ARTICLE
5 May 2023

Regulation Of Digital Money Lenders And Protection Of Privacy Rights In Nigeria

PL
Pavestones Legal

Contributor

Pavestones is a modern, full service, female led law practice with a particular focus on technology and innovation. The practice was borne out of a desire to meet the legal requirements of businesses by adopting a modern, cost effective and less archaic approach. Our key practice areas are Corporate and Commercial, Technology and Innovation, Data Protection and Compliance Services, Energy and Natural Resources and Banking and Finance.
Over the past few years, Digital Money Lenders ("DMLs") have become increasingly common in Nigeria, as traditional financial institutions have more stringent requirements for providing loans to customers.
Nigeria Privacy

Over the past few years, Digital Money Lenders ("DMLs") have become increasingly common in Nigeria, as traditional financial institutions have more stringent requirements for providing loans to customers.

Unlike traditional financial institutions, some Know your Customer ("KYC") information such as the customer's device details, compulsory access to the borrower's phone contacts and photos are required from customers to obtain a loan from a DML. This has provided access to short-term loans by consumers who are unable to meet the requirements of traditional lenders. This access is facilitated by the ability to obtain loans through mobile or online applications, making the process fast and almost seamless.

Despite the benefits of obtaining loans from DMLs, the recovery process is not the most pleasant. Generally, consumers complain of the DML's unethical methods of debt recovery some of which include defamation, cyberbullying, physical harassment, and circulation of embarrassing messages to the contacts of defaulting borrowers, amongst others.

These complaints led to the intervention of the Federal Competition and Consumer Protection Commission ("FCCPC") to curb the abuse of consumer privacy rights1.

In this newsletter, we highlight various interventions of various regulatory agencies and the most recent intervention of the FCCPC in collaboration with the private sector to ensure the protection of consumer rights in Nigeria.

1. Establishment of a Joint Taskforce

In March 2022, the FCCPC and regulatory agencies such as EFCC, CBN, NITDA, etc. established the Inter-agency Joint Regulatory and Enforcement Task Force ("JRETF"). They have since the establishment of the JRETF collaborated to impose and enforce several sanctions on DMLs for breach of consumer data privacy rights.

2. Implementation of Limited Interim Regulatory/Registration Framework and Guidelines for Digital Lending 2022

In August 2022, the FCCPC issued the "Limited Interim Regulatory/Registration Framework and Guidelines for Digital Lending 2022" (the "Framework") which allows it to regulate the digital lending space and make registration and its approval a prerequisite for companies seeking to operate as DMLs.

The Framework contains a declaration form that requires DMLs to comply with all provisions of the law with respect to third-party privacy rights and personal data, including data unrelated to principles of lending as well as recovery practices that are consistent with fair lending principles under various applicable Nigerian laws and regulations. Although the Framework does not set explicitly set out penalties for non-compliance, the penalty set out in Schedule 1 of the FCCPC Administrative Penalties Regulations 2020 will apply. In addition, non-compliant DMLs may potentially be barred from operating until they conform. As of date, the FCCPC has registered and approved the operation of 173 digital lenders to operate in Nigeria.

3. Partnership with Private corporations

The FCCPC has recently partnered with private corporations such as Google to assist in the enforcement of regulations.

Google in April 2023, announced that it has reviewed its Personal Loans policy (Policy) for digital loan apps on the Play Store, and as such DMLs listed operating through the Play Store will no longer have access to user contacts and photos. This would prevent DMLs from sending unsolicited messages to third parties who are not registered customers. This is in addition to prior changes in its Policy which required DMLs in Nigeria and some other countries to provide proof of regulatory compliance before the deadline or risk being delisted from the Play Store.

Specifically, DMLs operating their applications through the Play Store, are required to do the following:

i. complete the Personal Loan App Declaration for Nigeria, and provide the necessary documentation to support the declaration;

ii. adhere to and complete the forms in the Framework;

iii. obtain a verifiable approval letter from the FCCPC.

iv. loan aggregators must provide documentation and/or certification for digital lending services and contact details for every partnered DML; and

v. upon Google Play's request, provide additional information or documents relating to compliance with the applicable regulatory and licensing requirements.

The Policy according to the announcement, will take effect on Wednesday, May 31, 2023.

CONCLUSION

FCCPC's partnership with Google to regulate DMLs is a welcome development as it is an expression of the commitment to ensuring that the privacy rights of Nigerians are protected.

Footnote

1 Please see our previous newsletter on the FCCPC guidelines for digital lenders.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More