A new era of digital financial services: BG Mahesh, CEO, Sahamati on the impact of the account aggregator ecosystem
In a rapidly evolving digital landscape, access to secure and reliable financial data is becoming a cornerstone of financial inclusion and innovation. At the helm of this transformation is Sahamati, an industry alliance that drives the adoption of the Account Aggregator (AA) framework in India. With a focus on empowering individuals and businesses through consent-based data sharing, Sahamati is working tirelessly to unlock the full potential of the AA ecosystem, paving the way for a new era of financial services. In this editorial interaction, BG Mahesh, CEO, Sahamati shares insights into the strategic importance of the AA framework, its impact on underserved segments, and the path ahead for data-driven financial inclusion
Some edited excerpts:
Can you give us a brief overview of the Account Aggregator Framework? Please give us context on the strategic need for such a framework and its potential
With rapid digitization, smartphone penetration, and cheap high-speed internet access, digital interactions have increased manifold. In the financial sector, this shift has dramatically enhanced access to and usage of financial services. Thus, the financial services industry holds a significant digital financial footprint for its customers.
Despite this, a significant chunk of the Indian population remains excluded from the benefits of formal finance. Lack of formal income proofs, collateral, credit histories, and systemic factors such as unorganized employment prevents the traditional financial services industry from servicing these “thin or no-file” customers.
The Account Aggregator (AA) framework aims to catalyze a fresh wave of financial inclusion by institutionalizing consent-based data-sharing in the financial sector. The AA ecosystem gives customers agency and control over their financial data across banking, securities, insurance, pension, and tax. The ecosystem empowers customers to access, share, and use their data for their benefit to access financial services at better terms. Thus, the ecosystem shifts the balance of power to favor customers and heralds a profound shift in the financial services industry.
The AA ecosystem implements the consent-based data-sharing framework laid down by the RBI NBFC-AA Master Directions, 2016. The framework is an outcome of the joint consultations of financial sector regulators (FSRs)– Reserve Bank of India (RBI), the Securities and Exchange Board of India (SEBI), the Insurance Regulatory Development Authority of India (IRDAI), and the Pension Fund Regulatory Development Authority (PFRDA) under the auspices of the Financial Stability and Development Council (FSDC) anchored by the Ministry of Finance, Government of India.
The AA ecosystem comprises four participants: customers, Financial Information Providers (FIPs), Financial Information Users (FIUs), and Account Aggregators (AAs). FIPs and FIUs are data fiduciaries licensed and regulated entities (REs) that store, manage, and protect customer data. These entities are regulated by the four FSRs and the Department of Revenue (DoR) under the Ministry of Finance (MoF). On the other hand, Account Aggregators (AAs) are a category of RBI-regulated NBFCs.
AAs enable customers to access and share financial data across institutions with explicit, informed consent. Through this consent management service, AAs act as a single point of contact for customers to give, manage, review, and withdraw consent1 from FIUs to access their data from FIPs. Thus, AAs act as consent managers (CMs) for customers in the financial sector, aligning perfectly with the Digital Personal Data Protection (DPDP) Act 2023.
The AA ecosystem transforms information into a valuable asset that customers–individuals and MSMEs–can leverage to their advantage–ushering in the paradigm of “data capital.” This data capital is poised to bring unprecedented financial inclusion across access, usage, and quality of financial services. We envision that the ecosystem can empower customers to access collateral-free, sachetized credit, cash-flow-based insurance, a 360° view of personal finance, investment advisory and wealth management solutions, and other eligibility-based financial products.
At the same time, the ecosystem equips institutions to leverage real-time data sharing from the source for drastically reduced turnaround time (TAT), straight-to-processing (STP) flows, data tampering fraud prevention, and better risk management. At the second-order level, the ecosystem will enable institutions to serve marginalized customer cohorts better. Operational efficiency, profitability, and market expansion are poised to drive productivity gains in the financial sector
Sahamati’s report shows steady growth in consent requests within the AA framework. What technological innovations or partnerships drive this adoption, and how do you expect the AA framework to accelerate lending to underserved segments like MSMEs and New-to-Credit customers?
Supply-side: As of August 31st, 2024, over 540+ cross-sectoral financial institutions across banking, securities, insurance, pension, and taxation have joined the ecosystem as 163 Financial Information Providers and 483 Financial Information Users. In addition to the four financial sector regulators (FSRs), the Department of Revenue (DoR) under the Ministry of Finance (MoF) has integrated GSTN with the AA ecosystem in 2023. Collectively, these entities have empowered customers with access, agency, and control over financial data across more than 2.12 billion financial accounts.
Demand-side: As the supply has strengthened, we are witnessing the consumption of latent demand for tamper-proof, secure, and efficient data-sharing alternatives. Until 31 August 2024, the ecosystem had facilitated more than 106.23 million successful consent-based data-sharing transactions across 92.23 million financial accounts. Currently, the ecosystem fulfills around 3,00,000 daily consent-based data-sharing transactions!
