Most people already use a financial account aggregator, even if they have never heard the term. The app that shows their salary credit, their loan EMI, their mutual fund balance, and their credit card due date on one screen is running on aggregation. So is the lender that pulls 12 months of bank statements to approve a loan in minutes instead of days. A financial account aggregator is the connective tissue between financial institutions that hold customer data and the apps that turn it into something useful.
This guide covers what a financial account aggregator is, the three technical methods aggregators use, the use cases they support, the benefits and risks that matter, and the part most global articles miss: India’s Reserve Bank of India (RBI) regulated Account Aggregator (AA) framework, which is structurally different from the US model and is now live across hundreds of financial institutions.
If you are evaluating an aggregator for a lending, wealth, or onboarding product, or building on top of one, this piece should help you make the choice with eyes open.
Planning to integrate AA data with a KYC flow on the same rails? Start here.
What is a Financial Account Aggregator?
A financial account aggregator is a service that collects financial data from multiple accounts, such as bank accounts, credit cards, brokerage accounts, pensions, and insurance policies, into one place, with the customer’s consent. The aggregator sits between the institutions that hold the data (banks, brokers, insurers) and the apps that consume it (personal finance tools, lenders, wealth managers). The customer gives permission. The aggregator moves the data. The app uses it.
Definition and core function
The core function of an aggregator is consented data access at scale. A customer has 7 financial relationships across 5 providers. Re-keying all of that into a new app every time they want a budgeting view, a loan, or an investment recommendation is not a workable experience. The aggregator replaces re-keying with a permissioned, structured pull from each institution.
Why account aggregation exists
Financial data lives in silos. A bank sees the salary and the EMI, but not the mutual fund holdings. A wealth app sees the mutual funds, but not the income. A lender sees the credit bureau report, but not the day-to-day cash flow. Account aggregation lets any one of these actors see a fuller picture when the customer allows it, and only for as long as the customer allows it. That unlock makes downstream products (cash-flow-based lending, goal-based wealth advice, consolidated reporting) practical.
How Financial Account Aggregation Works
There are three technical methods aggregators use to move data. They are not equally secure, and the trend over the last decade has been clear: away from the most fragile, toward structured consent.
Screen scraping (legacy)
The oldest method is screen scraping. The customer hands over their banking username and password to the aggregator, which then logs in on their behalf and parses the HTML of the account pages to extract balances and transactions. It works on almost any institution, which is why it survived for so long. It also requires the customer to share credentials, breaks whenever a bank changes its UI, and sits uneasily with most modern security policies. Screen scraping is fading. It is not dead.
Direct data feeds and FDX
The second method is direct institution-to-aggregator data feeds, often standardized through formats like the Financial Data Exchange (FDX) API specification in North America. The bank publishes an API. The aggregator consumes it. The data is structured, the connection is auditable, and there is no credential sharing. Direct feeds are the middle ground: more reliable than scraping, less standardized than a regulated framework.
API with OAuth consent
The third method is the one most regulators prefer and most new builds use: an API with OAuth-style token-based consent. The customer authenticates with their institution directly, the institution issues a consent token to the aggregator (with a defined scope, duration, and purpose), and the aggregator fetches data using the token. The customer’s password never leaves the institution. The consent can be revoked. The data flow is logged.
The choice of method determines what is possible on top of the data.
Use Cases for Account Aggregation
Aggregation only matters because of what it enables. Four use cases dominate.
Lending and credit decisioning
Lenders use aggregated bank statement data to underwrite loans. Instead of asking the borrower to upload 6 or 12 months of PDFs, the lender receives a structured, verified stream of transactions directly from the bank. That feed powers cash-flow-based underwriting, which is especially useful for thin-file borrowers (new-to-credit customers, gig workers, MSMEs) who do not have a rich credit bureau history but do have a clear pattern of income and outflows.
Personal finance management (PFM)
PFM apps use aggregated data to show a single view of net worth, spending, savings, and investments across every account the customer holds. This is the use case most end users see. The app is only as useful as the freshness and coverage of the underlying aggregation.
Wealth management and advisory
Wealth managers and advisors use aggregation to see held-away accounts, assets a client holds with other institutions, so they can give advice on the full portfolio rather than just the slice the manager runs. The same data supports consolidated reporting and prospecting.
Insurance and pension planning
Aggregation is increasingly used to quantify protection gaps (life and health insurance needs given current income, liabilities, and dependents) and to map out retirement readiness across pension, EPF, NPS, and savings balances. This use case is newer than the other three but is growing quickly in markets where the AA infrastructure is mature.
Benefits and Risks
Every piece of infrastructure is a trade-off. Aggregation is no exception.
