NBFC Account Aggregator Compliance

NBFC Account Aggregator Compliance ensures secure data sharing and adherence to RBI regulations for managing financial information aggregation.

  • More Than 20 years of experience
  • Team Comprises of Ex Bankers, CAs, CSs and Lawyers
  • Fully Integrated Services
  • Transparency in engagement
  • Solution based approach
Enquire Now

Our Services

A Brief Overview of NBFC Account Aggregator Compliances

Account Aggregator (AA) network was introduced as a financial data-sharing system by Reserve Bank of India (RBI) when it issued the Master Direction viz Non-Banking Financial Company (NBFC) – Account Aggregator (Reserve Bank) Directions, dated September 02,2016.

Account Aggregator (AA) is a Non-Bank Finance Company (NBFC) engaged in the business of providing the service of retrieving or collecting financial information pertaining to the customer. No financial information of the customer is retrieved, shared or transferred by AA framework without the explicit consent of the customer. AA transfers data from one financial institution to another based on an individual’s instruction and consent. Registering with an AA is fully voluntary for consumers.

Entities may enrol themselves on AA framework as Financial Information Provider (FIP) viz. banking company, NBFC, asset management company, depository, depository participant, insurance company, insurance repository, pension fund etc. and as Financial Information User (FIU) which is an entity registered with and regulated by any financial sector regulator. At present, RBI has granted Certificate of Registration to fourteen companies as AA.

Registration and matters incidental thereto

(a) No entity other than a company shall undertake the business of an Account Aggregator.

(b) No company shall commence or carry on the business of an Account Aggregator without obtaining a certificate of registration from the RBI.

Provided that, entities being regulated by other financial sector regulators and aggregating only those accounts relating to the financial information pertaining to customers of that particular sector will be excluded from the above registration requirement.

(c) Subject to the above proviso, entities that are undertaking the business of an Account Aggregator, as defined in RBI directions, as on the date of effect of the directions, shall apply for registration as an Account Aggregator, in compliance with these directions, to the RBI within a month from that date. Such companies, which have applied to the RBI for registration as an NBFC – Account Aggregator, shall be permitted to continue the business of an Account Aggregator till their application for issue of Certificate of Registration is rejected or twelve months from date of the application, whichever is earlier.

(d) Every company seeking registration with the RBI as an Account Aggregator shall have a net owned fund of not less than rupees two crore,ten crore or such higher amount as the RBI may specify.

Process of registration

  1. Every company seeking registration as an NBFC-Account Aggregator shall make an application for registration to the Department of Regulation, Mumbai of the RBI, in the form specified by the RBI for the purpose
  2. The RBI for the purpose of considering the application for registration, shall require to be satisfied that the following conditions are fulfilled:-
    • The company has the necessary resources and wherewithal to offer such services to customers.
    • The company has the adequate capital structure to undertake the business of an account aggregator.
    • The promoters of the company are fit and proper.
    • The general character of the management or proposed management of the company are not prejudicial to the public interest.
    • The company has a plan for a robust Information Technology system.
    • The company shall not have a leverage ratio of more than seven.
    • That the public interest shall be served by the grant of certificate of registration to the Account Aggregator to commence or to carry on the business in India.
    • Any other condition that made be specified by the RBI from time to time, the fulfilment of which in the opinion of the RBI shall be necessary to ensure that the commencement of or carrying on the business in India shall not be prejudicial to the public interest.
  3. The RBI may, after being satisfied that the conditions specified above are fulfilled, grant in-principle approval for registering as an Account Aggregator subject to such conditions as it may consider fit to impose.
  4. The validity of the in-principle approval issued by the RBI will be twelve months from the date of granting such in-principle approval.
  5. Within the period of twelve months, the company shall put in place the technology platform, enter into all other legal documentations required to be ready for operations and report position of compliance with the terms of grant of in-principle approval to the RBI. The RBI may, after being satisfied that the company is ready to commence operations and in compliance with the registration requirements, grant it a Certificate of Registration as an NBFC – Account Aggregator subject to such conditions as it may consider fit to impose.
  6. The RBI may cancel the certificate of registration granted to an Account Aggregator, if such company –
    • ceases to carry on the business of an Account Aggregator in India; or
    • has failed to comply with any condition subject to which the certificate of registration has been issued to it; or
    • it comes to the notice of the RBI that the Account Aggregator is no longer eligible to hold the certificate of registration; or
    • at any time fails to fulfill any of the conditions referred in the RBI directions; or
    • fails to –
      • comply with any direction issued by the RBI; or
      • maintain accounts, publish and disclose its financial position in accordance with the requirements of any law or any direction or order issued by the RBI; or
      • submit or offer for inspection its books of account or other relevant documents when so demanded by the RBI.

