Two quick questions:

  • Would you consider a storage service as a part of banking and financial service?
  • Would you consider substitution of paper records with digital records and reducing or doing away with sending and receiving of paper records as part of banking and financial services?

For the first question, consider safekeeping services and bank lockers within the safety deposit vaults offered and operated by banks1.


For the second question, consider how share certificates became dematerialised via the securities depositories, depository participants and custodial services businesses – all of which comprise part of the financial services sector which are offered by banks and other intermediaries2.


Both are examples of deep innovation. Both these sets of services are immensely useful, have become ubiquitous in societal consciousness and in their acceptance as part of financial services businesses, and yet the framing of the two questions above would have compelled some head scratching and soul searching. This occurs especially when innovation is rife and a work in progress.


A deep innovation in the works, which will be as ubiquitous and useful is the business of account aggregators. Account aggregator framework can be considered an information superhighway over which financial information will travel.


Simply expressed, account aggregator framework allows a consumer control over her financial information, and in being able to obtain such financial information digitally or to authorise the transmission of such financial information to a designated receiving entity from the current financial services provider or keeper of such financial information. The service is provided by “account aggregators” licensed by the Reserve Bank of India who link the consumer, financial services providers and the receiving entity.


The financial information can be transmitted upon customer consent to receiving entities regulated by any one of the four financial sector regulators viz. Insurance Regulatory and Development Authority (IRDAI), Pension Fund Regulatory and Development Authority (PFRDA), Reserve Bank of India (RBI) and Security and Exchange Board of India (SEBI).


In this paper, your columnist looks at which financial information that a consumer is entitled to require being provided to herself or to a regulated receiving entity, the obligations of a financial information provider, opportunities and challenges in achieving a complete aggregation of “financial information” and the implications of the proposed Personal Data Protection Bill.


Financial information

RBI has specified the various types of “financial information”3 in its Master Directions titled Master Directions – Non-Banking Financial Company – Account Aggregator (Reserve Bank) Directions, 2016.

Such “financial information” means the following4:

Financial Information

1 Bank deposits including

●      fixed deposit accounts;

●      savings deposit accounts;

●      recurring deposit accounts; and

●      current deposit accounts.

2 Deposits
3 Structured Investment Product
4 Commercial Paper
5 Certificates of Deposit
6 Government Securities (tradable)
7 Equity Shares
8 Bonds
9 Debentures
10 Mutual Fund units
11 Exchange Traded Funds
12 Indian Depository Receipts
13 Collective Investment Schemes units
14 Alternative Investment Funds units
15 Insurance policies
16 Balances under the National Pension System
17 Units of Infrastructure Investment Trusts
18 Units of Real Estate Investment Trusts
19 Any other information as may be specified by RBI for the purposes of these directions, from time to time.


A quick read would make clear that these financial information are essentially the assets that a financial consumer has.


Such information is quite valuable for evaluating creditworthiness, or in aiding in financial planning or in wealth management, as well as many further and other use cases that are being developed.


In creating a framework whereby the consumer can obtain her financial information, the centrality of her having control and consenting process, and digital transmission system signals a singular leap in authenticated, verified information which can be harnessed by her when dealing with a variety of regulated receiving entities.


Obligations of financial information providers

With the financial consumers having a right to obtain or require the transmission of the financial information via the account aggregator framework, each and every financial information provider – the financial services providers who hold such financial information (or their own service providers who do so for them) – have an obligation to adopt measures for facilitating the transmission of the financial information.

The financial information providers include5:

  • bank, banking company;
  • non-banking financial company;
  • asset management company;
  • depository;
  • depository participant;
  • insurance company;
  • insurance repository;
  • pension fund; and
  • such other entity as may be identified by the bank for the purposes of these directions, from time to time.


This places an onus on each such entity’s operations, technology and compliance functions to adhere to the standards specified in the Master Directions as well as norms which ReBIT — Reserve Bank Information Technology Pvt. Ltd., and that of Sahamati, and enable their consumers to require the transmission of the financial information to the consumer or the regulated receiving entity via the account aggregator.


A financial information provider that has not enabled this could be subject to adverse consumer claims or to regulatory strictures or both.


Near-complete “financial information” to complete or fuller “financial information”

A key item which may have been noted in the definition of “financial information” is the absence of any information around credit facilities including loans of all kinds. These credit facilities are primarily provided by banks and Non-Banking Financial Companies (NBFCs). The information about such credit facilities are reported to and captured by “credit information companies” or credit bureaus, which are however not considered as “financial information providers”. Potential lenders access the credit bureaus to evaluate the creditworthiness of a consumer seeking credit facilities. The financial consumer is entitled to obtain her credit information report6 from the bank or NBFC she applied for a loan or directly from any or all credit information companies7. Accordingly, the credit information report combined with the financial information which the account aggregator framework provides a financial consumer a near-complete status of her financial standing.


