SUBJECT: REGISTRATION AND OPERATION OF ACCOUNT AGGREGATOR
01. AN OVERVIEW:
Taking a step towards India’s entry into the world of open Banking, RBI first announced the Account Aggregator (AA) framework via a Master Circular in June, 2016.
Account aggregator system eliminates the existing process of physical document submission which is time consuming system. In this system through an Account aggregator financial information sharing between Financial Information Users (FIUs) and Financial Information Providers (FIPs) with the consent of the customer using a completely online process without any paper-work and also information or data sharing happens in a transparent and fully encrypted format assuring security and authenticity.
Account Aggregator means a NBFC as notified under in sub-clause (iii) of clause (f) of section 45-I of the Act, that undertakes the business of an account aggregator, for a fee or otherwise, as defined at clause (iv) of sub-section 1 of section 3 of these directions.
In Simply we can say an Account Aggregator is a Consent Manager for Financial Data, a new class of NBFC approved by RBI to manage consent for financial data sharing.
NBFC Account Aggregator License or NBFC-AA License is mandatory for a business model that enables financial data sharing across financial institutions.
02. WHO ARE ELIGIBLE TO APPLY ACCOUNT AGGREGATOR:
- Company Incorporated under Companies act 2013/1956
- Having NOF [Net Owned Funds] not less than 2 Crores.
- If company not having NOF 2 Crore, then meet these NOF 2 Crores criteria within the period of validity of the in-principal approval for grant of certification of registration given by the Bank.
- The promoters of the company are fit and proper.
- The company has a robust/ strong Information Technology system.
- The company shall not have a leverage ratio of more than Seven
- The company has the necessary resources.
03. GRANT OF IN PRINCIPLE APPROVAL CERTIFICATE:
After Satisfaction of above eligibility conditions Bank may grant in Principle approval having validity of 12 months.
04. GRANT OF CERTIFICATE OF NBFC ACCOUNT AGGREGATOR:
- Within the period of twelve months of In Principle approval, the company shall put in place the information technology platform and also ready all the legal documentations required for the operations and report position of compliance.
After satisfying the above-mentioned conditions Bank may issue a Certificate of NBFC Account Aggregator.
05. DUTIES AND RESPONSIBILITIES:
- Account Aggregator shall provide services to a customer based on the customer’s explicit consent.
- Account Aggregator shall ensure that the providing of services to a customer shall be backed by appropriate agreements/ authorisations between the Account Aggregator, the customer and the Financial information providers.
- Account Aggregator shall share information only with the customer to whom it relates or any other financial information user as authorized by the customer.
- Account Aggregator shall not undertake any other business other than the business of account aggregator.
- Deployment of investible surplus by an Account Aggregator in instruments, not for trading, shall however be permitted.
- No financial information of the customer accessed by the AA from the financial information providers shall reside with the Account Aggregator.
- Account Aggregator shall not use the services of a third-party service provider for undertaking the business of account aggregation.
- User authentication credentials of customers relating to accounts with various financial information providers shall not be accessed by the Account Aggregator.
- The Account Aggregator shall not part with any information that it may come to acquire from/ on behalf of a customer without the explicit consent of the customer.
- No financial information of the customer shall be retrieved, shared or transferred by the Account Aggregator without the explicit consent of the customer.
06. SHARING OF FINANCIAL INFORMATION:
- Financial Information providers shall share financial information of a customer with an Account aggregator on being presented a valid consent artefact by an Account Aggregator.
- After being presented the consent artefact the FIP shall verify Validity of Consent, Days, Usage, Credentials/ rights of Account aggregator.
07. DATA SECURITY:
- Account Aggregator shall adopt required IT framework and interfaces to ensure secure data flows from the Financial Information providers to its own systems and onwards to the Financial Information users.
- Maintain adequate safeguards in IT systems to ensure that it is protected against unauthorized access, alteration, destruction, disclosure or dissemination of records and data.
- All access of information will be consent based.
- Account aggregator shall maintain high standard security.
Account aggregator shall establish following committees:
- Nomination Committee
- Risk Management Committee.
- Audit Committee
The place of rendering services generally shall be your office or our office situated at Br. No.01: Office No. 106, Sr No. 55, Sukhniwas, 15th August Chowk, Mangalwar Peth, Pune – 411011, Maharashtra, India. Br. No. 02: 496B,2nd Floor, Near KCC Classes, Kasba Peth, Pune-411011
Pramodkumar R. Ladda
Company Secretary & Insolvency Professional
Tel: +91-20-24570055 | Office Cell : +91- 9284293227, 9309845448, 8080051671 |
Personal Mob. : +91- 7972422151, 9595271145 |
Skype id: pramodladda
firstname.lastname@example.org | http;//www.csladda.com