The Securities and Exchange Board of India recently issued an important but expected circular enabling SEBI-regulated entities such as depositories and AMCs through their Register and Transfer Agents to take part in the account aggregators’ framework as financial information providers (FIPs).
The circular mandates that FIPs share data in response to consent requests received from any of the RBI-licensed account aggregators (AA).
This step could be a game changer for the financial advisory industry if all stakeholders abide by the rule in letter and spirit.
Seamless data portability
The NITI Aayog has introduced an AA framework to ensure secure and seamless data portability of consumer data among service providers. An AA is an RBI-regulated non-banking financial company (NBFC) that facilitates retrieval or collection of financial information pertaining to a customer from FIPs on the basis of explicit consent of the customer.
The financial information shared through the AA is not to be stored and is not its property either. "This information is not to be used in any other manner except for the purpose of providing it to the customer or consented Financial Information User (FIU). Thus, the Account Aggregator facilitates consolidation, organisation, presentation of the financial information to the customer or FIU based on the explicit consent of the customer," SEBI said.
To enable these data flows, the FIPs in the securities markets should implement interfaces that will allow an AA to submit consent artefacts, and authenticate each other, and would enable secure flow of financial information to the AA, said SEBI.
Once SEBI-regulated intermediaries join the bandwagon, this initiative would enable information of over 9.65 crore demat account holders and nearly 13 crore mutual fund folio accounts shared digitally on real-time basis, of course, with the explicit consent of customers. This will also ensure the much needed electronic trail for clients.
However, both SEBI and RBI should ensure the confidentiality of the documents. The system must be fool-proof to unauthorised access by hackers and other third party individuals wishing to market their products.
Another area of concern is getting consent from clients. Intermediaries opting for consent must not do so on a mere “yes” or “no”. Instead, SEBI must have have proper validation models like system-generated OTPs and other strong criteria.
Like Aadhar and UPI, account aggregators will also be a mass product that will change the way financial services are being offered in the country.