Blog

On August 10, 2022, the Reserve Bank of India (RBI) issued the first set of much-awaited guidelines for digital lending. The central bank has taken a stand on key issues and has shared clarity on areas such as direct loan disbursal to borrower account, consent of borrowers before increasing credit limit, among others.

The process of framing the guidelines for the burgeoning sector had begun a long ago. The initial work started in January 2022 after RBI constituted a working group on ‘digital lending to share a report which came out in 11 months.

Inc42 spoke to over two dozen fintech leaders, founders, and analysts to understand how they are viewing the guidelines, and the sentiments are almost the same across the fraternity. Most players are looking at the guidelines as a positive step, with digital lending fintechs finally getting recognised as an agent of a bank/ NBFC and legally permitted to do business.

Also, there are areas where the RBI is still seeking details. This includes:

• Scope of the financial literacy centres
• Centre for Financial Literacy
• Electronic Banking Awareness and Training Programmes (E-baat) to be expanded to include digital lending
• Baseline technology standards for digital lending apps
• Adoption of ethical AI by digital lenders among others

Jupiter founder and CEO Jitendra Gupta said that the guidelines will open up future opportunities for fintechs with a deeper understanding of existing regulations and compliances to operate in the digital lending ecosystem, which would become a $350 Bn market opportunity by the end of FY23.

The guidelines are also expected to build trust and increase the risk appetite of consumers to go for newer channels of digital credit.

Irfan Mohammed, Chief Business Officer, Financial Services at Yubi, believes that the RBI’s acceptance of WGDL’s recommendations is a welcome move for all in the fintech, financial services and lending ecosystem. It offers the incumbents and stakeholders the much-needed direction and clarity to plan and move forward.

In June, the RBI issued a notification for non-bank fintech players, prohibiting them from loading prepaid payment instruments (PPIs) with credit lines. It was identified that although the PPI instrument should be backed by funds owned by a customer, a few fintechs were using it as a PPI being backed by a third-party credit line.

The release of digital lending guidelines is seen as another step in building a strong regulatory framework for fintechs around their role of co-branding with credit cards, as the guidelines clearly state that  No involvement of third-party lending service providers (LSPs) through prepaid payment instruments (PPI) or Escrow pool accounts is permitted.

“Besides financial and operational discipline, it (the guidelines) will aid in building customer confidence in the digital lending ecosystem and increase their willingness to explore newer avenues and will ultimately benefit the larger goal of financial inclusivity for all,” CASHe Vice Chairman & MD Joginder Rana said.

State Of Digital lending Ecosystem

For a long time now, the RBI has taken the primary role of protecting consumer interest in the financial services sector. As per the findings of the WGDL, as many as 600 out of the 1,100 lending apps available for Indian Android users across 80 application stores were illegal apps. These digital lending apps were found to charge high-interest rates, adopt unacceptable and high-handed recovery methods and operate in an opaque manner.

Following the central bank’s clarification on loading of PPIs using credit lines, many fintech companies, such as OneCard, Slice, Uni, Jupiter Edge, Mobikwik, among others, which had earlier found grey areas in the regulations to start digital lending products, were forced to halt or restructure their lending operations.

However, what’s interesting is how the RBI has recognised the role of fintechs in the lending ecosystem. Lending, in India, was always considered an exclusive domain of banks, NBFCs, state-owned cooperative banks, and other regulated entities. While fintech startups were pushing for almost a decade to join the exclusive club, there were no clear directions.

Now, the RBI’s latest guidelines have made a clear distinction between the existing groups of regulated and non-regulated digital lenders. Even non-regulated entities have been recognized in the digital lending ecosystem through LSPs (Lending Service Providers) and DLAs (Digital Lending Apps) under the new guidelines.

Giving more clarity, the RBI also said that the DLAs include “mobile and web-based applications with a user interface that facilitate borrowing by a borrower from a digital lender. DLAs will include apps of the REs (regulated entities) as well as operated by LSPs which are engaged by REs for extension of any credit facilitation services”.

More Regulatory Pressure On Digital Lending Fintechs

Sanjay Kao, EVP APAC at Lentra, one of the leading enterprise SaaS companies empowering lenders in the digital lending ecosystem, compared the digital lending landscape in the country  before the release of RBI guidelines with the early years of Unit Linked Insurance Plan (ULIPs), when lack of regulation led to unhealthy practices such as charging of exorbitant commissions, giving the industry an ill repute. Once regulated, there was an overall acceptance of ULIPs as an investment instrument, resulting in healthy growth, he said.