Benefits for consumers
For the end user, the benefits are concrete: a single place to see their money, no manual data entry, and real-time (or near-real-time) updates. Underwriting gets faster. Advice gets more accurate. Budgeting becomes usable without discipline the customer does not have.
Benefits for businesses
For the business on the receiving end (a lender, a wealth manager, an insurer), aggregation reduces time-to-decision, improves the quality of the decision, and cuts the document-upload friction that kills conversion. The risk model is better because the data is richer. The customer experience is better because there is less to type.
Security considerations
The risk story depends on the method. Screen scraping puts credentials in a third-party system. Direct feeds and OAuth-based APIs keep credentials at the institution. The data itself, once accessed, is subject to the aggregator’s and the consuming app’s security posture: encryption in transit, encryption at rest, data minimization (pulling only what the use case needs), and retention limits. Regulated frameworks formalize these controls. Unregulated ones depend on the quality of the individual aggregator. Aggregation also sits alongside KYC and AML obligations once the data enters a regulated onboarding flow.
This is where the US and India models diverge.
India’s RBI Account Aggregator (AA) Framework
India’s Account Aggregator framework is a consent-first, RBI-regulated system that operates fundamentally differently from the US aggregator market. Instead of private companies holding data on behalf of users, the Indian AA is a licensed, data-blind intermediary whose only job is to move consented data between institutions.
What the AA framework is
The AA framework was introduced by the RBI in 2016 and went live in earnest from 2021. It creates a new category of Non-Banking Financial Company called NBFC-AA, licensed directly by the RBI. The NBFC-AA’s role is narrow: facilitate consented data sharing between regulated institutions. It does not read, store, or analyze customer data. It moves it.
FIPs, FIUs, and NBFC-AAs
Three roles define the framework. A Financial Information Provider (FIP) is an institution that holds customer financial data: banks, NBFCs, insurers, mutual fund houses, pension funds, and (as the framework expands) GSTN and securities depositories. A Financial Information User (FIU) is an institution that wants to consume that data for a specific purpose: a lender, a PFM, a wealth app. An Account Aggregator is the NBFC-AA licensed by the RBI that sits between the two and moves the data only when the customer has issued a valid consent.
The consent artefact
The defining feature of the AA framework is the consent artefact: a structured, machine-readable, tamper-evident record of exactly what the customer has agreed to. The artefact specifies the data type (balances, transactions, holdings), the purpose (loan underwriting, wealth advice, PFM), the duration (one-time, periodic, or continuous), the frequency of fetches, and the ability to revoke at any time. Every data pull is tied to a valid artefact. Revocation is real: when the customer withdraws consent, the flow stops.
Licensed account aggregators in India
The list of entities with an operating NBFC-AA license from the RBI is maintained publicly by Sahamati (the ecosystem body for AAs) and includes firms such as Setu AA (Agya Technologies), CAMSFinServ, Finvu (Cookiejar), CRIF Connect, Cygnet, Saafe (Dashboard), Digio, OneMoney (FinSec), NESL Asset Data, Perfios (Anumati), Protean (SurakshAA), PB Financial Account Aggregator (PB Fintech), Tally Edge (Tally), Unacores (INK), Scoreme, and OMS Fintech . The list changes as new entities receive operating licenses and should be re-checked on Sahamati before any commercial decision. As of the March 2025 ecosystem map, the broader AA ecosystem (FIPs, FIUs, AAs, and Technology Service Providers combined) included over 600 entities .
With that in place, the contrast with the US model becomes clearer.
India’s AA Framework vs US Open Banking
The two markets are not running different versions of the same model. They are running different models.
Regulatory model: RBI-licensed vs market-led
India’s NBFC-AAs are licensed directly by the RBI, sit inside a defined regulatory perimeter, and operate under a specific Master Direction. US aggregators like Plaid, Yodlee, MX, Finicity, and Akoya are private companies operating under general financial regulation (GLBA, state data laws, and the Consumer Financial Protection Bureau’s open banking rulemaking), but they are not licensed specifically as aggregators. The US model is market-led. The Indian model is regulator-led.
Consent architecture
India uses a structured consent artefact with defined fields (purpose, duration, data type, frequency, revocation) that is the same across every AA in the market. In the US, consent is typically OAuth-based and varies by data provider and aggregator; the arrival of Section 1033 rules is moving the market toward more standardization, but uniformity is not yet the norm.
Data localization and the data-blind model
The defining operational difference: in India, the NBFC-AA cannot read or store the data it moves. It is a pipe, not a store. The data goes from the FIP to the FIU in encrypted form, with the AA only able to see the envelope, not the contents. US aggregators, by contrast, typically hold the data they aggregate. This has consequences for who is liable when something goes wrong and for where the data physically lives.
