Compliance & Audits
At OneBanc, Compliance and Audits are a non-negotiable priority for us. Our products regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations, and clear audit reports to demonstrate compliance. We also blend security at multiple steps within our products with state of the art technology to ensure our systems maintain strong security measures.

All compliance/audit statuses will be regularly updated in this section. If you wish to make inquiries, complaints or have other concerns about our Compliance & Audits, you may write to us at
Digital Payment Security Controls (DPSC)
2 mins read
The Master Direction that establishes security controls for digital payments was released on 18th February 2021 by RBI. It covers areas such as Governance and Management of Security Risks, Generic Security Controls, Application Security Life Cycle (ASLC), Authentication Framework, Fraud Risk Management, Reconciliation Mechanism, Customer Protection, Awareness, Grievance Redressal Mechanism, and specific controls related to Internet Banking, Mobile Payments Application Security Controls and Card Payments Security.
For detailed information
Last audited on 27th June, 2023
GDPR Compliance
3277 words · 16 mins read
We are committed to our customers' success and the protection of their data by ensuring that we comply with the General Data Protection Regulation (GDPR) and all privacy-related regulations. We have all the necessary documents and GDPR appropriate technical and organizational measures in place to ensure a high level of personal data protection.

Our Data Processing Addendum (DPA) meets GDPR requirements and reflects our data privacy and security commitments.
For detailed information
Last audited on 23rd June, 2023
ISO 27001:2013 Certified
3 mins read
We are an ISO 27001:2013 certified company and have implemented the required Information Systems Management System policies and procedures to maintain industry standard best practices and applicable controls. ISO/IEC 27001:2013 is a security management standard that specifies best practices in security management and comprehensive security controls following the ISO/IEC 27002 guidance. We are an ISO 27001:2013 certified company and have implemented required Information Systems Management System policies and procedures to maintain industry standard best practices and applicable controls.
For detailed information
Last audited on 21st June, 2021
PCI DSS 4.0 Compliance
1 min read
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard administered by the PCI Security Standards Council.

We are thrilled to announce that we have successfully achieved PCI DSS v4.0 compliance, becoming India's 1st Fintech to achieve this certification. This means we have implemented applicable industry standard security controls governed by the PCI council that helps us protect all our customer's card data in a highly secure manner.
For detailed information
Last audited on 09th January, 2023
SOC 2 Type 2 Compliance
3 mins read
SOC 2 reports are based on the existing Trust Services Criteria (TSC) from the Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA). The purpose of the report is to evaluate an organization's information systems relevant to security, availability, processing integrity, confidentiality, and privacy.

We're pleased to announce our successful completion of the System and Organizational Controls (SOC) 2 Type 2 audit in consultation with a professional and independent third-party audit firm.

OneBanc is proud to announce the completion of its SOC 2 Type 2 compliance conducted by a reputable certified public accountant (CPA) firm. The audit included examination of policies and procedures regarding network connectivity, firewall configurations, systems development life cycle, computer operations, logical access, data transmission, backup and disaster recovery, and other critical operational areas of the business. The audit firm also evaluated whether our compliance controls are designed appropriately, were in operation on a specified date, and were operating effectively over a specified time.
For detailed information
Last audited on 31th August, 2023
System Audit Report for Data Localization (SAR)
3 mins read
The Reserve Bank of India issued a directive vide circular DPSS.CO.OD.No 2785/06.08.005/2017-18 dated April 06th, 2018 on 'Storage of Payment System Data' advising all system providers to ensure that the entire data relating to payment systems operated by them is stored in a system only in India. To meet this compliance, all payment system providers must undergo an audit conducted by a CERT-IN empanelled auditor.

We have successfully completed "Data Localization" requirements as per Reserve Bank of India (RBI) guidelines. This means all our customer data securely resides only in India (NTT Noida Region).
For detailed information
Last audited on 22nd September, 2022
Vulnerability Assessment and Penetration Testing
3 mins read
We have an inhouse network security team which uses industry leading products to conduct manual and automated VAPT activities & we also leverage CERT-IN certified auditors to do periodic external security testing and audits.
For detailed information
Last audited on 20th July, 2023
Secure Code Review - CISA SDK
2 mins read
Secure Code Review is an automated process that examines the code to check the security and compliance of an application. Secure code review identified and eliminated all vulnerabilities that may have been unintentionally coded during development.

CISA SDK enables secure communication between App, OneBanc Server and Partner server while ensuring Confidentiality, Integrity, Authenticity and Singularity of each service.
Last audited on 6th January, 2023
Cookies Policy
687 words · 4 mins read
Cookies are text files containing small amounts of information which are downloaded to your computer or mobile device when you visit a site and allow a site to recognize your device. Read More Read more right arrow
Last reviewed on 6th March, 2023
Privacy Policy
3469 words · 17 mins read
We do not sell your personal information to or share it with unaffiliated third parties for their own advertising or marketing purposes without your explicit consent. Read More Read more right arrow
Last reviewed on 3rd March, 2023
Terms & Conditions
11503 words · 57 mins read
At OneBanc we are creating a system that strives to reward high trust and creditworthy individuals of India, inspiring others to be like them. Read More Read more right arrow
Last reviewed on 8th March, 2023