Fastest path to Account Aggregator Framework Readiness!

Sahamati, an industry alliance for the Account Aggregator (AA) ecosystem in India, is a non-profit organization whose mission is to drive adoption, innovation and compliance to regulatory standards amongst industry participants, with the ultimate goal of driving benefits to citizens through the AA ecosystem.

To become a part of the Account Aggregator Ecosystem, participant organisations must follow ReBIT guidelines for API & functional flow to become a part of this ecosystem.

Saksham from Aujas enables organizations to quickly and reliably test their API implementation for compliance, security, and readiness to join the account aggregator framework.

Aujas Cybersecurity has been empanelled to conduct the certification process for all the Account Aggregator ecosystem entities.

Fastest path to Account Aggregator Framework Readiness!

Saksham-Web-Page-Banner

Sahamati, an industry alliance for the Account Aggregator (AA) ecosystem in India, is a non-profit organization whose mission is to drive adoption, innovation and compliance to regulatory standards amongst industry participants, with the ultimate goal of driving benefits to citizens through the AA ecosystem.

To become a part of the Account Aggregator Ecosystem, participant organisations must follow ReBIT guidelines for API & functional flow to become a part of this ecosystem.

Saksham from Aujas enables organizations to quickly and reliably test their API implementation for compliance, security, and readiness to join the account aggregator framework.

Aujas Cybersecurity has been empanelled to conduct the certification process for all the Account Aggregator ecosystem entities.

Account Aggregator Framework – A Primer

The RBI approved a new class of NBFCs in 2016 to act as Account Aggregators whose primary responsibility is to facilitate the transfer of users' financial data with their explicit consent. This primarily includes transfer, but not storing, of data. An Account Aggregator is 'data-blind', and data transmitted will be end-to-end protected. Also, an Account Aggregator does not and cannot store any user's data.


Thus, It helps businesses and individuals collate and share data digitally in a secured and controlled manner, thereby assuring the user's integrity, confidentiality, and privacy.


Account-Aggregator-Framework-A-Primer
The architecture of AA is based on the Data Empowerment and Protection Architecture (DEPA) framework.

Saksham – Self Service Based Automatic API Certification Approach

The three modules, FIP, AA, and FIU, to be adopted by the entities for undergoing a certification process and ensure the APIs used by each entity are as per the schema, interoperability, and security specifications of Reserve Bank Information Technology Private Limited (ReBIT).


Certified FIP/AA/FIU entities are to be included in the Central Registry and be able to connect with a network of AAs seamlessly.


Saksham from Aujas provides an automated self-assessment and API certification kit that can check and validate:

  • API specification adherence
  • Function flow specification adherence inline with the controls/specifications as defined by ReBIT for FIP/AA/FIU modules
  • Completeness of implementation

The output of the self-assessment check is a PASS/FAIL result based on the evaluation of technical controls.  Once a PASS result is achieved, a Certificate of conformance is awarded by Aujas and Sahamati jointly.


The technical controls must be evaluated quarterly to ensure compliance with ReBIT specifications. 


The certification shall help organizations demonstrate that they have fulfilled the specified technical and security controls defined in the NBFC-AA API specifications published by ReBIT.


Saksham-Self-Service-based-Automatic-API-Certification-Approach-1


Aujas provides certification after evaluation of the output of the self-assessment check. Once a certificate is issued after the first successful run of the Aujas Saksham Toolkit against the FIP, AA, FIU system, it is considered a proof of compliance unless the quarterly reports indicate a significant deviation or non-compliance with the NBFC-AA specifications, as applicable then.

Benefits

Saksham has completely automated the process of checking compliance of the application/tool being developed by Technical Service Providers (TSPs) / Organizations against the ReBIT Account Aggregator Ecosystem API Specifications.


  • The fastest way to become compliant and a part of the Account Aggregator ecosystem.
  • Fully automated test scenarios.
  • User manual for self-assessment kit and installation instructions to be given as part of pre-installation manual kit.
  • Strict adherence to the API request and response JSON structures to ensure interoperability in the ecosystem.
  • Control checklist to be provided before a certification audit.

Financial entities should become a part of the Account Aggregator ecosystem for faster business turnarounds, ensure cost efficiencies, lower infrastructure costs/credit costs, and provide better products and solutions for users.


To become a part of the Account Aggregator ecosystem, write at contact@aujas.com, and start your certification journey today.

Thanks for Your Interest in Saksham - Fully Automated API Capability Test Kit.

We are ready to help you get started. Let us know how to contact you,
and we will get in touch with you.