Nurturing a User-Driven Governance Entity (N.U.D.G.E.) for the Account Aggregator Ecosystem
Our Report ‘Nurturing a User-Driven Governance Entity (N.U.D.G.E.) for the Account Aggregator Ecosystem’ evaluates the performance of and charts the way ahead for consent-based financial data sharing in India. Initiated in 2015, the Account Aggregator Ecosystem (‘AA ecosystem’) allows consumers to consolidate and move their data across various financial institutions, intermediated by a new class of actors called ‘Account Aggregators’ (‘AAs’). We find that despite the undisputable benefits of financial data-sharing, consumer adoption in the AA ecosystem has not taken off so far: best case estimates stand at 4.76 million, accounting for less than 0.1% of the Indian population. While the current regulatory environment has prioritised and facilitated innovation, as the ecosystem continues to mature into a population-scale financial-data sharing Digital Public Infrastructure (‘DPI’), a more robust governance framework must be established that protects user interests and fosters trust for the long-term success of the AA ecosystem. The crux of our Report addresses this governance void: we recommend establishing a fit-for-purpose and user-driven governance entity to catapult the AA ecosystem to maturity.
Schematic representation of the AA ecosystem
Learning from DPIs in India and International open banking governance frameworks
For the purposes of designing a governance framework for the AA ecosystem, the Report delves into what DPIs are and their importance for a populous and growing economy like India. Here, we make the case for why DPIs are a crucial enabler for Indian digital economy and last-mile service delivery. We evaluate the Indian experience thus far with governing other successful DPIs: Aadhaar, India’s flagship digital identity programme; the United Payments Interface (‘UPI’), India’s homegrown real-time payment system; and the Open Network for Digital Commerce (‘ONDC’), an e-commerce network that seeks to reduce Indian e-commerce’s reliance on intermediaries. We also briefly examine the nascent data exchange initiatives in the health and agriculture sectors piloted through the Ayushman Bharat Digital Mission (‘ABDM’) and Agristack respectively. The key takeaway is a discernible trend in Indian DPI governance of growing emphasis on user-driven governance models balanced with sufficient and light-touch oversight by the government to preserve agility.
 |  |  |
| 1. Dedicated institution | 1. Dedicated institution 2. Light-touch regulatory support 3. Industry-driven approach to governance | 1. Dedicated institution 2. Light-touch regulatory support 3. User-driven and multi-stakeholder approach to governance |
The Report also examines global approaches to governance in relation to open banking and data sharing in terms of the developments, roadblocks and the regulatory impetuses put in place to enable open banking and finance in jurisdictions such as inter-alia United Kingdom, Philippines, Australia and Estonia. The key learnings from these jurisdictions are two-fold: one, they corroborate the need for a governance entity responsible for regulating the open banking ecosystem in the country; and two, the need for comprehensive data protection laws as a prerequisite to any successful data sharing initiative is evident.
| UK | Philippines | Australia | Estonia |
| 1. Dedicated institution, Open Banking Implementation Entity. 2. Improvement in the governance structure due to allegations of mismanagement. 3. Positive outcomes of open banking have led to exploration of open finance and cross-sectoral data sharing. 4. The regulatory framework for data protection comprises the Data Protection Act, 2018 and the UK General Data Protection Regulation. | 1. Dedicated institution under regulatory oversight, Open Finance Oversight Committee. 2. Multi-stakeholder approach to governance. 3. At present, implementation of open finance is being led by an interim governance body. 4. The Data Privacy Act, 2012 is the governing law for data protection. | 1. Australia envisages a Consumer Data Right (‘CDR’), a cross-sectoral initiative by the Australian Treasury. 2. Detailed roles and responsibilities of participants in the CDR ecosystem laid down. 3. Lack of front-door institution leading to mismanagement. 4. The Privacy Act, 1988 and the Privacy (Credit Reporting) Code, 2014 apply to the collection, processing and storage of personal, financial and credit information to the financial sector. | 1. Dedicated institution, NIIS is the accountable institution responsible for developing cross-border capabilities and managing X-Road. 2. NIIS has a clear separation of strategic and technical functions in the governance structure. 3. Data protection is primarily governed by the GDPR which has been implemented in Estonia through the Personal Data Protection Act, 2018. |
Designing a governance framework for the AA ecosystem
The legal framework for AAs has been in place since 2016 through the RBI NBFC AA Directions. The Reserve Bank Information Technology Private Limited acts as a technical standard setting body for the AA ecosystem. It released open Application Programming Interface (‘API’) specifications in 2019. Further, we note that DigiSahamati Foundation, a not-for-profit member-driven industry alliance, is working towards harmonious adoption. and strengthening of the AA ecosystem.
