SEBI has recently released a consultation paper inviting public comments on collating and defining use cases of Financial Information Users (FIUs) in the Account Aggregator (AA) Framework in the securities market. The consultation paper aims to improve the safeguards within the AA framework to curb misuse of financial information in frauds, misappropriation, mis-selling or unsolicited cross sell/upsell, etc.
An Account Aggregator is a Reserve Bank of India (RBI) regulated entity (with an NBFC-AA license) that helps an individual securely and digitally access and share information from one financial institution, they have an account with, to any other regulated financial institution in the AA network. AA cannot see or store customer data (since the data processed through them is encrypted) and they merely transmit it from one financial institution to another based on a customer’s direction and consent.
FIU is an entity registered with and regulated by a financial sector regulator as per the Reserve Bank of India (RBI) Master Direction of 2016.
In Consultation paper, SEBI said that there could be a few hypothetical use cases in securities market when “financial information” of a client could be sought using the AA framework. These includes registered investment adviser or portfolio manager seeking information on financial assets or portfolio of the client via the AA framework to devise a financial plan for the client and verification of bank account wherever required when a client is on-boarded by an intermediary and Regulators accessing financial data submitted by regulated entity.
SEBI noted that that though there are various safeguards in place and consistent communication advising caution, consumers sometimes adopt unsafe practices of: sharing confidential information such as user IDs, passwords, OTPs, account numbers with third parties; authorizing/empowering third parties to operate their accounts; or providing access to their financial information to third parties etc. such unsafe practices lead to frauds being perpetrated or funds and securities being misappropriated, or financial products/services being mis-sold or customers being subjected to unsolicited cross-sell or upsell.
In light of the above, readers may provide their comments/ suggestions to SEBI till August 31, 2023, on various questions including whether any type of intermediary in securities market requires to be excluded from functioning as FIUs, the potential use cases for the AA framework for SEBI regulated entities and whether there are any additional categories of financial information which may be included under the ambit of the AA framework.
A copy of the consultation paper is enclosed below.
Readers are welcome to send their views to Regstreet Law Advisors at info@regstreetlaw.com