The Reserve Bank of India has issued a warning against lending platforms as illegitimate lending apps, and recovery harassment is surging. The issue of suicide cases linked with loan collections is also rising. These unauthorized lenders are operating and offering unsecured loans. Since they have no collateral with huge sums of money at stake, they use threats and even call up contacts to retrieve the dues.
It is the second step by the RBI in the last six months involving app-based lenders. On 24 June, it had asked banks and non-bank financiers whether they lend via their digital platforms or an outsourced entity, they must adhere to fair practices. The idea is to cautioning these firms to bring some discipline in the unregulated as well.
While referring to reports on small businesses and individuals being harassed by these unauthorized digital lending platforms, the RBI stated (1) that these platforms have excessive interest rates and additional hidden charges. They are even adopting unacceptable recovery methods while misusing agreements to access data on the borrowers’ phones.
It highlighted that only banks, NBFCs, and other firms regulated by authorities under statutory provisions are permitted for lending operations. It has also mandated to disclose the partner banks and NBFCs upfront to all borrowers for digital lending platforms. The central bank has also directed consumers to verify these BFCs as public awareness measures and asked them to register any complaints via the official portal (2).
Such loan harassment by lending apps has led to several deaths in recent months. One such victim is Abhishek Makwana, a writer of the popular Hindi sitcom ‘Taarak Mehta Ka Ooltah Chashma.’ He died by suicide on 27 November. There are also allegations that these loan agents invade the consumers’ private lives, turning to shame and even threatening borrowers to hasten recovery. Some firms even sent fake legal notices to scare them into paying back the money even under duress (3).
In November 2019, such aggressive recovery methods also led to Amol Francis Vaity, Dahisar to death. The 40-year-old had committed suicide, citing constant harassment from recovery agents. He also pleaded that his family should not be held responsible for his loan (4).
If any lending startup is going for harassment and abuses the defaulter and his family members, it is not a recovery but illegal means for extortion. It is especially true if they are prying on a consumer’s right to privacy and liberty.
India’s government is set to pass a Personal Data Protection Bill to prevent unethical practices, including a contact list of borrowers without consent for messaging and calling in case of defaults. In that case, such loan recovery tactics won’t be around for much longer.
Defaulters’ Private Life Invasion and Harassments
A 29-year-old Sunil from Rajendranagar, Hyderabad, lost his job during the lockdown and became a father in July. On 17 December, he died by suicide. The police state that he could not pay a loan taken from a digital lending application to meet two ends and was facing harassment in the form of WhatsApp texts, threatening calls, and calls to his family and friends to shame him.
In the previous week, two more such incidents were notified from Telangana. Eddu Sravan Yadav is a 23-year-old farmer from Medak district who committed suicide after being unable to repay a digital loan. In the other incident, Krini Mounia, a 28-year-old government employee from Siddipet town, committed suicide since she couldn’t repay another lending app.
In the last two months, several states throughout India have reported suicide cases among those who couldn’t repay loans via digital lenders. At least five suicides were allegedly due to harsh loan recovery tactics employed by these applications.
In early November, a resident of Vishakapatnam, Andhra Pradesh, looking for a job after an MBA, committed suicide at her home. According to the reports (5), she had borrowed 25,000 from a money lending app and had faced online harassment days before her suicide.
A Chennai advocate looking into the issue told a story of a woman who borrowed money about two months ago; these apps don’t ask for any approval. Still, they ask for an application form and ask permission to access contacts at the installation time. They double the interest rate after every seven days, and if a person fails to repay, they send messages to the first ten names in their contact list.
He added that the messages sent to friends and family in this particular case stated that she is a fraud and asked people not to believe her since she failed to repay the loan. So far, she has paid up about one lakh INR with her peers’ help only because of these threats. She still has a considerable amount of loan remaining, and there seems to be no end. There are high chances that even in the future, they will use her data to threaten her.
These apps’ main target are women, says Pravin Kalaiselvam, the Chairman of SaveThem India Foundation, a non-profit organization for cybercrime prevention (6). He added that these apps are involved in data breaches, and they use users’ data to threaten them. These apps gain full access to users’ phone upon installation. In one case, they even took a picture of a man’s wife from his phone gallery and morphed her picture into porn material, and threatened to leak it on the internet.
