Co-authored with Rahul Das, Senior Associate and Sudarshana Basu, Associate, Finsec Law Advisors
RBI’s recent directive prohibiting prepaid payment instrument (PPI) operators from loading PPIs with credit lines has caused a major upheaval in the digital lending industry, leading to widespread confusion amongst industry participants regarding its scope and applicability, and exclusions. PPIs are prepaid instruments such as digital wallets, cards, accounts, etc, which are loaded with money for purchasing and selling goods and services and for facilitating fund transfers. Banks and non-bank entities meeting eligibility criteria prescribed by RBI can provide PPI services after receiving approval or authorisation.
The past few years have witnessed the burgeoning of such digital wallets and prepaid card operators. Many of these PPI operators also provide ‘buy now pay later’ services (BNPL), which are essentially credit lines or preset borrowing limits that allow customers to access credit as and when required up to the prescribed limit. These are akin to short-term interest-bearing loans adorned with a deferred payment tenure. While some PPIs tie up with banks to offer such credit lines, others source funds from NBFCs. PPI operators have been facilitating small ticket-size loans ranging from Rs 1,000 to Rs 500,000.However, the June 20 directive prohibits the loading of PPIs with credit lines and warns operators of penal consequences for non-compliance. Per RBI, while PPIs can be loaded by cash, debits from a bank account, credit cards, and debit cards, the regulatory framework that governs their issuance and operation does not permit them to be loaded with credit lines. While the directive is addressed to all authorised non-bank PPIs, it is unclear at the moment whether PPIs partnering with banks are also impacted. This lack of clarity primarily arises since RBI’s framework currently categorises PPIs as payment systems and does not explicitly allow PPIs to offer credit or loan facilities. In fact, theban closely follows RBI’s erstwhile clarification in December 2020, wherein it had stated that public lending activities can only be undertaken by banks,registered NBFCs, and other state government-regulated statutory bodies, and had cautioned the public against unregulated digital lending platforms promising quick, hassle-free, and on-tap loans without adequate safeguards. Therecent directive also affects credit card challengers, touted as ‘alternative credit cards’, as presently, the framework on issuance of credit cards also clearly states that only banks and (shortly) NBFCs can issue credit cards, with prior approval from RBI.
While the RBI directive appears to have been issued to bolster customer protection and eliminate cybersecurity risks, it also appears to target risks associated with indirect credit lines issued by app-based PPI operators, such as hidden costs,lack of affordability checks and financial literacy, regulatory gaps, etc.Typically, financial institutions are required to comply with stringent capital adequacy requirements and KYC checks prior to issuing loans. In contrast, while some PPI operators may also require their customers to submit their personal details, presently, there are no uniform KYC and underwriting standards for such entities. Thus, it appears that RBI aims to streamline even small ticket-size loans through regular banking channels and stop all operations that may lead to increased risk by allowing unsecured lines of credit, especially for NBFCs.
However, this is not the first time the regulator has taken action to enhance customer protection in the digital lending ecosystem. In January 2021, RBI constituted a Working Group on Digital Lending through Online Platforms and Mobile Apps to make the digital lending ecosystem safe without stifling innovation. Regarding loans by PPIs, the group, in its November 2021 report, recommended that although all loans are executed directly in a bank account of the borrower,borrowers having only a PPI account can be disbursed a loan if the account was fully KYC-compliant. The group had also recommended digital lending apps be subjected to a verification process by a nodal agency and the development of certain baseline technology standards, which would be a prerequisite to offering digital lending solutions.
Meanwhile,the present directive seeks to minimise a potential credit pile-up for retail customers (which can ultimately affect the user’s credit score) and reduce the risk of NPAs on the books of NBFCs and banks. Due to a lack of regulator yoversight and appropriate KYC checks, there are concerns that loans are being disbursed to individuals who may not have the wherewithal to repay. With rising inflation affecting households’ purchasing power and amidst global health and geopolitical risks, the directive seeks to caution customers from being suckedinto overspending through high-interest loans. There have also been sharp practices, including the lack of disclosure of rates of interest charged andvarious signing up charges that are suppressed till after the loan is disbursed, not by the vendor but by the invisible NBFC.
However,the immediate disruption of BNPL services has led to several industry participants voicing their concerns over a lack of predictability and uniformity in the fintech regulatory space. The circular does not provide any clarity to the existing BNPL customers who have already availed such credit arrangements, providing no grace period for termination of such arrangements.It also adversely affects the customer base of PPI operators, as there is no clarity presently as to whether the regulator would eventually allow such entities to provide credit lines in future. Several industry bodies such as the Payment Council of India, the Digital Lenders Association of India, and Fintech Association for Consumer Empowerment have already sought clarifications from RBI and a sunset clause of at least a year. This is not the first time that issues pertaining to the offering of credit lines by fintech apps have been in the spotlight. In July 2021, the National Payments Corporation of India had reportedly asked fintech start-ups to stop offering credit lines on the Unified Payments Interface over non-compliance and user-verification risks.Subsequently, the NPCI had sought RBI’s nod to enable credit transactions through UPI with a proper reporting mechanism.
Until further clarity is provided by the RBI, PPI operators impacted through the directive will be required to either change their business models or halt their BNPL operations to avoid penalties under the Payment and Settlement Systems Act, 2007. While financial inclusion is a good goal to have, the systemic safety and consumer protection issues will have to be addressed before this model is permitted with full disclosures and consequences formis-representation.
(This article was first published in Financial Express)