Subscribe to get latest news delivered straight to your inbox


    RBI issues Guidelines to Regulate Digital Lending

    • 10.09.2022
    • By Rishikaa
    Saikrishna & Associates

    The Reserve Bank of India (“RBI”), on 10th August 2022, released guidelines for digital lending (“Digital Lending Guidelines”) to provide a regulatory framework pertaining to lending activities conducted by FinTech and Digital Lending Applications (“DLA”). Based on the recommendations of the Working Group on ‘Digital Lending including Lending through Online Platforms and Mobile Apps’ (“WGDL”), the Digital Lending Guidelines have been framed to mitigate concerns related to “unbridled engagement of third parties, mis-selling, breach of data privacy, unfair business conduct, charging of exorbitant interest rates, and unethical recovery practices.”

    The Digital Lending Guidelines and framework involve entities regulated by the RBI (“RE”), the Lending Service Providers (“LSP”) engaged by the REs to extend various permissible credit facilitation services, the DLAs of REs and DLAs of LSPs engaged by REs.

    For the purposes of the Digital Lending Guidelines, the RBI has adopted some recommendations of the WGDL for immediate implementation, while other recommendations have been accepted in principle but require further examination. In addition to the above, given the technical complexities involved, few recommendations have been listed for wider engagement with the government and stakeholders.

    Key recommendations approved for immediate implementation

    The recommendations approved for immediate implementation are mainly centered around consumer protection, data privacy, and regulatory framework.

    Consumer Protection

    • As per the Digital Lending Guidelines, loan disbursals and repayments have to be executed directly between the borrowers and bank accounts of REs. Such transactions cannot be routed through pass-through accounts of third-parties.
    • Annual Percentage Rate (“APR”) have to be calculated on loans by DLAs by using built-in algorithms based on all-inclusive cost and margin.
    • All borrowers have to be provided with a standardized ‘Key Fact Statement’ (“KFS”) before executing a loan contract for all digital lending products. A KFS would include details of APR, terms and conditions of recovery mechanism, details of grievance redressal officer designated specifically to deal with digital lending/FinTech matters, as well as cooling-off/look-up period.
    • REs have to ensure that all digitally signed documents supporting important transactions through DLAs of REs as well as LSPs flow automatically from the lender to the borrower, via registered email or SMS, upon execution of the loan contract.
    • Further, the grievance redressal system has been strengthened by requiring REs, and LSPs engaged by them, to appoint a nodal grievance redressal officer to deal with FinTech/digital lending related complaints/issues raised by the borrowers. The mode of the filing a complaint must be provided on the DLA and its website. In the event a complaint lodged by the RE is not resolved by the RE within the stipulated period, presently 30 days, then the borrower has the option of lodging a complaint over the Complaint Management System or any other mode prescribed under the Reserve Bank-Integrated Ombudsman Scheme.
    • REs have been given the power to capture the economic profile of a borrower to assess borrower(s)’ creditworthiness in an auditable way.
    • Lastly, credit limits cannot be increased without borrower(s)’ explicit consent.

    Technology and Data Requirements

    • As per the Digital Lending Guidelines, any collection of data by the DLAs should be on need-basis and with prior consent. Biometric data related to customer due diligence cannot be stored in DLAs’ systems.
    • Further, DLAs have been asked to desist from accessing files, media, contact list, call logs etc. stored on phones. However, upon consent, a one-time access can be taken for camera, microphone, location or any other facility necessary for the purpose of on-boarding/KYC requirements.
    • Any data so collected has to be stored in India.
    • Furthermore, DLAs are required to make comprehensive privacy policy available in public domain. This privacy policy should also include the information pertaining to any third parties that are allowed to collect personal information through DLAs as well as the purpose of collection of data.
    • Compliance with basic technology standards/cybersecurity requirements would be a pre-condition to offer digital lending.

    Framework

    • Digital Lending Requirements stipulate that REs should report all lending sourced through DLAs as well as all new digital lending products extended by REs over merchant platforms involving short-term credit or deferred payments to Credit Information Companies.

    Other key take-aways:

    As noted above, RBI has approved certain recommendations that have been accepted in principle but require deliberation. These recommendations pertain to setting up of Self-Regulatory Organizations for governance of the digital lending industry. Other pertinent recommendations under consideration include discussions on prohibition of first-loan default guarantees, framing a regulatory framework for web-aggregator of loan product, ensuring measures related to data privacy and security at the end of SMS gateways before onboarding, audit of algorithms used for credit-scoring to prevent discriminatory outcomes, etc.

    Our Take:

    The FinTech and the digital lending space in India has grown rapidly in the last decade, playing a key role in allowing an alternate platform to borrowers. However, given the unprecedented growth, this sector was largely unregulated. The Digital Lending Guidelines provide much needed guidance for regulation, governance, and accountability of the players involved in the process of digital lending. The Digital Lending Guidelines adopt industry based best practices and provide for a robust framework for loan appraisal by providing adequate safeguards for ensuring consumer protection. These guidelines certainly are a step in the right direction as they strike the right balance in increasing consumer confidence while providing stability to REs, DLAs and LSPs. Implementation of recommendations that have been accepted in principle are also expected to further strengthen the regulatory framework for digital lending in the country.

    Links:
    Link to the Press Release pertaining to the Implementation of the recommendations of the Working Group on Digital Lending – https://rbidocs.rbi.org.in/rdocs/PressRelease/PDFs/PR689DL837E5F012B244F6DA1467A8DEB10F7AC.PDF

    Link to the Report of the Working Group on Digital Lending including Lending through Online Platforms and Mobile Apps as well as the – https://rbidocs.rbi.org.in/rdocs/PublicationReport/Pdfs/DIGITALLENDINGF6A90CA76A9B4B3E84AA0EBD24B307F1.PDF

    This article was first published on Saikrishna & Associates