A consumer collective on digital payments from Cashless Consumer (7), Srikant, stated that these apps exploit the defaulter’s digital and legal illiteracy. It is beyond digital shaming when these apps send defaulters a fake legal notice. They use some fancy words with no name or date and make users with low legal literacy believe that it’s a legal notice and try to repay. It is, in a way, extortion.
According to several observers, defaulters are often led to other digital lending platforms by these apps. It has become an ecosystem. A firm would have over twenty applications, and if a person takes a loan from one app, they would share your data with the remaining apps and push you to take more loans. It is despite if one is unable to repay the initial loan.
They make users take a loan from another application to repay the first lender. It then turns into a debt trap. And their interest rates are also extremely high. One person borrowed 7,000 INR, and after a delay of 92 days, he had to repay 32,000 INR.
There was another case of Sunil, who is a techie from Hyderabad. The police found that he had taken loans from more than 35 digital lending platforms with a total sum of two lakh INR. They also found that software tools used by all of these apps are sourced from a foreign country.
Observers who have worked with digital shaming of these lending platforms’ victim state that in most cases, local police refuse to register FIRs when defaulters complain about any harassment. They say that it’s a small amount, so repay it and not accept the harassment complaints. However, these low rung police officers do not look into how such harassment is enabled via a data breach (8).
Limited Law Enforcement Scope
It is worth highlighting that not all digital money lenders available on Google Play Store are NBFCs, Non-banking Financial Companies with ties to banks regulated by the RBI. If not all app, several of them are unregulated. Telangana Police have identified more than 60 apps on the Play Store alone and have promised to take strict action on the app owners.
However, law enforcement agencies’ scope is limited according to people researching digital payments and trying to get these apps banned. Therefore, the solution is with RBI to bring these platforms under its mandate.
Pravin Kalaiselvan has approached the Indian Supreme Court to get such apps banned in India. He stated that people are stressed, and these online lending apps are destroying their self-respect. He gathered all suicide data and submitted it to the apex court after first approaching the RBI.
He added that the RBI had asked him to contact its DNBS, Department of Non-banking Supervision. They told him that such digital lending apps are not under their ambit and only apps that are linked with banks come under their purview.
In June, the RBI came out with a notification with guidelines for digital lenders linked NBFCs (9). However, they don’t apply to apps that are not registered that way. According to section 45-1A of the RBI Act 1934 (10), any NBFCs need proper registration to operate. It means that the law does not mandate the RBI to take action.
Srikant from Cashless Collective had analyzed more than ten digital lending applications and found that most of these apps are not even run by any companies. They were all Chinese apps and were illegal. And the scale at which it is done is alarming. He also urged the RBI to take the issue seriously.
Apart from the apex court case, a lawyer based in Hydrabad has also filed a petition to Telangana High Court regarding a ban on these digital lending apps. At the same time, the supreme court has sought time to examine the matter.
According to Srikanth, NBFCs are not stopping the RBI from regulating these platforms, but it is a political will. The RBI has long been hesitant to regulate chit funds. They were brought under its mandate when a big scam such as the Sharada chit fund came into the light. He added that the union finance minister should ask the RBI to seek the matter.
On 24 November, a 23-year-old IT professional from Chennai, Tamilnadu, committed suicide after facing digital harassment from such an app. Following the case, Dr. Senthilkumar, a Tamil Nadu parliament member, wrote to the Union Finance Minister Nirmala Sitaram to ban digital lending applications (11).
However, passing a law to ban such apps is far too extreme since it is difficult to enforce a total ban on these platforms. Because banning them doesn’t necessarily mean that it is impossible to use them. Moreover, overall investment in the sector would reduce, and people will operate at a lower scale.
According to Srikanth, RBI should instead issue a few notifications as they did with cryptocurrency. While there is no ban on the crypto sector, several crypto startups and investments dwindled after RBI’s notifications. Pravin also hoped that the RBI and the Union Government would pay more attention to the surging suicide instances among digital loan defaulters.
India is one of the highest download rate country across the globe of such digital lending apps. As long as these platforms have access to people’s contacts, it will not end, and they could continue to threaten defaulters. People are dying out of fear, and an individual can’t tackle it.