Investment from FATF non-compliant jurisdictions

  1. Investments in NBFC-AA from FATF non-compliant jurisdictions shall not be treated at par with that from the compliant jurisdictions. New investors from or through non-compliant FATF jurisdictions, whether in existing NBFC-AA or in companies seeking Certification of Registration (COR), should not be allowed to directly or indirectly acquire ‘significant influence’ in the investee, as defined in the applicable accounting standards. In other words, fresh investors (directly or indirectly) from such jurisdictions in aggregate should be less than the threshold of 20 per cent of the voting power (including potential8 voting power) of the NBFC-AA.
  2. Investors in existing NBFC-AAs holding their investments prior to the classification of the source or intermediate jurisdiction/s as FATF non-compliant, may continue with the investments or bring in additional investments as per extant regulations so as to support continuity of business in India.

Duties and Responsibilities of an Account Aggregator

  1. Account Aggregator shall provide services to a customer based on the customer’s explicit consent.
  2. Account Aggregator shall ensure that the providing of services to a customer. shall be backed by appropriate agreements/ authorisations between the Account Aggregator, the customer and the Financial information providers.
  3. Account Aggregator shall not support transactions by customers.
  4. Account Aggregator shall ensure appropriate mechanisms for proper customer identification.
  5. Account Aggregator shall share information as referred to under RBI directions only with the customer to whom it relates or any other financial information user as authorized by the customer in accordance with the terms of the consent provided by the customer.
  6. Account Aggregator shall not undertake any other business other than the business of account aggregator. Deployment of investible surplus by an Account Aggregator in instruments, not for trading, shall however be permitted.
  7. No financial information of the customer accessed by the Account Aggregator from the financial information providers shall reside with the Account Aggregator.
  8. Account Aggregator shall not use the services of a third party service provider for undertaking the business of account aggregation.
  9. User authentication credentials of customers relating to accounts with various financial information providers shall not be accessed by the Account Aggregator.
  10. Account Aggregator shall have a Citizen’s Charter that explicitly guarantees protection of the rights of a customer. The Account Aggregator shall not part with any information that it may come to acquire from/ on behalf of a customer without the explicit consent of the customer.
  11. In the event of any difference in position of financial information in the statement generated by/from the Account Aggregator and the books of the Financial information provider, the position as reflected in the records of the Financial information provider shall be considered as correct.

Rights of the customer

  1. An Account Aggregator shall enable the customer to access a record of the consents provided by him and the Financial Information users with whom the information has been shared.
  2. An Account Aggregator shall not use or access any customer information other than for performing the business of account aggregator explicitly requested by the customer.

Customer Grievance

  1. An account aggregator shall have in place a Board approved policy for handling/ disposal of customer grievances/ complaints. It shall have a dedicated set-up to address customer grievances/ complaints.
  2. Customer complaints shall be handled/ disposed of by the Account Aggregator within such time and in such manner as provided for in its Board approved policy, but in any case not beyond a period of one month from its receipt.
  3. At the operational level, Account Aggregator shall display the following information prominently, for the benefit of customers, on the website and at the place/s of business:
    • the name and contact details (Telephone / Mobile nos. as also email address) of the Grievance Redressal Officer who can be approached by the public for resolution of complaints against the company.
    • that if the complaint / dispute is not redressed within a period of one month, the customer may appeal to the RBI.

FAQ's

Central KYC Registry is a centralized repository of KYC records of customers in the financial sector with uniform KYC norms and inter-usability of the KYC records across the sector with an objective to reduce the burden of producing KYC documents and getting those verified every time when the customer creates a new relationship with a financial entity.

Central KYC Registry has the below salient features:

  1. Facilitates uniformity & inter-usability of KYC records & process across the financial sector.
  2. Unique KYC identifier linked with independent ID proofs.
  3. Substantial cost reduction by avoiding multiplicity of registration and data upkeep.
  4. KYC data and documents stored in a digitally secure electronic format.
  5. Facilitates KYC Search, Upload, Download, Update.
  6. Secure and advanced user authentication mechanisms for system access.
  7. Data de-duplication to ensure single KYC identifier per applicant.
  8. Real time notification to institutions on updation in KYC details.
  9. Seamless file exchange processes without the need for manual intervention.
  10. API’s for search and download allow for real time account opening for CKYC compliant customers.

FREE CONSULTATION