Recently, innovative methods of designing and delivery of credit products and their servicing through Digital Lending route have acquired prominence. However there were concerns related to unbridled engagement of third parties, mis-selling, breach of data privacy, unfair business conduct, charging of exorbitant interest rates, and unethical recovery practices.
In a pro-consumer move, Reserve Bank of India has issued detailed guidelines applicable to all regulated entities like Banks, NBFCs and Fintech companies. It will be applicable to the ‘existing customers availing fresh loans’ and to ‘new customers getting onboarded’, with immediate effect. However, in order to ensure a smooth transition, companies shall be given time till November 30, 2022, to put in place adequate systems and processes to ensure that ‘existing digital loans’ (sanctioned as on the date of the circular) are also in compliance with new guidelines. Below are the key highlights:
Loan Disbursal, Servicing and Repayment
Regulated Entities shall ensure that all loan servicing, repayment, etc., shall be executed by the borrower directly in the RE’s bank account without any pass-through account/ pool account of any third party. The disbursements shall always be made into the bank account of the borrower except for disbursals covered exclusively under statutory or regulatory mandate (of RBI or of any other regulator), flow of money between REs for co-lending transactions and disbursals for specific end use, provided the loan is disbursed directly into the bank account of the end-beneficiary. Regulated Entities shall ensure that in no case, disbursal is made to a third-party account, including the accounts of LSPs and their DLAs, except as provided for in these guidelines.
Key Fact Statement
REs shall provide a Key Fact Statement (KFS) to the borrower before the execution of the contract in a standardized format for all digital lending products. The KFS shall, apart from other necessary information, contain the details of APR, the recovery mechanism, details of grievance redressal officer designated specifically to deal with digital lending/ FinTech related matter and the cooling-off/ look-up period. Any fees, charges, etc., which are not mentioned in the KFS cannot be charged by the REs to the borrower at any stage during the term of the loan.
Collection of fees, charges, etc.
Regulated Entitiesshall ensure that any fees, charges, etc., payable to LSPs are paid directly by them (REs) and are not charged by LSP to the borrower directly.
For example CRED used to collect its charges for faicilitating loads directly from consumers. Now the lending partner will have to collect the same and they pay it to CRED.
Digitally signed documents
REs shall ensure that digitally signed documents (on the letter head of the RE) viz., KFS, summary of loan product, sanction letter, terms and conditions, account statements, privacy policies of the LSPs/DLAs with respect to borrowers data, etc. shall automatically flow to the borrowers on their registered and verified email/ SMS upon execution of the loan contract/ transactions.
Assessing the borrower’s creditworthiness
REs shall capture the economic profile of the borrowers covering (age, occupation, income, etc.), before extending any loan over their own DLAs and/or through LSPs engaged by them, with a view to assessing the borrower’s creditworthiness in an auditable way. REs shall ensure that there is no automatic increase in credit limit unless explicit consent of borrower is taken on record for each such increase.
Cooling off/look-up period
A borrower shall be given an explicit option to exit digital loan by paying the principal and the proportionate APR without any penalty during this period. The cooling off period shall be determined by the Board of the RE. The period so determined shall not be less than three days for loans having tenor of seven days or more and one day for loans having tenor of less than seven days. For borrowers continuing with the loan even after look-up period, pre-payment shall continue to be allowed as per extant RBI guidelines
Collection, usage and sharing of data with third parties
REs shall ensure that any collection of data by their DLAs and DLAs of their LSPs is need-based and with prior and explicit consent of the borrower having audit trail. In any case, REs shall also ensure that DLAs desist from accessing mobile phone resources like file and media, contact list, call logs, telephony functions, etc. A one-time access can be taken for camera, microphone, location or any other facility necessary for the purpose of on-boarding/ KYC requirements only, with the explicit consent of the borrower. The borrower shall be provided with an option to give or deny consent for use of specific data, restrict disclosure to third parties, data retention, revoke consent already granted to collect personal data and if required, make the app delete/ forget the data.
Reporting to Credit Information Companies
As per the provisions of the Credit Information Companies (CIC) (Regulation) Act, 2005; CIC Rules, 2006; CIC Regulations, 2006 and related guidelines issued by RBI from time to time, REs shall ensure that any lending done through their DLAs and/or DLAs of LSPs is reported to CICs irrespective of its nature/ tenor.
Nodal grievance redressal officer
REs shall ensure that they and the LSPs engaged by them shall have a suitable nodal grievance redressal officer to deal with FinTech/ digital lending related complaints/ issues raised by the borrowers. Such grievance redressal officer shall also deal with complaints against their respective DLAs. Contact details of grievance redressal officers shall be prominently displayed on the websites of the RE, its LSPs and on DLAs and also in the KFS provided to the borrower. Further, the facility of lodging complaint shall also be made available on the DLA and on the website as stated above. It is reiterated that responsibility of grievance redressal shall continue to remain with the RE. If any complaint lodged by the borrower against RE or the LSP engaged by the RE is not resolved by the RE within the stipulated period (currently 30 days), he/she can lodge a complaint over the Complaint Management System (CMS) portal under the Reserve Bank-Integrated Ombudsman Scheme (RB-IOS). For entities currently not covered under RB-IOS, complaint may be lodged as per the grievance redressal mechanism prescribed by the Reserve Bank.