Many such apps have come under the spotlight for predatory behaviour, which includes harassing, abusing and threatening borrowers for repayment.
In November 2019, Google introduced a new developer policy, which mandated that apps that offer loans with a repayment period of less than 60 days would not be allowed on the Play Store.
It also asked loan apps to disclose the minimum and maximum period for repayment, the interest rate plus fees, and the total cost of the loan. Experts say these policies need to be further strengthened.
Srikanth L, a coordinator at Cashless Consumer, a citizen-led initiative to raise awareness around digital transactions, has studied 750 lending apps on Play Store and found that only 90 of them provide their office address.
He said although the Reserve Bank of India (RBI) has mandated that online lending be regulated, there is a clear “lack of supervision” when it comes to lending apps. “There are fair code practices that have been laid down, but there is no one to monitor if these practices are being followed.”
According to Srikanth, there is an urgent need for a regulatory arm of the government that looks at the digital ecosystem. “In the absence of a data protection law, users are left vulnerable. The Data Protection Authority, proposed in the Personal Data Protection Bill, could have served as the regulatory body to oversee financial apps as well, but there is no such provision right now.”
Suman Kar, CEO of Banbreach, a cybersecurity consultancy, told TOI that predatory lending is supposed to be curbed by the Usurious Loans Act, 1918, that caps maximum interest at 30%. But most micro-finance and credit card companies charge much higher rates. According to Kar, while consumers can still raise complaints about regulated transactions, rogue lending apps have been largely ignored.
According to fintech experts, organisations that lend money to the public must be approved by RBI, but these ‘rogue’ online lending modules operate in a policy vacuum.
“When such apps came to light, the RBI issued a circular mandating certain requirements for the protection of users. The guidelines mandate that digital lending platforms (DLPs) must disclose the names of the banks/NBFCs backing them, and the banks/NBFCs backing them must disclose the names of DLPs associated with them on their websites,” said Asheeta Regidi, fintech policy head at Cashfree, a payment gateway.
“We need to prevent traditional banks and NBFCs from forming clandestine partnerships with such (bad) actors,” Kar added.
According to Regidi, users can raise complaints regarding ‘rogue’ lending apps through the RBI Sachet platform, an online portal that gathers “information regarding any unauthorised acceptance of deposits/ money through different schemes by any entity.”
Drop apps, say cops
Recently, Telangana Police busted several rackets involving fraudulent loan apps offering credit to users at exceptionally high rates.
The police had also asked Google to remove 158 apps from Play Store. Google did not respond to TOI’s request for a statement about the police’s demand.