Overall, the guidelines are expected to increase regulatory pressure on fintechs. With power getting concentrated with regulated entities (REs), the fintechs will have to comply with the guidelines and work in cohesion with the existing lending infrastructure of the country.

Here are some other vital regulatory impacts that fintechs will have to consider and change their strategies accordingly.

No Breather For The Likes Of Mobikwik, Slice, Jupiter Edge

Inc42 earlier reported how in the absence of any clear guidelines, fintechs tied up with banks and NBFCs as third-party credit lines. It led to the emergence of three key groups, i.e:

• Fintech + banks (OneCard – credit card);
• Fintech + NBFCs + bank (Slice, Uni – prepaid card);
• Fintech + non-bank PPI + bank (Jupiter Edge – prepaid card)

However, according to the guidelines for digital lending, all loan disbursals and repayments are required to be executed only between the bank accounts of the borrowers and the regulated entities (REs) without any passthrough/ pool account of the LSP or any third party.

Since the disbursements will always be made into the bank account of a borrower, it puts rest to all the speculations about the other business models.

Jupiter’s Gupta explained that the money would need to come directly from bank/ NBFC and there cannot be a third party (fintech) as they cannot operate funds, as per the central bank’s guidelines.

Experts believe that this would lead to emergence of newer banking solutions, with fintechs partnering banks and NBFCs for underwriting, loan disbursement, collection, among others.

BNPL Also Comes Under Regulation 

The WGDL recommended the RBI to treat new digital lending products such as buy now pay later (BNPL) as a part of lending, if not in the nature of operational credit by merchants. According to the guidelines, “REs shall ensure that LSPs, if any, associated with such deferred payment credit products shall abide by the extant outsourcing guidelines issued by the Bank.”

This implies that fintechs such as ZestMoney, LazyPay, among others, engaged in the microcredit segment will have an opportunity to continue and scale up in the lending segment under regulatory purview.

Also, according to the new regulations, any lending sourced through DLAs (either of the RE or of the LSP engaged by RE) will be required to be reported to Credit Information Companies (CICs) by REs, irrespective of its nature or tenor.

All new digital lending products extended by REs over merchant platforms involving short-term credit or deferred payments will also be required to be reported to CICs by the REs.

In simple terms, all short-term/ BNPL loans would now be treated like a loan and would require KYC adherence as well as bureau reporting. This has the potential to affect user experience as there will be stricter controls on money movement and bureau reporting even for products like small-ticket BNPL loans.

APR To Change Micro Credit Lending Game

The REs will need to disclose upfront the all-inclusive cost of digital loans as an Annual Percentage Rate (APR). The APR shall be based on an all-inclusive cost and margin including cost of funds, credit cost and operating cost, processing fee, verification charges, maintenance charges, among others, except contingent charges like penal charges, late payment charges, etc.

The fintechs will be required to disclose the APR to the borrowers upfront as part of the Key Fact Statement (KFS). This is likely to adversely impact small ticket/ short-term loan offering fintechs, which survive on processing fees and “Flat Rate on Principal instead of Reducing Balance”, and may charge upwards of 30% and in some cases, more than 50% on APR basis, as specified by Sameer Singh Jaini, founder and CEO, The Digital Fifth in a LinkedIn post.

To simplify this, let’s take an example here. Under the flat rate interest mechanism, suppose a borrower takes a –

• Principal amount of INR 100, 000 at an interest rate of – 5.5% for a tenure of 10 years (120 months)
• This implies a Flat rate interest of Rs 458
• Then monthly installment will be (100,000/12)+458 = INR 1292 (to be paid irrespective of principal paid during the tenure)
• Interest paid at the end of tenure will be 35.5% (also known as effective interest rate), repaying an amount of INR 155,040

However, in the reducing balance interest mechanism, the interest is calculated only on the principal amount left so the customer ends up saving more. With the current RBI guidelines, now those fintechs charging a flat rate on principal will thus have to bear costs or upfront ask for a higher interest rate, which may result in reduced customer acquisition.

Stringent Data regulations

According to the guidelines, the data collected by DLAs should be need-based, should have clear audit trails and should be done with prior explicit consent of the borrower.

