Introduction

On December 23^rd 2020, the Reserve Bank of India (“RBI”) cautioned potential borrowers about the danger of using unauthorized digital lending platforms to address their credit needs. While the press release (here) does not specifically address any incident, it appears to be in response to the tragic loss of lives owing to the alleged illegal practices of Onion Credit Private Limited and Cred Fox Technologies Private Limited, and other digital lending platforms.

Summary of press release

The RBI has mentioned that it has received a lot of reports on digital lending platforms/mobile applications –

• charging excessive rates of interest;
• using hidden charges;
• using unacceptable and high-handed recovery methods.

The RBI has requested potential borrowers to exercise caution and be vary of the illegal and unethical activities that some digital lending platforms/mobile applications may employ. It recommends that potential borrowers –

• research the antecedents of the company/firm offering loans;
• should never share copies of KYC documents with unidentified persons, unverified digital lending platforms/mobile applications;
• should report unverified digital lending platforms/mobile applications and their bank account information associated with such digital lending platforms/mobile applications to concerned law enforcement agencies or use the Sachet portal (here) to file a complaint.

The RBI reiterates its position detailed in the June 24^th 2020 notification, mandating banks and NBFC’s that use digital lending platforms/mobile applications to ensure that such digital lending platforms/mobile applications disclose their association with concerned banks and NBFC’s.

Cause of concern

Six people with ties to Onion Credit Pvt. Ltd. and Cred Fox Technologies Pvt. Ltd. have been charged by the Cyberabad Police under Section 420 (Cheating) and 506 (Criminal Intimidation) of the Indian Penal Code. They have also been charged under Section 66 of the Information Technology Act and Section 3, 10 and 13(1) of the Telangana Money Lenders Act. They came under the Cyberabad Police’s scanner due to the unfortunate deaths of three borrowers who were subjected to harassment and blackmail.

These companies owned and operated 30 odd lending mobile applications on the Play Store, which they used to lend monies to potential borrowers.

• Once a borrower installed one of their mobile applications, the application would gain access to the borrowers contact list.
• If a borrower failed to pay back their dues, the company would harass and blackmail the borrower by calling and sending messages to the borrower’s friends and family using the contact list they had accessed.
• Apart from this, these companies would charge incredibly high interest rates, sometimes as high as 35% p.a. and would also charge the borrower with bulky hidden charges.

As of now, nine NBFC’s have been identified to have links with these companies, specifically to their mobile applications ‘Cash Mama’, ‘Loan Zone’ and ‘Dhana Dhan Loan’. They are –

• Superior Finlease Pvt. Ltd.;
• Lord Krishna Financial Services Pvt. Ltd.;
• Usha Financial Services Pvt. Ltd.;
• RNVP Technologies Pvt. Ltd. (“i2i Technologies”);
• Zavron Finance Pvt. Ltd.;
• UMB Securities Limited;
• Fair Assets Technologies India Pvt. Ltd.;
• NDX P2P Pvt. Ltd. (“Liqui Loans”);
• KRAZYBEE Services Pvt. Ltd.

All the mobile applications linked to Onion Credit Pvt. Ltd. and Cred Fox Technologies Pvt. Ltd. have been removed from the Play Store.

The Hyderabad police and their Cyberabad counterparts have collectively sent a list of over 150 mobile applications to Google, for removal from their Play Store. The names of these mobile applications are not publicly available.

Key takeaways

• Other than the mere requirement to disclose a digital lending platform’s association with an NBFC, the RBI seems to lay the burden of lender scrutiny on the borrower. This appears to us, to be a stop gap arrangement while the RBI formulates policies, processes or guidelines to regulate the digital lending sector.

• Following the RBI’s press release, the Digital Lenders Association of India (“DLAI”) amended their code of conduct. These revisions specifically addressed transparent pricing, excessively high and inscrutable late fee, and consent-based architecture for borrower data. These revisions, brought into effect almost hours after the RBI’s press release, are a sign that lending platforms are still somewhat lacking in their respect for the spirit of the Fair Practices Code issues by the RBI.

• In addition to the violation of the RBI norms, code of conduct and contractual obligations imposed by NBFCs, the recovery and collection process adopted by Onion Credit Pvt. Ltd. and Cred Fox Technologies Pvt. Ltd. raises some urgent questions about the use of personal data by fintech players in the lending sphere. In the present scenario, contact lists were weaponized to blackmail defaulting borrowers flouting multiple provisions of the Fair Practices Code prescribed by the RBI. We expect NBFCs to impose stricter norms with respect to recovery processes, and stringent obligations on the access to and use of personal data.

• We suspect the RBI will soon carry out investigations to evaluate the compliance with the outsourcing norms, the intent and spirit of the regulations and issue directions to suppress the mischief by digital lenders.

Please reach out to Mathew Chacko or Ankita Hariramani for any queries.