The Reserve Bank of India (RBI) on Friday said that regulated entities engaged in credit delivery through will have time till November 30 to comply with the norms for existing digital .


However, for new and existing customers availing fresh loans, these norms will be applicable immediately.


“In order to ensure a smooth transition, regulated entities shall be given time till November 30, to put in place adequate systems and processes. It is to ensure that ‘existing digital loans’ (sanctioned on the date of the circular) are also in compliance with these guidelines,” the central bank said in a circular.


The also pointed out that obligations of the regulated entities will not diminish even if they enter into outsourcing arrangements with service providers (LSPs)/ apps (DLAs).


And, it is the regulated entities’ duty to ensure that these entities follow the guidelines prescribed by the regulator.


has come out with detailed guidelines on recommendations of the working group that were accepted for immediate implementation last month.


The guidelines are applicable to all kinds of digital extended by commercial banks, non-banking companies (NBFCs), and primary, state, and district-level central co-operative .


Among the recommendations accepted were that all loan disbursals and repayments are required to be executed only between the bank accounts of the borrower and the regulated entities. It should be without any pass through/ pool account of the LSP or any third party.


The central bank has clarified that disbursements have to always be made into the bank account of the borrower.


The exceptions are for disbursals covered exclusively under statutory or regulatory mandate, flow of money between regulated entities for co-lending, and disbursals for specific end-use, provided the loan is disbursed directly into the bank account of the end-beneficiary.


The has categorically stated that in no case, disbursal is to be made to a third-party account, including the accounts of LSPs and their DLAs.


Regulated entities have to ensure that fees that are required to be paid to LSPs are paid directly by them. They should not be charged by LSP to the borrower directly. The central bank has also clarified that penal interest on borrowers should be based on the outstanding amount of the loan.


The rate of such penal charges should be disclosed upfront on an annualised basis to the borrower in the key fact statement (KFS).


A KFS will consist of the annual percentage rate (APR), the recovery mechanism, details of grievance redressal officers designated to deal with digital lending/ fintech-related matters and the cooling-off/ look-up period.


The central bank has specified that the regulated entities cannot charge the borrowers any fees that are not mentioned in the KFS. Further, regulated entities have to publish a list of their DLAs and LSPs engaged by them on their website.


They will have to ensure that the borrower is made aware of all the information related to the product.


They have to also inform the borrower about the LSP, who is going to take on the recovery responsibility.


As far as cooling off period is concerned, the RBI has said that the period cannot be less than three days for having tenor of seven days or more. It is one day for loans having tenor of less than seven days.


A cooling off period is where a borrower gets an option to exit a digital loan by paying the principal and the proportionate APR without any penalty during this period.


When it comes to collecting customer data, RBI has said that the purpose of obtaining borrowers’ consent needs to be disclosed at each stage of interface with the borrowers. And, explicit consent of the borrower must be taken before sharing personal information with any third party. The exception is for cases where such sharing is needed, according to statutory or regulatory requirements.


Further, regulated entities need to ensure that LSPs or DLAs they engage with do not store any personal data of the borrowers. The exception is for some basic minimal data that is required to carry out their operations.


“Responsibility regarding data privacy and security of customer personal information will be of the regulated entities,” RBI said.



Source link

Leave a Reply

Your email address will not be published.