Guidelines on Digital Lending by Reserve Bank of India


The banking sector has been at the heart of the Indian economy contributing to more than 40% of the GDP and lending or credit is what fuels the Indian economy contributing more than 60% of the GDP. Digital lending is the new buzzword in banking, where people mean different things. So let us understand what RBI has mandated in its guidelines on Digital Lending.

What is Digital Lending?

Before we understand what digital lending is, let us understand what lending is. Simply put, lending is when a lender provides funds to someone who wants to borrow it (usually at a fixed interest rate) and the borrower agrees to pay back the borrowed amount with interest. It's essentially trading future income for current access to money.

Banks are in the business of collecting our deposits and lending them to those who want to borrow. However, there are many who find it difficult to access loans from banks for various reasons. Maybe they don't have an established credit history, maybe they don't live in regions where the bank operates, or the bank deems the interest too high to provide a loan, etc. So, there is a gap that banks cannot reach and as a result, many digital lending platforms have emerged to serve this segment.

What does the Reserve Bank of India (RBI) think of these digital lending platforms? That's an important question for a startup. Any guidance from RBI on matters such as these is valuable since we will have to first understand it and then live with the regulations at the time of scaling the business.

So, let us see what RBI has to say on digital lending in the guidelines on Digital Lending issued on 2nd September 2022. 

What does RBI think of digital lending?

The purpose of the guideline ( Number CRDIR/DGL-19/02.01.002) is to inform applicants proposing to set up non-bank digital lending platforms about the criteria the Reserve Bank would use to assess their proposals.

The guideline is interesting as it shows the thinking perspective of RBI to explain its views and concerns. Let us try to summarize the key pointers from the guideline.

  • The guidelines released for public consultation cover all commercial banks, primary (urban) co-operative banks, state co-operative banks, district central co-operative banks, and non-banking financial companies. RBI guidelines on digital lending aim to protect consumers.

  • Digital lending entities should refrain from accessing and mining the customer’s phone address books, SMS, MMS, call log history, installed apps, accounts’ social feeds, bookmarks, etc. * The entity should not use personal identifiers such as Aadhaar number, PAN, etc for its own purposes. * It should not even ask for such information or documents.

  • The borrowers need to be informed about their data being stored, either centrally or locally. The details must include some time limit for storing the data, any restrictions on how they are used, or how it's used, whether it is destroyed at a specific time frame, which security mechanisms are in place in case of any breach, etc. The borrower must also be informed about these details at all times on the website as well as in the app.

  • Key Fact Statements for digital lending products are standardized. The borrower should be informed about the all-in origination cost of the loan. They should also be a part of the Key Facts Statement.

  • Interest/charges that are levied on the borrower, if any, i.e. part of the total funds disbursed by the lender, shall be clearly disclosed in the key facts. This shall also be done on an annualized basis.

  • Any fees charged by the regulated entities in this standard must be paid by the lending service provider in full, and cannot be charged to the loan applicant.

  • The Key Fact Statement will contain details of all the various elements of the loan such as the annual percentage rate, the recovery mechanism, details of a grievance redressal officer, and the cooling-off/look-up period. The cooling-off/look-up period is the amount of time given for the repayment of the debt.

  • You are charged only the charges mentioned in your Key Fact Statement, which you will find in your offer document.

  • Borrowers along with their transaction details, loan contracts, account statements, policies, etc. shall receive the information pertaining to their loans through electronic mail/SMS on the successful execution of their transactions.

  • A list of digital loan service providers engaged by a bank or an NBFC should be publicly unveiled by them on their respective websites.

  • Details of the nodal Grievance Redressal Officer (G.R.O.) should be displayed on the bank, NBFC, Lending service provider, online lending app, or key facts sheet.

  • If the borrower is unhappy with the resolution offered by the bank regarding the dispute, then he or she can direct their complaint toward an external and independent ombudsman. The complainant can lodge a complaint in the Home Loans Complaint Management System (HCM-2) under the Reserve Bank of India-Integrated Ombudsman Scheme (RBI-IOS). For NBFCs that are not covered under the regulatory purview of RBI, the complaints may be lodged as per the guidelines prescribed by them.

  • Now that we are well into the digital age, it has become essential for banks and NBFCs to understand the economic profile of their customers before extending any loans with a robust and comprehensive set of data in place.

  • One shall not automatically receive a credit increase unless explicit consent of the borrower is tagged and documented in order for there to be an increase.

  • During a cooling-off /look-up period, the borrower shall be given an explicit option to exit a digital loan by paying the principal and the proportionate APR without any penalty during this period. The loan contract shall have a minimum period of 3 days, and a maximum period of 1 day, for a minimum tenor of 7 days and a maximum tenor of 12 days.

  • The borrower shall be provided with options for giving or denying their consent to a specific use, limiting the disclosure to third parties, retaining personal data, and requesting deletion when the data is no longer needed.

  • Explicit consent will be taken before sharing any personal information with any third party, with exceptions as stipulated by law.

  • The banks and NBFCs should ensure that all lending activities, irrespective of the credit facility to any NBFCs and individuals have done through their Digital Lending Apps and/or supported apps of Lending Service Providers are reported to Credit Information Companies (such as CIBIL), irrespective of loan tenor.

  • Any extension of credit from a bank, NBFC, or Lending Service Provider which is provided by a merchant over a digital device, needs to be reported to credit information companies. In case of any discrepancy, report the same to CIBIL Limited.

  • The regulated entities shall ensure that all these loan-related transactions, such as repayment, collection, etc., are done directly by the borrower in a regulated entity’s bank account or through any other suitable alternate mechanism.

  • All disbursements shall be made into the account of the beneficiary except for the disbursals covered exclusively under statutory or regulatory mandate (of RBI or of any other regulator), the direct flow of money between regulated entities force-lending transactions, and the disbursals for non-withdrawable end use, provided: The loan is disbursed directly into the bank account of the beneficiary, or The repayment beings from its account.

  • Regulated entities shall ensure that the disbursement of the loan is made only to a third-party account belonging to the Borrower. To ensure that this is done correctly, regulated entities may opt for third-party KYC of the account and card details, as offered by such service providers.
Article Written by CyRAACS Team
Transform your business and manage risk with your trusted cyber security partner
CYRAAC Services Private Limited
3rd floor, 22, Gopalan Innovation Mall, Bannerghatta Main Road, JP Nagar Phase 3, Bengaluru, Bengaluru Urban, Karnataka-560076
Company CIN: U74999KA2017PTC104449
In Case Of Any Grievances Or Queries Please Contact -
Murari Shanker (MS) Co-Founder and CTO
Email ID: [email protected]
Contact number: +918553004777
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram