India’s Top Bank Issues New Guidelines For Digital Lenders Aimed At Customer Protection, Data Privacy

MUMBAI: Amid rising concerns over digital money lending platforms, India’s top bank has issued new guidelines to regulate these online financial credit facilities in a move aimed at protection of customers’ interests, data privacy and ethical industry practices.

The Reserve Bank of India (RBI), which is statutorily mandated to operate the credit system of the country, said it has encouraged innovation in the financial system, products and credit delivery methods while ensuring their orderly growth, preserving financing stability and ensuring the protection of depositors’ and customers’ interest.

Recently, innovative methods of designing and delivery of credit products and their servicing through Digital Lending route have acquired prominence, the top bank noted.

“However, certain concerns have also emerged which, if not mitigated, may erode the confidence of members of public in the digital lending ecosystem. The concerns primarily relate to unbridled engagement of third parties, mis-selling, breach of data privacy, unfair business conduct, charging of exorbitant interest rates, and unethical recovery practices,” the RBI said on August 10.

Taking into account the feedback from a diverse set of stakeholders, a regulatory framework to support orderly growth of credit delivery through digital lending methods while mitigating the regulatory concerns, has been firmed up, it said.

“This regulatory framework is based on the principle that lending business can be carried out only by entities that are either regulated by the Reserve Bank or entities permitted to do so under any other law,” the RBI said.

Classification Of Digital Lenders

According to the RBI, the universe of digital lenders is classified into three groups:

1.        Entities regulated by the RBI and permitted to carry out lending business

2.        Entities authorized to carry out lending as per other statutory/regulatory provisions but not regulated by RBI

3.        Entities lending outside the purview of any statutory/ regulatory provisions.

In light of the recommendations, certain highlights of the requirements being mandated to be followed by Regulated Entities (REs), their Lending Service Providers (LSPs), Digital Lending Apps (DLAs) of REs, DLAs of LSPs engaged by REs, are as follows:

A. Customer Protection and Conduct Issues

1)       All loan disbursals and repayments are required to be executed only between the bank accounts of borrower and the RE without any pass-through/ pool account of the LSP or any third party.

2)       Any fees, charges, etc., payable to LSPs in the credit intermediation process shall be paid directly by RE and not by the borrower.

3)       A standardized Key Fact Statement (KFS) must be provided to the borrower before executing the loan contract.

4)       All-inclusive cost of digital loans in the form of Annual Percentage Rate (APR)6 is required to be disclosed to the borrowers. APR shall also form part of KFS.

5)       Automatic increase in credit limit without explicit consent of borrower is prohibited.

6)       A cooling-off/ look-up period during which the borrowers can exit digital loans by paying the principal and the proportionate APR without any penalty shall be provided as part of the loan contract.

7) REs shall ensure that they and the LSPs engaged by them shall have a suitable nodal grievance redressal officer to deal with FinTech/ digital lending related complaints. Such grievance redressal officer shall also deal with complaints against their respective DLAs. The details of the Grievance redressal officer shall be prominently indicated on the website of the RE, its LSPs and on DLAs, as applicable.

7)       As per extant RBI guidelines, if any complaint lodged by the borrower is not resolved by the RE within the stipulated period (currently 30 days), he/she can lodge a complaint under the Reserve Bank – Integrated Ombudsman Scheme (RB-IOS)7.

B. Technology and Data Requirements

1)       Data collected by DLAs should be need based, should have clear audit trails and should be only done with prior explicit consent of the borrower.

2)       Option may be provided for borrowers to accept or deny consent for use of specific data, including option to revoke previously granted consent, besides option to delete the data collected from borrowers by the DLAs/ LSPs.

C. Regulatory Framework

1)       Any lending sourced through DLAs (either of the RE or of the LSP engaged by RE) is required to be reported to Credit Information Companies (CICs) by REs irrespective of its nature or tenor.

2)       All new digital lending products extended by REs over merchant platforms involving short term credit or deferred payments are required to be reported to CICs by the REs.

The RBI has advised all its regulated entities to be guided by the new regulatory guidelines. It shall be noted that any kind of outsourcing arrangement involving a RE and LSPs/DLAs shall be subject to the extant guidelines on outsourcing.

The REs are also advised to ensure that the LSPs/DLAs also implement the requisite requirements as applicable and the onus of ensuring implementation of the requirements will rest with the REs.

The detailed instructions will be issued separately, the RBI said.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube