In recent years, there has been a multifold growth in the number of Digital Lending Services in India. This has disrupted the mode of traditional banking services by using modern technology to make borrowing more seamless, faster, and accessible. The minimum paperwork and faster disbursal of the loan amount meant that a much wider group of people would have access to easier and more efficient credit using apps that offer instant loans or even “Pay-later” platforms. This guide will help you gain a comprehensive understanding about What are the RBI Digital Lending Guidelines.
The rapid expansion in the user base of these lending apps and their growing popularity brought them to the notice of the Reserve Bank of India (RBI), which established the RBI Working Group in January 2021 to examine how these lending apps and websites function given the growing concerns regarding the mis-selling of these services to customers, data privacy breaches, hidden costs and unethical conduct of business such as hiring recovery agents who resort to harassment.
The RBI Digital Lending Guidelines
The RBI Working Group identified 3 primary issues, namely conduct, technology, and charges, and released its recommendation in November 2021 based on the same. Thereafter, the RBI released the RBI Implementation of Recommendations in August 2022 and it was followed by the Digital Lending Guidelines on 2nd September 2022. On February 15, 2023, the RBI also published a set of FAQs for the said guidelines. The purpose of these provisions was to regulate the digital lending sector which was previously largely unregulated and to ensure that they are in the best interests of the Indian consumers. To help you understand further about these Guidelines and their impact, we at Adviso have prepared a brief analysis of the various provisions of the RBI Digital Lending Guidelines –
Assessing the Key Provisions of the RBI Digital Lending Guidelines
Let us know more about the key provisions of the RBI Digital Lending Guidelines and how it has had an impact on the various stakeholders of the Digital Lending Industry in India –
- Applicability
In the case of fresh digital loans and onboarding new customers, the Guidelines came into effect from the date of notification, i.e. 2nd September 2022, and were applicable to both Digital Lending Apps (DLAs) as well as Lending Service Providers (LSPs) which were operated by banks as well as non-banking financial companies (Regulated Entities).
Regarding existing digital loans and customers, the RBI gave a timeline of up to 30th November 2022 for ensuring compliance with the Guidelines. However, issues were raised by the concerned Regulated Entities (RE) regarding the lack of an appropriate transition period both for the existing and new customers, which could lead to hasty implementation of the Digital Guidelines.
- Customer Protection
The RBI Guidelines also ban loan dispersals via any third-party accounts such as passthrough or pool accounts, including those of the DLAs and LSAs. It mandated that the disbursal of the loan as well its repayment will be directly between the Regulated Entity and the bank account of the borrower except under certain cases such as –
- Statutorily mandated loan transfers.
- Money is required for co-lending between the Regulated Entities.
- Disbursals for loans specified uses.
- When the use of a physical interface is required for recovering delinquent loans.
- Repayment of loans as advances against salary in cases of EMI being deducted from the salary payable.
The RBI also mandates that each LSP should have a nodal grievance officer for resolving any queries. The Guidelines also allow for the consumer to lodge a complaint in the Complaint Management System portal under the RBI- Integrated Ombudsman Scheme (“RB-IOS”), or if the entity is currently not covered under RB-IOS, in accordance with the RBI prescribed grievance redressal mechanism.
- Data Protection
According to the RBI Guidelines, the data collected by the Regulated Entities should be strictly need-based and must have the explicit consent of the borrower in each step. The data collected by the LSPs and DLAs must not be stored except for minimal information which is essential for the Regulated Entities to carry out their business. There is also a ban on accessing data such as files, media, call logs, etc. from the borrower’s mobile. Further, access to camera, microphone, and location has been limited to one-time access and no biometric data of the borrower can be stored.
The Guidelines also mandate the Regulated Entity to ensure that all its DLAs and LSPs have comprehensive privacy policies that inform the borrower of the type and duration of data that can be stored, information of the third parties that would have access to the said data, and other relevant information regarding the data that will be collected by the Regulated Entities.
- Disclosures
The RBI received several complaints regarding the opaque and deceptive process of digital lending adopted by the Regulated Company. Thus, the primary reasoning behind the RBI introducing the disclosure related compliances are as follows –
- That the borrower has a holistic view of all the charges imposed upon them.
- The borrower can identify the recovery agents who are assigned to them and any attempts of the recovery agent to harass him/ her can be checked and reported.
The Guidelines ensure that the customer remains protected from exorbitant fees and unnecessary harassment due to the unethical practices adopted by the recovery agents.
The RBI Guidelines have also made it mandatory for all Regulated Entities engaged in digital lending to file a standardized Key Fact Statement (KFS) which provides the all-inclusive cost of the digital loan in terms of annual percentage recovery, recovery mechanism as well as the details of the nodal grievance redressal officer who is responsible to resolve any related issue that may arise. The Regulated Entity cannot charge any other fee or charge that has not been mentioned in the KFS.
The Guidelines also mandate that the borrower shall also have a cool-off period, during which he can pay the loan and the annual percentage fee for exiting the digital loan without having to pay any penalty fee and the same shall be stated in the KFS. It also mandates that the KFS, Sanction Letter, and other relevant documents shall be sent to the registered email and phone number of the borrower once the loan has been executed.
The Regulated Entities are also mandated to prominently publish on their website all information about the loan products and services that they offer and the LSPs and DLAs that they engage to ensure that the borrowers have a holistic awareness of the process. The Guidelines also mandate that if the borrower defaults on the loan, he/ she should be given information when a recovery agent has been assigned and the contact details of the recovery agent must be communicated to the borrower.