The guidelines also states that the DLAs will be required to provide an option to borrowers to accept or deny the consent for the use of specific data, including the option to revoke previously granted consent, besides the option to delete the data collected from borrowers by the DLAs/ LSPs.

The key things fintechs will have to keep in mind going forward are:

• REs to ensure that LSPs engaged by them do not store personal information of borrowers except for some basic minimal data (viz. name, address, contact details of the customer, etc.).
• In any case, DLAs should desist from accessing mobile phone resources such as file and media, contact list, call logs, telephony functions, etc.
• A one-time access can be taken for camera, microphone, location or any other facility necessary for the purpose of on-boarding/ KYC requirements only with the explicit consent of the borrower.
• No biometric data should be stored/ collected in the systems associated with the DLA of REs/ their LSPs, unless allowed under extant statutory guidelines.
• REs to ensure that all data is stored in servers located within India while ensuring compliance with statutory obligations/ regulatory instructions.
• DLAs should provide the key information like data required in the process, its storage, outsourcing and purging, among others, clearly in their privacy policies, distinctly reflected on the loan providers’ websites.

Increase In Costs Of Operation

The guidelines further highlight that any fees, charges, etc. will be payable to fintechs in the credit intermediation process shall be paid directly by the lenders and not by the borrower. Besides, a minimum 90 days cooling off period needs to be given to the borrower.

While the regulated entities will have to comply with marginal changes, the directive requires adherence to changes such as updating the app which will augment the cost for a few companies, and lead to increase in tech and security cost for fintechs, explained Swapnil Bhaskar, Head of Strategy at Niyo.

Further, REs will also need to ensure that they and the LSPs engaged by them have a suitable nodal grievance redressal officer to deal with fintech/ digital lending related complaints. This will also lead to additional costs for fintechs.

NBFCs and lenders involved in colending are also struggling. As stated by RBI, with recommendations pertaining to First Loss Default Guarantee (FLDG) are under examination. But for now, the regulated digital lending entities will have to adhere to Master Direction – Reserve Bank of India (Securitisation of Standard Assets) Directions, 2021. This implies that the originators should adhere to the Minimum Retention Requirement (MRR) of

• 5% of the book value of the loans being securitised, for underlying loans with original maturity of 24 months or less
• 10% of the book value of the loans being securitised, for underlying loans with an original maturity of more than 24 months as well as loans with bullet (lump-sum) repayments

“Anyone who has been doing co-lending is now in trouble because of RBI’s guidelines regarding First Loss Default Guarantee (FLDG). RBI has mandated a 15% guarantee on a Rs 100 loan as FLDG.  What the NBFCs were doing was while lending to the partner lenders, they were just keeping a 2.25% capital as FLDG, there by lending Rs 15 at 15%. Now all of a sudden you have to keep a 6 times more FLDG, so everyone is kind of scratching their heads,” said one of the executives from a leading NBFC.

Digital Lending: The Way Forward

The digital lending guidelines’ recognition of the role of fintechs in the lending segment offers a plethora of opportunities and will require the fintechs to proactively work with the regulators and develop solutions under the regulatory umbrella. In turn, the regulators must help fintechs to adapt to the guidelines, and bring in innovation while protecting customer interests.

Fintechs also need to put in place adequate and transparent risk management controls. This will increase customer confidence and market acceptance, and provide the financial stability that will enable them to thrive in a more regulated business environment.

According to MyShubhLife CEO and founder Monish Anand, digital lending will no longer be just a technology-driven convenience model but would also evolve as a multi-layered system thriving on core fundamentals of banking, putting customer interest first, and providing easier access to organised credit with increased transparency.

The fintechs are also hopeful that the RBI will now show more trust in them. Ranvir Singh, founder and MD of Ring, said that fintechs have proven credibility when it comes to linking credit cards on UPI, and expects RBI may also allow NBFCs to issue their own credit cards without the need to have a co-branding partner bank. As of now, only SBI Card and Bank of Baroda (BoB) Card are the two NBFCs allowed to issue credit cards.

The fintech community is now eagerly waiting for the next set of guidelines pertaining to First Loss Default Guarantee (FLDG), and framework for web-aggregator for loan products. The RBI is also looking to set up a self-regulatory organisation covering regulated entities (REs) and DLAs/LSPs in the digital lending ecosystem to curb malpractices and bring in an added layer of code of conduct.