What is Account Aggregator?

There was a time when people had gather all their financial documents just of a loan or credit card, or filing taxes. Many people still face the same problem of having multiple apps for Mutual Funds, Fixed deposits, Stocks, Insurance, Bank accounts etc. Gathering this data is a long and inconvenient process only if there was a way to streamline things.

RBI solved this exact problem with Account Aggregator (AA) India’s own financial data sharing framework where your financial data is transferred with your consent to the required party. In this article we are going to deep dive into Account Aggregator and how it can make an impact just as big as UPI if not bigger so lets see what it is all about.

Overview on Account Aggregator Quick breakdown of what this article covers:

Section	What it Covers
Introduction	How AA fits into India’s digital finance stack (after Aadhaar & UPI), and why it matters for secure, consent-based data sharing.
Background & Evolution	Origins of AA, RBI’s Master Directions (2016), role of Sahamati, and official launch in September 2021.
What is an AA?	Definition, RBI regulation, role as data-blind intermediaries, and key participants (FIPs & FIUs).
How it Works	Step-by-step flow: request, consent, secure transfer, time-bound access, and service delivery.
Benefits	Advantages for individuals (faster access, privacy), institutions (fraud reduction, efficiency), and the ecosystem (inclusion, innovation).
Security & Consent	Safeguards like consent verification, OTP, encryption, time-bound access, and regulatory oversight.
Current Ecosystem	16 licensed AAs, 200+ FIPs, 700+ FIUs, and rapid growth to 24.8 crore consents and 18.2 crore accounts linked by 2025.
Use Cases	Personal Finance Management, Lending, SME finance, insurance, wealth management, tax, and compliance.
Challenges	Limited awareness, incomplete onboarding, digital literacy gaps, technical hurdles, and perception of complexity.
Future Outlook	Expansion to new instruments (ITR, EPFO, bonds), integration with India Stack, wider adoption, and global potential.
FAQs	Common questions on safety, consent, participants, speed of approvals, small business credit, and future roadmap.

What is an Account Aggregator?

An Account Aggregator (AA) is a secure digital system regulated by the RBI that lets people share their financial data with consent. Instead of uploading bank statements or giving login details, users can approve sharing directly through the AA platform.

• Data moves only with user approval
• Transfers are fully encrypted
• The AA acts as a messenger and never stores data
• Licensed as NBFC-AA under RBI rules

In short, AA makes it faster and safer for individuals and businesses to share data for loans, insurance, and investments, similar to how UPI changed payments in India. There are 2 parties in the AA space FIPs & FIUs lets discuss more about them.

Financial Information Providers (FIPs)

FIPs are institutions that hold financial data. They act as the source of verified information within the Account Aggregator framework. Examples include:

• Banks: HDFC, SBI, ICICI, HSBC, Kotak Mahindra, IDFC, Axis etc. (Savings Account, Current Account and many more)
• Insurance Providers: ICICI Prudential Life, HDFC Life Insurance, SBI Life Insurance etc. (Life Insurance, Health Insurance, etc.)
• Investment Platforms: NSDL, CDSL, ICICI Prudential AMC, HDFC AMC, Navi AMC etc. (Portfolio details, Investment details)
• Provident Funds: PFRDA (PF details)
• Other regulated entities – any organization that maintains financial records under supervision of RBI, SEBI, IRDAI, or PFRDA.

The role of the FIP is to securely share requested records with the consent of the individual. They never release data without explicit approval.

Financial Information Users (FIUs)

FIUs are institutions that request financial data for a specific purpose. They are the receivers in the framework. Examples include:

• Banks & NBFCs like HDFC, SBI, Bajaj Finserv, Navi Finserv evaluating loan applications using verified account statements
• Insurance companies like SBI Life Insurance, Axis Max Life Insurance reviewing customer details before issuing a policy
• Wealth managers like Jio BlackRock Investment Advisers, Angel One Investment Managers & Advisors recommending investments based on financial profiles
• Fintech platforms like Cred, INDmoney, Jupiter, Fi, Fold these players use the data to provide customized services to their users

The role of the FIU is to use verified data responsibly for the service requested by the individual. They can only access the exact dataset approved through consent, and only for the time allowed.

Background and Evolution of Account Aggregator

Scattered Financial Data Before AA

We all know this part where you would have to spend an entire weekend or to (if you are unlucky) to just gather the data from various companies Banks, Insurance, PF, Investments etc., and don’t get me started if there was a error in any of those records then come back and check everything from scratch.

