The issue of ghost loans or fake loans that can wreck a person’s credit report burst into the public domain when a large number of people began to discover that their credit scores had plummeted or their credit reports contained incorrect information about loans they had never availed.
After a public furore, the Reserve Bank of India (RBI) promised to initiate quick action, but it has probably been stopped in its tracks by the discovery that the problem is not limited to one company – Dhani Loans & Services (Dhani) – but is a larger, systemic issue. Almost all fin-tech lenders follow the same faulty process that Dhani had adopted to complete know-your-customer (KYC) formalities to on-board customers to be able to sanction and disburse loans in minutes. They have been getting away with this because people are just beginning to wake up to the problem of fake/ghost loans. Moreover, like all online systems, things work well most of the time; but it is only when the number of errors becomes large enough and the grievance redress process remains broken, that it leads to public outrage and forces the regulator to take corrective action.
The Faulty Process
RBI’s KYC rules require a photograph and proof of address and identity. The documents permitted are: PAN, voter ID, Aadhaar number, NREGA (National Rural Employment Guarantee Act) card, driver’s licence, etc, which can be presented in person or online. Video-based real-time verification or electronic KYC is an expensive process; Aadhaar/PAN is verified by pinging government databases; but some lenders, allegedly, use less reliable options.
Consumer organisations, including Moneylife Foundation, have urged RBI to mandate the use of verified e-KYC through the Central Registry of Securitisation Asset Reconstruction and Security Interest of India (CERSAI), to reduce frauds. Such e-KYC is already mandated by the capital market, pensions and insurance regulators; however, RBI has been refusing to act on this without explaining its reluctance.
According to Gagan Banga, an independent director of Dhani, explaining corrective action initiated on their ghost loan issue, said, most fin-tech companies follow a similar, two-fold process. The first is an Aadhaar-based verification with an OTP (one-time password) sent to the linked mobile number. The second method allowed borrowers to upload alternative identity proof, which was misused by forging and morphing documents. Dhani has halted the second process and has initiated a clean-up.
If this sounds flimsy, then it must be noted that most other lenders follow the same on-boarding process. These include Slice Card (offered by a subsidiary of Quadrillion Finance Pvt Ltd), Moneytap (owned MWYN Tech Pvt Ltd), CASHe (of Bhanix Finance and Investment Ltd) and Kreditbee Services Pvt Ltd. Bajaj Finserv, a large lender, requires only a PAN for the Bajaj EMI (equated monthly instalment) card.
Ghost loans, and the panic that followed, could be have been avoided by better identity checks; but two other issues compound the problem.
1. According to L Srikanth, founder of Cashless Consumer, an advocacy organisation for tech safety, many app-based lenders are cutting costs by procuring data from ‘profilers’ who create and sell ‘risk scores’ which act as a proxy for credit scores. The data is scraped from government websites and utility companies that remain completely lax about data protection. This data is then mapped against other databases to obtain mobile numbers and UPI payment addresses, and even social media, to create risk profiles, he says. Such profiles are extensively used by lenders, especially for recovery operations.
2. India has a serious problem with poor quality data and mismatch of information across official IDs such as PAN, Aadhaar, passports, driver’s licences and voter IDs. Addresses are written differently, so are spellings of names and places and there are endless data-entry errors by government officials. This prevents perfect verification across multiple identities. Even if such checks were mandated, ordinary people would be harassed, since corrections are notoriously slow and often lead to new errors. Photo identification is even less reliable, given the quality of photos on PAN and Aadhaar documents. Data cleaning and matching for key identity documents ought to be a national project that can perhaps be branded Swachh Data Abhiyan.
Control over Credit Reports
Given the complexity of issues, a possible solution is to focus on information that is submitted by lenders to credit information companies (CICs) that generate our credit scores. At the moment, the system is heavily stacked against individuals. Credit reports are deliberately complicated so that CICs can generate and sell ‘credit scores’.
Although one can file a complaint about wrong entries in credit reports, the process is slow and tedious. CICs cannot amend any credit data, without express written consent from the lender. A disputed entry can take as many as 30 days to resolve even if the lender cooperates; otherwise, it is a harrowing process. For instance, an individual who disputed a ghost loan was asked by the app-based lender to produce a ‘no dues’ certificate before rectifying the credit record! Sometimes, lenders are deliberately vindictive and recovery officials use the threat to wreck credit records with impunity to extract payments. All this stems from poor grievance redress systems and the fact that the regulator has rarely stirred itself on behalf of victims of fraud.
One simple solution would be for the industry to work with CICs and follow the practice adopted by credit card companies to report fraud and disputed transactions. CIC could send out a mobile phone alert when new borrowing is reported on one’s credit profile. The message should include a number and email to allow people to raise an immediate dispute and initiate corrective action if the dispute is false. A centralised system that would cover all four CICs operating in India can easily be set up with RBI-registered fin-tech companies paying for the convenience of fast on-boarding, while also reducing the incidence of fraud.
While it does not resolve the problem of flimsy on-boarding and dodgy data-entry, it protects individuals by providing immediate information and giving them better control over their credit reports. Such control is crucial because fin-tech companies are constantly expanding their business in ways that people cannot be expected to understand or keep pace with.
For instance, a new source of panic and concern among people is ‘loans’ showing up on their credit reports from lenders such as Arth Digital, Clix Capital, Simpl Pay, Capfloat, Karur Vysya Bank and others. It turns out that most of these companies have partnered with large fin-tech marketplaces or food delivery companies, such as Amazon, Zomato, Jio Mart and others, that offer no-cost EMI-based payments or ‘buy-now-pay-later’ schemes that are backed by loans from such companies. Most people who avail these offers are unaware that they show up as loans/borrowings on their credit reports and impact their credit scores. People complain that while the marketplaces, focused on pushing sales, make it very easy to avail such facilities, the terms of the loans are never clear and it is almost impossible to opt out and make a full payment. If RBI quickly mandates and implements a system of alerting customers, it would help create better awareness, increase transparency, ensure a drastic improvement in grievance redress and allow better oversight by the regulator.