Digital lending is one of India’s fastest-growing fintech segments, with volumes increasing from US$9 billion in 2012 to nearly US$110 billion in 2019. The digital lending market is expected to be worth around 350 billion dollars by 2023. With an increase in the number of customers seeking digital loans, there has also been an increase in illegal digital lending platforms, tarnishing the reputation of the digital lending industry. The Reserve Bank of India had constituted a Working Group on ‘digital lending including lending through online platforms and mobile apps’ (WGDL) on January 13, 2021. According to the reports of WGDL, there are approximately 1100 digital lending apps available for Android users in India, out of which, as many as 600 loan apps are illegal. As a result, there was an urgent need to regulate the digital lending industry.
On August 10, 2022, RBI issued a press release regarding the implementation of the recommendations of the working group on digital lending. The Press Release applies to all Regulated Entities (REs), their Lending Service Providers (LSPs), Digital Lending Apps (DLAs) of REs, and DLAs of LSPs engaged by REs.
Digital Lending :
Digital Lending is a remote and automated lending process, majorly by use of seamless digital technologies in customer acquisition, credit assessment, loan approval, disbursement, recovery, and associated customer service.
Lending Service Provider (LSP) :
Lending Service Provider is an agent of a Regulated Entity who carries out for a fee from the Regulated Entity, one or more of lender’s functions in customer acquisition, underwriting support, pricing support, disbursement, servicing, monitoring, collection, recovery of specific loan or loan portfolio.
Digital Lending Apps (DLAs) :
Mobile and web-based applications with user interface that facilitate borrowing by a borrower from a digital lender. DLAs will include apps of the REs as well as operated by LSPs which are engaged by REs for extension of any credit facilitation services.
Digital lenders are classified into three categories:
- Entities regulated by the RBI and permitted to carry out lending business;
- Entities authorized to carry out lending as per other statutory/regulatory provisions but not regulated by RBI;
- Entities lending outside the purview of any statutory/ regulatory provisions.
The Reserve Bank’s regulatory framework is centred on the digital lending ecosystem of the RBI’s Regulated Entities (REs) and the Lending Service Providers (LSPs) that engaged by them to provide various permissible credit facilitation services. In the case of entities falling into the second category, the respective regulator/controlling authority may consider developing or enacting appropriate digital lending rules/regulations based on WGDL recommendations. The WGDL has proposed specific legislative and institutional interventions for consideration by the Central Government for entities in the third category, in order to curb the illegitimate lending activity carried out by such entities.
The press release contains three annexures, each of which deal with the following –
- Annex I– Recommendations accepted for immediate implementation and the consequent regulatory stance. Accordingly, the provisions of ‘Annex I’ will become effective immediately, that is, on August 10, 2022, the date of the Press Release.
- Annex II– Recommendations, though accepted in-principle, which require further examination. Accordingly, ‘Annex II’ does not appear to be immediately applicable. However, the regulator’s views are clear, and it is only a matter of time before they are implemented.
- Annex III– Recommendations which require wider engagement with the Government of India and other stakeholders in view of the technical complexities, setting up of Institutional mechanism and legislative interventions.
Annex-I contains the recommendations accepted for immediate implementation and the consequent regulatory stance. The following are some highlights of the requirements that REs, their LSPs, Digital Lending Apps (DLAs) of REs, and DLAs of LSPs engaged by REs must follow:
- Customer Protection and Conduct Issues:
1. REs must ensure that all loan servicing, repayment, and so on are carried out directly in their bank account, without the use of a third-party pass-through account or pool account. Disbursements must always be made to the borrowers’ bank accounts.
2. REs must ensure that any fees, etc., payable to LSPs are paid directly by them (REs) and not charged to the borrower directly by the LSP.
