RBI Throws A Data Collection Wrench In Fintech Lending Dreams
The RBI's digital lending norms have put into question business models of many such loan apps active in the space.
Reserve Bank of India's measures to regulate digital lending in India have led to doubts over the business models of many such lending applications active in the space.
Over the last two years, the number of applications offering loans online has ticked up sharply. Many of these—especially the ones offering payday style loans—operate outside of regulations and tend to collect significant personal data from a user’s phone.
The data can include media files stored on the device, contact lists, location data, and even call logs. Such data has also been used by lenders to harass borrowers who fail to repay their loans. In many cases, collection agents also call people on a borrower’s contact list and ask them to help recover their money.
But the RBI’s recently issued digital lending guidelines could very well put a stop to that by restricting the kind of information fintech platforms can collect. The guidelines state that regulated entities—banks and non-banking financial companies—should ensure that fintechs do not store personal information of borrowers beyond basic details like name, contact details, and address.
While this may help stem the menace arising from unregulated lenders, the restrictions can also play spoilsport for fintech lending platforms at large.
The guidelines will change things for fintechs that don’t run NBFCs of their own, according to the founder of a four-year-old fintech lending firm. Fintechs with lending ambitions start their journey by being a marketplace to connect borrowers with lenders, this person said.
Once they build a base of enough users and have information about their credit scores, income levels, occupations, and repayment histories, they can use it to engineer an underwriting engine.
This in turn helps them decide which kind of borrower they’d prefer to lend to off their own balance sheets, the founder quoted above explained.
Therefore, fintech lending platforms leverage balance sheets of their lending partners to understand borrower profiles, select a subset they’d like to lend to, and then make loans of their own as and when they acquire a license to lend—typically via an NBFC.
This roadmap might just require a rethink.
The current structure of the guidelines would necessitate fintechs to have NBFCs of their own. Buy Now Pay Later providers like Simpl operate without an NBFC license and others like MoneyTap or Capital Float (now called axio) only use them for a limited portion of their loans.
The fintech founder quoted above added that the capital requirements for acquiring an NBFC license are also likely to make it harder for new entrants to jump into tech-enabled lending.
Applying for an NBFC license requires a company to be registered and have a net owned fund position of at least Rs 2 crore. In the absence of customer data, it’ll also be tricky for fintechs to build underwriting engines of their own, the founder said.
According to former RBI Deputy Governor R Gandhi, the compliance of regulated entities has risen through these guidelines.
It is the responsibility of the banks and NBFCs to see that their [partner] fintechs do not indulge beyond the requirement. Banks and NBFCs are required to ensure this in the contracts they sign with fintech partners. If the RBI finds that a fintech has collected more than the required data, then the bank which engaged that fintech will be penalised.R Gandhi, Former Deputy Governor, RBI
Given that the guidelines require regulated entities to keep their selling agents (or fintech partners) compliant, it will also make it necessary for banks and NBFCs to thoroughly audit their partners. “It will get difficult to maintain and manage,” Harshvardhan Lunia, chief executive officer of SME-focused lender Lendingkart, said.
Regulated entities can conduct yearly audits, but the direct selling agents won’t be obliged to comply with them since they are not directly regulated, he added. “It’s a little complicated and might require further clarification,” Lunia said.
While some industry participants said that the guidelines would deprive pure-play distribution fintechs of accessing useful customer data, others see it as less of an inhibiting factor.
"My reading is not that it’s either-or. I think with consent of the customer, you can access it (the data),” Anuj Kacker, co-founder of consumer lending firm MoneyTap, told BQ Prime.
At this point, interpretation of the guidelines may vary, and perhaps industry participants need to wait for clarification on this front, Kacker added.
For now, the RBI’s adoption of digital lending guidelines threatens to stick a spanner in the works for distribution-led lending platforms. Whether the new rules prove to be teething troubles or a sorer pain will depend on the sort of clarifications the regulator issues and how stringently the regulated entities enforce the rules.