UPSC Foundation 2026 and JPSC Mentorship admissions open Daily Current Affairs
+91 91025 57680 LearnPro AI Student Login
learnpro Civil Services
LearnPro Menu
Home Current Affairs All Articles
UPSC
UPSC MAINS SYLLABUS
PYQ
UPSC NOTES
History Notes
Art and Culture Notes
Geography Notes
Polity Notes
Indian Economy Notes
Indian Society Notes
Science & Technology Notes
Environment & Ecology Notes
Internal Security Notes
Disaster Management Notes
Ethics Notes
UPSC NOTES
History Notes
Art and Culture Notes
Geography Notes
Polity Notes
International Relations Notes
Indian Economy Notes
Indian Society Notes
Science & Technology Notes
Environment & Ecology Notes
Internal Security Notes
Disaster Management Notes
Ethics Notes
STATE PSC
UPPSC
BPSC
BPSC Exam All details
70th BPSC Prelims Test Series
Best BPSC Coaching
BPSC Exam Pattern and Syllabus
BPSC 71st CCE Exam
BPSC Online 2025
JPSC
JPSC Notification 2024
14th JPSC PT Exam Comprehensive Test Series
Best JPSC Coaching in Jharkhand
Best JPSC Online Coaching
JPSC Notes for Prelims and Mains
JKPSC
Best KAS Exam preparation
About JKPSC Exam
JKAS Prelims Syllabus
APSC
LearnPro – Best APSC and UPSC Coaching in Assam
APSC Exam 2025
APSC Syllabus
APSC Admit Card 2025
APSC Result 2025
APSC Application Form 2025
MPSC
MPSC Meghalaya Coaching
MPSC Meghalaya Exam Pattern
MPSC Meghalaya 2025
Meghalaya PSC Syllabus 2025
OPSC
Best OPSC Coaching
OPSC OCS Notification 2026
PPSC
Best PPSC Coaching
PPSC Prelims Syllabus 2025
MPPSC
Best MPPSC Coaching
MPPSC Notification 2025
MPPSC Syllabus 2025
MPPSC Application Form 2025
MPPSC Admit Card 2025
OPTIONAL SUBJECTS
History Optional Foundation Course
History Optional 2025
Agriculture Optional
Geography Optional
Forestry Optional
CURRENT AFFAIRS
DAILY EDITORIAL
COURSES
IAS Prelims Course 2025
JPSC Prelims Course 2025
UPSC Prelims Test Series 2025
DOWNLOAD NOTES
PYQ Papers Mains Answer Writing Online Courses

CA Topic

Account Aggregators: Blueprint for Consent Managers under India’s DPDP Act

May 16, 2025 en

Brief Context

Context With the Digital Personal Data Protection (DPDP) Act, 2023 and Draft DPDP Rules, 2025, India aims to expand its consent-based data-sharing system by building on the Account Aggregator model. Key Stakeholders of Account Aggregator Financial Information Providers (FIPs): Banks, mutual fund companies, insurance companies, etc. Financial Information Users (FIUs): Lenders, wealth managers, insurers, etc.

Source Content

Syllabus: GS3/ Economy

Context

  • With the Digital Personal Data Protection (DPDP) Act, 2023 and Draft DPDP Rules, 2025, India aims to expand its consent-based data-sharing system by building on the Account Aggregator model.

What is an Account Aggregator (AA)?

  • Definition: An Account Aggregator is a type of Non-Banking Financial Company (NBFC-AA) regulated by the Reserve Bank of India (RBI).
    • It helps individuals securely and digitally access and share information from one financial institution to another in a real-time, consent-based, and secure manner.
    • It acts as an intermediary between Financial Information Providers (FIPs) and Financial Information Users (FIUs).
    • The AA does not store or process the data; it simply facilitates the encrypted transfer of data.
    • The system is based on a ‘consent layer’, ensuring user control and privacy.
  • Working: Users link their bank accounts to an AA.
    • Gives consent to share data (e.g., bank statement) with a Financial Information User (FIU) like a bank or NBFC. 
    • The AA fetches the data from the Financial Information Provider (FIP), like a bank, and shares it securely with the FIU.
  • Examples of licensed Account Aggregators (AAs): 
    • CAMS FinServ: A subsidiary of Computer Age Management Services (CAMS).
    • PhonePe AA: A subsidiary of PhonePe, leveraging its digital reach.

Key Stakeholders of Account Aggregator

  • Financial Information Providers (FIPs): Banks, mutual fund companies, insurance companies, etc.
  • Financial Information Users (FIUs): Lenders, wealth managers, insurers, etc.
  • Account Aggregators (AAs): Licensed entities that facilitate data flow between FIPs and FIUs.

The DPDP Act and Consent Managers (CMs)

  • The Digital Personal Data Protection Act, 2023 introduces Consent Managers (CMs) as intermediaries to facilitate:
    • Consent collection and withdrawal
    • Consent lifecycle management
    • Secure data sharing between Data Principals (individuals) and Data Fiduciaries (entities processing personal data).

Draft DPDP Rules, 2025

  • The recently released Draft DPDP Rules, 2025 outline the registration process, obligations, and permitted activities of consent managers.
  • Given the significant structural alignment between the Account Aggregator (AA) and Consent Manager (CM) frameworks, certain revisions have been proposed to the Draft Rules. They are as;
    • Mandatory Registration with the Data Protection Board (DPB): Entities seeking to operate as consent managers under the DPDP regime must be mandatorily registered with the DPB.
    • Enable Sector-Specific Consent Managers: The DPB should allow for the registration of sector-specific consent managers, provided they operate on common, interoperable APIs and technical specifications as prescribed.
    • Allow Commercial Arrangements with Data Fiduciaries: Consent managers should be allowed to have business deals with data fiduciaries (like banks or companies that use personal data). 

Significance of a Unified Consent Infrastructure

  • Avoids duplication: Aligning AA and CM frameworks reduces regulatory overlap.
  • Increases efficiency: Leveraging existing AA insights accelerates CM implementation.
  • Promotes innovation: Encourages startups and established entities to develop secure data services.
  • Supports Digital Public Infrastructure (DPI): Strengthens India’s ambition for a holistic, interoperable data governance regime.

Concluding remarks

  • India has an unprecedented opportunity to become a global pioneer in citizen-centric data governance. 
  • By harmonising the Account Aggregator framework with the emerging Consent Manager regime under the DPDP Act, India can move toward a secure, scalable, and inclusive data economy.

Source: TH