Empowering Subscribers to access and port their Data
CIR No.: PFRDA/2022/26/FT&DA/02
30 September 2022
All Stake Holders & Account Aggregators
Subject: Empowering Subscribers to access and port their Data
The Account Aggregator (AA) framework facilitates sharing of financial and other information on a real- time basis and in a data blind manner between different-regulated entities. The data will be available to both the users and service providers through this mechanism.
2. The AA technology framework empowers NPS Subscribers to have seamless and secure access to their information on NPS available with Central Record Keeping Agencies (CRAs) and enable its portability in an encrypted form between the stake holders in order to benefit the Subscribers.
3. The four important stakeholders under AA framework are
a) NPS Subscribers as customers.
b) CRAs as Financial Information Providers (FIPs).
c) Financial information Users (FIUs).
d) Account Aggregators (AAs) – Providers of the digital infrastructure to enable data flows and manage consent for financial data sharing.
4. Account Aggregators (AA) are RBI regulated entities with a Non-Banking Finance Company (NBFC) – AA license. They act like a bridge to deliver financial information from FIP pertaining to a customer to Financial Information Users (FIU) based on the explicit consent of the customer. However, the financial information of customer shared through AA neither shall the property nor stored by them.
5. RBI has issued Master Direction- Non-Banking Financial Company – Account Aggregator (Reserve Bank) Directions, 2016 (DNBR.PD.009/03.10.119/2016-17) dated September 02, 2016 and the same has to be complied by the entities appointed as AA.
6. The CRAs appointed by PFRDA designated as FIP. The contact details of CRAs provided at the Annexure for the stakeholders to further engage with.
7. “Balances under the National Pension System (NPS)” treated as Financial Information and the same shared by CRAs with the consent from the subscriber as per the Consent Architecture and on real time basis.
8. CRAs shall develop interfaces and APIs specified in technical specification published by Reserve Bank Information Technology (ReBIT) to verify the consent from consent artifact and to share the financial information with AA.
9. FIPs shall ensure highest security standards to ensure Confidentiality, Integrity and Availability of data and adopt required the technical specifications to ensure secure information flow to AA.
10. FIPs under NPS architecture shall continue to comply with all regulatory provisions under Pension Fund Regulatory and Development Authority Act, 2013 and the regulations framed thereunder.
11. FIPs under NPS architecture must disclose prominently on their websites, the names of Account Aggregators through which the FIP share the NPS related information.
12. The interconnected digital technologies between FIP & FIU through AA has the potential ability to bring together data from heterogeneous entities in one place for the empowerment of Subscribers.
13. This circular issued in exercise of the powers conferred under Section 14 of Pension Fund Regulatory and Development Authority Act, 2013 to protect the interests of subscribers and to regulate, promote and ensure orderly growth of the National Pension System and pension schemes to which the Act applies.
14. A copy of this circular is available on the website of PFRA at www.pfrda.org.in.
Chief General Manager