Presumably since the consumer can access the credit information report and that it pertains to the borrowings and credit facilities availed, it has deliberately been kept out of the ambit of the account aggregator framework.


Moving from near-complete financial information to complete financial information may take a longer time, with RBI having to revisit and revise the definitions of financial information and financial information providers (including with respect to credit information companies).


Certain categories may also require digital information infrastructure getting harnessed and a repository being created that could be then accessed digitally.


The following sets of information are what your columnist could identify being added or considered “financial information”:

  • Security interest, if any, over financial assets, as available with the financial service provider or its registry: encumbrances or unencumbered status is very valuable information.
  • Co-ownership of financial assets, including inter se percentage ownership, as available with the financial services provider or its registry: ownership interest is very valuable information.
  • Nomination particulars, and specification of percentage allocation, etc. of the financial assets, as available with the financial services provider or its registry: in case of demise of the owner/s, this can aid the successors and legal heirs as nominated.
  • Balances held in the Employees Provident Fund Organisation (EPFO), or in the exempted provident fund trusts, and other provident or pension funds.
  • Balances held in Public Provident Fund and other small savings schemes.
  • Balances under superannuation schemes operated by insurers and offered as an employee benefit by employers.
  • Employee Stock Options (ESOPs) conferred by employers.
  • Balances held in the Post Office Savings Bank under various small savings schemes offered or in form of term deposits or monthly income schemes.
  • Senior Citizen Savings Scheme and the Pradhan Mantri Vaya Vandana Yojana or Sukanya Samriddhi Yojana.
  • Insurance policies provided by Postal Life Insurance.
  • Loan assets created via or through peer-to-peer lending platforms.
  • Physical share certificates or bond certificates issued by private companies.


Physical assets such as gold and so on also remain outside the ambit, as well as emerging, and as yet unregulated asset classes such as digital gold, other digitally denoted commodities, stablecoins (with underlying assets that are held by third party custodians) or crypto assets.


Certain asset types may also have asset registries which could inform about the ownership and wealth of an individual, including real estate, motor vehicles or ships and yachts or aircrafts that could be considered for clubbing into the definition of “financial information”. These registries could also contain information about security interest if any created over such assets.


Information held by the Income Tax Department or with the Goods and Services Tax Network (GSTN) especially for self-employed individuals is also a critical and important aspect of financial information.


Several of these being incorporated into the definition of “financial information” could be challenging, and yet would appear to be inevitably required to be done if a consumer would want all her assets and wealth to be considered when dealing with other financial services providers or for her own self and records.


The mode and manner of incorporation can be many. For instance,

  • notifying the specific asset type as “financial information” and/or holder of the financial information as a “financial information provider”: the challenge is that such entity/authority/holder of information may not actually be under the regulatory ambit of IRDAI, PFRDA, RBI or SEBI. This may mean drawing comfort from current Government Ministries or Departments having oversight over such entity/authority/holder being regarded as sufficient.
    • For instance, EPFO being under the ambit of the Ministry of Labour or GSTN being under the ambit of the Ministry of Finance; by contrast, the Post Office Savings Bank may be just simply notified as a financial information provider or bank under the current provisions of the Master Direction.
  • undertaking the move towards dematerialising of physical records (as done for physical share certificates or bond certificates) of certain types of assets, and harnessing the depositaries system and depository participants network or alternatively, encouraging creation of nationwide electronic repositories which digitalises the records of assets or could even harness blockchain for such record keeping.
    • For instance, ESOPs which are currently notified via a letter or a simple communication of the employer, if could be held in a demat account, or even real estate records being converted to digital records at a depository and reflected in a demat account would be truly transformative

These measures would also considerably improve the transparency and governance apart from aiding in aggregation of financial information.


Looking back and looking ahead

The thought process underpinning the creation of the account aggregator framework took place in 2013-2014, as reflected in the minutes and press releases of the Financial Stability and Development Council and its sub-committee. The desirability of developing a common repository of information on financial assets was discussed and an Inter Regulatory Technical Group was tasked with exploring the implementation of such a repository in a progressive manner9. These deliberations culminated in RBI notifying the Master Directions in 2016, and our progressing to having multiple licensed account aggregator entities, and a collective which enables an efficient and effective ecosystem emerging in the form of Sahamati10.