RBI’s Regulatory Vision (2016)

To solve this, the Reserve Bank of India introduced the Master Directions on Account Aggregators in 2016. It created a new category of licensed entities called NBFC-AA. These intermediaries were designed to transfer encrypted financial data between institutions, strictly based on user consent. This move positioned India as one of the first countries to regulate consent-driven financial data sharing.

Formation of Sahamati (2019)

Speed of this moment grew with the launch of Sahamati, a non-profit industry alliance, in 2019. Its goal was to promote adoption, standardize protocols, and build awareness among financial institutions and the public. Sahamati played a key role in transforming AA from a regulatory idea into a functioning ecosystem. They are the face of this sector just AMFI for Mutual Funds.

Official Launch of AA Network (2021)

On September 2, 2021, the Account Aggregator network went live with eight major banks, which are SBI, ICICI, HDFC, Axis Bank, IDFC First, Kotak Mahindra, IndusInd and Federal Bank. At first, adoption was limited and mostly focused on pilot programs. However, this launch signaled a turning point as India’s largest banks embraced consent-based data sharing.

Today Rapid Growth and Scale (2025)

By 2025, the AA framework expanded to cover over 24.8 crore consents across banks, insurers, mutual funds, and pension providers. More than 18 core accounts have already linked, proving the speed of adoption in less than a decade.

Part of the India Stack

Today, the AA framework stands alongside Aadhaar (identity) and UPI (payments) as a cornerstone of the India Stack. Together, these initiatives create a modern financial ecosystem that is inclusive, efficient, and built on the principle that individuals should control their own data.

How the Account Aggregator Framework Works

Just to get a Complete idea lets walkthrough the entire AA process from the start. So we won’t have any doubts moving forward. To simplify things further lets start with an example: Jatin wants a home loan and goes to SBI for it but he has his saving account in HDFC.

Step 1: A Request is Made

• Jatin goes to the bank and asks for the home loan
• So SBI starts the process of gathering data about Jatin by requesting through AA lets say its NADL .

Step 2: Consent is Sought

• The Jatin receives a digital request via SMS OTP for consent.
• The request clearly states: who is asking (SBI), what data is requested (from the HDFC), and the purpose (loan evaluation).
• It also specifies the time duration of access (1 year in most cases).
• Nothing proceeds without explicit user approval if Jatin denies then SBI can’t get the data from HDFC .

Step 3: Data Flows Securely

• Once consent is granted, the data moves directly from the FIP (HDFC) to the FIU (SBI).
• The AA ensures end-to-end encryption and does not store or view the data at any point.

Step 4: Access is Time-Bound

• Data can only be used for the purpose and time frame approved in the consent.
• If updated information is needed later, the FIU must raise a fresh request and seek consent again.

Step 5: Service Delivery

• With verified data, the FIU (SBI) can process Jatin’s home loan much faster.
• With this Jatin does not have to carry any extra paperwork and a think file to get a approval.

Other Use Cases

• A mutual fund platform like Zerodha (FIU) may request investment records from CAMS or KFintech (FIPs).
• An insurer like ICICI Prudential Life may ask for income details from GSTN or EPFO for underwriting.
• In all cases, the individual owns the data and sharing happens only with their consent.

Why This Matters

• Every request must be explicitly approved.
• All transfers are encrypted and time-bound.
• The AA serves only as a secure bridge, never storing or misusing the data.
• This design ensures financial records remain firmly under the control of their rightful owner.

Benefits of the Account Aggregator

This is not only a technical innovation, it also creates tangible advantages for individuals, financial institutions, and the economy as a whole.

Benefits for individuals

1) Control Over Personal Information

• • Financial data such as bank statements, insurance details, pension records, belong to the individual.
  • With the AA framework, these records can be shared instantly and securely, only when the owner approves.
  • This eliminates the need for scanned documents or bundles of photocopies.

2) Faster Access to Financial Products

• • A loan that earlier required days of paperwork can now be processed in hours.
  • Example: For a personal loan at Axis Bank, applicants can approve a consent request, and statements flow securely from ICICI Bank or SBI.
  • Less time is spent on paperwork, and lenders make quicker decisions.

3) Reduced Fraud Risks

• • In the old system, documents like PDFs or tax returns could be tampered with before submission.
  • The AA framework ensures data flows directly from the source institution to the lender or insurer.
  • This guarantees authenticity and protects borrowers from disputes caused by manipulated records.

