On September 2, 2021, The Reserve Bank of India’s (RBI) Account Aggregator (AA) framework kicked off and eight of India’s major banks — State Bank of India (SBI), ICICI Bank, Axis Bank, IDFC Bank, Kotak Mahindra Bank, HDFC Bank, IndusInd Bank and Federal Bank announced their participation in the network as Financial Information Provider (FIP).
RBI had approved AA as a new class of Non-Banking Financial Companies (NBFC) In 2016, entrusted with the task of facilitating the transfer of user’s financial data with their prior and explicit consent. Once operational to its full capacity, AA system is expected to ease out the data sharing requirements in credit extension facilities. The Voices explains the shades of the novel system which is being touted by experts as a revolutionising leap in digitisation of India’s financial service ecosystem.
What is an AA system?
AA system is a framework which enables sharing of financial information in a real-time and secure manner (Data flow through an AA is encrypted) between regulated entities (Banks and NBFCs).
The data exchange which involves the service of retrieving or collecting financial information pertaining to its customer, and presenting it to financial bodies as mandated by RBI, is regulated through a contract.
Components of an AA
AA has a three-tier structure:
- Account Aggregator- AA is primarily a consent manager for Financial Data.
- FIP (Financial Information Provider)- FIPs are the establishments which hold data. For example, your Bank, NBFC, Mutual Fund Depository, Insurance Repository etc.
- FIU (Financial Information User)- An FIU consumes the data from an FIP to extend various services to the consumer. For ex – a lending Bank which wants access to the borrower’s data to determine if a borrower qualifies for a loan is the FIU. Banks play a dual role – both as an FIP and an FIU.
How does an AA works?
- First, an individual or business opens an account with an AA. Then, the customer is required to share information such as bank account details, insurance policy details, identification numbers etc. which acts as a primary data set for AA.
- Second, to secure a financial service such as loan, the customer can provide consent to a lender to access their financial data through the NBFC-AA.
- Third, after receiving the consent from customer, the AA seeks permission from the FIP to access the customer’s data.
And finally, when the data is sent to the AA, which, in turn, empowers lenders (FIU) to assess the customer’s financial profile and risk associated with extension of a loan to individual.
The RBI’s role
The AA framework was proposed through an inter-regulatory mandate by RBI in consultation with regulators Securities and Exchange Board of India (SEBI), Insurance Regulatory and Development Authority (IRDA), and Pension Fund Regulatory and Development Authority (PFRDA), Financial Stability and Development Council (FSDC). The license for AAs is issued by the RBI.
Apart from licensing role, RBI is entrusted with the task to ensure a uniformly structured and secure exchange of data. According to RBI Deputy Governor M Rajeshwar Rao:
“AAs enable secure, consented data flows while protecting user privacy. In conjunction with other platforms like the UPI, AA creates in India the most cutting-edge digital financial infrastructure in the world.”
RBI has also mandated AA’s to ensure that the data is not monetized, and it is deleted after a specific period of time.
Data Security in AA system
The RBI has proposed stringent data privacy guidelines for the AA which adheres to only consent based sharing, end to end encryption and reduces the chances of digital frauds. The architecture of AA is based upon the Data Empowerment and Protection Architecture (DEPA) framework. DEPA is an architecture that lets users securely access their data and share the same with third parties.
AAs are not allowed to store, process and sell the customer’s data. User authentication credentials of customers relating to accounts with various FIPs shall not be accessed by the AA, the RBI says.
The rationale of ‘AA revolution’
AA can be a platform to facilitate the collation of data scattered across financial institutions and thus it revolutionizes the access to financial data, to ease to which remains the key to extension of credit facilities and other financial services. “Access to financial data creates the potential to expand the delivery of financial products and services from what we have become accustomed to …AA framework is designed to facilitate the sharing of financial data in a secure, transparent and efficient manner,” says M Rajeshwar Rao, Deputy Governor, RBI.
He further adds “AA can bolster the lending ecosystem in the country, which can make India data-rich and also boost the digital economy.” And in the pandemic times when avenues of physical interaction have been limited, this unified digital access to personal financial data facilitates ease of financial business.
Strengths of AA ecosystem for stakeholders
For Consumers:
The AA framework creates a consent based single window gateway for customers to avail various financial services from a host of providers.
It reduces the need for individuals to wait in long bank queues, use Internet banking portals, share their passwords, or seek out physical authorization to access and share their financial documents.
For Banks:
AA will allow banks to access consented data flow and verify data at a single window. This will reduce bank’s service transaction costs, which will enable them to offer cheaper loans. Access to data would also allow the financial institutions to have a better understanding of potential customers and customize their services accordingly. The requirements of KYC (Know your customers) too can be done away with.
The ecosystem so far
As of now HDFC Bank and Axis Bank have been using AA to provide auto loans, and IndusInd Bank has been using it for personal finance management.
Four of the eight banks that have joined the AA system have gone live while the others are in the process of doing so. Further, the GSTN network has been given in-principle approval to become an FIP on this network.
Moreover, four AAs – Finvu, OneMoney, CAMS Finserv, and NESL – have been granted approval to operate.
RBI Deputy Governor Rao says, “The desired objective in the case of this ecosystem would be attained only when a large number of customers and information providers are on-boarded, and they are able to get aggregated data in a form and manner they desire.”
The potential of AA
AA is about expediting credit penetration. A large fraction of Small and Medium Enterprises (SME’s) have been deprived of credit facilities due to financial data issues. As per the latest RBI data on sectoral deployment of credit, the share of loans extended to the sector stood at 10.07% in July 2021. Expansion of AA infrastructure will facilitate the ease of assessment of their creditworthiness.
Nandan Nilekani, co-founder of Infosys says “If a business has a digital footprint of its business, then that information can be used by a lender to make a decision to give that SME a working capital loan. Digital footprints when properly used, empowered by consumers using their own data, enables a huge amount of credit to small businesses. It can lead to the democratisation of credit.”
AA framework can also be used to handle data from other domains such as data healthcare, telecom etc. Nilekani adds in this context, “It is an architecture that will be applied to any sector and, in fact, there is a discussion on how the AA framework can be applied to the health care sector so that people have access to their own health data to get financial services and better health care.”
The potential is beyond imagination, the execution will just establish the rhetoric. Finance technology designer Dharmesh sums up the vision, “This seamless way to data sharing is expected to open up many new use cases in Fintech. For example, uses cases like expense tracker and lending would become a feature integrated with other apps. The impact of AA is expected to be bigger than what UPI did to India.”
Edited by: Raghujit S. Randhawa