The banking regulator has expanded its checks on non-banking financial companies working with many fintech firms that serve as loan service providers. As part of this increase in oversight, Reserve Bank of India officials now directly engage with loan service providers, especially those managing customer apps or platforms that handle loan processes. The focus of these inspections is on key issues such as compliance with KYC rules, data security, and how customer communication is handled.
A senior official at an LSP said, “In the past, questions during audits went through regulated entities. This time, some LSPs were called onsite during the annual review. The team wanted to see how these partnerships work, especially with the technology used for onboarding and KYC. They asked about transparency and customer communication.”
LSPs are platforms or apps that connect borrowers with lenders on behalf of licensed companies like NBFCs. They help with customer acquisition, loan evaluation, pricing, monitoring, and recovery.
LSPs are not always regulated directly by RBI. However, banks and NBFCs must make sure their partner platforms follow digital lending laws. These rules protect customers and require clear communication.
The rules say LSPs can’t handle any money between borrowers and lenders. They are only allowed to collect necessary customer info and must get clear permission from borrowers at each step.
An insider noted that RBI is worried about the risk of relying too much on a few LSPs. The regulator checks for this during the annual audits, especially where the same vendors serve many banks and NBFCs.
RBI wants to avoid systemic risks. If one LSP faces a cyberattack or service failure, it could affect the whole system.
Cybersecurity is a major concern. The regulator wants to prevent data leaks and breaches from third-party systems.
Digital lending grew fast during Covid-19, but the lack of rules led to abuse. There were issues like mis-selling, hidden fees, data breaches, and harassment from recovery agents.
To stop these problems and promote responsible lending, RBI set rules for digital loans in September 2022. Still, some fake apps that look like real lenders continue to target vulnerable borrowers. RBI broadens the scope of NBFC audits to include their service providers.