Digital lending guideline

The Pattern #23 Digital lending guidelines: Has the RBI set in place a pecking order?

Mayank Jain   /    Head - Marketing and Content    /    2022-08-19


Table of contents

    What’s a good regulation? On the face of it, an oxymoron!

    But here’s the thing. I believe in regulations. In fact, I champion them. I would want to live in houses that follow building codes and zoning laws. I prefer to dine at restaurants that comply with food safety standards. I drive my car in the trust that the government ensures automakers meet manufacturing standards. What’s common to these regulations is that they preserve my rights as a consumer. The latest regulations by the RBI on digital lending are no different. 

    One thing you cannot miss after reading the document is the emphasis on consumer protection. Broadly, RBI has aimed to address concerns relating to unbridled engagement of third-parties, mis-selling, breach of data privacy, unfair business conduct, exorbitant interest rates, and unethical recovery practices. If nothing else, one must yield to at least the spirit of the document. 

    Now coming to the letter of the law (read as guideline), RBI has a clear message when it comes to business practices, both for Regulated Entities (REs) and Loan Service Providers (LSPs) — those engaged by REs to extend various credit products and services. Here are a few highlights. 

    • First and foremost, lending can now happen via bank accounts only. This does not come as a complete surprise, because we are all aware of the central bank’s distaste for quasi-bank accounts — which is why, not long ago, it prohibited PPI issuers from entering the credit segment.

    • LSPs cannot charge borrowers for credit intermediation. Essentially, fintechs can strike deals only with the lending partner. This could shake up certain partner arrangements. 

    • Additionally, the all-inclusive cost of digital loans in the form of Annual Percentage Rate (APR)is required to be disclosed to the borrowers. Also, all information pertaining to the credit products such as  features, loan limit and cost are to be prominently displayed while onboarding. Let’s just say, the era of a little disguised, a little mistaken approach is over.

    • REs must ensure that the LSPs they partner with have a nodal grievance redressal officer to deal with complaints / issues raised by the borrowers, and also have shoulder the ultimate responsibility of remedy within 30 days. 

    • Consent is a defining feature of the guideline — whether it is to increase credit limit or to procure personal data, securing explicit consent is non-negotiable. This was long due, especially since the data privacy law hasn’t yet seen the light of the day. 

    • A standardised code of conduct for loan recovery will soon be here. Anyway, a fundamental shift in the outlook towards debt recovery is underway, and this would help accelerate the shift. We have been championing this shift for a while now. My colleague Aparna delved into the matter in this piece on how to combine AI and human intelligence for driving collections efficiency

    • On the technology side, RBI has emphasised privacy policy standardisation, and has imposed restrictions on data procurement. It advocates a need-based approach and requires LSAs to desist from accessing mobile phone resources such as file and media, contact list, call logs, telephony functions, etc. A one-time access for camera, microphone, location or any other such facility is permissible  for the purpose of on-boarding/ KYC requirements based on explicit consent of the borrower.

    • Finally, icing on the cake — BNPL is a credit product by all means, and RBI has mandated that all types of loans irrespective of tenor or size be reported to credit bureaus. This would help pay later users build credit history and at the same time incentivise users to pay up. 

    The sum and substance — RBI is weaving in principles of consent, transparency, accountability, and integrity into the fintech fiber. In doing so, it leaves room for only two new kinds of players to emerge in the market:

    • Tech providers who are in the business of selling or enabling infrastructure — the ones that fund the war by building for other fintechs and helping banks fight back. It’s the US’ strategy to WWII - clear victors in the game. 

    • Fintechs with the muscle to become NBFCs themselves in the long run. I say this, because the RBI seems to want the ubiquitous presence of a regulated entity throughout lending operations. After all, no regulator would want new-age entities fogging their vision. 

    As the industry awaits further directions and clarity from the RBI on key issues such as the specifics of audit trailing, consent framework for data sharing and even thorny issues such as FLDG - it’s clear that the regulator is setting the house in order. The order, coincidentally or not, happens to be the pecking order of licensed financial institutions and everyone else. 


    This is all from me for this week. Do share your own thoughts with me. Meanwhile, let me share my reading recommendations for the week.

    Thank you for reading. If you liked this edition, forward it to your friends, peers, and colleagues. You can also connect with me on Twitter here and follow FinBox on LinkedIn to never miss any of our updates. 




    Table of contents