News: The government announced that 11 crore users had linked financial information as of September 5, 2025, enabling secure, consent-based data sharing across institutions.
About Account Aggregator
- An Account Aggregator (AA) is an RBI-regulated NBFC-AA.
- It enables secure, real-time, consent-based sharing of financial information between institutions.
- It acts as an intermediary between Financial Information Providers (FIPs) and Financial Information Users (FIUs).
- AAs do not store or process data; they facilitate encrypted transfer based on a consent layer.
- Users can choose among multiple AAs. Examples include CAMS FinServ and PhonePe AA.
How it work?
- Users link their bank accounts to an AA.
- They give granular consent to share specific data with an FIU (e.g., a lender or wealth manager).
- The AA fetches the requested data from the relevant FIP (e.g., a bank) and securely delivers it to the FIU.
- Registration is voluntary. Users select which accounts to link, can reject requests, and can revoke ongoing consents at any time. The access duration is shown at the time of consent.
- One AA registration works across banks on the network. Apps (e.g., Finvu, OneMoney, CAMS Finserv, NADL) are available; some AAs may charge users, others may charge institutions.
How is Account Aggregator different to Aadhaar eKYC data sharing, credit bureau data sharing, and platforms like CKYC?
- Aadhaar eKYC and CKYC only allow sharing of four ‘identity’ data fields for KYC purposes (eg name, address, gender, etc).
- Similarly, credit bureau data only shows loan history and/or a credit score.
- The Account Aggregator network allows sharing of transaction data or bank statements from savings/deposit/current accounts.
Significance of Account Aggregator
- Replaces physical, notarised, or password-based data sharing with a simple, mobile, consent-driven process.
- End-to-end encryption and digital signatures secure data; AAs cannot view or aggregate personal data.
- Improves access to loans by providing tamper-proof data quickly and cheaply, speeding evaluation.
- Enhances money management by enabling secure consolidation of data stored across locations.
- May enable loans without physical collateral by sharing trusted information (e.g., GST or GeM cash flows).
Stakeholders and Adoption
- FIPs: Banks, mutual funds, insurers, etc.
- FIUs: Lenders, wealth managers, insurers, etc.
- AAs: Licensed entities that route encrypted data.
- 112 institutions operate as both FIPs and FIUs; 56 are only FIPs; 410 are only FIUs, showcasing wider adoption across the financial spectrum.
Unified Consent Infrastructure (DPDP Act)
- The DPDP Act, 2023 introduces Consent Managers (CMs) for consent collection, withdrawal, lifecycle management, and secure sharing.
- Aligning AA and CM frameworks avoids duplication, increases efficiency, promotes innovation, and strengthens Digital Public Infrastructure.
