FIP/FIU Connecting With Account Aggregators

To begin with, congratulations on taking the decision to join the AA ecosystem!

Financial Information Provider (FIP) and Financial Information User (FIU) modules are available from Technical Service Providers that you could use readily to get onto the AA ecosystem quickly. If you decide to build on your own FIP/FIU module, the steps are below.

To begin with, please refer to the following on our Resources page.

1. Account Aggregators in India
2. Account Aggregator Master Directive by RBI
3. Account Aggregator Ecosystem API Specifications
4. Account Aggregator Schema Definitions
5. Account Aggregator Purpose Definitions
6. Electronic Consent Framework by MeitY

Currently, only players who are registered and regulated by either of the four Financial Service Regulators (FSR)– RBI, SEBI, IRDA, PFRDA, are allowed to be FIPs and FIUs.

Sandboxes of Account Aggregators

Account Aggregator	Sandbox URL	Support Contact Info
FinVu	https://finvu.github.io/sandbox/	support@cookiejar.co.in
NADL	https://nadl-aa.github.io/sandbox-api/	support@nadl.co.in
OneMoney	https://developer.onemoney.in	support@onemoney.in
Yodlee Finsoft	https://aa.yodleefinsoft.com/aaclient/	support@yodleefinsoft.com
All sandboxes are available 24x7! What are you waiting for? Hack on!

Onboarding an FIU with an Account Aggregator

1. Implement (buy or build) an API driven tech platform based on ReBIT FIU specifications. Refer to the link of FIU specifications (https://swagger-ui.rebit.org.in/?url=https://specifications.rebit.org.in/api_specifications/account_aggregator/FIU.yaml).
2. Tech platform should enable FIUs to
   1. Request for customer consent. (Call the AA /Consent API)
   2. Process notification from the AA when the customer has accepted/rejected the consent on AA domain (mobile, web). 
   3. Store the customer consent and request for financial information via AA
   4. Process the data ready notification received from AA, and call fetch API of AA to fetch the financial data. (Refer to AA API https://swagger-ui.rebit.org.in/?url=https://specifications.rebit.org.in/api_specifications/account_aggregator/AA.yaml)
   5. Decrypt and store the data for the various use cases.
3. Enhance the Customer experience on the existing FIU Mobile / Web app to facilitate the customer to provide financial information from AA.
4. The UI should allow the customer to enter an AA id, and based on the AA handle request for customer consent from the AA (Refer Step 2.1)
5. Test the platform and the flows with an AA sandbox.
6. Additionally, FIU should determine consent request parameters for the product(s) – consent purpose, consent frequency, FI Types for which financial information is requested, data range etc. (Refer to the FIU API of ReBIT https://swagger-ui.rebit.org.in/?url=https://specifications.rebit.org.in/api_specifications/account_aggregator/FIU.yaml)

Onboarding a FIP with an Account Aggregator

1. Implement (buy or build) an API driven tech platform based on ReBIT FIP specifications. Refer to the link of FIP specifications (https://swagger-ui.rebit.org.in/?url=https://specifications.rebit.org.in/api_specifications/account_aggregator/FIU.yaml)
2. The tech platform should enable FIP to
   1. Allow the AA to discover customer accounts as per the identifiers provided by the customer on the AA domain (eg RMN, Customer ID, PAN, Account No, etc).
   2. Authenticate the customer account via OTP based token that Customer will receive from FIP and enter on the AA domain (mobile, web). This establishes the linkage of the customer accounts with the FIP.
   3. Receive and store the customer consent as received from AA.
   4. Allow the AA to request for financial information based on the customer consent presented in the FI request.
   5. Check the validity of consent and process the received FI request by calling internal FIP source systems to fetch financial information.
   6. Once data is available from the FIP source system to encrypt and notify AA of data availability.
   7. Process the AA call to fetch financial information and return encrypted data.
3. Determine and leverage existing APIs available with FIP to enable Step 2.
4. For Step 2 & 3, additional integration work may be required so that new platform can interact with the existing FIP source system.
5. Ensure that financial data is as per the standard data schemas provided by ReBIT. Refer to (https://api.rebit.org.in/schema)
6. Enrich the data being shared based on the ReBIT FI data types and schemas.
7. Expose APIs implemented as part of the tech platform (Step 1 & 2) for AA to call. Refer to the link of FIP specifications (https://swagger-ui.rebit.org.in/?url=https://specifications.rebit.org.in/api_specifications/account_aggregator/FIU.yaml)
8. Test with multiple AAs on a sandbox environment.
9. Additionally,
   1. Determine the FI types that is being supported by FIP and for which data is being shared (e.g. CASA, term deposit, credit card account, etc). Refer FI Type https://api.rebit.org.in/schema
   2. Setup test data based on FI Type so that AAs can test with multiple accounts.

Before your FIP and FIU modules go live they need to be certified by Sahamati empanelled auditor.

Also see,

• Nov 8, 2019: RBI announces Technical Specifications for all participants of the Account Aggregator (AA) ecosystem
• Technical Service Providers in the AA Ecosystem
• Account Aggregator Certification Framework