Several researchers have warned that when users install such apps, they collect contact details and track users’ calls and see who is most contacted. Some of these platforms are alleged to embed tracking software inside their apps to monitor users’ spending activity and GPS locations. They often use these data to check their creditworthiness.
In the absence of the RBI action, several Twitter users anticipate getting these removed from Google Play Store. Some of these apps, especially payday providers, are available on the Play Store despite their developer content policy (12), barring firms that offer only short term personal loans that need full payment in 60 days or less from the issue.
These apps ask permission to access everything from contacts to the microphone, and then they utilize the data for loan recovery. And it also means that they get unauthorized access to several sensitive data that might be misused.
“Organisations and people who build these apps will have to ensure very stringent control around what they are using this data for. When they are taking consent from users to collect data, they might even begin disclosing the objective for collecting that data.”
– Jaspreet Singh, partner-cyber security at EY (13).
While such apps may require access to messages for evaluating their potential borrowers’ credit application or loan eligibility, the credit and debit SMSes can offer them a lot of information. However, several apps, in general, not only lending apps, ask for too many permissions. And we
don’t see the necessity for access to the contact list.
Time to Take Data Privacy Concerns Seriously
While these lenders are expanding credit access, most of them are operating outside the regulation of any financial sector authorities, which has resulted in the emergence of some key consumer protection concerns.
Manu things users are not even aware that who has lent them the money. And the problem is that users don’t have proper grievance redressal avenues. Lending from third-party apps and websites offers a perfect setup for acting with an exemption.
Indian regulators and slow and most of the time do not help. They are more likely to address these issues via policy changes rather than addressing individual complaints.
It is in our human nature to skip past the terms and conditions since they are too long, complex, and most of the time since we are in a rush. Hence consumers need to be more aware of the terms they agree to with some of these loan products.
Since these platforms are not under any regulatory supervision, they do with our information at the lender’s discretion. It is often the case that users are not mindful that they permit to sweep away their privacy rights. These instances raise another concern regarding the adequacy of our existing regulations and laws and their capacity to address such risks to consumer welfare.
“The government is aware of the fact that many applications seek unnecessary permission to have access to data, which is not related to it. The data protection law may include all such issues. The Srikrishna committee is working on a data protection framework, and it is likely to submit its report by the end of this year.”
– the Ministry of Electronics and Information Technology, MeitY (13).
India is currently witnessing a fast-growing digital footprint, and it doesn’t address these issues, it could lead to something major. However, experts agree that India will soon draft rules to curtail user data privacy concerns (14).
India should set severe punishment if app developers are found misusing their users’ data. And they should also get severe punishments if they are found to sell unauthorized data to third parties, and it was not used for its intended purposes (15).
As a long-term solution and to further enhance our consumer protection framework, India needs to pass a robust data protection law. It must address the risks present in the financial services sector (16), including the right to share digital services on the back of technological advancements that make financial products such as lending only a click of ‘terms and conditions’ away.
Fintech apps are witnessing a rapid rise in India largely because of the cheap data and a surge in smartphone penetration (17). Moreover, they offer simple, fast, and accessible solutions, but we should not omit the data privacy risks that come with them.
India needs a collaborative action to ensure that digital financial services should maintain trust between borrowers and lenders. Taking such aggressive tactics for loan recovery and failing to keep their information safe puts that trust at risk. We caution our readers not to fall prey to such unscrupulous activities and verify these digital lending apps’ antecedents.
Moreover, one should never share copies of their KYC (18) documents to unidentified people, unverified and unauthorized apps, and report such platforms to concerned authorities or use the sachet portal to file a complaint (19).
Indian smartphone users have become a lucrative target for these lending apps, and with the COVID-19 pandemic, several borrowers are hit hard, and it has weakened repaying capabilities.
These individuals and small businesses fall prey to these unauthorized digital lending apps under promises of quick and hassle-free loans. These platforms are now adopting unacceptable and high-handed recovery methods and misusing agreements to access borrowers’ data (20).
While digital loan delivery is a welcome step since it helps people in need to get quicker and wider access to credit, but in a rush to get a convenient and quick loan, make sure to remember that loan is offered under a contract. One must understand the terms and conditions, various charges, and interest rate calculations before signing up for the loan. It is because even though it is digital, you still agree to their terms and conditions. And yes, don’t borrow what you can’t repay.