wordpress blog stats
Connect with us

Hi, what are you looking for?

NeSL receives final approval to become India’s first Information Utility

National EGovernance Services Limited (NeSL) has been registered by the Insolvency and Bankruptcy Board of India (IBBI) as an Information Utility (IU) as per the IBBI (Information Utilities) Regulations, 2017. NeSL had received in-principle approval in June this year, which has now been finalised. The registration will remain valid for a period of five years. NeSL is expected to become functional in a year’s time.

As an IU, NeSL will be the repository of all lending and borrowing transactions of financial institutions in the country and will be accessible to registered users, which will be a big help for the National Company Law Tribunal (NCLT) to make decisions in cases under the Insolvency and Bankruptcy Code, 2016.

IU stores financial information that helps to establish defaults as well as verify claims expeditiously and thereby facilitates completion of transactions under the Insolvency and Bankruptcy Code, 2016 in a time bound manner. It constitutes a key pillar of the insolvency and bankruptcy ecosystem, the other three being the Adjudicating Authority (National Company Law Tribunal and Debt Recovery Tribunal), the IBBI and Insolvency Professionals.

NeSL is owned by a group of 17 well-known public institutions, including Life Insurance Corporation of India, State Bank of India, Canara Bank, Bank of Baroda, ICICI Bank Ltd., Axis Bank Ltd., Karnataka Bank Ltd., HDFC, Indian Bank, Punjab National Bank, New India Assurance Company Ltd., Union Bank of India, Central Depository Services (India) Ltd., Dena Bank, NABARD, United India Insurance, and SIDBI.

Once NeSl has set up the IU, users will be able register in order to submit and access their financial information:

Registration of users

(1) A person shall register itself with an information utility for- (a) submitting information to; or (b) accessing information stored with any of the information utilities.

Advertisement. Scroll to continue reading.

(2) The information utility shall verify the identity of the person under sub-regulation (1) and grant registration.

(3) Upon registration of a person under sub-regulation (2), the information utility shall intimate it of its unique identifier.

(4) A person registered once with an information utility shall not register itself with any information utility again.

(5) An information utility shall provide a registered user a functionality to enable its authorised representatives to carry on the activities in sub-regulation (1) on its behalf.

(6) An information utility shall- (a) maintain a list of the (i) registered users; (ii) the unique identifiers of the registered users; and (iii) the unique identifiers assigned to the debts under Regulation 20. (b) make the list under clause (a) available to all information utilities and the Board.

It’s worth noting here that when other IUs are set up, users will be able to ” access information stored with an information utility through any information utility,” i.e., they won’t have to register with more than one IU.

Advertisement. Scroll to continue reading.

In regards to accessing information stored with an IU:

Access to information

(1) An information utility shall allow the following persons to access information stored with it- (a) the user which has submitted the information; (b) all the parties to the debt and the host bank, if any, if the information is of the categories in section 3 (13) (a), (c) and (d); (c) the corporate person and its auditor, if the information is of the categories in section 3 (13) (b) and (e); (d) the insolvency professional, to the extent provided in the Code; (e) the Adjudicating Authority; (f) the Board; (g) any person authorised to access the information under any other law; and (h) any other person who the persons referred to in (a), (b) or (c) have consented to share the information with.

(2) An information utility shall in all cases enable the user to view- (a) the date the information was last updated; (b) the status of authentication; and (c) the status of verification while providing access to the information.

(3) An information utility shall provide information to the Adjudicating Authority and Board free of charge.

On the users part, they need to ensure that:

Duties of the user

(1) A user shall expeditiously update the information submitted by it to an information utility.

Advertisement. Scroll to continue reading.

(2) A user shall expeditiously correct information as soon as it finds it erroneous, stating the reasons, if any.


This month we learnt that two financial institutions in the United States – one private, and one public – suffered massive data breaches, which they weren’t even able to detect till months later. Then we have our very own UIDAI and the government of India, and their misadventures with the personal data of Indian citizens. In this scenario, the news of NeSL being registered as an IU isn’t the most comforting. The IBBI (Information Utilities) Regulations, 2017 mentions that IU’s need to set up a Grievance Redressal Committee, should appoint a Compliance Officer, and even has provisions for Risk Management, but in regards to data storage this is all that’s mentioned:

Storage of information

(1) An information utility shall store all information in a facility located in India.

(2) The facility under sub-regulation (1) shall be governed by the laws of India.

RBI’s Public Credit Registry

Earlier this year, RBI’s Deputy Governor Viral Acharya had made the case for a Public Credit Registry (PCR), which incorporates unique identifiers for borrowers: Aadhaar for individuals, and Corporate Identification Number for companies.

“Such registers help in enhancing efficiency of the credit market, increase financial inclusion, improve ease of doing business, and help control delinquencies. Incorporating unique identifiers for the borrowers (Aadhaar for individuals and CIN for companies), Reserve Bank’s BSR1 and CRILC datasets can quickly be converted into a useful PCR [Public Credit Registry] covering customers of SCBs [Scheduled Commercial Banks] to start with. It can then be expanded to cover other financial institutions in India. A comprehensive PCR down the road will be even more effective,” Acharya had said.

Advertisement. Scroll to continue reading.

Also Read: The era of public databases of personal data

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Do we have an enabling system for the National Data Governance Framework Policy (NDGFP) aiming to create an repository of non-personal data?


A viewpoint on why the regulation of cryptocurrencies and crypto exchnages under 2019's E-Commerce Rules puts it in a 'grey area'


India's IT Rules mandate a GAC to address user 'grievances' , but is re-instatement of content removed by a platform a power it should...


There is a need for reconceptualizing personal, non-personal data and the concept of privacy itself for regulators to effectively protect data


Existing consumer protection regulations are not sufficient to cover the extent of protection that a crypto-investor would require.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