The AA Master Directions issued by RBI and Technical Specifications published by ReBIT provide an overarching framework to guide dos and don’ts of participants in the AA network.
There are however several questions that arise during implementation, which involve interpreting the above-mentioned high-level directions/specifications and crafting lower-level procedural decisions, that are understood and implemented uniformly by all AA participants.
Such “procedural decisions” (henceforth referred to as “guidelines”) are the product of community deliberations in one or more of the steering committee(s) and/or working group(s) that Sahamati organizes.
Once guidelines are published upon the conclusion of deliberations, they are expected to be adhered to by all other community members. Modifications to such guidelines, based on newer market feedback or regulatory guidance, are, of course, to be handled from time to time through further deliberations in the steering committee(s) and/or working group(s).
Such guidelines usually would also make their way into checklists that guide implementations. Optionally, some of these guidelines may be incorporated in future versions of the AA Ecosystem Participation Terms.
However, the incorporation or otherwise, into checklists and the Participation Terms, has no bearing on the expectation of such adherence. Once a guideline reaches a stage of agreement in the relevant steering committee(s) and/or working group(s), it is expected to be adhered to, in good faith by all community members.
Market participants are expected by the community members to not proceed with divergent implementations, without submitting their views to the community forum. Market pressures should certainly motivate faster consensus on such matters but not be reasons for divergent behavior, as that may be detrimental to both customers and ecosystem participants.
This document aims to provide a list and details of all guidelines (and their lifecycle stage) discussed thus far, across Sahamati Steering committees and working groups.
Enforcement of adherence to guidelines
Enforcement of adherence follows a three-step process:
- Clarity and explanation – through checklists and ecosystem participation terms
- Review of checklists and explanation of deviations – during onboarding assistance provided by Sahamati to every participant.
- Transparency of information pertaining to adherence – through public dashboards available on the Sahamati website
Punitive measures to ensure enforcement of such guidelines are outside the scope of this document.
The overarching spirit of this document is to provide clarity to all participants on what convergent thinking on any subject is. Such clarity is expected to either foster healthy debate or adherence amongst most participants. This document is intended to serve such an audience.
Summary of the Guidelines
As of this version, there are 61 guidelines grouped across 20 topics, as listed below.
Serial No. | Topic | Guidelines Finalised |
1 | Customer registration and de-registration | 2 |
2 | User Identification and Authentication | 1 |
3 | Account Discovery | 6 |
4 | Account Linking and Delinking | 3 |
5 | Consent Request Management | 5 |
6 | Data Request Management | 2 |
7 | Consent Lifecycle Management | 1 |
8 | Customer as a Data Recipient | 1 |
9 | FIU Roles and Responsibilities | 3 |
10 | FIP Roles and Responsibilities | 5 |
11 | Technical Interoperability | 3 |
12 | Reciprocity Obligation | 1 |
13 | Central Registry and Token Issuance Service | 4 |
14 | Purpose Codes | 2 |
15 | AA Client Integration | 7 |
16 | Participation Terms | 4 |
17 | Grievance and Dispute Resolution | 3 |
18 | API Implementation Best Practices | 2 |
19 | Storage of Data | 2 |
20 | Certification Framework | 4 |
TOTAL | 61 |