Leading Financial Account Aggregators (Global and India)
Global and US aggregators
The largest US aggregators include Plaid, Yodlee (Envestnet), MX, Finicity (Mastercard), and Akoya. They differ on bank coverage, the mix of scraping vs direct feeds, and the vertical focus (lending, wealth, PFM). A lender choosing between them weighs coverage in the institutions the borrowers actually bank with, the freshness of the data, and the support for token-based consent where available.
Licensed NBFC-AAs in India
The operating NBFC-AAs in India are the ones listed above from Sahamati’s public directory. Institutions choosing an AA usually look at FIP coverage (which banks, insurers, and AMCs are live with that AA), uptime, developer experience of the AA’s SDKs, and product-specific features (consent templates, cohort consents for MSME flows). A full comparison of the current Indian market is maintained in our best account aggregators guide.
How to Choose a Financial Account Aggregator
Most selection decisions come down to three questions.
Compliance and regulatory fit
For an India deployment, the aggregator must hold an operating NBFC-AA license from the RBI and cover the FIPs your customers actually use. For a US or cross-border deployment, the aggregator must comply with applicable open banking, data protection, and consumer finance rules, and should support token-based consent where the institution offers it.
Coverage and reliability
Bank and institution coverage is the most common reason a selected aggregator fails in production. A beautiful API with thin coverage is not useful. Ask for live uptime by FIP, not just a global average. Ask for the last 90 days, not marketing numbers.
Integration and developer experience
API quality, documentation, sandbox availability, and the depth of webhooks for consent events drive how quickly and cleanly the integration ships. Lenders especially should look for idiomatic SDKs in the languages their team uses, and for sandbox data that reflects real-world transaction patterns, not just a few synthetic records.
FAQs
What is a financial account aggregator?
A financial account aggregator is a service that collects financial data, such as balances, transactions, and holdings, from multiple accounts across multiple institutions into one place, with the customer’s consent. In India, the term also refers specifically to NBFC-AAs licensed by the RBI to operate as data-blind consent managers under the AA framework.
How do financial aggregators make money?
In the US and similar markets, aggregators typically charge the consuming app (the FIU equivalent) per API call, per account, or on a subscription basis. In India, NBFC-AAs charge the FIU a fee for each consent artefact fulfilled, with pricing set commercially within RBI’s regulatory parameters.
Is it safe to use a financial account aggregator?
Safety depends on the method and the regulatory regime. OAuth-based APIs under a regulated framework (such as India’s AA) are structurally safer than screen scraping, because the customer’s credentials never leave the institution, the consent is structured and revocable, and the aggregator’s role is narrowly defined. Safety also depends on the consuming app’s security posture.
How does account aggregation work technically?
Aggregation uses one of three methods: screen scraping (credential-based login and HTML parsing, legacy), direct data feeds (standardized APIs such as FDX), or OAuth-style token-based APIs under a consent framework. In India’s AA model, the NBFC-AA does not read or store the data; it only moves consented data between FIPs and FIUs.
What is the difference between Plaid and Yodlee?
Both are US-based aggregators serving fintech apps, lenders, and wealth platforms, but they differ on vintage, vertical focus, and approach. Plaid is more developer-focused with a strong presence in consumer fintech integrations; Yodlee is one of the oldest aggregators and has historically focused on wealth management and financial advisory use cases. A specific choice should be based on coverage and integration quality for the use case, not positioning.
What data can a financial aggregator access?
Aggregators access the data types the customer has consented to share, typically balances, transactions, account metadata, and holdings across bank, brokerage, pension, and insurance accounts. In India’s AA framework, the consent artefact defines exactly which data types are permitted for a given use case and for how long.
What is open banking vs account aggregation?
Open banking is a regulatory movement that requires banks to share customer data through standardized APIs when the customer consents. Account aggregation is the service layer that uses those APIs (or older methods) to collect and deliver the data to consuming apps. Open banking defines the rails; aggregation uses them.
Pair AA Data with Identity, on the Same Rails
When you choose HyperVerge as your account aggregator, you gain access to a comprehensive suite of services that go beyond simply fetching raw data. Our platform offers advanced data interpretation and insight extraction, tailored to meet the needs of modern financial institutions.
Moreover, our cross-platform solution ensures seamless integration across mobile and web platforms, with customizable features to suit various device types. With our analytics dashboard, you can track key metrics like drop-off rates and optimize conversion, empowering you to make data-driven decisions for your business.In this exciting era of Indian fintech, where technologies like Aadhaar, UPI, and the AA framework are reshaping the financial landscape, HyperVerge stands out as a trusted partner.
Sign up for a free demo today to learn more about how HyperVerge can transform your financial data management experience.
