India’s digital lending industry, which is expected to grow in worth to USD1.3 trillion by the end of the decade, has been subject to a clampdown by the central bank. The Reserve Bank of India (RBI) tightened its rules on digital lending following complaints about consumers being lured into debt traps through quick loans. The digital lending guidelines issued by the RBI are consumer-centric and aimed at protecting digital borrowers from unethical business practices when it comes to loan recovery by some of the digital lending apps.

The guidelines prescribe that uniform terms and conditions should be disclosed by all digital lenders. Customers should be allowed to exit the lending arrangement within a specified timeframe. Hidden charges are prohibited, and customer complaints will be addressed by the appointment of a nodal officer. The guidelines also introduced data minimisation norms aimed at boosting customer confidence and trust in digital lending platforms.

RBI Governor Shaktikanta Das said the guidelines were intended to balance customer protection and business behaviour while supporting innovation. Innovation is welcome but it should enhance the efficiency and resilience of the financial system while benefitting consumers, said Das.

India’s constitution protects the right to privacy as a basic human right. This is exemplified in the RBI’s digital lending guidelines, which state that regulated entities – namely banks and non-banking finance companies (NBFCs) – cannot store borrowers’ data, with the exception of basic minimal information.

A New Delhi-based white-collar crime lawyer commenting on the central bank’s proactiveness told India Business Law Journal that the RBI had ensured the protection of sensitive personal data even before warranted to do so under Indian law. The country has yet to finalise its Personal Data Protection Bill.

Considering how fintech companies tend to hoard and leverage customer data, borrowers should be able to withdraw their consent at any point in time, the lawyer said. The guidelines are aimed at cleaning up the fintech ecosystem, which has earned a bad name lately, and the regulations will help focus on the customer and protect personal data, and address grievances.

Given the mushrooming of fintech companies, the RBI’s Das said: “The need of the hour is to ensure assurance of safety after following a process of green-lighting (white-listing) and due diligence by the regulated entities.”

Das added that regulated entities needed to strengthen due diligence and oversight of their outsourced activities. They have been given time until 30 November to get their houses in order and put in place systems and processes to ensure that existing digital loans comply with the RBI digital lending guidelines.

While the fintech industry has had a positive impact in enhancing inclusion and increasing the penetration of financial services, an enormous amount of consumer data generated is being leveraged by a few Big Tech companies as a result of their sizeable customer base.

This warrants the RBI’s attention to potential risks in the areas of public policy objectives in terms of maintaining competition, market and business conduct, operational resilience, data privacy, cybersecurity and financial stability.

The guidelines are expected to increase the regulatory pressure on fintech companies and bring about new banking solutions as fintech companies continue to partner with banks and NBFCs in underwriting, loan disbursement and collections, the Delhi-based lawyer said.

Counterproductive and restrictive

However, some aspects of the guidelines can be counterproductive and there is concern that they could hinder digital lending activities. RBI guidelines mandate digital lending platforms to disclose the names of the banks or NBFCs to which they provide credit.

While the guidelines aim to streamline practices, or rather curb malpractice, in the USD270 billion fintech sector, they have imposed massive restrictions, forcing many fintech players to rethink their future strategy.

The key problem lies in the RBI restricting banks and NBFCs from the comfort of first loss default guarantee arrangements. This lending model offers third-party guarantees to banks and NBFCs that they will be compensated up to a certain percentage of the loan portfolio in the event of a default.

The first loss default guarantee has been adopted in the past four to five years, since the evolution of digital lending in India, and has helped banks and NBFCs to expand their lending reach and offer innovative loan products.

The RBI, however, views the first loss default guarantee as akin to synthetic securitisation, says Prashanth Ramdas, a Bengaluru-based partner with Khaitan & Co.

While the exposure remains on the books of banks and NBFCs, the risk is hedged through credit guarantees, which is not permissible in India, he adds.

The RBI’s digital lending guidelines are in line with international best practices, but the central bank has gone overboard, similar to what Chinese regulators did to clamp down on peer-to-peer lending, says Ramdas.

Lenders feel the heat

The central bank does not have the jurisdiction to regulate service providers or fintech companies that operate lending apps and provide onboarding services. It has, however, restricted banks and NBFCs from getting the comfort of a first-loss default guarantee.

This has had a major impact on the digital lending market. Most platforms source customers and refer customers to lenders who expect the fintech companies operating the platforms to “have some skin in the game,” says Ramdas.

Banks expect fintech companies to bear the risk of default as they are not responsible for onboarding customers, and are not geared towards this new segment of the small ticket and unsecured loans sold to the retail sector and small businesses.

The RBI fears that the first loss default guarantee will give rise to systemic risk if lenders lend on the strength of fintech companies, which are not regulated.

This is a valid concern, given that there is little oversight of fintech companies, and their ability to repay the loans should there be a case of default has not been tested, notes Ramdas.

Nonetheless, there should not be a total ban on the first loss default guarantee, but rather a limit on the same to reduce the systemic risk, he suggests.

Many NBFCs are lobbying the central bank to be allowed to provide the first loss default guarantee, considering they are regulated by the RBI, two more industry lawyers point out.

It will be a challenge not only for the unregulated fintech companies, but for the industry as a whole, if the RBI does not relent and allow the first loss default guarantee arrangement, say other industry observers. Banks could hesitate on lending.

The ideal solution would be to monitor the financial capability of those providing the comfort of the guarantee, or cap the comfort to a specified percentage of the portfolio, considering that it is in the best interests that the partnership model continues, says Ramdas.


The Briefing is written by Freny Patel.