Data the new Oil has been under scrutiny these days. When Microsoft bought LinkedIn or when Facebook acquired Whatsapp, the speculation was that they were eyeing the data these acquired company have gained in recent years. Then recently I saw a video floating on WhatsApp [authentic or not no clue], but it claimed that every time you get a copy of your identity proof from Xerox shop they keep a copy of it that is sold in the market at some x rate. Even the boarding pass that we simply dump in the dustbin can be scanned, and the credit/debit card information could be extracted. And lastly, if you have seen “The Great Hack” documentary trending these days on Netflix, you would know the story of how Data helped in targeting individuals during US elections. Scary isn’t?
But with all this floating around, we still provide consent to third-party apps to read ourdata, would regulation help? Would a legal entity manage our data? How could customers trust any service provider withtheir data?
To all of this Nandan Nilekani, came with a solution named as Sahamati – the financial account aggregator. Our post of today would help you understand Sahamati in detail and how it is a helping hand to customers,banks, and fintech.
What is Sahamati? | Define Sahamati? | Financial Account Aggregator in India
As mentioned on their website –
Sahamati is a Collective of Account Aggregator[AA] ecosystem being set up as anon-Government, private limited company (With the new Companies Act of India, not for profit companies are governed under Section 8).
It’s an initiative to collate and share data digitally and legally with no strings attached or no conditions apply, i.e. assuring the safety, security, and privacy of the data for the user.
Ideally, the AA[account aggregators a new class of NBFCs approved by RBI] would provide a digital platform for easy sharing and consumption of data from various entities with user consent.
So what’s new in this? Aren’t we already providing consent to any third party apps/products?
Yes, we are doing it, but users do not have a control on
- How is privacy handled?
- Is data reaching out to third parties or spammers?
- Is data only seen by whom it is intended to?
- What’s the duration for which data is accessible once the user provides the consent?
- What about the data sharing transactions? Are they traceable and auditable in the future?
All of these questions would now be answered via Sahamati, as the concept of data sharing and collating would be human-centric rather than organization-centric and is backed up by RBI and Financial Services Regulators (FSRs).
To adopt a human-centric approach, data management is targeted via a new consent framework called as DEPA [ Data Empowerment and Protection Architecture ]. DEPA
open the doors to trusted sharing of data by giving them control of their data, thus enabling them to become economically rich. DEPA opens up whole new models for privacy protection, and auditing data flow while keeping the user in the center.
For more details on DEPA, click here.
So, Sahamati would store my data? And could be prone to hacks?
The AA are “Data-blinds” and while processing a request made by Financial Information User[FIU]to Financial Information Provider [FIP] with user’s consents, the data would be encrypted and can only be processed by the FIU for whom the data is intended. As AA would not be storing any data, probability of misuse or leakage may not be seen.
Again, as the whole model is designed keeping the user in mind, the timing, access rights, and feature to audit the data transactions would also be available.
How would Sahamati help Customers?
With Account aggregators in place, users could
- Open a bank account in the paperless mode as relevant KYC can be processed digitally reducing turnaround time.
- Access multiple third-party apps for investment, Spending, Mutual Funds, Taxor GST and make an informed decision without the fear of data leakage/theft.
- Control on “what to share” with whom and in case of violations could take action against them.
- Empower themselves with AA expansion to other domain like healthcare and telecom that open access to better financial, healthcare, and other socio-economically essential services in real-time while preserving the safety, security, and privacy of the user.
How would Sahamati help Fintech?
Regulation of any form brings “discipline” to a process. The financial industry that is now moving on digital channels was in dire need of this initiative. It would not only streamline banking processes but also would open ways for banks to access quality and authentic data.
Banks and fintech can design and innovate more data-rich products to help consumers in wealth management.
As Teknospire and Hylo Founder, Vishal Gupta says –
AA (account aggregator) licensing is another step forward by RBI, building a highway for aggregated financial data access. Today the FinTech’s like us have to work with tens of different financial institutions to get limited access of user information, with massive spends on integrations and ensuring data security.
With an initiative like Sahamati, and through the user consent driven model AAs will be great avenue to get secured access to the data while we focus on solving the use cases for consumers!
With Sahamati, we are a step closer to data democracy.The new wave would not be about banks, fintech, or NBFC’; it’s about using the data effectively to provide an enriching banking experience to your customer. And we all should work towards it.
If you are a Bank or Fintech firm and looking to explore more about Sahamati, they are conducting workshops, and you can enrol here