Over the past few months, we have extensively covered the rise of instant credit apps in Pakistan. And time and again, we called out regulatory inaction. Well, that changed a couple weeks back as the Securities and Exchange Commission of Pakistan issued a detailed set of guidelines for non-banking finance companies doing nano lending. In this piece, we will try to give a simple explainer of the new requirements and their possible impact.
- Before launching an app, a company must get a nod from the SECP and a Pakistan Telecom Authority-approved cyber security audit firm
- They must arrange at least two IT audits of the app and submit the report to the SECP.
- Any digital fraud as a result of security lapse will solely be the lender’s responsibility.
- A lender can only run one app at a time. Right now, two licensed entities — QisstPay and Sarmaya Microfinance — have two products and have to discontinue one of them. This basically rules out the outsourcing of licenses by NBFcs, which the former is engaged in.
- Privacy Policy must be vetted by a law firm specialized in banking and finance. This tackles the commonplace practice of publishers simply plagiarizing their privacy policies from elsewhere.
- The publisher must clearly communicate the markup rate — fixed or variable — and all other fees, including penalties, by WHICHEVER name called. If there are any early settlement charges, then those too. This is a good move because earlier it was common for players to make the cost of borrowing confusing. They would report annual percentage rates but leave out the service/processing component, which often accounted for the lion’s share of fees.
- Before disbursing the amount, the lender needs to show a fact sheet to the borrower in both English and Urdu. If any charges are not mentioned here, they CANNOT be applied later on.
- The nano lending guidelines rule out upfront deductions, which was a pretty common practice across the board. In fact, borrowers usually received only 70% of their approved amount but had to pay back the full sum.
- Introduces “cooling-off period” — a 24h window where the borrower can rescind the loan without any charges, except for the fees paid by the lender in processing that payment such as Nadra or funds transfer.
- Lenders cannot use the logo of SECP or any other government agency. Again, this was a fairly common practice that we have highlighted in the past. Their apps should also contain the full corporate name, licensing status, and number on the app.
- It bars lenders from accessing borrowers’ photos and contacts, except for the guarantors. It protects customers from harassment, such as this incident in India where a loan app morphed a user’s nude picture and sent it to relatives and friends.
- Lenders cannot contact the borrower at unreasonable hours i.e. outside 7 am-10 pm. Neither can they use any harassment tactic or threat of violence for debt recovery.
There are plenty of other pointers, such as on the grievance redressal or application security. The nano lending guidelines are 10-pages long where the SECP tries to cover almost every aspect. It has also asked Google and Apple to disallow illegal apps and claims to be working with Easypaisa and Jazzcash to block their payments.