The development and regulatory framework evolved independently or at least in parallel to the rising concerns around privacy culminating in the Supreme Court decision in K.S. Puttaswamy  v. Union of India11, the constitution of the Committee of Experts headed by Justice B.N. Sri Krishna to study various issues relating to data protection in India, and framing of the Personal Data Protection Bill12. Among the consumer rights that the Bill outlines is that of consumers to transfer their data from a data fiduciary or business to other businesses via consent manager13. All companies would have to develop ways for allowing the consumers to do this.


This is quite similar to the account aggregator framework that the RBI and the financial services sector has already instituted and which has become operational.


It would be very useful to either:

  • To require that the Data Protection Authority (DPA) as proposed in the PDP Bill, would act in coordination with, including undertaking prior consultations with the financial sector regulators, or more formally, constitute a council of such financial sector regulators that DPA would consult and be guided by, so that the financial information transmission undertaken by account aggregators and the role of consent managers as contemplated, progress without contradictions or conflicts, and do so in a manner consistent for a consumer and the variety of concerns that the DPA or financial sector regulators seek to address. DPA would considerably gain from RBI’s prior and current experience in making the account aggregator framework operational14.
  • To entirely exempt the transmission of “financial information” from the ambit of the Bill so that the account aggregator framework as instituted in the financial services sector can progress and evolve given it originating earlier and independently and it being core to financial consumers and financial services sector. In such a situation, RBI can be mandated to ensure adherence at a minimum with what DPA stipulates so overall consistency is ensured for the consumer. This approach will give the sectoral specificity by RBI even as the DPA pioneers the general norm.


The above can also help in an orderly development of the type of “financial information” that a consumer may seek to access. For instance, under the Bill, all information may be expected to be capable of transmission, whereas the account aggregator framework that RBI has laid down is focused on certain financial assets. Similarly, whether the account aggregators will be under dual regulation could add to uncertainties or lead to unintended consequences if either regulators are not acting in a coordinated manner. These could be considered even as the Bill is reworked and brought back to the Parliament.


For now, a financial consumer could consider checking with her financial services provider that they are ready to transmit the financial information (or make a loud noise to make that happen) and to enroll and harness the account aggregator framework, and have the satisfaction of aggregating the financial information for a variety of uses.


Here’s looking at account aggregator framework as a deep innovation taking roots and bringing forth a Big Bang moment for financial consumers and the financial services sector, and picking up speed on the information superhighway without encountering speed-bumps or avoidable accidents.

Pramod Rao, Group General Counsel at ICICI Bank. Views are personal.

1 Sections 45-ZC and 45-ZE of the Banking Regulation Act, 1949 could be referenced for mode and manner specified in the law for accessing the contents upon death of the consumer.

2 See the Depositories Act, 1996 and Securities and Exchange Board of India (Depositories and Participants) Regulations, 2018 and Securities and Exchange Board of India (Custodian of Securities) Regulations, 1996.

3 Such definition is distinct from definitions used in certain other laws and legislations; for instance, in terms of S. 3(13) of the Insolvency and Bankruptcy Code, 2016 (IBC), “financial information” has the following definition: (13) “financial information”, in relation to a person, means one or more of the following categories of information, namely: (a) records of the debt of the person; (b) records of liabilities when the person is solvent; (c) records of assets of person over which security interest has been created; (d) records, if any, of instances of default by the person against any debt; (e) records of the balance sheet and cash flow statements of the person; and (f) such other information as may be specified. These form part of information that an “information utility” is intended to collect. Similarly, there is “credit information” defined in S. 2(d) of the Credit Information Companies (Regulation) Act, 2005 which credit information companies collect which is worthy of being looked at.

4 See Regn. 3(1)(ix) of RBI Master Directions – Non-Banking Financial Company – Account Aggregator (Reserve Bank) Directions, 2016.

5 Regn. 3(1)(xi) of of RBI Master Directions – Non-Banking Financial Company – Account Aggregator (Reserve Bank) Directions, 2016.

6 See What is a Credit Information Report or CIR HERE

7 See S. 21 of the Credit Information Companies (Regulation) Act, 2005 accessible Here.

8 How a real estate demat account could work (or not) can be found HERE and HERE and>.

9 See HERE or HERE

10 Sahamati <>.

11 (2017) 10 SCC 641.

12 Personal Data Protection Bill accessible Here

13 See Cl. 19(1)(b) of the Personal Data Protection Bill, 2019, accessible Here.

14 See Cl. 56 of the Personal Data Protection Bill, which contemplates prior consultations and even entering into of memorandum of understanding for governing the coordination of actions.

Join the discussion

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.