Role of the Alliance: As the industry alliance for the AA ecosystem, Sahamati drives adoption through advocacy and education, builds a cohesive community, anchors participatory governance for self-regulation, creates technical infrastructure for support implementation and network operations, strengthens the legal foundation, and undertakes international advocacy of the ecosystem. We believe the ecosystem is at an inflection point for exponential growth, and to support this trend, we are strengthening the ecosystem across the demand and supply sides.
Accelerate Credit to NTC and MSMEs: The AA ecosystem strengthens cash-flow-based credit underwriting by equipping institutions with transactional data, especially across banking. NTC customers such as street vendors, daily-wage laborers, and gig workers, among others, can access sachetized credit products and build a formal credit history. At the same time, the availability of GST receipts enables financial institutions to assess and underwrite micro-enterprises, sole proprietors, and other small businesses effectively. The AA ecosystem can pave the way for unserved and underserved customer segments to graduate to better financial services.
One key benefit of the AA framework is its ability to consolidate scattered financial data for ‘thin-file’ customers. How are technology platforms using this data to bring more individuals into the formal lending ecosystem, and how does this impact financial inclusion?
Let’s understand this by looking at the example of Laxmi–a street vendor who sells cut fruits roadside. She has a Jan Dhan bank account connected to a merchant UPI ID to collect payments via a QR code displayed on her cart. Due to the lack of formal employment, proof of income, and collateral, Laxmi cannot access formal financial services.
Using her transactional data, the company that provided Laxmi with the merchant QR code might have offered her personal or working capital loans. However, she is most likely unable to get credit from her bank or apply for insurance due to her lack of a “credit history,” “thin file,” or formal income proof.
Fintechs and digitally-native NBFCs can offer sachetized financial products to unserved and underserved customer segments using transactional customer data accessed through unreliable and insecure modes such as SMS and e-mail parsing. But, the amount of capital available to be lent out is a fraction of the credit crunch plaguing the country. Conversely, although traditional banks have significant deployable funds, they either are not technologically too savvy or tend not to rely much on these data-sharing modes to access customer data.
This is where the Account Aggregator (AA) ecosystem offers paradigmatic change through democratizing data capital for customers and institutions alike. Customers can consolidate and share their financial data across multiple accounts to financial institutions directly without needing elaborate and custom bilateral integrations across the financial system. Thus, the AA ecosystem democratizes cash-flow-based assessment for financial institutions offering credit and life insurance.
AAs empower individuals by giving them control over their digital financial footprint. What steps is Sahamati taking to ensure that the technology behind this consent-driven data-sharing model is secure and user-friendly, especially for the less tech-savvy population?
The Account Aggregator (AA) ecosystem is a digital public infrastructure (DPI) for data-sharing predicated on the explicit, informed consent of the customer. The DPI Approach involves laying down the barebone technology infrastructure that equips market participants to innovate use cases and customer experiences for a diverse range of segments across cohorts, languages, etc. One of the foundational principles of Sahamati involves supporting use cases that “innovate for inclusion.”
One such process innovation focused on digitally less savvy customers is the Assisted Account Aggregator (AA) flow model. In this model, the on-ground staff, such as banking correspondents, on-field sales employees, etc., handhold customers through the complete journey. This enables customers to participate in the AA ecosystem and access crucial financial services. We are actively working with the ecosystem to strengthen the AAA model further and allay customer protection concerns.
Additionally, we also plan to launch and scale customer education and awareness campaigns to drive the next phase of growth in the ecosystem. We believe that driving customer demand for consent-based data sharing will spark unprecedented growth and enable us to democratize financial services in India.
We have ramped up our advocacy and plan to extend that to customer education and awareness initiatives. We are building a high-performance technology infrastructure to support interoperability and streamline network operations. At the same time, we are transitioning from a loosely bound, voluntary alliance to a rigorously structured member-driven association to engender enforceability and self-regulatory initiatives of the ecosystem.
Lenders have seen up to a 25% reduction in transaction costs through the AA framework. How is technology leveraged to streamline customer onboarding, loan processing, and data monitoring? Are there other cost-saving use cases beyond lending?
The AA ecosystem has significantly reduced the cost of data collection for lenders. The recurring fetch consent in the ecosystem opens up avenues for other efficiency-inducing use cases for lenders.
Risk Management is a critical vertical in the financial services industry, especially for lenders. The recurring consent in the AA framework allows FIUs to fetch customer data periodically. This feature enables FIUs to create multiple risk management use cases for fraud prevention, early warning signals, and defaulter collection, among others. Additionally, this feature can also help customers prevent EMI bounces, check bounces, and other scheduled payment related notifications. The recurring fetch is a seamless feature, and the customer is always in control and can revoke a recurring consent easily with their AA.
Beyond banks and NBFCs, the AA ecosystem also equips financial institutions such as insurers, registered investment advisors (RIAs), and portfolio management services (PMS), among others, to collect tamper-proof, machine-readable data from the source with the explicit informed consent of the customer. This functionality allows institutions to cut down on fraud prevention, optical character recognition (OCR), and data-scraping technology services.
