Eight major banks of India have joined the account aggregator framework that has been put together under supervision of the Reserve Bank of India (RBI) to enable the easy and safe sharing of information between customers and banks so as to facilitate more efficient delivery of banking and financial services. Here’s all you need to know about account aggregators, which are said to be ready to “to hit the fintech industry like a tornado" and potentially transform how people engage with the world of finance.
What Does An Account Aggregator Do?
While seeking a loan, or applying for an insurance policy, a customer usually has to submit reams of documents, a lot of them pertaining to their financial affairs. To gather such documents either involves multiple trips to the bank or financial advisers or, in the age of internet banking, logging in to one’s online banking portal. Even so, it remains a cumbersome process. But no more. An account aggregator can now “give you the power to share data easily between different financial service providers, by consolidating all your data in one place and providing a single digital framework to share it in real-time".
According to the DigiSahamati Foundation, a not-for-profit “collective of the account aggregator ecosystem", the account aggregator system is “a safe, consent-based framework giving you control over your data and quicker access to financial services". That means, it said, “no more running around collecting documents to open accounts, file for taxes, get loans or access other financial products".
How Does It Work?
An account aggregator represents a new category of non-banking financial company (NBFC) that has been cleared by the RBI “to manage consent for financial data sharing".
An account aggregator “consolidates financial information of a customer held with different financial entities, spread across financial sector regulators adopting different IT systems and interfaces," RBI says, adding that its role is “retrieving or collecting information of its customer pertaining to such financial assets, as may be specified by the bank from time to time".
To simplify, an account aggregator is a portal or app through which a customer can regulate her consent for the sharing of her financial information. The account aggregator network has three main pillars — financial information provider (FIP), financial information user (FIU) and tech service provider, which is to say, the account aggregator itself.
FIPs are organisations like banks, mutual funds, pension funds, etc. that are a source of personal or business data that FIUs can access. FIUs, then, are organisations like lending agencies, NBFCs, etc., who may require access to financial data. Thus, the same organisations can become FIPs and FIUs as well. The data they require is to be accessed via account aggregators, which “collaborate with FIUs and FIPs to deliver AA products and services" like “SME Scorecards, Early Warning monitors, Digital Lending & Onboarding, Product Design of apps and more".
DigiSahmati said that the account aggregator framework was “created through an inter-regulatory decision by RBI, Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority (IRDAI), Pension Fund Regulatory and Development Authority (PFRDA) through Financial Stability and Development Council (FSDC)".
RBI will be issuing licences for account aggregators and there can be several such players, or apps, “to cater to different users". Individuals and enterprises can both use account aggregators with the network being seen to have
special utility in terms of enabling small businesses to access loans.
How Safe Is It?
The category to which an account aggregator belongs is known as Data Access Fiduciary (DAF), the creation of which has been facilitated by the Data Empowerment and Protection Architecture, or DEPA. DEPA seeks to empower “every Indian with control over their data" by creating frameworks and standards for the sharing of data.
With a view to unleashing the full potential of digital mechanisms in financial services, DEPA has been devised to serve as the “final layer of India Stack, a series of digital public goods designed to enable private market innovators to introduce improved digital services for India across a range of sectors". The other layers of India Stack include Aadhaar, the Unified Payments Interface, DigiLocker, and eSign.
DigiSahmati says that these “DAFs are ‘data blind’ and will not see user data themselves; rather they will serve as a conduit for encrypted data flows".
In the initial stages, account aggregators will provide only asset-based data like bank accounts, deposits, mutual funds, insurance policies, pension funds, etc. The account aggregator app or desktop portal will have access to your account details, but such information will be shared in a decrypted form and RBI says that “there shall be adequate safeguards built in its IT systems to ensure that it is protected against unauthorised access, alteration, destruction, disclosure or dissemination of records and data". Further, the data will not reside with the account aggregator.
How To Sign Up With An Account Aggregator? Who Are The Account Aggregators In India?
One would have to downlowad a mobile phone or desktop app to be able to use an account aggregator service. After downloading such an app an user would need to on-board their bank details via the bank FIP which she can thereafter share with an FIU. “This AA app shows the user all the consents given, revoked consents and a log of all data requests made by the FIU."
Four account aggregator apps that have received operational licences from RBI: Finvu, OneMoney, CAMS Finserv, and NESL, while in-principle nods have been given to PhonePe, Perfios, and Yodlee.
Now, eight banks — SBI, ICICI Bank, Axis Bank, IDFC First Bank, Kotak Mahindra Bank, HDFC Bank, IndusInd Bank, and Federal Bank — have joined the network as FIPs and FIUs.