In today's Finshots, we review all the latest developments surrounding the purge of unlicensed online lending platforms.


Business

The Story

On November 25th, Indian Express reported on a rather sobering story about Aravind — an IT professional from Andhra Pradesh. The article noted 

Aravind had taken a loan from money-lending app Rupee Bazaar, but he could not return the sum within the allotted time. What happened next was full-scale cyber-bullying by the otherwise soft-spoken lenders, allege the friends and family of Aravind. “As part of the formality to obtain a loan, Aravind had given the app access to all the contacts in his phone,” says a friend.

When Aravind could not return the money, the lenders allegedly started calling random numbers in his contacts list and harassing them. At times, they intimidated and used derogatory words on Aravind and his contacts, alleges the friend. Express has accessed screenshots from his phone that show how the company had created multiple WhatsApp groups with the title “Aravind is a fraud” and put up his pictures in it to pressure him to return the money.

Unfortunately, Aravind hung himself soon after.

Now bear in mind, most of these lending platforms are working outside the purview of the regulator — thus rendering them illegal. But what about the legal entities? Who’s regulating them?

Well, in most cases, you can’t be a legal money lending platform unless you’re working in conjunction with a bank or an NBFC. And the RBI has mandated all digital lending platforms to disclose the name of these banks and NBFCs upfront to the customers. And by virtue of this association, the digital platforms are bound by the same rules imposed on these regulated financial institutions. These rules meanwhile are laid out in the RBI’s Fair Practice Code. And while banks and NBFCs have the freedom to develop and enhance the scope of the document, they aren't supposed to impinge on the spirit of the guidelines. So yeah, the code holds and there are two key pointers within the document specifically addressing the loan recovery part.

As the document notes 

  1. Lenders should restrain from interference in the affairs of the borrowers except for what is provided in the terms and conditions of the loan sanction documents
  2. In the matter of recovery of loans, the lenders should not resort to undue harassment viz. persistently bothering the borrowers at odd hours, use of muscle power for recovery of loans, etc.

So clearly, there’s adequate protection in the code. Unfortunately, enforcement is still a problem. The RBI hasn’t cracked down rigorously on the nefarious practice. Instead, they’ve largely relied on awareness programs. In fact, one of their recent press release on the matter states this —

Members of public are hereby cautioned not to fall prey to such unscrupulous activities and verify the antecedents of the company offering loans online or through mobile apps. Moreover, consumers should never share copies of KYC documents with unidentified persons, unverified/unauthorised Apps and should report such Apps/Bank Account information associated with the Apps to concerned law enforcement agencies

But this isn’t helping obviously. Desperate people looking for cash won’t be searching the web about the antecedents of digital lending platforms. They need money, not a knowledge session. So it becomes incumbent on the regulator to proactively take matters in its own hands. They need to find these people and purge them. Granted, it’s easier said than done, but RBI can still make a lot of progress. And finally, after a steady spate of suicides and hundreds of complaints, the regulator announced on Wednesday that they are setting up a working group (WG) on digital lending, who will ultimately go on to suggest specific regulatory measures in the realm of digital lending, among other things. Maybe then, they will actively start cracking down on these unlicensed operators.

In the meantime, however, Google is doing some pruning of its own. In a blog post from Friday, the company said it was actively reviewing hundreds of personal loan apps on Play Store and added — “To protect user privacy, developers must only request permissions that are necessary to implement current features or services. They should not use permissions that give access to user or device data for undisclosed, unimplemented, or disallowed features or purposes. Developers must also only use data for purposes that the user has consented to, and if they later want to use the data for other purposes, they must obtain user permission for the additional uses.”

And that means if a personal loan app starts using your contact list to harass you, Google will likely boot them out.

Until then…

Share this Finshots on WhatsApp, Twitter, or LinkedIn.