Account Aggregator: Current challenges & thoughts
Challenges facing the Account Aggregator system today and thoughts on the way forward
This post assumes the reader is familiar with India’s Account Aggregator system. The system's primary purpose is to help an individual/enterprise organize financial data, such as bank transactions, investments, insurance, etc., all in one place and share them securely with a lender for availing loan or a financial advisor for receiving advice.
Image Courtesy: Sahamati Website
It has been two years now since it was formally launched. While the usage grows monthly, as per the Sahamati website, we see teething problems.
Current Accounts and Joint Accounts cannot be linked. Savings Account linking of a prominent bank fails most of the time. All the major foreign banks are still evaluating. They are not onboarded yet.
With the help of AA client utility offered by the Account Aggregators, the TSPs have delivered an account linking + consent creation experience that is somewhat conducive for upwardly mobile self-service users. But most new smartphone users will find it complex.
The assisted journey for capturing financial data is currently missing, though a separate committee seems to be working on it, per the Sahamati website. This is a must-have for the financial inclusion segment.
Data quality issues, such as transaction timestamps & transaction IDs missing from some banks, must be rectified.
Several failures with data fetch requests, especially with public sector banks. This is expected as banks may not have the infrastructure to issue 6-month / 1-year bank statements near real-time to many customers. The grievance portal is filled with issues of this nature.
Some TSPs have been vocal about these problems over the past few months. The community has come a long way with this complex multiple-entity integration, and I hope all stakeholders are committed to seeing this through swiftly.
As the Account Aggregator system will be leveraged heavily by credit distribution networks such as ONDC for Financial Services & OCEN soon, the number of data fetch requests will likely grow exponentially, with multiple lenders potentially trying to fetch the financial data simultaneously for underwriting purposes. Is our banking infrastructure ready to take the load? Also, if the consent mechanism has to enable selective disclosure to an FIU, the FIPs have to program all of them as part of their data fetch APIs. This will be an additional burden for the FIPs. Besides the scalability issues, with the current implementation, privacy experts believe that the metadata around consents can be used as a market monitoring mechanism because the consents can be tracked centrally at the Account Aggregator level.
The designers of the Account Aggregator system should consider supporting Digital Wallets in the next iteration. Financial institutions can issue the digitally signed financial statement as Verifiable Credentials (VC) to the customer's wallet. The customer can then share them directly with all the institutions. Since the Account Aggregator system already has a participant registry with the public keys of all institutions, it will be straightforward for the recipient institution to authenticate the credential's validity and retrieve the customer’s financial data.
DigiYatra system has taken this approach where the face biometric of a passenger is stored in their Identity Wallet in an encrypted format at the time of registration. The passenger can directly share the same face biometric with multiple airports & airlines every time she boards a flight.
This approach, popularly known as Self Sovereign Identity (SSI) paradigm, implements Privacy by Design principles with selective disclosure at the hands of the customer. Not only does this peer-to-peer approach address scalability, but it also helps address privacy experts’ concerns around consent tracking. Besides, it may also be possible to create Digital Wallets for assisted journey customers using a simple QR code & OTP.
OpenWallet Foundation is building open-source components for issuers and wallet providers to bootstrap implementations. Once this takes shape, Digital Wallets can proliferate as Web Browsers did in the early 1990s. This may be an opportune time for the Account Aggregator team to take a closer look at this approach.