4) Streamlined Life Insurance

• • Insurers like HDFC Life or ICICI Prudential Life earlier required manual submission of income proofs.
  • Now, verified financial data can be requested through the AA consent channel.
  • This speeds up income validation, policy issuance, and even claim settlements, reducing stress for families.

5) Everyday Benefits

• • Day-to-day tasks like renting a flat become simpler.
  • Instead of sharing salary slips and bank statements, individuals can provide verified income records.
  • This reduces hassle and removes doubts about authenticity.

Benefits for financial institutions

Banks, insurers, and investment platforms gain from the ability to make faster and more accurate decisions. With verified data arriving directly from trusted sources, the risk of fraud or manipulation drops significantly. Credit assessment becomes more reliable, and underwriting in insurance becomes quicker.

For example, a small business seeking working capital can allow HDFC Bank to access its GST returns and current account transactions directly from the GSTN and SBI. This reduces the need for manual verification and shortens approval timelines.

Institutions also benefit from lower operational costs, since they no longer need to process physical documents or rely on lengthy back-and-forth exchanges.

Benefits for the wider ecosystem

At a national level, the framework supports financial inclusion. Many small businesses and individuals who struggled to prove their creditworthiness through traditional paperwork can now share digital records quickly. This helps them access loans, insurance, or investments that were earlier out of reach.

The system also lays the foundation for innovation in financial services. Fintech platforms can build new products that rely on verified data flows, from smarter budgeting tools to customized investment advice. By creating a trusted way to share information, the ecosystem becomes more open, efficient, and competitive.

Security and Consent Framework

This consent-based AA network has been designed with security as its foundation, ensuring that users remain in control at every step while protecting sensitive information from misuse, because any system that handles financial records must guarantee safety.

1. Consent at the Core

The most important safeguard is consent.

• • Before any data moves, the individual receives a clear digital request.
  • This request specifies what information is being asked for, why it is needed, and how long access will remain valid.
  • Nothing is shared unless the individual approves the request.

To make this step more secure, consent is often verified through a one-time password (OTP) sent to the registered mobile number. This ensures that only the rightful account holder can authorize the transfer, preventing misuse by anyone else.

2. End-to-End Encryption

When data moves between institutions, it is fully protected by encryption.

• • For example, if records travel from the State Bank of India to HDFC Bank or ICICI Prudential Life, the information is converted into a secure code.
  • Only the intended recipient can read this code.
  • The intermediary channel (the AA) never sees or stores the content. Its role is simply to transport the data safely.

3. Time-Bound Access

Another safeguard is that access is always limited and temporary.

• • Even after consent is given, the requesting institution cannot continue to draw information indefinitely.
  • If a bank has asked for six months of account statements, it can only view that dataset, and only for the approved duration.
  • For any fresh request, a new approval must be obtained from the individual.

4. Regulatory Oversight

Security is not only technical but also regulatory.

• • Every Account Aggregator is licensed by the Reserve Bank of India as an NBFC-AA.
  • Every participant in the ecosystem, whether a provider or a user of data, belongs to India’s formal financial sector.
  • This includes banks, insurers, mutual fund houses, and pension funds, all of which operate under strict compliance rules.
  • Regular audits and monitoring make misuse of data for ulterior motives nearly impossible.

5. Why This Matters

These safeguards ensure that:

• • Data flows only when the owner chooses.
  • Transfers happen in encrypted form.
  • No information ever sits with the intermediary.

For consumers like us, AA is the solution for problems as its much better then emailing PDFs or physical photocopies. For institutions its efficient way to get verified data straight from the source.

In reality, this combination of consent, OTP verification, encryption, time-bound access, and regulation makes the AA framework one of the most secure ways to share financial data in India today.

Current Ecosystem and Participants

India currently has 16 licensed AA, a mix of startups and established legacy institutions. These players can be grouped based on their background and focus areas. Some belong to large financial services groups such as CAMS, Tally, and Digio. Others are new-age fintechs like Finvu, Setu, and Anumati. There is also a credit bureau-backed player in the form of CRIF, along with a government-supported platform like NADL. Below is the complete list of Account Aggregators in India:

