Account Aggregator Network: Financial Data-sharing System


    In Context

    • Recently, eight of India’s major banks joined the Account Aggregator (AA) network.


    • AA framework was created through an inter-regulatory decision by RBI and other regulators.
    • Based on the Data Empowerment and Protection Architecture (DEPA) framework
      • It allows users to securely access their data and share the same with third parties 

    What is an Account Aggregator?

    • It is a non-banking financial company engaged in the business of providing, under a contract, the service of retrieving or collecting financial information of its customers.
    • Engaged in consolidating, organising and presenting such information to the customer or any other financial information user as specified by the bank.
    • Data cannot be shared without the consent of the individual.
    • The licence for AAs is issued by the RBI.

    Working of AA

    • It has a three-tier structure: Account Aggregator (AA), FIP (Financial Information Provider) and FIU (Financial Information User).
    • A FIP is the data fiduciary, which holds customers’ data. It can be a bank, NBFC, mutual fund, insurance repository or pension fund repository. 
    • An FIU consumes the data from a FIP to provide various services to the consumer. An FIU is a lending bank that wants access to the borrower’s data to determine if the borrower qualifies for a loan. 
    • Banks play a dual role – as a FIP and as an FIU.

    Image Courtesy: Moneycontrol


    • Hasslefree & prompt Services: Replaces hassles (physical & scanned copies), with a simple, mobile-based, and safe digital data access & sharing process.
    • Cost Reduction: Allow banks to access consented data flow & create new services.
    • Fraud Reduction: ↓ frauds and compliance with upcoming privacy laws.
    • Less Physical interaction & Corporate Governance: No tampering of records.


    • Issue of data ethics: Do not enforce any standards on the acquisition of data by  FIU.
    • Possibility of abuse and data mining: Data Privacy issue 
    • Problems with the Consent Collection: Poor understanding of individuals regarding consent. 
    • Technical glitches

    Way Forward

    • The PDP Bill, 2019 provides a lens to understand how data privacy and security can be applicable to the users of the NBFC–AA system.  
    • Robust SOP should be there.


    Source: IE