.png){kind=logo}
The proliferation of P2P payment modes, powered by high mobile and internet penetration, has fuelled a surge in online payments in India. This has positioned us as the global leader in digital transactions. However, digitalisation also expands the attackable surface of financial ecosystems. This has paved the way for digital fraud, and now India confronts a multifaceted threat environment.
From malicious mobile apps to exploitative loan financing and from privacy violations to payment manipulation, attack avenues have grown parallel to the adoption of digital payments. Notably, 18,461 instances of banking fraud, amounting to ₹21,367 crores, were registered in H1 FY25 alone. In addition to financially straining lenders and borrowers, such attacks erode trust in financial services.
Digital lending platforms have risen meteorically. Thanks to the convenience and accessibility they offer, customer adoption has skyrocketed. However, innovations need to align with the regulatory landscape. By operating outside the scope of regulation, several unscrupulous lenders charge exorbitant interest rates and follow unethical recovery tactics. A worrying example of this is how a service created to financially support patrons turned into a nightmare for a 23-year-old. This woman suffered at the hands of a few ill-intended individuals. Such instances scar the reputation of the industry.
There have also been several instances of extortion on the pretext of “digital arrest,” a concept fabricated by cybercriminals to perpetrate fraud. While customer education is critical, a unified front from government, technology providers and lenders is also necessary and urgent to plug the problem.
The Reserve Bank of India (RBI) has undertaken several initiatives to support customers in identifying legitimate lenders.
One such initiative is the Digital Lending App (DLA) Repository. This has been under consideration since FY 2023 when DLA-linked fraud surged to ₹30 crores. All DLAs deployed by regulated financial entities will be listed in the repository for quick reference by customers.
The RBI has also proposed designated domain names, such as bank.in for banks and fin.in for NBFCs. The Institute for Development and Research in Banking Technology (IDRBT) will operate as the exclusive registrar, with the process scheduled to commence in April 2025.
In December 2024, the Ministry of Finance’s Department of Financial Services proposed a bill, Banning of Unregulated Lending Activities (BULA), to address unregulated lending. The proposed bill includes several measures to curb and penalise unlawful lending and recovery practices. The bill also proposes the establishment of a “Competent Authority” to ensure that the terms of the bill are adequately enforced.
There is also a proposal to increase the powers of the CBI and ED to crack down on fraudulent customer behaviour.
Creating an ecosystem with defined ethical practices is critical for lenders to protect their consumers. The RBI has published detailed guidelines for digital lending to enable lenders to streamline regulatory compliance, loan approvals and recovery processes. Lenders must adopt a structured, well-rounded approach to ensure compliance with these and other financial industry guidelines.
In the age of AI-powered digitalisation, automating compliance processes is paramount in the digital lending space. Automation enables lending institutions to efficiently comply with regulatory standards for interest rates, fees and loan terms at scale. Leveraging technology innovations for AML, KYC, loan approvals, etc., through digitally standardised processes, limits the chances of data inconsistency and manual misconduct.
Shifting to advanced technologies, such as AI, ML and blockchain, can significantly improve risk assessment, customer risk profiling and recovery. Self-learning algorithms identify patterns and evolve with emerging threats to flag suspicious behaviours and improve due diligence. Employing blockchain-based smart contracts not only improves asset visibility but also streamlines collateral management. This, in turn, improves recovery processes.
In the digital age, a lack of robust cybersecurity is an invitation to data breaches and exploitation of users’ sensitive data. Amid rapid digitalisation, AI-orchestrated mass and phishing frauds have proliferated. Building cyber resilience with cutting-edge technologies across touchpoints is critical against this backdrop.
Consistent auditing and process monitoring are crucial to ensure ongoing compliance. These facilitate transparent reporting and can be helpful for regulators to identify gaps to further strengthen the industry. Sharing intelligence across industry participants can be instrumental in improving the overall health of the lending industry. For example, knowledge of customer behaviours, fraud patterns and malpractices in the industry can be used to educate automated systems as well as customers.
The ripple effect of ethical lending practices is to empower customers to make informed financial decisions. The key is to shift from a reactive approach to proactive measures at the level of formulating policies and establishing processes. Clear information, fair practices and responsible debt collection foster a culture of trust in the digital lending space. Creating a positive feedback loop can foster a reliable and resilient environment for digital lending.
