RBI issues Digital Lending Guidelines: Banks / NBFC

The Reserve Bank of India (RBI) has issued guidelines on digital lending, mandating the banks and financial institutions to put in place systems that would comply with the modified norms by 30 November 2022.

“…in order to ensure a smooth transition, Res (Regulated Entities) shall be given time till November 30, 2022, to put in place adequate systems and processes to ensure that ‘existing digital loans’ (sanctioned as on the date of the circular) are also in compliance with these guidelines in both letter and spirit,” an RBI release said.

Here’s how the RBI guidelines on digital lending aim to protect borrowers:

  • The guidelines explicitly state that digital lending apps cannot access mobile phone resources such as files and media, contact lists, call logs, telephone functions, etc. One-time access can be taken for camera, microphone, location or any other facility necessary for the purpose of onboarding/ KYC requirements only, with the explicit consent of the borrower.
  • The borrowers must be informed about the storage of customer data including the type of data that can be stored, the length of time for which data can be stored, restrictions on the use of data, data destruction protocol, standards for handling security breach, etc. The information must be provided on their website and the apps at all times.
  • At the time of disbursing the loans using digital apps, a key Fact Statement (KFS) to the borrower before the execution of the contract in a standardized format for all digital lending products.
  • The borrower must be informed about the all-inclusive cost of digital loans and should also be a part of the Key Fact Statement.
  • The penal interest/charges levied, if any, on the borrowers shall be based on the outstanding amount of the loan. Further, the rate of such penal charges shall be disclosed upfront on an annualized basis to the borrower in the Key Fact Statement.
  • Any fees charges etc. payable to lending service providers must be paid by the regulated entities and borrowers must not be charged for this.
  • The Key fact statement should contain the details of the annual percentage rate, the recovery mechanism, details of the grievance redressal officers designated specifically to deal with digital lending/FinTech-related matters and the cooling-off/ look-up period. The cooling-off/look-up period is the amount of time given to the borrower for exiting digital loans, in case a borrower decides not to continue with the loan.
  • Any charges that are not mentioned in the Key Fact Statement are not chargeable to borrowers at any stage during the loan term.
  • The information shall be sent to the borrowers on their verified email/SMS on the successful execution of the loan contract/transaction. The information must be sent on the letterhead of the regulated entity (bank) and must contain a Key Fact statement, a summary of loan product, sanction letter, terms and conditions, account statements, and privacy policies of the LSPs/DLAs with respect to borrowers data, etc.
  • At the time of the sign-up/onboarding stage, information related to product features, loan limit and cost, etc., must be informed to the borrowers.
  • The banks, and NBFCs must publish the list of their digital lending apps, and lending service providers, engaged by them on their websites.
  • Details of nodal grievance redressal officer must be displayed on the websites of banks, NBFCs, lending service providers, digital lending apps and also on the key fact statement.
  • Digital lending apps and websites must allow a borrower to lodge their complaint.
  • If the complaint lodged by the borrower is not resolved within 30 days, then he/she can lodge a complaint on the Complaint Management System(CMS) portal under the Reserve Bank-Integrated Ombudsman Scheme(RB-IOS). For entities currently not covered under RB-IOS, a complaint may be lodged as per the grievance redressal mechanism prescribed by the Reserve Bank.
  • The banks, NBFCs must capture the economic profile of the borrowers covering (age, occupation, income, etc.), before extending any loan over their own Digital Lending Apps and/or through Lending Service Providers engaged by them, with a view to assessing the borrower’s creditworthiness an auditable way.
  • There shall be no automatic increase in credit limit unless explicit consent of the borrower is taken on record for each such increase.
  • During the cooling-off/look-up period, the borrower shall be given an explicit option to exit the digital loan by paying the principal and the proportionate APR without any penalty during this period. The cooling-off period shall be determined by the Board of the bank, NBFC. The period so determined shall not be less than three days for loans having tenor of seven days or more and one day for loans having a tenor of less than seven days. For borrowers continuing with the loan even after look-up period, pre-payment shall continue to be allowed as per extant RBI guidelines.
  • The borrower shall be provided with an option to give or deny consent for use of specific data, restrict disclosure to third parties, data retention, revoke consent already granted to collect personal data and if required, make the app delete/ forget the data.
  • Explicit consent of the borrower shall be taken before sharing personal information with any third party, except for cases where such sharing is required as per statutory or regulatory requirements.
  • No biometric data is stored/ collected in the systems associated with the digital Lending Apps of regulated entities / their Lending Service Providers unless allowed under extant statutory guidelines.
  • The banks and NBFCs shall ensure that any lending done through their Digital Lending Apps and/or Digital Lending Apps of Lending Service Providers is reported to Credit Information Companies (such as CIBIL)irrespective of its nature/ tenor.
  • Any extension of structured digital lending products by banks, NBFC and/or Lending Service Providers engaged by them over a merchant platform involving short-term, unsecured/ secured credits or deferred payments, need to be reported to Credit Information Companies.
  • The regulated entities shall ensure that all loan servicing, repayment, etc., shall be executed by the borrower directly in the regulated entities’ bank account without any pass-through account/ pool account of any third party. The disbursements shall always be made into the bank account of the borrower except for disbursals covered exclusively under statutory or regulatory mandate (of RBI or of any other regulator), flow of money between regulated entities for co-lending transactions and disbursals for specific end use, provided the loan is disbursed directly into the bank account of the end-beneficiary. Regulated entities shall ensure that in no case, disbursal is made to a third-party account, including the accounts of Lending Service Providers and their Digital Lending Apps, except as provided for in these guidelines.