As reported by one of the RIAs, the AA ecosystem has enabled a ₹250 cost reduction in their customer acquisition operations. At the same time, multiple stockbrokers have also employed AAs to verify customer incomes for Futures & Options (FnO) account opening and onboarding. Interestingly, the Ministry of Rural Development (MoRD) ran a pilot program with the AA ecosystem to monitor the implementation of welfare schemes employing DBTs (direct benefit transfers) and identify gaps.
How are advanced technologies like AI and machine learning integrated into the AA ecosystem to improve data analysis, automate decision-making, and enhance operational efficiencies for financial institutions?
Data analytics and predictive analysis are the backbone of financial decision-making in the modern financial services industry. The efficiency of these models depends heavily on the availability of accurate data. FIUs that have integrated AA into their systems can access reliable, machine-readable, tamper-proof data from the source. Advanced AI/ML models can serve as an intelligence layer for financial institutions to bolster their financial decisioning models.
Recent developments in Generative AI (GenAI) have also opened up significant avenues for innovation in the financial services industry. FIUs can capitalize on this opportunity and proliferate innovative use cases across the ecosystem. FIUs can leverage the ecosystem to improve data analysis, automate decision-making, detect and prevent fraud, and enhance operational efficiencies for financial institutions.
With 163 Financial Information Providers currently integrated, how do you see the AA ecosystem evolving to incorporate more diverse entities like fintechs, insurance companies, and mutual funds? Are there plans to extend beyond financial services into other industries?
Additional Financial Information (FI) Types: In the short term, the ecosystem is pursuing activating either/or survivor, joint accounts, and corporate accounts with multiple users in the AA ecosystem. In the medium term, the ecosystem aims to integrate the Central Board of Direct Taxation (CBDT)-held Income Tax Returns (ITR) data as well as Employee Provident Fund Organization (EPFO)-held EPF data. Thus, in the short to medium term, the ecosystem aims to expand across the financial ecosystem.
Expansion Beyond Finance: The AA framework is a technologically sector-agnostic digital public infrastructure. In addition, the framework design aligns completely with the principles enshrined in the Digital Personal Data Protection (DPDP) Act 2023. Thus, we believe that the ecosystem is one of the pioneering implementations of India’s nascent data protection regime.
Having said that, the framework’s DPI rails can serve as a starting point for any industry to institutionalize consent-based data sharing. At the same time, in the medium to long term, we might witness the application of various non-financial data types to enhance the delivery of financial services. However, the ecosystem currently is focused on stabilizing operations in the financial sector. And the expansion beyond finance is a decision for policymakers to take.
As AAs scale, responsible data usage is crucial. How is Sahamati using technology to develop and enforce Fair Use templates to prevent data misuse, and how does this approach align with global best practices in data governance?
Explicit, informed consent is the bedrock of the Account Aggregator (AA) ecosystem. Under the RBI NBFC-AA Master Directions, the FIUs must notify customers of the purpose of data usage. FIUs also present the consent notice to the customer, which includes parameters such as the duration of which data will be used, the type of data requested, the period of data requested, recurring frequency, etc.
The objective of the consent notice is to ensure that the consent is informed and to legally bind the FIU to adhere to the parameters approved by the customer. Fair Use Templates are an initiative started by the AA Ecosystem along with Sahamati to standardize and define the upper bounds for each parameter of consent notice as is agreed as adequate and reasonable by financial information users such as lenders, insurance companies, and brokers for their respective use cases.
We are building a Fair Use Compliance infrastructure to verify compliance with consent parameters and fair use templates. This framework operates programmatically, integrating with “Consent Request” and “FI Request” APIs to enforce compliance. The framework functions by processing inputs from consent requests and FI requests, including details on the data request and consent parameters.
At the heart of this framework is the Policy Agent, which plays a crucial role in evaluating API requests against the established fair-use templates. The Policy Agent uses the defined fair use parameters to determine whether to accept, reject, or report a request. This framework is designed to enhance transparency, uphold data privacy, and build trust within the ecosystem by ensuring data usage remains strictly within the agreed consent parameters.
India’s Account Aggregator framework is a pioneering model for consent-based data sharing. What technological innovations in the AA ecosystem could interest other economies, and how do you see the AA framework being adapted globally to support financial inclusion and digital transformation?
The AA ecosystem is one of the world’s most sophisticated implementations of consent-based data sharing. The framework employs a global-first approach to unbundle consent management into a specialized entity. The decoupled consent approach prioritizes mobile access, enabling users to share data from multiple accounts with a service provider. Thus, “consent managers,” or Account Aggregators, provide the best consent experience to the customer. This approach enables the market to innovate products, services, and customer experiences across diverse
cohorts.
Additionally, akin to the techno-legal digital public infrastructure approach, the AA ecosystem is built atop open protocols. These standardized specifications ensure a rigorous technology foundation for the ecosystem. One of the most important aspects of such implementation is its scalability. The global adoption of such a framework holds the potential to foster cross-border synergies in data sharing, innovation, and market expansion.