1. Setu AA (fintech, Agya Technologies, API and infrastructure provider)

2. CAMSFinServ (from CAMS, India’s leading mutual fund registrar and transfer agency)

3. Finvu (fintech, Cookiejar Technologies, digital finance solutions)

4. CRIF (from CRIF, a global credit bureau and analytics company)

5. Cygnet AA (from Cygnet, enterprise technology and solutions provider)

6. Saafe (fintech, Dashboard AA Services)

7. Digio AA (fintech, Digio Internet, digital onboarding and verification solutions)

8. OneMoney (from FinSec AA Solutions, India’s first licensed Account Aggregator)

9. NADL (government backed, NESL Asset Data, part of National E-Governance Services Ltd.)

10. OMS AA (fintech, OMS Fintech)

11. SurakshAA (from Protean eGov Technologies, known for PAN and NSDL services)

12. Anumati (fintech, Perfios, financial data aggregation and analytics)

13. PB Financial AA (from PB Fintech group, well known for Policy Bazaar, Paisa Bazaar)

14. TallyEdge (from Tally Solutions, one of India’s largest accounting software providers)

15. INK AA (fintech, Unacores)

16. Scoreme AA (fintech, Scoreme Solutions, data analytics and credit scoring)

Despite their varied origins, all AAs share the same principle: they are data blind. This means they cannot read or store the information that flows through their systems. Their only role is to securely transport data from one financial institution to another, with full consent from the individual. The only details visible to them are the source of the information and the destination.

On the provider side, the number of FIPs has now crossed 180, covering almost all major public and private banks, along with insurers, pension funds, and mutual fund registrars. These institutions act as the source of verified records that individuals and businesses can choose to share.

On the user side, the growth has been even faster. The number of FIUs has already gone past 700, including banks, NBFCs, fintech lenders, life insurers, and investment platforms. While early adoption was led by lending institutions, more sectors are now coming on board, expanding the use of consent-based data flows across the financial ecosystem.

Use Cases of Account Aggregator

There are multiple use cases of using an AA, Some of them are listed below:

• Personal Finance Management: Users can get a holistic idea of their complete financial health with today’s fintech apps which is fueled by AA
• Retail lending: Individuals can allow their bank records to be shared instantly with a lender to speed up loan and credit card approvals.
• SME financing: Small and medium enterprises can share verified financial records with banks or NBFCs to access working capital and other forms of credit.
• Insurance: Life insurers can request consent-based access to income and account information to simplify policy issuance and reduce paperwork.
• Investments and wealth management: Advisors and platforms can provide better guidance when individuals share their verified financial holdings through the system.
• Tax and compliance: Businesses and individuals can share verified records with tax platforms to reduce errors and save time in filing.

These use cases show how the framework goes beyond just banking. It provides a common channel for different financial services, reducing delays, cutting down on paperwork, and strengthening trust between consumers and institutions.

Challenges and Limitations

Nothing is perfect in this world and AA is not an exception to this so here are some of the challenges it faces while it grows:

1. Limited awareness among customers

Most people are still unfamiliar with the concept of consent-based data sharing. Many continue to rely on traditional methods such as email attachments and photocopies because they are unaware that a secure digital alternative exists. Building trust and awareness will be key to driving adoption.

2. Incomplete onboarding of institutions

Although a large number of banks and financial institutions are live, the network is not yet fully universal. Some providers of financial data, especially in insurance and pensions, are still in the process of integration. Until all major sectors are covered, the system cannot deliver its complete value.

3. Digital literacy and trust

For more than a decade now after listening to “Do not share OTP with anyone” it is engrained into the minds of people that if someone is asking for OTP that means they are going to loot them, to tackle this there has to be a campaign nation wide to build trust in people and solve their queries.

4. Operational and technical hurdles

For financial institutions, connecting to the framework requires technical readiness and investment. Some smaller players may find it difficult to upgrade systems or maintain compliance with standards. This can slow down onboarding and create uneven adoption across the sector.

5. System readiness at banks

Even among institutions that are already live, not all have systems that run smoothly. Some banks are slow in updating their own digital infrastructure, which can delay daily processes (SBI with its lunchtime). In certain cases, users experience errors when data is being fetched, or find that real-time monitoring features in personal finance management apps do not work consistently. These technical bottlenecks reduce the reliability of the framework in practice and highlight the need for stronger backend upgrades by all participants.

6. Perception of complexity

Since the framework involves new terms such as FIP, FIU, and NBFC-AA, many people see it as complicated. Unless explained in simple language and demonstrated with clear use cases, there is a risk that consumers may view it as just another layer rather than a convenience.

Despite these challenges, the growth remains strong. With more institutions joining, awareness campaigns expanding, and user interfaces improving, many of these limitations are likely to ease over time. The system is still evolving, but the foundations suggest it is well placed to overcome these hurdles.

Future of Account Aggregator in India

The Account Aggregator framework is still young, yet its trajectory suggests that it could become as important to financial data as UPI has become to payments. The foundations have been laid, and the coming years will likely bring broader participation, deeper use cases, and stronger integration with India’s growing digital infrastructure.

