Only entities regulated by RBI or other bodies permitted by law can carry out digital lending, says RBI
Mumbai, NFAPost: The Reserve Bank of India (RBI) has released its guidelines for digital lending, listing companies allowed in the business, the rules for loans and data collection, and how fee is charged.
Digital lenders are of three kinds: those regulated by the RBI; those authorised as per other statutory/regulatory provisions but not regulated by RBI; and entities lending outside the purview of any statutory/ regulatory provisions.
The guidelines are directed at the first category, essentially entities regulated by the central bank and the lending service providers (LSPs) engaged by them.
“As regards entities falling in the second category, the respective regulator/ controlling authority may consider formulating or enacting appropriate rules/regulations on digital lending based on the recommendations of the working group of digital lenders,” the RBI said.
“For the entities in the third category, the working group has suggested specific legislative and institutional interventions for consideration by the Central Government to curb the illegitimate lending activity being carried out by such entities,” it said.
Regulated entities must disburse loans and take repayments between the bank accounts of the borrower and the regulated entity without any pass-through/ pool account of the LSP or any third party.
Fees to LSPs in the credit intermediation process has to be paid directly by the regulated entity, and not by the borrower. The all-inclusive cost of digital loans in the form of an annual percentage rate (APR) must be disclosed to borrowers. The central bank has said that there cannot be an automatic increase in the credit limit without explicit consent of the borrower.
Data collected by digital lending apps (DLAs) has to be need-based, with clear audit trails and done with the prior explicit consent of the borrower.
Apps have to provide an option to borrowers to accept or deny consent for use of specific data, including the option to revoke previously granted consent, besides the option to delete the data collected from borrowers by the DLAs/ LSPs.
The central bank has also mandated that any lending sourced through DLAs have to be reported to Credit Information Companies (CICs) by regulated entities irrespective of its nature or tenor. “All new digital lending products extended by regulated entities over merchant platforms involving short-term credit or deferred payments are required to be reported to CICs by the regulated entities”, the RBI said.
This is particularly important given a number of buy now pay later players were not reporting the loans they were offering to CICs.