Source :-



Affluence Advisory Pvt. Ltd. is established with the vision to provide one stop solutions to clients needs in ever changing environment. Affluence is managed by specialized team of Chartered Accountants, Company Secretaries, Corporate Lawyers and Other Professionals committed to provide quality experience to our clients in the widest spectrum of business needs.

Recent Posts

January 30th, 2023
Remuneration paid to Directors of the Listed Entity – Series 3
January 25th, 2023
Upgradation of E- Forms in tune with V3 portal
January 23rd, 2023
SEBI Notification dated 17/01/23 | Securities and Exchange Board of India (Listing Obligations and Disclosure Requirements) (Amendment) Regulations, 2023
January 19th, 2023
Remuneration paid to Non-Executive Directors of Public Company – Series 2
January 16th, 2023
Remuneration paid to Whole Time Directors of Public unlisted Companies
January 11th, 2023
Relaxation from compliance with certain provisions of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015
January 9th, 2023
Online registration of units through MCA portal for ESI registration and inspection of units in this regard
January 6th, 2023
Guidance given by Securities and Exchange Board of India (‘SEBI’) on creation of ‘Suspense Escrow Demat Account’
January 5th, 2023
Change in Single Master Form (SMF) on FIRMS Portal
January 3rd, 2023
Relaxation with respect to conducting of Extra Ordinary General Meetings and Postal Ballots
December 30th, 2022
MCA extension for conducting Annual General Meetings through Video Conferencing or other Audio Visual Means (‘OAVM’)
December 23rd, 2022
Web-based Form DPT-3 as per New Rules
December 13th, 2022
Input Tax Credit (‘ITC’) on Corporate Social Responsibility (‘CSR’) expenses
December 7th, 2022
GSTR 9 and 9C – Optional to Mandatory reporting in FY 2021-22
September 27th, 2022
CSR Compliances as per New Rules 2022
September 20th, 2022
Mandatory appointment of Company Secretary
September 17th, 2022
Amendment To The Definition Of Small Company And Benefits
September 16th, 2022
Obligation to Indicate Director Identification Number (DIN)
September 8th, 2022
Compliance Calendar for the Month of September, 2022
September 7th, 2022
RBI issues Digital Lending Guidelines: Banks / NBFC
September 2nd, 2022
CSR Compliances as per New Rules and FAQ’s on National CSR Exchange Portal
August 20th, 2022
Physical Verification of Registered Office of the Companies by ROC
August 17th, 2022
Can the Company give Loans to Directors and Relatives?
August 13th, 2022
Startup Registration India 
August 8th, 2022
Misconceptions Regarding Filing of Annual Return and Applicability to Prepare Extract of Annual Returns.
August 5th, 2022
Compliance Calendar for the Month of August, 2022
July 26th, 2022
Ratification in context of Companies Act, 2013
July 21st, 2022
Non-Compliance in the use of KMP Designation – By Private Companies
July 18th, 2022
FAQs on GST applicability on ‘pre-packaged and labelled’ goods- reg
July 12th, 2022
RBI introduces mechanism for International trade settlements in Rupees (INR)
July 7th, 2022
July 6th, 2022
July 6th, 2022
FAQ – All you wanted to know about NBFCs
July 4th, 2022
FAQ’s- Disclosure of holding of specified securities and Holding of specified securities in dematerialized form
July 4th, 2022
Guidelines on Regulation of Payment Aggregators and Payment Gateways
July 1st, 2022
Ease of Doing Business in India
June 23rd, 2022
Change in nomination rule for Mutual Fund unit holders
June 21st, 2022
June 17th, 2022
 IBBI Update: Application under Rule 4, 6 or 7 of Insolvency and Bankruptcy (Application to Adjudication Authority) Rules, 2016
June 15th, 2022
Discussion Paper on enabling entities to become insolvency professional