1) Wider participation from institutions

At present, all major banks are already live on the network, but the future will see near-universal coverage. Insurance companies, pension funds, securities platforms, and mutual funds are gradually joining in, and their full participation will create a complete picture of an individual’s financial life. Once every major sector is onboard, individuals and businesses will be able to share almost any financial record digitally through a single consent framework.

2) Upcoming instruments in the pipeline

The scope of the framework is set to expand with several new categories of financial data, including:

• Commercial Paper (CP)
• Certificates of Deposit (CDs)
• Government Securities (G-Secs)
• Corporate bonds
• Debentures

Beyond investments, other important data sources are also on the roadmap. Income Tax Return (ITR) data and Provident Fund balances from EPFO are proposed to be integrated, creating a stronger foundation for credit assessments and long-term financial planning. There are also efforts to bring joint accounts and corporate accounts into the ecosystem, which would expand usage beyond individuals to businesses and households managing shared finances.

When these instruments go live, the framework will no longer be limited to savings accounts and simple transactions. Instead, it will cover almost the entire financial spectrum, from short-term money market instruments to long-term retirement savings, giving users a single, secure channel to manage consent across all types of records.

3) Integration with other digital layers

The AA system is part of the larger India Stack vision. Over time, it is expected to integrate more tightly with other public digital infrastructures such as UPI for payments, Aadhaar for identity, and ONDC for commerce. Together, these layers can provide a seamless experience where identity, payments, and data sharing all work in sync. For example, a small business could receive a loan based on verified account data, repay it instantly through UPI, and expand its trade through ONDC, all on connected rails.

4) Support for innovation

Fintechs and startups are expected to build new services on top of the consent-based data layer. Personal finance management apps can provide real-time insights, wealth platforms can offer more customized advice, and insurers can design products tailored to verified income patterns. The presence of a trusted, secure, and standardized channel makes innovation easier and safer.

5) Global potential

India is among the first countries to implement a nationwide framework for consent-based financial data sharing. If the system continues to succeed, it could serve as a model for other emerging economies just like what UPI did in many other countries. The combination of regulatory oversight, strong adoption, and integration with digital public infrastructure makes the framework an example with global relevance.

The future of the Account Aggregator framework lies not just in scaling numbers but in how it reshapes financial services. By creating a trusted digital highway for data, it promises to make finance more inclusive, efficient, and innovative in the years ahead.

FAQs

1. What is an Account Aggregator?
   A regulated system that enables consent-based sharing of financial records between institutions without storing the data.

2. How does an Account Aggregator keep data safe?
   Data transfers are encrypted, consent is verified often by OTP, access is time-bound, and all participants are regulated entities.

3. Who are FIPs and FIUs in the Account Aggregator framework?
   FIPs are providers of financial records such as banks, insurers, mutual fund registrars and pension funds. FIUs are requesters such as lenders, insurers, wealth platforms and tax services.

4. Which institutions operate Account Aggregators in India?
   16 licensed AAs operate in India, including product names such as Setu AA, CAMSFinServ, Finvu, CRIF, Digio AA, OneMoney and NADL among others.

5. How does Account Aggregator speed up loan approvals?
   Verified records flow directly from the source to the lender after consent, removing manual document collection and reducing processing time from days to hours.

6. How many Account Aggregators are there in India?
   As of now there are 16 Account Aggregator in India and one more is in line which will push the number to 17.

7. What kinds of financial data will join Account Aggregator in future?
   Planned additions include Commercial Paper, Certificates of Deposit, Government Securities, corporate bonds and debentures, income tax data, EPFO balances, and joint or corporate accounts.

8. What happens if I do not give consent?
   No data is shared. The individual retains full control over whether a request is approved.

9. What are the disadvantages of account aggregator?
   Sometimes it takes time to fetch data as FIPs can be slow at times, not all types of Financial data is available on the Account Aggregator.

10. How is consent verified?
    Consent is typically confirmed through a digital request and verified with an OTP sent to the registered mobile number.

The Account Aggregator framework is more than just a new layer in finance. It marks a shift where people finally gain control over their own financial data. By making sharing secure, simple, and consent-driven, it reduces paperwork, speeds up access to services, and strengthens trust across the system.

The journey is still early, but the direction is clear. As more institutions and instruments join, this network will stand alongside UPI and Aadhaar as one of the pillars of India’s digital finance. Its promise is simple yet powerful: your data, your choice, your benefit.