India’s Account Aggregation Framework – Q&A for Beginners

India has had a very different and intriguing approach to Open Banking. Unlike many other geographies where instant payment initiatives are running in parallel to open data initiatives, India flipped the equation by implicitly launching Open Banking with payments first on what is now widely considered the best real-time payments network in the world – UPI. Having tasted success on a large scale with UPI, India is now on the cusp of going live with the Account Aggregation framework, which will be its first foray into consent-based financial data sharing. The following primer attempts to answer some of the fundamental aspects of the Account Aggregation framework:

What are Account Aggregators?

Account Aggregators are trusted intermediaries who are empowered to broker the exchange of consumer financial data between data providers and data users. Data providers and users are accredited enterprises. Currently, they fall under the ambit of one of the four Indian financial services regulators – RBI, SEBI, PFRDA, and IRDA. The exchange of data happens strictly based on consumer consent.

The Reserve Bank of India has so far issued six in-principle Account Aggregator licenses, and these entities have 12 months to prove technological and operational readiness (by ~February 2020).

What is consent, and what does an Account Aggregators have to do with it?

Consent is the fourth logical layer of the IndiaStack, i.e., presenceless, paperless, cashless, and consent. In simple terms, it means an informed approval from a consumer to use data that pertains to him/her.

Consent applies to all artifacts of the IndiaStack, e.g., Aadhaar, DigiLocker, or UPI. In the context of Account Aggregators, this means opening up access to one’s financial data held in a bank, fund house, or an insurer to another enterprise under the strict consent of the consumer. Consent is created, maintained, and transported in the data flow by the Account Aggregator.

Why is all this needed?

To obliterate data asymmetry. Currently, the exchange of personal and business financial data between enterprises is either non-existent or, at best, very inefficient. The result is stifled innovation and significant opportunity losses on financial inclusion. Once an efficient, automated, and standardized infrastructure for data exchange is put in place, the ecosystem is expected to leverage it, and competitive dynamics will catalyze new products and services improving innovation in financial services.

Think microcredit and microinsurance at a population scale purely based on information and data flow. This should help thin-file borrowers obtain access to credit, reduce the cost of credit owing to lower risk or lower covenants, and significantly cut short the lead time for money-to-bank.

After consent-based opening up of personal data (Aadhaar, DigiLocker) and exchange of value (UPI), unlocking financial data is the final step to achieving complete open banking in India. Account Aggregation is also the pilot for the implementation of DEPA (Data Empowerment and Protection Architecture) and PDP (Personal Data Protection), starting with financial services. This will, later on, extend to other industries such as healthcare and telecom.

The picture below illustrates this:

So, what’s new, and how is it different from Open Banking regulations in other parts of the world?

Unlike PSD2 in the European Union, UK Open Banking, Australia, or Hong Kong, this is not a regulatory mandate in India. But so was UPI, which has touched over a billion transactions per month today after a slow start. As innovative use cases emerge and benefits become tangible, players in the ecosystem will be incentivized to come to the party.

Additionally, this is an intermediary-led Open Banking model that is unique. Since the management of consent is the sole responsibility of Account Aggregators and not left to the information providers, dilution of consent can be kept under check. 

Most significantly, as of now, this is the only Open Banking framework in the world which covers the entire scope of banking, investments, and insurance products backed by a robust infrastructural foundation and a set of prescriptive standards & API specifications.

Account Aggregators cover purely ‘read’-style financial data exchange (inquire and fetch). 

Watch this space for more details on operational guidelines, use cases, revenue models, and technological aspects of AA, India’s unique approach to Open Banking.