The Reserve Bank of India (RBI) has set the deadline for lenders to implement its digital lending norms on Nov 30, 2022, aimed at protecting borrowers from unscrupulous lending practices.
The rules come after several Chinese loan apps were allegedly found to have bombarded consumers with a barrage of “spam” messages upon failing to repay the amount. Some apps even threatened to expose users’ private photos stored on their phones.
RBI seeks to end these abuses and restore consumers’ confidence in digital lending through the new guidelines.
RBI said the rules would apply to all banking and non-banking financial institutions while dealing with their customers, both existing and new consumers being on-boarded by them.
The lenders, it said, must also ensure the rules are being followed while outsourcing any banking activity to their partners.
Anil Pinapala, CEO and founder, Vivifi Finance, a Telangana based NBFC company, said in a statement, “We welcome this move of the new digital lending norms by the RBI. At the core of RBI’s focus with these guidelines is the customer (or borrower). The guidelines ensure transparency in disclosures so that the customers fully understand all the information/data that is being accessed by the lending entities putting them in control of their own data while ensuring the companies follow all the data privacy guidelines."
Vaibhav Lodha, co-founder, ftcash, a Mumbai based loan company, said in a statement, "These guidelines do adversely impact certain fintech players but builds a path for greater trust of customers in the long run. Temporarily it will increase the cost of compliances but it will weed out malafied players and allows fintechs to help build resilient business models. While some players may have to fundamentally change their operations, we gather from the industry leaders that they were geared up to make the required corrections to ensure complete compliance before the looming deadline."
Nageen Kommu, founder and CEO, Digitap, a tech company providing AI-driven solutions for the banking industry, said in a statement, "We welcome RBI’s digital lending norms, which have come at a right time, considering the mounting concerns related to credit delivery through digital lending methods. There have been some explicit and necessary clarifications made in the norms, in interest of protecting customers especially on data privacy front."
Other Consumer Benefits
Besides the above guidelines, RBI has made the following changes to ensure consumer confidence in the digital lending ecosystem.
Loan Terms’ Understanding Document (KFS)
● RBI said every registered entity must provide a key fact statement (KFS) to the borrower "before the execution of the contract." Furthermore, the KFS must be in a standardised format for all digital lending products.
● KFS will have all necessary loan information like the loan's annual percentage rate (APR), recovery mechanism, and contact details of the grievance redressal officer tasked with handling digital lending, fintech-related matters, cooling-off, look-up period, etc.
● There cannot be any separate charges if not mentioned in the KFS document at any stage of the loan.
● The KFS information shall be sent to the borrowers on their verified email address or through SMS on the successful execution of the loan contract or transaction.
● During the sign-up or the onboarding stage, information linked to product features, loan limit, cost, etc., must be informed to the borrowers.
Consumer's Data
● No digital lending application shall access the consumer's mobile resources like files, media, contact lists, and call logs. However, with their consent, they can take one-time access to the camera, microphone, location, or any other feature for onboarding or KYC requirements.
● RBI also said the borrower should have the option to toggle the permission given or denied for user-specific data. The borrower can also restrict disclosures to third parties and data retention and may revoke the consent already granted to collect personal data. The RBI also said the purpose of obtaining borrowers' consent must be disclosed at each interface stage with the borrowers.
● Apart from the consent of collecting personal data by the loan app, the RBI also said explicit consent has to be obtained from the borrower for sharing data with third-party companies unless it is a requirement under any statutory or regulatory law.