The Account Aggregator (AA) framework is a government-backed data-sharing system. It lets you share your bank statement data with third parties without sending the actual PDF or handing over your login credentials.
How it works
You give consent through an AA app (like Sahamati-certified apps). The AA requests your bank for data. Your bank shares it in a standard format. The receiving company gets a structured data feed. You can revoke access at any time.
Who uses it
Banks and NBFCs use AA data to verify income and assess loan applications. Within minutes they can see 12 months of transaction history without waiting for you to upload PDFs. Some insurers use it to set premiums. Tax platforms use it to pre-fill ITR data.
Is it safe
Your bank data flows encrypted and is not stored by the AA. The consent is purpose-limited, time-limited, and revocable. No AA can use your data beyond what you consented to. The RBI regulates all AAs operating in India.
Your rights
You can see every consent you have given through the AA app's dashboard. You can revoke any consent with one tap. After revocation, the company that was receiving your data can no longer access new information. This is a stronger protection than most people have with traditional bank statement sharing.
Related reading: Using Bank Statement APIs, The Future of Bank Statements in India, Bank Statement Data Security Best Practices.