ARTICLE
27 May 2025

Reserve Bank Of India (Digital Lending) Directions, 2025

MH
Mansukhlal Hiralal & Co.

Contributor

Mansukhlal Hiralal & Co. logo
Mansukhlal Hiralal & Co. a multi-service law firm takes great pride in providing quality legal advice for over 100 years. We have offices in Mumbai & Delhi. The firm has around 25 fee earners which includes partners, of counsels, consultants and associates. We provide complete legal services to a wide array of corporates, individuals, national and international clients. We have a peerless reputation for high professional standards and always adopt an intellectual and practical approach towards our clients’ needs.
Explore Firm Details
The Reserve Bank of India (RBI) has issued the Digital Lending Directions under the recommendations of the "Working Group on Digital Lending".
India Finance and Banking
Bhushan Shah and Abhishek Nair
Your Author LinkedIn Connections

Background:

The Reserve Bank of India (RBI) has issued the Digital Lending Directions under the recommendations of the "Working Group on Digital Lending". Digital lending refers to the process of disbursing loans digitally, replacing the traditional system of approaching banks in person. While the majority of the directions are being enforced immediately, the directions relating to multiple lenders shall come into effect from 1 November 2025, and the reporting of Digital lending applications to the RBI shall come into effect from 15 June 2025.

The directions primarily regulate the Regulated Entities (RE), including Commercial Banks, Co-operative Banks, Non-Banking Financial Companies (NBFCs), and All India Financial Institutions. Important terms of Digital Lending, Digital Lending Apps/Platforms (DLAs), and Lending Service Provider (LSP) are defined in the newer directions.

Key Provisions of the Directions:

  1. RE-LSP Arrangements:
    1. Due Diligence: REs must execute contractual agreements with LSPs, conduct enhanced due diligence (technical capabilities, data privacy, compliance), and periodically review LSP conduct.
    2. Multiple Lenders: LSPs working with multiple REs must display all matching loan offers on DLAs, including RE names, loan details, APR, and Key Facts Statement (KFS) links, ensuring unbiased presentation without deceptive patterns.
    3. RE Responsibility: REs remain fully liable for LSP actions, adhering to outsourcing guidelines.
  2. Assessing Creditworthiness and Disclosure to Borrowers:
    1. RE shall obtain information relating to the economic profile of the borrower to assess the borrower's creditworthiness before extending the loan, and RE shall ensure that no automatic increase in credit limit occurs unless, any request for the same is received.
    2. RE shall ensure that Key Fact Statements, summary of loan product, penal charges, terms, and conditions shall automatically flow to the borrower on the registered and verified email/SMS upon execution of the loan contract.
  3. Cooling-Off Period: Borrowers can exit a digital loan by paying the principal and proportionate Annual Percentage Rate (APR) without any penalty during an initial cooling-off period.
  4. Mode of Disbursal/Repayment: Loans must be disbursed to borrowers' bank accounts, with repayments directly to the RE accounts. Any third-party involvement shall be excluded. Any fees to be paid to the LSP's shall be paidby the RE's and not by the borrowers.
  5. Grievance redressal: Both, the RE and LSP shall designate nodal grievance redressal officers to deal with complaints/issues raised by the borrower.
  6. Technology and Data Requirements:
    1. Data Collection: DLAs require explicit borrower consent for need-based data collection, prohibiting access to mobile resources (e.g., contacts, media) except for one-time KYC needs. Borrowers can deny, revoke, or request data deletion.
    2. Data Storage: LSPs store minimal borrower data; REs are responsible for privacy. Data must be stored in India, with offshore-processed data returned within 24 hours. Biometric data storage is prohibited unless legally permitted.
    3. Privacy Policy: REs and LSPs must maintain and publicly disclose comprehensive privacy policies compliant with laws and RBI guidelines.
    4. Technology Standards: Compliance with RBI and other agencies' cybersecurity standards is mandatory.
  7. Reporting Requirements:
    1. Credit Information Companies (CICs): REs must report all digital lending transactions, including short-term or deferred payment products, to CICs.
    2. DLA Reporting: REs must report all DLAs (own or LSP-operated) on RBI's CIMS portal by 15 June 2025, with updates for changes. Chief Compliance Officers certify compliance, and data is published on RBI's website without verification. Reporting does not imply RBI endorsement.
  8. Default Loss Guarantee (DLG) providers: RE may enter into DLG arrangements only with a LSP/ other RE engaged as an LSP and shall comply with the relevant Due Diligence requirements.

MHCO Comment:

RBI has implemented the Digital Lending Directions to strengthen the security and integrity of digital lending systems and facilitate faster access to loans through digital platforms. These directions tackle the persistent challenges in the design, delivery, and servicing of digital lending, including unregulated third-party involvement, mis-selling, data privacy violations, unfair business practices, excessive interest rates, and unethical recovery methods. By consolidating previous guidelines and introducing robust safeguards, these partially effective directions aim to enhance borrower trust and ensure a transparent, secure digital lending ecosystem.

This article was released on 20 May 2025.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Bhushan Shah
Bhushan Shah
Person photo placeholder
Abhishek Nair
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More