INFOSEK
Infosek manages full RBI IT Framework compliance for NBFCs, digital lenders, and co-lending entities. From IS audit and policy documentation to CERT-In breach reporting SOPs — we handle everything so your team can focus on business.
The RBI IT Framework applies across entity types. We tailor our compliance programme to your specific category, asset size, and operational complexity.
Pick the track that fits your entity size and complexity. All packages include senior-led delivery and audit-ready documentation.
For small NBFCs and digital lenders
For mid-size NBFCs, DLG entities, Type-II NBFCs
For large NBFCs, co-lending entities, complex IT
Yes. RBI's IT Framework for the NBFC Sector applies to all registered NBFCs — with specific controls scaled by asset size and complexity. Type-I and Type-II NBFCs have differentiated requirements.
NBFCs must report cybersecurity incidents to CERT-In within 6 hours of detection. We prepare your SOPs, incident classification framework, and reporting templates so your team can respond immediately.
Default Loss Guarantee (DLG) compliance is required for NBFCs and banks entering co-lending arrangements under RBI's digital lending guidelines. We handle the compliance documentation and risk framework.
RBI requires periodic VAPT — typically annual or bi-annual depending on your system complexity. We conduct VAPT aligned to RBI's IT Framework requirements and produce audit-ready reports.
Book a free 30-minute assessment. We'll assess your NBFC's current IT compliance posture against RBI requirements and give you a clear roadmap.
