2021- Account Aggregators- India's Innovation in Financial Services
Since 2009. INDIA’S INVESTMENTS IN ITS DIGITAL financial infrastructure—known as “India Stack”—have sped up the large-scale digitization of people’s financial lives. As more and more people begin to conduct transactions online, questions have emerged about how to provide millions of customers adequate data protection and privacy while allowing their data to flow throughout the financial system.
Data-sharing among financial services providers (FSPs) can enable providers to more efficiently offer a wider range of financial products better tailored to the needs of customers, including low-income customers. However, it is important to ensure customers understand and consent to how their data are being used. India’s solution to this challenge is account aggregators (AAs). The Reserve Bank of India (RBI) created AAs in 2018 to simplify the consent process for customers.
In most open banking regimes, financial information providers (FIPs) and financial information users (FIUs) directly exchange data. This direct model of data exchange—such as between a bank and a credit bureau—offers customers limited control and visibility into what data are being shared and to what end.
When a customer gives consent to a provider via the AA, the AA fetches the relevant information from the customer’s financial accounts and sends it via secure channels to the requesting institution.
AAs have been designed to sit between FIPs and FIUs to facilitate data exchange more transparently. Despite their name, AAs are barred from seeing, storing, analyzing, or using customer data. As trusted, impartial intermediaries, they simply manage consent and serve as the pipes through which data flow among FSPs.
ACCOUNT AGGREGATORS (AAs) IS ONE OF THE NEWEST CATEGORIES of non banking financial companies (NBFCs) to figure into India Stack—India’s interconnected set of public and nonprofit infrastructure that supports financial services.
The Indian government has developed a comprehensive technology framework to guide the implementation of its policies for consensual data-sharing, including the establishment and operation of AAs. It provides a set of guiding design principles, outlines the technical format of data requests, and specifies the parameters governing the terms of use of requested data. It also specifies how to log consent and data flows.
RBI created AAs to address the challenges posed by the proliferation of data by enabling data-sharing among financial institutions with customer consent. The intent is to provide a method through which customers can consent (or not) to a financial services provider accessing their personal data held by other entities.
India Stack has scaled considerably since its creation in 2009, marked by rapid digitization and parallel growth in mobile networks, reliable data connectivity, falling data costs, and continuously increasing smartphone use. Consequently, the creation, storage, use, and analyses of personal data have become increasingly relevant. Following an “open banking” approach,
the Reserve Bank of India (RBI) licensed seven AAs in 2018 to address emerging questions around how data can be most effectively leveraged to benefit individuals while ensuring appropriate data protection and privacy, with consent being a key element in this.
Despite the nomenclature, AAs are, by regulation, barred from seeing, storing, analyzing, or using client data. They simply are consent managers who act as trusted and impartial intermediaries between users and providers of data. The concept of AAs emerged from discussions at the Financial Stability and Development Council, the apex body for Indian financial sector regulators, in 2015.7 In 2016, RBI released the Account Aggregator Master Direction, and the four financial sector regulators—RBI, Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority of India (IRDAI), and Pension Fund, Regulatory and Development Authority (PFRDA)—agreed to allow their regulated entities to participate.
Providers are interested in these data, in part, because information shared by customers, such as bank statements, will allow providers to better understand customer risk profiles. The hypothesis is that consent-based data-sharing will help poorer customers qualify for a wider range of financial products—and receive financial products better tailored to their needs.
Reference: Datwani, Leena, and Anand Raman. 2020. “India’s New Approach to Personal Data-Sharing.” Working Paper. Washington, D.C.: CGAP.