Our findings in the Report suggest that low consumer adoption of AAs is attributable to three reasons: (i) lack of trust; (ii) lack of awareness; and (iii) lack of clear incentives for consumers in the short-to-medium term. All these reasons call for strengthening of the governance framework in the AA ecosystem.
Instituting a robust governance framework is crucial in building consumer trust and encouraging adoption, and therefore vital for the overall success of the AA ecosystem. The overarching recommendation for a robust DPI such as the AA ecosystem would be to enact a personal data protection law that holistically governs data exchange in India and safeguards users’ right to privacy.
The actionable recommendations to build a fit-for-purpose governance model for the AA ecosystem are set out below:
- Building a fit-for-purpose and user-driven governance entity for the AA ecosystem with light-touch government oversight (under the Ministry of Finance), to account for representation from different classes of stakeholders with diverse and competing interests. The Report delves into further details such as possible functions of the entity, its preferred legal structure, the required corporate governance safeguards, amongst other things;
- Creating a centralised coordination body with a sector-agnostic mandate that facilitates coordination across key governance institutions of Indian DPIs, such that issues relating to information exchange, interoperable infrastructure and datasets and timely roll-out of DPIs are dealt with.
The Report seeks to highlight the nascent potential of the AA ecosystem, and at the same time, serve as a blueprint for DPI governance going forward.
Filed Under
About the Authors
Manvi Khanna was a Research Fellow in the Law, Finance and Development Team at Vidhi. She completed her BBA.LLB (Hons) from National Law University Odisha, Cuttack in 2021 and is a University gold medallist for highest grades in Corporate and Insurance Laws. Prior to joining Vidhi, she had interned in the commercial disputes team at J Sagar Associates, New Delhi, project finance team at L&L Partners, New Delhi, disputes team at Shardul Amarchand Mangaldas, New Delhi, LKS, New Delhi and Bharucha and Partners, New Delhi. Throughout her law program she has authored numerous research pieces in the form of opinion editorials, blogs and journal articles. She has also been a member of the Centre for Corporate Law, Legal Aid Society and Centre for Women and Law at college. Her areas of interest include finance, insolvency, banking and gender justice.
Aakanksha was a Project Fellow at Vidhi Delhi. She is currently working on a project with the Law, Finance & Development Team, where she provides legal research and drafting support at various stages of law-making. Aakanksha works on a variety of legal and regulatory matters and allied issues in public policy. Prior to joining Vidhi, Aakanksha worked at J. Sagar Associates, Gurgaon in the General Corporate and Mergers & Acquisitions Team. She has extensively worked in employment and corporate advisory during her time at J. Sagar Associates. She has also been involved in various reported transactions. Aakanksha graduated from the Jindal Global Law School in 2019 with a B.A., LL.B. (Hons.) and obtained her LL.M. degree in International Labour Law & Employment Relations from Tilburg University, the Netherlands in 2022. She is very passionate about rights of employees engaged in the informal sector of the country
Manjushree is a Senior Resident Fellow at Vidhi. She has previously advised the Ministry of Corporate Affairs on the Competition (Amendment) Bill, 2022, and has also advised the International Financial Services Centre Authority. She graduated from NALSAR University of Law, Hyderabad in 2019. Her primary areas of interest are International Economic Law and Competition Law. She is a trained theatre enthusiast, and has featured in several plays directed by the National School of Drama.
