“They looked like a saviour to me at that stage of my life,” she says over the phone. “I immediately took one of these loans.” The process was simple and quick. All she had to do was scan her Aadhaar card and PAN number and click a selfie and upload these on the app. “There was no OTP-based authentication or even a requirement for an esignature. They don’t even have a signature of the account holder,” she says.
Little did she know she would have hell to pay for choosing such a convenient lender. It was all good as long as she paid her dues on time. “Because of some issues with the bank”, she missed one cycle. Anitha was willing to even pay a late fee. Before she could put that in motion, she started getting phone calls and WhatsApp messages from recovery agents. The calls became progressively more menacing and insulting. “They started becoming abusive. It was 2-3 weeks of constant harassment. I was nearly suicidal, ” she recalls.
“They expected me to answer the phone all the time. I was in a state of illusionary fear. All because I took money from one of these apps.” Anitha is not the only one who has felt like a marked person after taking a loan from through apps. The past few months have seen several such stories. While those who have survived this experience have shared their tales, there were some borrowers who could not take the harassment and humiliation. They allegedly killed themselves because the debt trap forced on them constant social shaming — perpetuated by the apps that gave these loans.
These stories have caught the attention of the Reserve Bank of India (RBI). Earlier this week, it set up a six-member working group to regulate digital lending through mobile apps, with a focus on consumer protection, privacy and data security. The group is expected to submit its report in three months. Digital lending or app-based loans is a four-year-old phenomenon in India. It came to prominence globally as “payday loans” or “fringe banking”.
Legitimate digital lenders, backed by their own non-banking financial company (NBFCs), disburse small-ticket loans (from Rs 10,000-3 lakh) to individual borrowers. Most of their work — from assessing the creditworthiness of borrowers, to know-your-customer (KYC) verification, loan disbursal and EMI collection — is done online. The “procedural ease” of getting a short-term loan makes these players popular among young professionals. The top-10 digital lenders — including EarlySalary, KreditBee, LoanTap and CASHe — account for over 60% of India’s fintech NBFCs. These players, along with a few more, disburse microloans worth Rs 800-1,200 crore every month — and have cumulatively done close to Rs 20,000 crore since inception. These legitimate lenders offer loans for tenures ranging between three and 36 months.
Then there are lenders who operate in the shadows. According to fintech industry sources, several lenders simply register an entity under the Companies Act, develop an app and start commercial lending. They peddle 7-30-day loans at high-interest rates — often 200-500% annualised. Most of these apps, recent investigations by NGOs and advocacy groups like Cashless Consumer reveal, are Chinese white-labelled apps with Indian names.
The apps are mostly hosted on Chinese servers. One such revelation included at least 10 digital lending apps sharing the same Chinese backend — offered by Beijing-based Liu-Fang Technologies, which has offices in India. This, industry sources say, is “completely illegal”.
To be on the right side of the law, the smarter ones tie-up with inactive NBFCs to give out loans. An NBFC that follows the law will not take such a loan on its books as it is not the funding entity. It simply lends its name to the funding entity and gets 1-3% of the loans disbursed as commission. Many a time, the sponsors of these funding entities are overseas nationals — mainly settled in China, Indonesia, Malaysia or Hong Kong.
Pravin Kalaiselvan, chairman of Mumbai-based Save Them Foundation, says “90% of investors in these companies are Chinese”. He cites the example of OKash, a lending product from the promoters of Opera. It was sold to a Chinese consortium in 2016 and has since been banned in China, the Philippines and Kenya. “And yet, they have been incorporated in India,” Kalaiselvan adds.
Several such apps exist on Google Play Store. They change names every 15-20 days and use false information in the app description. Some of them have been removed from the platform, following RBI’s directions.
On Thursday, Suzanne Frey, Google’s vice-president-product, Android security and privacy, wrote in a blog post, “We have reviewed hundreds of personal loan apps in India, based on flags submitted by users and government agencies. The apps that were found to violate our user safety policies were immediately removed from the Store, and we have asked the developers of the remaining identified apps to demonstrate that they comply with applicable local laws and regulations. Apps that fail to do so will be removed without further notice.” Google would continue to assist law enforcement agencies, she added.
THE BUSINESS OF DIGITAL LENDING
While peer-to-peer lending is allowed in India, commercial lending can only be done by a registered NBFC or a bank. One can also enter the business by registering under the moneylenders act, promulgated by several state governments. Fintech industry sources say illegitimate lenders fly under the radar.
