DigiSahamati Foundation (Sahamati) is a Collective of Account Aggregator ecosystem set up as a not-for-profit private limited company under Section 8 of the new Companies Act of India.
An individual’s or enterprise’s data is spread across silos and islands in banks, telcos, healthcare institutions with no framework in place for them to aggregate and share with their benefactors. This aggregated data can provide a full view of an individual/entity’s data and is essential to help build better products for the individual/entity.
An individual/entity has to collect, collate and share data themselves either physically or electronically. This is slow, taking up to a week to share and expensive.
No mechanism exists for a benefactor entity to access a user’s data digitally or physically, even after the user’s explicit consent.
Today, data sharing is done by screen scraping through the user’s credentials or user has to physically or electronically share the data.
Also, there is no framework available that can let an entity access users’ data even with users’ permissions. As a result, there is still friction in accessing data and a large amount of data is not effectively leveraged. Hence, the transition of ‘data-rich society’ to an ‘economic rich society’ is still not happening.
The RBI approved a new class of NBFCs in 2016 to act as Account Aggregators. The main responsibilities of the account aggregator are to provide services based on the explicit consent of individual clients. This primarily includes transfer, but not storing, of a client’s data.
Account Aggregator (AA) is the construct/framework that addresses the above pain points and provides a digital platform for easy sharing and consumption of data from various entities with user consent. RBI and other Financial Services Regulators (FSRs) are providing the required regulatory support and guidance for the rollout of AA.
An Account Aggregator provides data to a Customer or Financial Information User (FIU) from a Financial Information Provider (FIP) based on the user’s explicit Electronic/Digital Consent.
No financial information of the user is retrieved, shared or transferred by the Account Aggregator without the explicit consent of the user.
An AA merely acts as a conduit between FIUs and FIPs and does not process the data. An AA is ‘data-blind’ as the data that flows through an AA is encrypted and can be processed only by the FIU for whom the data is intended. Also, an AA does not and cannot store any user’s data – thus, the potential for leakage and misuse of user’s data is prevented.
Why is an Account Aggregator Needed?
Without the AA framework and the construct, there is no mechanism available for end users to provide data securely to different entities. Several mechanisms such as
- sharing account credentials with third party apps,
- providing hard copies of data,
- forwarding information through emails etc are used today to share data.
Each of these mechanisms result in friction in acquiring data securely and can result in data leakage, compromising data privacy.
The AA framework facilitates consented sharing of information in real-time and eliminates the above issues while ensuring data privacy.
We strongly recommend you to attend one of the Account Aggregator Workshops to get familiar with the process of integrating with an AA. The Account Aggregators with operating & in-principle licenses are listed here.
You can find all key resources related to Account Aggregators here.
Interested in joining the exciting world of Account Aggregators? Have questions? Have suggestions? Visit the contact page to drop a note now.