Sahamati is a Collective of Account Aggregator ecosystem set up as a non-Government, private limited company (With the new Companies Act of India, not for profit companies are governed under Section 8).
An individual’s or enterprise’s data is spread across silos and islands in banks, telcos, healthcare institutions with no framework in place for them to share with their benefactors. This data is essential to help build better products for the individual/entity.
An individual/entity has to collect, collate and share data themselves either physically or electronically. This is slow, taking upto a week to share and expensive.
No mechanism exists for a benefactor entity to access a user’s data digitally or physically, even after the user’s explicit consent.
However, most of these data reside in islands and silos and there is no framework available to integrate and aggregate them that can provide a full view of an individual/entity’s data.
Today, data sharing is done by screen scraping through user’s credentials or user has to physically or electronically share the data.
Also, there is no framework available that can let an entity access users’ data even with users’ permissions. As a result, there is still friction in accessing data and a large amount of data is not effectively leveraged. Hence, the transition of ‘data rich society’ to an ‘economic rich society’ is still not happening.
The RBI approved a new class of NBFCs in 2016 to act as Account Aggregators. The main responsibilities of the account aggregator are to provide services based on the explicit consent of individual clients. This primarily includes transfer, but not storing, of a client’s data.
Account Aggregator (AA) is the construct/framework that addresses the above pain points and provides a digital platform for easy sharing and consumption of data from various entities with user consent. RBI and other Financial Services Regulators (FSRs) are providing the required regulatory support and guidance for the rollout of AA.
Data Empowerment and Protection Architecture (DEPA) is a new approach, a paradigm shift in personal data management and processing that transforms the current organization centric system to a human-centric system. By giving people the power to decide how their data can be used, DEPA enables the collection and use of personal data in ways that empower people to access better financial, healthcare, and other socio-economically important services in real-time while preserving the safety, security and privacy of the user. The architecture of AA is based on the DEPA framework.
An Account Aggregator provides data to a Customer or Financial Information User (FIU) from a Financial Information Provider (FIP) based on the user’s explicit Electronic/Digital Consent.
No financial information of the user is retrieved, shared or transferred by the Account Aggregator without the explicit consent of the user.
An AA merely acts as a conduit between FIUs and FIPs and does not process the data. An AA is ‘data-blind’ as the data that flows through an AA is encrypted and can be processed only by the FIU for whom the data is intended. Also, an AA does not and cannot store any user’s data – thus, the potential for leakage and misuse of user’s data is prevented.
Why is an Account Aggregator Needed?
Without the AA framework and the construct, there is no mechanism available for end users to provide data securely to different entities. Several mechanisms such as
- sharing account credentials with third party apps,
- providing hard copies of data,
- forwarding information through emails etc are used today to share data.
Each of these mechanisms result in friction in acquiring data securely and can result in data leakage, compromising data privacy.
The AA framework facilitates consented sharing of information in real-time and eliminates the above issues while ensuring data privacy.
The role of AA is not limited to financial data alone. AA framework will be extended to handle data from other domains also – very soon healthcare and telecom related data too will be available thru AAs.
We strongly recommend you to attend one of the Account Aggregator Workshops to get familiar with the process of integrating with an AA. The Account Aggregators with an in-principle license are listed here.
You can find all key resources related to Account Aggregators here.
Interested in joining the exciting world of Account Aggregators? Have questions? Have suggestions? Visit the contact page to drop a note now.