3. Before signing the loan contract, the borrower must receive a standardised Key Fact Statement (KFS). Apart from other necessary information, the KFS must include the followings: (a) Annual Percentage Rate (APR) details, (b) Terms and Conditions of Recovery Mechanism, (c) Details of Grievance Redressal Officer designated specifically to deal with digital lending/ FinTech related matters, (d) Cooling-off/look-up period
4. Borrowers must be informed of the total cost of digital loans in the form of an Annual Percentage Rate (APR). The APR shall be calculated using an all-inclusive cost and margin that includes the cost of funds, credit cost and operating cost, processing fee, verification charges, maintenance charges, and so on, but excludes contingent charges such as penal charges, late payment charges, and so on. At the outset, the APR must be disclosed to the borrower as part of the Key Fact Statement (KFS).
5. Automatic credit limit increases are prohibited unless the borrower expressly consents. The top-up feature is very common in digital lending because the loan size is initially small and then extended based on the borrower’s performance. However, the borrower’s express permission is now required.
6. REs must ensure that, upon execution of the loan contract/transactions, digitally signed documents supporting important transactions, such as KFS, summary of product, sanction letter, terms and conditions, account statements, privacy policies of the LSPs with respect to borrowers’ data, and so on, automatically flow from the lender to the borrower’s registered/verified email/ SMS.
7. The loan contract must include a cooling-off /look-up period during which borrowers can exit digital loans by paying the principal and the proportionate APR without penalty. The intent of the provision appears to be to allow the borrower to prepay the loan without incurring a prepayment penalty.
8. Before entering into a partnership with an LSP for digital lending, REs must conduct enhanced due diligence, taking into account its technical capabilities, data privacy policies and storage systems, fairness in dealing with borrowers, and ability to comply with regulations and statutes.
9. REs must ensure that they have a suitable nodal grievance redressal officer to handle FinTech/digital lending-related complaints, as do the LSPs they engage. Such a grievance redressal officer must also handle complaints against their respective DLAs. The Grievance Redressal Officer’s contact information must be prominently displayed on the RE’s website, as well as its LSPs and DLAs, as applicable.
- Technology and Data Requirements:
Any data collection by DLAs should be need-based and with the borrower’s priorand explicit consent, which can be audited if necessary.
2. DLAs should not access mobile phone resources such as file and media storage, contact lists, call logs, telephony functions, and so on. Only with the borrower’s explicit consent, one-time access to the camera, microphone, location, or any other facility required for on-boarding/ KYC requirements can be granted.
3. Borrowers should be given the choice of accepting or declining consent for the use of certain data, as well as the ability to revoke previously granted consent, in addition to the choice of having their data deleted by the DLAs/LSPs.
4. REs must ensure that the LSPs they engage do not store personal information of borrowers other than the bare minimum required to carry out their operations. The RE will be responsible for data privacy and the security of the customer’s personal information.
5. REs must ensure that all data is stored on servers in India while adhering to statutory obligations and regulatory guidelines.
- Regulatory Framework:
1. REs are required to report to Credit Information Companies (CICs) any lending sourced through DLAs (either of the RE or of the LSP engaged by the RE), regardless of its nature or tenor.
2. REs must report to CICs any new digital lending products offered through merchant platforms by REs that involve short-term credit or deferred payments.
Scope and Applicability :
The RBI has issued the Press Release for implementation of recommendations accepted for immediate implementation and the consequent regulatory stance have been enclosed as Annex to the Press Release. Furthermore, Para 7 of the Press Release states that-All the regulated entities of RBI are advised to be guided by the regulatory stance conveyed in this press release. Hence, the provisions of ‘Annex I’ will become effective immediately, that is, on August 10, 2022, the date of the Press Release. The same para 7 also mentions ‘The REs are advised to ensure that the LSPs/DLAs also implement the requirements set out in Annex-I, as applicable and the onus of ensuring implementation of the requirements will rest with the REs. Detailed instructions will be issued separately.” This means that ‘Annex I’ currently only provides the RBI’s regulatory stance. While the REs must currently be guided by the regulatory stance communicated in the Press Release, detailed guidelines for implementing the regulatory stance are yet to be released.
Author Bio
