RBI on move - Consumer protection the foremost goal, many business model in question |Episode #36
But for those following regulations in spirit, nothing much changes.
RBI, on Wednesday, released the first set of rules on digital lending based on the working group (WG) recommendations released in a paper in November 2021. These guidelines have limited impact for lenders given that partnerships with LSPs are still in the early stages of evolution.
These guidelines will evolve over time, but I see them being a bit restrictive for existing players because there is greater focus on transparency, privacy and oversight for entities that are regulated by the RBI.
Note – In case you are a fintech founder, looking to raise funds, I might be able to help. Reach out to abhishekk.kumar@iiml.org. In case you are looking to invest in Indian Fintech, reach out. Would be happy to help.
Consumer’s interest protection takes the centerstage, as always
The new update classifies the working group’s recommendations into three categories: (1) ones accepted for immediate implementation , (2) ones accepted in-principle but requiring further examination and (3) ones for consideration of the Government of India.
The focus of these recommendations is still on protection of consumer interests, especially around transparency of loan pricing/fees, incorporating a free look-up period, avoiding over-indebtedness through assessment of repayment ability, ensuring customer consent for capture/storage of data, restricting access to mobile phone resources and incorporating policies on loan recovery mechanisms. Apart from the above, RBI has also clarified that loan disbursements can be made only into a borrower’s bank account, not into a PPI in any case.
The plight of PPI
A few recommendations of the WG are still under examination, while a few others have not been discussed in the latest update . For instance, the recommendation pertaining to prohibition of FLDG arrangements is still under examination.
There is no discussion around regulations of operations of so-called ‘digital banks’ or ‘neo banks’. RBI has also listed a few recommendations for consideration of the Government of India, like restricting DLA-based balance sheet lending to entities regulated by RBI or those registered specifically for undertaking lending business under another law. I expect that this is the first move by RBI into regulating digital lending and it is likely to be followed up by regular updates.
Following are the list of recommendations that are to be implemented immediately, along with my comments on them –
My comments are in italic, text mostly from the circular itself.
REs (registered entities) have to ensure that all loan servicing, repayment, etc shall be executed directly in their bank account without any pass-through account/ pool account of any third-party. Impact of this on non-NBFC linked BNPL and other similar player is yet to be seen, but this doesn’t look to be very restrictive in my view.
Loan disbursements to be made into bank a/c of borrower (or full KYC compliant PPI in case borrower does not have a bank a/c). This is a problematic thing, more so for the small ticket size, online BNPL players. They are known to send money directly to the merchants. One workaround could be to deposit in borrowers account with an immediate NACH mandate in favor of the merchant. How do fintechs move to becoming more than just DSAs remain to be seen now.
Fees payable to LSPs to be paid by the lenders, and not received directly from the borrower. This should be solvable within the current regulatory framework with increased yields from the borrowers and agreements between the lender and the LSPs.
All-inclusive cost of digital loans as an APR to be disclosed upfront by the REs. Much, much needed. Between Chinese shark loan apps and some of the fintechs charging 100%+ annualized interest rates, this step is need of the hour. Fintechs who are doing this, have an edge.
REs to provide a standardized Key Fact Statement (KFS) to the borrower before the execution of the contract for all digital lending products, which will include: (1) details of APR, (2) T&C of recovery mechanism, (3) cooling-off/ look-up period. This again is on lines of transparency and shouldn’t be very difficult to implement.
Prohibition on automatic increases in credit limits, except with customer's explicit consent. Nothing very prohibitive, more on lines of information and transparency.
Publication of a list of LSPs engaged by REs on their website along with details of the activities for which they have been engaged. This I believe might become problematic for some of the fintechs. More to be seen here.
Lenders to capture the economic profile of borrower (age, occupation, income, etc.) and assess his creditworthiness in an auditable way. Again, good for consumers. This might limit the speed of growth at times, will benefit both the parties in the longer run.
Cooling off/ look-up period of certain days for all digitally obtained loans. Borrower can exit within this period by paying the principal and proportionate APR without any penalty. Prepayment shall continue to be allowed even after the end of the cooling off/ look-up period. This is with a view to limit the monstrous processing fees charged by some players, in addition to interest rates. Bringing everything under APR is a step in the right direction. And then, there can be penalties post this fees.
REs must conduct enhanced due diligence process before entering into a partnership with an LSP for digital lending. REs to ensure that LSPs do not store personal information of borrowers except for some basic minimal data required to carry out operations. Responsibility regarding data privacy and security of the customer's personal information will be of the RE. This, I believe, is to reign in scrupulous fintechs that have sprung up in dozens and more and are using existing NBFCs to provide loans at abnormally high rates. Have been hearing heartbreaking stories of loans at eye-popping rates by some digital players. This should put a lid to the same.
REs to guide recovery agent LSPs to discharge duties responsibly. Standardized code of conduct for recovery is envisaged to be framed by the proposed SRO. A big, big area. More needs to be done on recovery methods, but it’s a start.