- Mandatory Reporting
The RBI Guidelines mandate that the Regulated Entities have to report all loans to the Credit Information Companies (CIC). This plays a major role in mitigating predatory loan recovery practices and reduces instances of harassment caused to customers.
The Regulated Entities also need to carry out extensive due diligence of an LSP about its technical abilities, storage information, prior conduct, data privacy regulations, compliance with the statutes, etc. prior to partnering with it. They also need to carry out regular programs and reviews about the practices and conduct of the loan recovery agents.
Industry Related Concerns
While the regulatory gaps were resolved to a great extent due to the Guidelines, there were certain concerns raised by the industry stakeholders. The primary concerns are as follows –
- First Loss Default Guarantee
The issue regarding digital loans is the inability or refusal of many borrowers to pay back the loan amount. This led to the emergence of the concept of First Loss Default Guarantee, which essentially meant that the fintech would offer a limited guarantee for the loan offered by the Regulated Entity at a previously decided rate. This played a major role in facilitating the Regulated Entity to extend more loans to borrowers, without worrying much about the repayment options, which had often been an issue with the banks with 10% of the loans not being repaid at the time.
However, with the new RBI Guidelines, the Regulated Entity has to abide by the RBI Master Direction on Securitisation of Standard Assets, especially on the issue of synthetic securitization, as the provisions prohibit the transfer of any risk to any third party in case of a default of the loan.
The inability of the RBI[1] to address the issue in its FAQs has only aggravated it and has forced the industry to look for alternatives such as revenue sharing based on the ability of repayment of loan portfolios as well as the revenue sharing of the interest earned between the fintech companies and the Regulated Entities.
- Payment Aggregators
The Payment Aggregators facilitate merchants to receive payments from their customers, pool the funds, and transfer the same to the merchant in a given time period. However, there have been certain Payment Aggregators who have been acting as LSPs in facilitating loans, pooling money, and enabling equated monthly installments (EMIs) for various merchants.
However, with the new Guidelines, the funds are not allowed to pass through the accounts of Payment Aggregators. One of the examples would be that during facilitating a payment on an E-commerce site, the funds often passed through the accounts of Payment Aggregators and they were the ones to whom the borrowers paid back the loans. This enabled customers to avail loans instantly from the Payment Aggregators and banks or NBFCs. However, with the introduction of the new RBI Guidelines and the FAQs, the Payment Aggregators were banned from allowing any fund to pass through their accounts.
The RBI has also allowed certain Payment Aggregators to offer services such as (1) Facilitating Payment Aggregators to render their services to merchants, and (2) Extending digital lending services to the merchants via their partner banks or NBFCs, allowing them to directly disburse loans to the concerned merchants. The Payment Aggregators collects money from the merchant’s customers as a service fee.
The money collected is then apportioned by the Payment Aggregators between (1) the merchant’s account with the Payment Aggregators for settlement of money collected from the customers, and (2) the merchant’s loan account with the bank or NBFC, as repayment of the merchant’s loan. In this model, the issue that arises is that the Payment Aggregators may handle funds directly in loan repayment. Post the introduction of the Guidelines and the FAQs, the PA cannot handle the funds directly in the case of loan repayment.
In view of this issue, the Payments Council of India (PCI) has also requested the RBI to exempt the Payment Aggregators from these Guidelines that restrict the flow of funds through third-party accounts. However, the same has not been granted by the RBI. This has restricted Payment Aggregators from offering several services that involve funds passing via the pool accounts and has raised questions regarding the Guidelines which the RBI says is for the wellbeing of the lending companies.
- Buy Now Pay Later Apps
Essentially, credit lines are pre-approved borrowing amounts that are provided by NBFCs and banks and allow individuals and businesses to borrow credit as and when needed within the specified limit without having to seek further approval. However, before the RBI Guidelines were brought in, there was an RBI circular in June 2022 banning Prepaid Payment Instruments (PPI) such as prepaid cards and wallets from credit lines.
This was a major setback for ‘Buy Now Pay Later (BPNL)’ platforms as they used credit lines to ensure that borrowers could borrow funds instantly without requiring any further approval. The RBI circular forced them to shift to a new model wherein a fresh sanction of loan is issued every time a lending transaction happens. Hence, the approval had to be taken each time a loan was issued and the information had to be loaded into the PPI upon disbursal.
However, the Guidelines required further changes to ensure that these funds don’t pass through third-party pool accounts. This further complicated the process and has even led to several BPNL companies to undertake drastic changes in their operations and in certain cases, even shut shop.
Summing Up
Although the emergence of digital lending has made efficient credit very easily accessible, there has also been a rise in instances of harassment and deceptive practices deployed by Regulated Entities in an attempt to exploit customers. The RBI notification of the Digital Lending Guidelines marks a progressive balancing step of the authorities to bring under the scanner the growing digital lending sector which was once largely unregulated, while ensuring that the credit facilities remain efficient, accessible, and ethical.
However, it is important to understand that the changes that these Digital Guidelines have brought in are sudden and drastic and there will definitely be some scope for errors in its implementation. The best way to ensure that these Guidelines are effective is to facilitate the active participation of all the stakeholders with a common aim of boosting consumer confidence in the Indian digital lending ecosystem.
Read Our Article: How to Develop a Loan Product?
