RBI Digital Lending Guidelines 2022 Explained

Technological advancements have considerably aided digital lending. Individuals can get cash infusions from digital lenders. The demand for online loans has skyrocketed in recent years. The Reserve Bank of India (RBI) has issued Digital Lending Guidelines for all commercial and cooperative banks, as well as NBFCs.

Regulated entities (REs) are responsible for ensuring that Lending Service Providers ("LSPs"), Digital Lending Apps ("DLAs"), and LSP DLAs comply with the Guidelines. The REs include all commercial and cooperative banks, as well as non-banking financial institutions. On behalf of the RE, the LSP handles lender tasks such as customer acquisition, monitoring, and recovery. DLAs are websites or mobile applications that provide loans to their customers; this covers both RE applications and the LSP for the credit facility.

1. Loan Disbursal Directly to borrowers Account

To promote transparency and avoid operational ambiguity, REs must ensure that loan disbursements are sent straight to the borrower's bank account. This means that, with the exception of co-lending, no loan-related capital can be transmitted through third-party accounts. This eliminates the presence of the LSP's nodal pass-through or pool account.

Exceptions are given in circumstances where the disbursement is made as a result of (a) a co-lending transaction, which is an agreement involving the joint contribution of a credit facility as well as risk and reward sharing; a statutory or regulatory mandate; or loan disbursals for specific end-use. The exception for specific end-use facilitates Buy Now Pay Later ("BNPL") models by allowing REs/LSPs/DLAs to disburse loan funds directly to the merchant.

2. Key Fact Statement

Before signing the loan agreement, the customer must be supplied with a Key Fact Statement (KFS), a standardised document outlining all of the key aspects of the loan. The KFS must have information such as the Annual Percentage Rate ("APR"), which is the Effective Annualized Rate charged to the borrower; the recovery process; the grievance redressal officer's contact information; and the cooling-off period.

3. Fees and charges

Lenders must provide borrowers with standardised information regarding all fees, charges, and the annual percentage rate (APR).

4. Details regarding recovery

Loan features, limits, costs, and other information must be prominently presented on the Financial Institution's digital lending app and by its fintech partners. All of the partners with whom the Financial Institution collaborates for its digital lending activities, as well as the contact information for the loan recovery agent, must be presented on the user interface.

5. Cooling-off Period

REs must give a cooling period, which is a window of opportunity for the borrower to return the digital loan and the commensurate APR without penalty. The cooling-off period for digital loans with tenures of seven days or more must be at least three days, and it must not be less than one day for digital loans with tenures of less than seven days. Even after this timeframe, the option of pre-payment should be available.

6. Digitally Signed Disclosures to borrowers

All documents signed with a digital signature, such as loan product summaries, KFS, sanction letters, privacy policies, and so on, must be sent to the borrower through SMS/email. Furthermore, REs must ensure that a list of their DLAs, LSPs, and LSP DLAs is published on their website.

7. Rules for Data Processing

The majority of the digital lending report is concerned with digital lending data protocols. The RBI establishes data collection, storage, and processing requirements for financial institutions and their lending partners to follow.

Any consumer data gathered by Financial Institutions(FIs) or their lending partners must be need-driven. For all data acquired, explicit client consent must be secured, and an audit trail must be kept for transparency. At each stage, the purpose of gaining the borrower's consent must be communicated. Borrowers must also be given the opportunity to provide or revoke consent for specific data usage, limit third-party disclosure, keep data, and delete all data from the app.

Financial institutions must ensure that they only store the minimum amount of customer data (name, address, contact information, etc.) essential for operations. In this sense, a clear privacy policy must be given to the customer. This policy must address security breach protocols, data deletion protocols, data storage periods, data usage limits, and other topics. All biometric data must be stored by the financial institution and not by their lending partners. Furthermore, all data must be housed on servers within India's boundaries.

8. Grievance Redressal Mechanism

The RBI has mandated the appointment of a nodal grievance redressal officer to handle complaints and concerns relating to digital lending. The officer's information will be posted on the websites of the REs, LSPs, and DLAs, as well as in the KFS. If a grievance redressal officer complaint is not resolved within 30 days (thirty), the complaint can be registered with the RBI's Integrated Ombudsman Scheme. Furthermore, the ability to lodge complaints must be available on the websites of REs, LSPs, and DLAs.

9. Due diligence requirements

Before entering into a relationship with an LSP for digital lending, REs must do comprehensive due diligence, taking into account its technical capabilities, data privacy policies, and storage systems, fairness in dealing with borrowers, and ability to comply with regulations and statutes.

10. Reporting to CIC

Regulated Entities must ensure that any lending done through digital lending apps is disclosed to Credit Information Companies (CICs). Lending under the Buy Now Pay Later (BNPL) option must also be disclosed to CICs.

The issue in Relation to FLDG Arrangements

A First Loss Default Guarantee (FLDG) is a mechanism through which a third party guarantees to compensate up to a certain percentage of default in a loan portfolio of a regulated entity.

RBI has through the guidelines advised adherence to the Master Direction – Reserve Bank of India (Securitisation of Standard Assets) Directions, 2021 dated September 24, 2021.The Master Direction prohibits synthetic securitisation. If the RBI makes the advisory mandatory, this will have the effect of not permitting REs to engage in synthetic securitisation like FLDG and transfer the risk to a pool of exposures, in part or in whole.

FinTechs are asking for a detailed framework to allow FLDG arrangements to continue with banks as well as a set of guidelines to better help non-regulated entities understand their scope of operations. 

Conclusion

The RBI's measures will help to protect customers while also ensuring that genuine mobile apps remain on the market. Once the problems with these guidelines are rectified, the digital lending space is expected to expand at an exponential rate. While the new requirements have increased the cost of compliance for fintech companies, they have been well received. The parties concerned recognize the potential of fintech in the country's last-mile, effective credit delivery, as well as the importance of maintaining a compliant operational environment to usher in the sector's healthy and sustainable growth.

 

Important Links 

RBI Digital Lending Guidelines 2022

Master Direction – Reserve Bank of India (Securitisation of Standard Assets) Directions, 2021 dated September 24, 2021