Banks, insurance, and financial service firms are undergoing massive shifts through digital transformation. The focus on delivering exceptional digital experiences has resulted in these firms amassing digital data of unimaginable proportions. With new incumbents such as the fintech players, data security and privacy are increasingly getting harder as data is multiplying and is shared more widely than ever before. A data-rich Indian economy is transforming into a data-driven economy of the future. However, privacy regulations are a must. The human right to privacy is essential and digital players in the financial sector must adopt design thinking principles to keep the customers at the heart of the business and not their respective products.
Financial service regulators such as SEBI, IRDAI, and PFRDA collaborated and came up with the Master Directions on AA in 2016. The intent was to create a precise and secure approach to financial data transfer. In July 2019, came another milestone in the Indian financial industry when Mr. Nandan Nilekani launched “Sahamati”, a non-profit organization that became an industry alliance for AA. The sole mission of Sahamati is to drive adoption, innovation, and compliance to regulatory standards amongst industry participants, with the ultimate goal of driving benefits to citizens through the AAe ecosystem.
In fact, the Personal Data Protection Bill has also been tabled in 2019 to define people’s right to personal data and the regulations for entities accessing user data. The same has been referred to JPC and efforts are on to get the bill passed soon and brought into law.
The AA model ensures consensual data flow and enables customers to share their data in a digital format, avoiding paper documents. The user’s encrypted data is not stored. AAs are data blind. They are authorized only to extract, aggregate, and transfer the data, ensuring total transparency.
Financial Institutions can join this framework to share and obtain financial data with user consent. This is the next big fintech revolution India is bound to experience. It offers tremendous opportunities for banks, insurance companies, mutual fund houses, wealth management and lending firms, and personal finance providers. As of date, only four entities have “Account Aggregator” operating licenses and three more have in-principle licenses.
The participating entities include Financial Information Providers - FIPs (banks, mutual fund houses, insurance providers, etc), Financial Information Users - FIUs (lending firms, personal finance, wealth management firms, etc.), and AAs (intermediaries who transfer data from FIP to FIU based on user consent.)
The power of the AA ecosystem ensures credit is accessible to people who are not a part of the credit ecosystem and make them a part of the formal economy. Even if companies and individuals are not a part of the economy, they can use their income to get a loan. This is financial inclusion at its best, where you don’t need assets to get a loan—the biggest incentive for joining the ecosystem is that it ensures access to credit at an affordable price. The platform is here to democratize data and humanize transactions.
FIPs such as banking entities are the stewards of user data. They are financial institutions having the customers’ financial information and are responsible for facilitating customers' sharing of their information, on the basis of their consent presented through an AA. In return, they too would benefit from the ecosystem by gaining access to user data from industry peers. More importantly, they are getting a powerful platform to launch personalized services for their users. The AA ecosystem brings multiple use cases and huge business potential for financial institutions. FIUs can leverage the AA framework to get users’ data with explicit consent to provide personalized services. For instance, they can get verified data from bank statements, etc., before giving credit to users. They can attract small businesses by offering faster credit, eliminating time to physically examine user data, streamlining the lending process, and onboarding users faster. In the spirit of reciprocity, FIUs have to be FIPs as well.
Coming to AA, every time a consensual transaction happens, they have the potential to earn money in terms of fees. Let’s see how it works – When the user data moves from a FIP to FIU, the AA gets the payment from FIU for generating consent to facilitate the data flow. While the fee is not fixed, AAs must strive toward making data access costs cheaper and easier for lenders. With the expectation of millions of data requests from lenders every month on the AA ecosystem, it's not an exaggeration to state that AAs have a very bright future.
The AA ecosystem can also help FIUs de-risk their loan book and reduce their non-performing assets. This can enable FIUs to offer their customers custom loan products and monitor loan accounts after disbursement to ensure lower loan loss provisions. FIUs can actually reduce the risk of false document submissions. New cash flow-based loan products can be designed to provide credit based on income and behavior and not on assets. Lenders will be able to anticipate defaulters, monitor cash flows, and improve asset quality. Robo-advisory services can also be reimagined. Through real-time access to user’s financial data, robo-advisory apps can make informed decisions.
Hence, the AA Ecosystem intends to reduce turnaround times to minutes for various financial processes and make it easier for people and MSMEs to apply for loans or financial products without using paper documents. It reduces the friction and cost of data gathering for underwriting, reducing loan decision time drastically.
To embed trust and confidence along the business benefits, the Sahamati certification framework also requires FIPs, FIUs, and AAs to adhere to the technical guidelines of Reserve Bank Information Technology Private Limited (ReBIT). The scope of this certification is to check API and functional flow adherence, along with the security specification compliance for API access authorization, encryption algorithms, cryptographic signatures, etc. This framework covers tests that check the integration of AA ecosystem entities’ systems with a central registry, a common technical service provided by Sahamati to all ecosystem partners for enabling seamless interoperability and scalability.
Aujas is one of the earliest partners empanelled by Sahamati to certify the participating entities in the ecosystem.
With the strict parameters and certification in place, individuals need not worry because data is shared in encrypted form, and no one can see user data. The AA is just a pipeline to transfer data with user consent. Users can revoke permission any time they want. The FIUs assess user data and then decide on whether the service should be rendered or not. AAs delete the data once the FIU successfully receives the data. Fears of people on financial data safety and privacy can be laid to rest.
Finally, on the very lines of UPI, the AA ecosystem is a beginning of a new dawn, a significant opportunity for financial institutions to increase the velocity of services such as lending, and finance management by ensuring faster data access and nimble processing of applications. The ecosystem is here to bring financial empowerment for individuals through personalized financial management tools and help them achieve their financial goals. It will enable technology-based tools to promote affordable wealth management at scale across income levels. Let’s embrace this.
To know how Aujas can help your organization in getting certified, do get in touch with our experts at contact@aujas.com.