Experts who have been tracking this space say that unlike legitimate entities, which use escrow accounts to disburse loans, the illegitimate ones prefer peer-to-peer money transfer apps like Google Pay, PhonePay and PayTM. Ditto for recovery. Typically, these UPI-based payment platforms are intermediaries and may not know what the transaction is for. Unregulated entities save costs by staying off formal payment gateways such as RazorPay and Paytm.
Companies that tend to disburse loans of upto Rs 50,000 invest in formal payment gateways. A source familiar with the modus operandi says, “These companies resort to shell companies to obtain PAN cards. And some of these payment gateways don’t check beyond PAN cards.”
Last month, the Hyderabad police said it had identified 350 virtual accounts and bank accounts on Razorpay that were used by companies such as Liufang Technologies, Pin Print Technologies, Hotful Technologies and Nabloom Technologies. Collectively, these companies were operating 42 apps that offered instant microloans.
On Friday, Google told Telangana police it has removed 60 India-based apps acting on complaints. Responding to ET’s queries, a Razorpay spokesperson says, “We proactively ban all digital lending apps that are reported to us for flouting rules. All the businesses onboarded on our platform have to submit a duly filled in KYC form along with an NBFC license or FLDG agreement, to ensure they are authorised entities.”
The financial distress of the pandemic gave an opportunity for newer promoters to enter the space and target people like Anitha. All they had to do was register a company under the Companies’ Act, build an app and start lending using peer-to-peer payment apps.
These companies began mushrooming around 2019 but began to operate on steroids after the national lockdown began, says Madhusudan Ekambaram, the CEO of app-based lending company KreditBee. “Things started going really bad after the bank loan moratorium ended in August last year. People were short of funds and banks were not lending money. So they approached these app-based lenders who offered them easy short-term loans. The financial stress during the lockdown provided fertile grounds for these unethical lenders to thrive,” Ekambaram adds.
Social shaming is not a new technique of collection agents. But loan apps seek a lot of intrusive permission in an applicant’s device. These lenders ask for permission to access contact numbers, photo gallery, call history and location. All these, along with a scanned copy of the borrower’s Aadhaar and PAN number, open up multiple avenues for harassment.
Collection agents can resort to incessant phone calls to the borrower and her relatives — all the numbers are available on the phone’s address book. Agents give out endless threats on WhatsApp — The ET Magazine has reviewed several chat messages from recovery agents. Sometimes, the recovery agent creates a WhatsApp group of the friends and relatives of the borrower and starts putting abusive messages on it. In October, one of these apps, Kalaiselvan says, published a list of defaulters on Facebook. That is not all. Agents use photographs of a borrower — available in the phone gallery — write “Defaulter” on it, add the person’s name and date of birth and then circulate it to everyone on the borrower’s contact list.
Applicants should be wary when an app is asking for too much access, says Satyam Kumar, the CEO of LoanTap. “Most genuine players will not take more than one or two required consents through their app — and these are purely for due diligence, KYC and underwriting purposes. Asking consent to access the borrower’s phone book or photo gallery is a transgression.”
There have also been complaints of recovery agents subjecting borrowers to sexual harassment, verbally abusing them and asking women defaulters to attend WhatsApp video calls without wearing clothes. Most of these calls reportedly originated from call-centres in cities such as Gurugram, Hyderabad and Bengaluru, which use virtual phone numbers to call and harass borrowers.
Some recovery agents have also resorted to other intimidating tactics such as using fake CBI notices from fake lawyers. “The agents hired by these companies usually get a list of people. They’re based in separate states. These agents are given admin access to the details of everyone who has taken a loan. In other words, access to their phones. This is a big data breach,” says Kalaiselvan.
Anitha, the victim in Hyderabad, adds, “Some of these threats are badly structured and can be busted easily. It is really stupid.” Fintech industry veteran Ketan Patel says these agents believe public shaming is the easiest way to recover money. “These operators make full use of the borrower’s contact list. It can get very nasty with these guys. Such practices have to be stopped and these operators should be put out of business,” says Patel, who was CEO of CASHe. Kumar of LoanTap has a simple advice: “Borrowers should stay away from such app-based lenders.” Even in the age of artificial intelligence, it is easy to be fooled.