, 2022
on 25th July, 2022
ISO 27001:2013 Certified
3 mins read
We are an ISO 27001:2013 certified company and have implemented the required Information Systems Management System policies and procedures to maintain industry standard best practices and applicable controls. ISO/IEC 27001:2013 is a security management standard that specifies best practices in security management and comprehensive security controls following the ISO/IEC 27002 guidance. We are an ISO 27001:2013 certified company and have implemented required Information Systems Management System policies and procedures to maintain industry standard best practices and applicable controls.
For detailed information
Last audited by Quality Control Certification
on 21st June, 2021
on 21st June, 2021
PCI DSS 4.0 Compliance
1 min read
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard administered by the PCI Security Standards Council.
We are thrilled to announce that we have successfully achieved PCI DSS v4.0 compliance, becoming India's 1st Fintech to achieve this certification. This means we have implemented applicable industry standard security controls governed by the PCI council that helps us protect all our customer's card data in a highly secure manner.
We are thrilled to announce that we have successfully achieved PCI DSS v4.0 compliance, becoming India's 1st Fintech to achieve this certification. This means we have implemented applicable industry standard security controls governed by the PCI council that helps us protect all our customer's card data in a highly secure manner.
For detailed information
Last audited by CyberSigma Consulting Services
on 09th January, 2023
on 09th January, 2023
SOC 2 Type 2 Compliance
3 mins read
SOC 2 reports are based on the existing Trust Services Criteria (TSC) from the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA). The purpose of the report is to evaluate an organization's information systems relevant to security, availability, processing integrity, confidentiality, and privacy.
We're pleased to announce our successful completion of the System and Organizational Controls (SOC) 2 Type 2 audit in consultation with a professional and independent third-party audit firm.
OneBanc is proud to announce the completion of its SOC 2 Type 2 compliance conducted by a reputable certified public accountant (CPA) firm. The audit included examination of policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas of the business. The audit firm also evaluated whether our compliance controls are designed appropriately, were in operation on a specified date, and were operating effectively over a specified time.
We're pleased to announce our successful completion of the System and Organizational Controls (SOC) 2 Type 2 audit in consultation with a professional and independent third-party audit firm.
OneBanc is proud to announce the completion of its SOC 2 Type 2 compliance conducted by a reputable certified public accountant (CPA) firm. The audit included examination of policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas of the business. The audit firm also evaluated whether our compliance controls are designed appropriately, were in operation on a specified date, and were operating effectively over a specified time.
For detailed information
Last audited by Cyborgenic
on 30th August, 2022
on 30th August, 2022
System Audit Report for Data Localization (SAR)
3 mins read
The Reserve Bank of India issued a directive vide circular DPSS.CO.OD.No 2785/06.08.005/2017-18 dated April 06th, 2018 on 'Storage of Payment System Data' advising all system providers to ensure that the entire data relating to payment systems operated by them is stored in a system only in India. To meet this compliance, all payment system providers must undergo an audit conducted by a CERT-IN empanelled auditor.
We have successfully completed "Data Localization" requirements as per Reserve Bank of India (RBI) guidelines. This means all our customer data securely resides only in India (NTT Noida Region).
We have successfully completed "Data Localization" requirements as per Reserve Bank of India (RBI) guidelines. This means all our customer data securely resides only in India (NTT Noida Region).
For detailed information
Last audited by Mirox Cyber Security & Technology Pvt. Ltd.
on 22nd September, 2022
on 22nd September, 2022
Vulnerability Assessment and Penetration Testing
3 mins read
We have an inhouse network security team which uses industry leading products to conduct manual and automated VAPT activities & we also leverage CERT-IN certified auditors to do periodic external security testing and audits.
For detailed information
Last audited by Pioneer Management System
on 13th March, 2023
on 13th March, 2023
Cookies Policy
687 words · 4 mins read
Cookies are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a site and allow a site to recognize your device. Read More 
Last reviewed by Compliance Head - OneBanc
on 15th July, 2022
on 15th July, 2022
Privacy Policy
3469 words · 17 mins read
We do not sell your personal information to or share it with unaffiliated third parties for their own advertising or marketing purposes without your explicit consent. Read More
Last reviewed by Compliance Head - OneBanc
on 15th July, 2022
on 15th July, 2022
Terms & Conditions
11503 words · 57 mins read
At OneBanc we are creating a system that strives to reward high trust and creditworthy individuals of India, inspiring others to be like them. Read More
Last reviewed by Compliance Head - OneBanc
on 15th July, 2022
on 15th July, 2022