There are other recommendations which are to be implemented immediately, on data and tech front. All data to be stored in Indian servers. Also, any collection of data by DLAs should be need-based and with prior explicit consent of the borrower. DLAs should desist from accessing mobile phone resources such as file and media, contact list, call logs, telephony functions, etc. This is interesting and have far reaching consequences, including for those doing things the right way. Should desist and shouldn’t are two different things and more clarity is needed here.
One-time access can be taken for camera, microphone, location or any other facility necessary for the purpose of on-boarding/ KYC requirements only. Borrower should have an option to deny consent for use of specific data and ability to revoke consent already granted and, if required, make the app delete/ forget the data. Clear policy guidelines to be framed regarding the type of data that can be held, the length of time, restrictions on use of data, data destruction protocols, etc.
Also, no biometric data should be stored/ collected in the systems associated with the DLA of REs/ their LSPs, unless allowed under extant guidelines.
Another important change is reporting of all loans to credit bureaus have been made mandatory, irrespective of tenures.
Overall, it does feel a bit restrictive and will put a brake to the digital lending aspirations of many fintechs, if one has been abiding by all rules, this doesn’t really change much!
Following are the list of recommendations which has been accepted in principle, but requires further examinations -
Each access/ enquiry of credit information by any RE or LSP from CICs shall be conveyed to the borrower through email/ SMS.
REs to ensure that the algorithm used for underwriting is based on extensive, accurate and diverse data to rule out any prejudices. Further algorithm should be auditable to point out minimum underwriting standards and potential discrimination factors used in determining credit availability and pricing. This could be a bone of contention among many and I believe, all new age fintechs. Most new age fintechs are very protective about their credit scoring algorithms for obvious reasons. Expect to see changes here. The recommendations also talks about adopting ethical AI. I am not sure about its implications though.
What is also interesting is that the FLDG is still under examination with the RBI. RBI has thrown the securitization word here and it opens up interesting possibilities, including AIF based FLDGs. Need to watch this space.
There is also a nudge to have a Self Regulatory Organization within the fintechs, covering REs and DLAs/LSPs in the digital lending ecosystem to be set up which will take up recovery, LSP agreement, advertising and marketing standards, training and accreditation of recovery agents, maintaining 'negative list' of LSPs.
List of recommendations that are yet to be addressed –
Mandatory response to consumer with clear reasons for decline of credit application
Disclosure of Brokered loans/ DLA/ lead generator’s commission (e.g., yield spread premium) to the borrower
Designing of more sachetised/ simplified products by the DLAs catering to low creditpenetrated markets
Imposing restriction on flipping where highcost loans are subjected to refinances
Indication of the formally disputed repayments in the credit report along with the disputed amount vis-à-vis default or repaid amount.
Reasonable free access to the borrower for own data from CICs
Development of a separate framework styled as Agency Financial Service Regulation for all customer-facing/ fully outsourced distribution activities of REs including that by the LSPs
A blueprint of a forward-looking framework for identifying and managing risks arising from BigTech/ DeFi
Regulations for the operations of so-called ‘digital banks’/ ‘neo banks’ formulation. Encouragement for ‘digital only’ NBFCs and initiation of digital only banks.
Restriction on fixed sum/ non-installment unsecured STCCs with very short contractual maturity
Uniform and principle-based approach for determining indebtedness/ debt serviceability of individuals/ household
Any fee should not be included as outstanding principal for compounding purpose. Any fee included in calculation of APR will have to be reasonable and meant to cover costs closely related to the reason for the fee.
Interest amount must be charged in arrears and never charged/ debited in advance.. The interest calculation should be on actual days basis.
The benefit of interest reduction on the principal on account of pre-payments should be given from
No prepayment penal rate of interest should be levied for STCCs for full or proportionate closure except a nominal administrative fee, if at all. For non-STCCs, if there must be a pre-payment penalty clause, the APR will have to be demonstrably lower than that without a prepayment penalty clause.
So, what lies ahead for Indian fintechs?
I would reserve my opinion till RBI clarifies on the FLDG issue. However, on the face of it, The Reserve Bank of India has mandated that disbursal of loans and collection of repayments must be executed only between borrowers and entities regulated by the banking regulator and no third party can be involved in this process. This creates a lot of problems for all fintechs and monetization avenues seem to be drying up.
There are certain fintechs, such as those in offline BNPL and B2B solutions, which I believe will continue to go strong. Direct to consumer, online, seems to be weathering a tirade of storm.
There’s more to come here. Time to wait and watch.
Some recent happenings in the fintech industry
Fintech startup Jodo has secured $15 Mn in its series A funding led by Tiger Global. Existing investors – Elevation Capital and Matrix Partners India also participated in the round.
IPO-bound digital payment solutions provider MobiKwik has raised debt of Rs 35 crore from Blacksoil Capital. The Gurugram-based firm raised the debt fund after more than 12 months of filing its Draft Red Herring Prospectus (DRHP) with SEBI.
That’s all from my side today. Do reach out for any comments, discussions and more.