Sahamati —an aspiring self regulatory body that oversees account aggregator ecosystem around the proposed financial sector data sharing framework and what it means to regulation around personal financial data
On July 25, Nandan Nilekani launched Sahamati(सहमति,consent) , a private not for profit company, that aims to be self regulatory organisation for Account Aggregator(AA) ecosystem which aims to facilitate financial sharing among financial institutions with “user consent”. Data Empowerment & Protection Architecture (DEPA) as iSpirt, the software products’ lobby behind Aadhaar and IndiaStack calls it, will enable consumers to share data to enable further financial access to financial services. Sahamati is tasked to increase the adoption of the AA technology framework via awareness programmes and workshops with potential account aggregators (AAs), Financial Information Providers (FIPs) and Financial Information Users (FIUs) and will evangelise the use of AA and among financial institutions and users for ‘consented’ financial data sharing.
BQ Explains: How 'Sahamati' Hopes To Make Your Financial Transactions Simpler
Applying for a loan? Opening a new bank account? Buying insurance or investing in a mutual fund? Chances are that most…
To know more about the Account Aggregator Framework read
Exclusive: RBI issues in-principle licenses to 5 Account Aggregators
In September 2016, RBI announced master directions for a new class of non banking finance companies called Account…
India still does not have a Privacy Law (Even the proposed law, draft of which is hard kept secret and most protected data in India today — is still only data protection law and not a privacy law). While there are other concerns around AA framework for financial data sharing such as
1. Technical soundness of AA being “data blind” claim, aggregation, metadata exposure from consent data (Can metadata tell more than the data itself?)
2. Business model tensions, tension between stakeholders in running the AA ecosystem in competitive environments and safeguards needed.
3. What AA means to information self determination, privacy, betting on data futures?
This article will attempt to flag dangers of Self Regulatory Organisation in (digital financial) consumer space, particularly in under-regulated digital ecosystems
The fin-tech ecosystem has been pitching for a industry friendly regulatory environment for a while now. Despite conducive environment like a extreme push towards digitisation / government promotion of digital payments, there are significant regulatory barriers that make it hard for fin-tech startups to enter financial services. Report of the Inter-Regulatory Working Group on Fin-tech and Digital Banking constituted by RBI preferred disclosure based / light touch regulatory approach as opposed to full fledged regulation for most areas of digital banking. The lack of regulatory capacity, especially in increasingly digital tech platforms coupled with industry friendly posturing of being a light touch regulatory environment is favouring towards no/self regulatory mechanisms can often jeopardise not just consumer interest, but overall sustainable growth of the sector as they will prioritise incentives of industry participants who are members of SROs.
Self Regulatory Organisation
A self-regulatory organisation (SRO) is an organisation that exercises some degree of regulatory authority over an industry or profession. The regulatory authority could exist in place of government regulation, or applied in addition to government regulation. The ability of an SRO to exercise regulatory authority does not necessarily derive from a grant of authority from the government. (Wikipedia)
SRO is often seen a ‘sub-regulator’ that reduces the burden of regulator performing regulatory role in a limited context, often by a formal / informal body of industry players and might include multi-dimensional stakeholders.Tags: Consent Data Sharing Financial Data Fintech India Stack