Terms of Reference for the Committee on Audit Framework for Data Governance
Subject: Set up a committee to assess the need for checks on the end-use of data by FIUs
As part of our commitment to the participatory governance of the Account Aggregator (AA) network, we are delighted to announce the formation of a committee dedicated to assessing the need for end-use governance of data, analyzing incumbent processes, and recommending mechanisms that enable auditability of data usage. This committee will be crucial in addressing the fair use challenge that the AA Network faces.
The AA Network enables secure and seamless financial data sharing between Financial Information Providers (FIPs) and Financial Information Users (FIUs) with customer consent. While the Consent Artefact provides consumers with data usage information, there are challenges in verifying if FIUs are using the data responsibly and following the purpose code. Holding FIUs accountable for their data usage practices without proper verification becomes
Data sharing with third parties without customer consent raises concerns regarding privacy and ownership. This lack of transparency raises questions about data ownership, control, and customer privacy. Customers should be aware of when and to whom their data is being shared, and with adequate notification mechanisms, this vital aspect of data protection still needs to be addressed.
The primary objective of this committee is to deliberate on an ecosystem approach toward ensuring fair data usage. It is essential to comprehensively address the data-use issues and enable the auditability to engender trust in the network.
The committee aims to achieve the following:
- To examine the current mechanisms (or lack thereof) for validating fair use of customer data per the purpose code and during the declared period (data life).
- To propose measures to prevent data pass-on to third parties without the customer’s explicit notification and consent.
- To explore the feasibility and benefits of implementing an FIU consent transparency dashboard and a “Fair-use-of-AA” dashboard to enhance data usage transparency.
- To examine the feasibility of having a set of recommended consent templates at a network level with purpose, collection, and usage limitations for each use case that AA is put to use.
- To evaluate the suitability and effectiveness of Sahamati’s proposed data governance audit framework for verifying FIU data usage legitimacy.
This committee will play a vital role in enhancing end-use governance of data and ensuring the auditability of data usage within the AA Network. The recommendations will build a robust framework that promotes transparency, trust, and ethical utilization of financial data.
|6||State Bank of India (SBI)||Nitin Chugh|
|7||Axis Bank||Sameer Shetty|
|8||HDFC Bank||Ashish Abraham|
|9||ICICI Bank||Pallav Kapoor|
|10||Association of Registered Investment
|12||Fold Money||Arpit Agarwal|
|13||Angel One||Ambesh Singh|
|14||Bajaj Finserv||Anup Saha|