Account Aggregators — Will They Be the UPI-Equivalent of Lending in India?

After building the interoperable UPI platforms that enabled online transactions for over a billion people, Indian banks and financial institutions are set to enter their second act in the digital finance play.

On September 2nd 2021, eight banks — SBI, ICICI Bank, Axis Bank, IDFC First Bank, Kotak Mahindra Bank, HDFC Bank, IndusInd Bank and Federal Bank — joined the Account Aggregator framework.

Account Aggregators (or AAs) are entities that share a customer’s financial information with institutions who seek to use it. The idea is to consolidate all personal financial data in one place and allow users to access financial services (like loans) with just a few clicks from the comfort of their homes.

The RBI released the AA framework back in 2016 following an inter-regulatory liaison between the four financial regulators — the RBI, SEBI, PFRDA and IRDAI. The framework has since been in the testing phase until it was opened up to the public last Thursday.

We bring you a primer on what AAs are, how they are designed to operate and what they mean for the consumers of financial services. We will also throw some light on concepts like DEPA, OCEN and the rest of the AA-related jargons that may come your way.

One-Stop-All-Info

An individual or a legal person (like a corporation) has his or her data spread across various banks and other financial providers. Each of these providers have their own methods, logins and platforms to access and retrieve that data. Some of them even require physical authentication or other non-conventional protocols to gain access which could be time-taking and cumbersome.

Account Aggregation aims to simplify this process by providing a single platform for exchange of all information. Equipped with the customer’s consent, they are able to “pull” their data from a financial information provider (FIP) and “push” it to a financial information user (FIU).

FIPs and FIUs comprise banks, lenders, NBFCs, insurance companies, mutual funds, tax collection agencies etc. Who require financial information and documents from customers and who also manufacture various financial products e.g. Loans, investment advisory etc. The Account Aggregation system eases data-sharing between these different financial service players. It is essentially a “dunzo” of financial data (picks up data from one place and delivers it to another).

So, instead of going to your bank branch or online banking portal, downloading your statements, attesting them, delivering or sending them, all you need to do is open your AA app and link your bank account. The app will then fetch your financial details and share it with the FIUs in a machine-readable format replacing the existing PDF or hard copy formats.

There are four licensed AAs currently operational — CAMFinServ, FinVu, OneMoney and NESL Asset Data Limited. Others like PhonePe, Perfios and Yodlee Finsoft have received in-principle approval. Since July, 6,000 people have begun using AAs to share data and over 7,000 accounts have been linked to these apps.

Benefits

For starters, ease of use, convenience of users and integration of data. The turnaround time in delivery of financial services is reduced significantly, not to forget the paperless nature of transactions.

But most importantly, it allows for better underwriting of credit for customers. Small-ticket loans and affordable micro-insurance could be obtained at one’s fingertips with the AA framework, thanks to the regularised, simplified and digitised access to financial records.

This ease is being touted as a “game changer” for meeting the financial needs of the MSME sector, less than 10% of which currently has access to formal credit owing to lack of transparent and accessible financial records. The AA framework is expected to close this credit gap by improving access and bringing more visibility towards their creditworthiness.

With time, the utility of AAs is likely to expand to a number of use cases as designed by financial service providers.

Data Security

At its core, the AA framework follows a consent-based data-sharing mechanism between financial sector entities. Before AA came into picture, these entities used a process called “screen scraping” under which third party applications collect screen data and translate it to display on another application.

The problem, however, lay in the lack of uniformity and inefficiency in data representation. Plus, financial data being highly sensitive in nature is best represented in encrypted format, which is what AA offers.

The bottom line is that Account Aggregators do not store data. They only capture and relay the data as consented by the user, with the right to withdraw the consent at any time (even after offering it once). In this way, they are different from “digilocker” which enables users to access, store and share digital documents.

The Open Banking Arena

India is not the first country to make inroads into the consent-based data-sharing space (the EU, UK and Australia have their own rules as well). But the AA framework arrives in the context of a larger global discussion on open banking systems (third party API-assisted financial data exchange).

Let’s simplify this in two parts. The first part involves DEPA (Data Empowerment and Protection Architecture) which is the core principle on which the AA framework is built. DEPA is a joint public-private effort towards improving data governance that was curated and implemented in India’s financial sector in 2020 under the leadership of the Ministry of Finance, RBI, PFRDA, IRDAI and SEBI.

Basically, DEPA creates a digital framework that allows users to share their data on their own terms (read: complete control over data) through third-party entities called “Consent Managers”. The AA framework is a form of “consent dashboard”, so to speak, that is operated by a third party (the Aggregator) to share data as needed.

Similar dashboards are under development in the health and communication sectors as well (see NITI Aayog’s draft on DEPA).

Now, let’s come to the second part, which is called OECN (Open Credit Enablement Network). This was launched in July 2020 as an open protocol infrastructure to facilitate interaction between entities in the financial space.

Translation: OCEN is a common language to help financial lenders and marketplaces communicate and create different financial and credit products.

Think of OCEN as a digital good available to the public for free. A standard set of APIs are provided by OCEN protocols so that applications that already interface with individuals and MSMEs can effectively “plug-in” their lending capabilities into current operations.

OCEN’s pilot project is ready to be launched through an app called Sahay which will help MSMEs to access loans in 5–10 minutes by using Account Aggregators as enablers. In a way, Sahay would be to OCEN what BHIM was to UPI.

The AA ecosystem is therefore a manifestation of both DEPA and OCEN frameworks in the financial sector that aim to improve banking by easing data-sharing processes. While DEPA creates a space (consent dashboard) to share financial data, OECN protocol ensures that the space is securely accessed by accredited users and providers of data (the plug-in pass).

Democratisation of Credit

The AA framework is not only a precursor to financial innovation but it also represents a unique techno-legal framework that allows for regulated flow of financial data on a scale hitherto unrealised anywhere in the world.

Despite this, there remain many concerns about the viability of the scheme. Considering that the AAs are data-blind, one may wonder if the resulting inability to monetise data may limit investments in customer onboarding (contrary to UPI).

Conversely, many regulatory loopholes remain in the data security front. For instance, there is no provision in the framework to prevent Aggregators from combining data sets with financial information to profile the customers. Plus, even though Aggregators aren’t allowed to store data, there is no guideline to explicitly prevent data mining from the servers which could lead to the possibility of abuse.

Having said that, the expected scale-down in the costs of creating credit history, procuring microcredit and associated transactions through AAs is undoubtedly comprehensive. By that virtue alone, AAs could hold the key to unlocking the credit potential of a billion plus market in India in the coming decade.

(Originally published September 7th 2021 in transfin.in)