logotype
Overview

Account aggregation sometimes also known as financial data aggregation is a method that involves compiling information from different accounts, which may include investment accounts, bank accounts, credit card accounts, and other business or consumer accounts, into a single place.

This can be provided by: connection via an API to the financial institution
“screen scraping” where a user provides the requested account-access information for an automated system for gathering and compilation of the information into a single page”

What is RBI Account Aggregator?

The NBFC Account Aggregator (NBFC-AA) Framework was introduced back in 2016 by RBI. However the concept of Account Aggregators did exist prior to 2016 as well. Prior to NBFC-AA framework several Account Aggregators undertook similar business of consolidating financial data and providing analysis on the same for the customer or a financial institution.

To give a basic understanding, an Account Aggregator is an entity that can pull and consolidate all of an individual’s financial data and present the same in a manner that allows the reader to easily understand and analyse the different financial holdings of a person. At present our financial holdings are scattered across various financial instruments, with various financial intermediaries, which come under the purview of various financial regulators

Why RBI Account Aggregator Audit Required?

The security of the account access details as well as the financial information is key to users having confidence in the service.Services of the Account Aggregator should be backed by appropriate agreements/authorisations between the aggregator, financial service provider and customer.

The Account Aggregator has to follow the terms and conditions of the licence (such as customer protection,data security,audit function, grievance redressal, data security, audit control, corporate governance and risk management framework).

RBI announced master directions for Account Aggregator In September 2016, which are mandatory to be comply

What We Deliver ?

It’s an important practice that gives organizations visibility into real-world threats to your security. As part of a routine security check, penetration tests allow you to find the gaps in your security before a hacker does by exploiting vulnerabilities and providing steps for remediation.

search-concept-illustration_114360-95

Digital Report

Our experts will furnish an itemized security evaluation report with legitimate remediation steps to be taken. Distinguish Security Weaknesses inside your Digital Asset permitting you to proactively remediate any issues that emerge and improve your security act.

businessman-make-money-growth-business-success-financial-investment-and-return-on-investment-roi-concept-free-vector

Skilled Consultants

We also assured you that your assessments are executed by Qualified Experts. Our group of security specialists holds industry capabilities, for example, CHECK Team Member and Team Leader, CEH, ECSA, OSCP, CISA, CISSP, and many more. Distinguish Security Weaknesses inside your Digital Asset permitting you to proactively remediate any issues that emerge and improve your security act.

d54f85cf7eb853cd9636beb1f0853303

Compliance & Certification

We will help you with the Compliance & Certification process that deals with the understanding of various documentation having the implementation verification. RnR is worked with the wholesome approach that deals with compliance process.

Trusted by International Brand

Leave us a message

How May We Help You!

      Service Request Form

      Select Service(s) You Want:

      Information & cyber security program strategy & roadmapEnterprise & cyber security risk assessment & managementThird party risk managementVirtual CISO serviceCyber security awareness programPhishing simulation programThreat modelingUser access governance & certificationIncident management and response planISO 27001/22301/27701/9001RBI master directionNHB cyber security guidelinesIRDAI cyber security guidelinesNIST FrameworkSOC1/SOC2Data localization as per RBI circular of storage of payment system dataCIS frameworkInternal audit managementCloud assessment as per CISDesigning cloud security architectureCSPM security monitoringGap assessment as per applicable guidelinesNetwork architecture reviewFirewall rule reviewFirewall configuration reviewSystem hardening checksVulnerability assessment program managementWeb application penetration testingMobile application penetration testingInfrastructure vulnerability assessmentAPI vulnerability assessmentAPI fuzzingRed teaming ExerciseData protection advisoryData flow diagramDigital personal data protection acData protection controls implementationData discovery and classificationDesigning of data protection policyData governance programDigital personal data protection acGap assessmentArticulation of policy and proceduresISO 27001/22301/27701/9001, PCI-DSS, SOC1/SOC2, COBIT, COSO, HIPPA, RBI, IRDAI, NIST, Data Localization, CISGRC tool implementationArticulation of BCP plan and strategyCrisis management planBCP/DR planning and implementationImplementation of BCMS standard (ISO 22301)Conducting actual and tabletop DR drillsFunctional recovery planGRC resource deployment onsite/offsiteSecurity services resource deployment onsite/offsite

      Contact Details:

      Name (required):

      Organization Name (required):

      Email (required):

      Contact No (required):

      Detail about the requirement (optional):