Ghost Loans by Faulty Fin-tech: Credit Bureaus Should Send Real-time Alert about Change in Credit Reports
The issue of ghost loans or fake loans that can wreck a person’s credit report burst into the public domain when a large number of people began to discover that their credit scores had plummeted or their credit reports contained incorrect information about loans they had never availed.  
 
After a public furore, the Reserve Bank of India (RBI) promised to initiate quick action, but it has probably been stopped in its tracks by the discovery that the problem is not limited to one company – Dhani Loans & Services (Dhani) – but is a larger, systemic issue. Almost all fin-tech lenders follow the same faulty process that Dhani had adopted to complete know-your-customer (KYC) formalities to on-board customers to be able to sanction and disburse loans in minutes. They have been getting away with this because people are just beginning to wake up to the problem of fake/ghost loans. Moreover, like all online systems, things work well most of the time; but it is only when the number of errors becomes large enough and the grievance redress process remains broken, that it leads to public outrage and forces the regulator to take corrective action. 
 
Moneylife has written about ghost loans and the fact that poor verification processes (Systemic Issues with KYC Verification Leads to Wrong Credit Disbursal by Dhani and Other Digital Lenders; Urgent Solution Needed) are a systemic issue. The victims range from a senior business journalist to our most-searched celebrity Sunny Leone. The quantum of fake loans could range from a few hundred to well over a lakh of rupees. Depending on the repayment record, the consequences for the victim are: a sharp fall in credit score leading to higher interest on their borrowing, lower credit limits and, worse, denial of credit, if there is a default on the fake loan. For instance, The Ken says that Sunny Leone’s credit score dropped 20% for a paltry Rs2,000 that showed up as an unpaid loan, by abuse of her PAN (permanent account number) alone; all other details, such as her address, phone number, email ID and date of birth, were incorrect, allowing the loan to be diverted to someone else. This shows the shocking lack of checks in KYC processes followed by fin-tech lenders. 
 
 
The Faulty Process
RBI’s KYC rules require a photograph and proof of address and identity. The documents permitted are: PAN, voter ID, Aadhaar number, NREGA (National Rural Employment Guarantee Act) card, driver’s licence, etc, which can be presented in person or online. Video-based real-time verification or electronic KYC is an expensive process; Aadhaar/PAN is verified by pinging government databases; but some lenders, allegedly, use less reliable options. 
 
Consumer organisations, including Moneylife Foundation, have urged RBI to mandate the use of verified e-KYC through the Central Registry of Securitisation Asset Reconstruction and Security Interest of India (CERSAI), to reduce frauds. Such e-KYC is already mandated by the capital market, pensions and insurance regulators; however, RBI has been refusing to act on this without explaining its reluctance. 
 
According to Gagan Banga, an independent director of Dhani, explaining corrective action initiated on their ghost loan issue, said, most fin-tech companies follow a similar, two-fold process. The first is an Aadhaar-based verification with an OTP (one-time password) sent to the linked mobile number. The second method allowed borrowers to upload alternative identity proof, which was misused by forging and morphing documents. Dhani has halted the second process and has initiated a clean-up.
 
If this sounds flimsy, then it must be noted that most other lenders follow the same on-boarding process. These include Slice Card (offered by a subsidiary of Quadrillion Finance Pvt Ltd), Moneytap (owned MWYN Tech Pvt Ltd), CASHe (of Bhanix Finance and Investment Ltd) and Kreditbee Services Pvt Ltd. Bajaj Finserv, a large lender, requires only a PAN for the Bajaj EMI (equated monthly instalment) card.
 
Ghost loans, and the panic that followed, could be have been avoided by better identity checks; but two other issues compound the problem. 
 
1. According to L Srikanth, founder of Cashless Consumer, an advocacy organisation for tech safety, many app-based lenders are cutting costs by procuring data from ‘profilers’ who create and sell ‘risk scores’ which act as a proxy for credit scores. The data is scraped from government websites and utility companies that remain completely lax about data protection. This data is then mapped against other databases to obtain mobile numbers and UPI payment addresses, and even social media, to create risk profiles, he says. Such profiles are extensively used by lenders, especially for recovery operations.
 
2. India has a serious problem with poor quality data and mismatch of information across official IDs such as PAN, Aadhaar, passports, driver’s licences and voter IDs. Addresses are written differently, so are spellings of names and places and there are endless data-entry errors by government officials. This prevents perfect verification across multiple identities. Even if such checks were mandated, ordinary people would be harassed, since corrections are notoriously slow and often lead to new errors. Photo identification is even less reliable, given the quality of photos on PAN and Aadhaar documents. Data cleaning and matching for key identity documents ought to be a national project that can perhaps be branded Swachh Data Abhiyan.
 
Control over Credit Reports
Given the complexity of issues, a possible solution is to focus on information that is submitted by lenders to credit information companies (CICs) that generate our credit scores. At the moment, the system is heavily stacked against individuals. Credit reports are deliberately complicated so that CICs can generate and sell ‘credit scores’. 
 
Although one can file a complaint about wrong entries in credit reports, the process is slow and tedious. CICs cannot amend any credit data, without express written consent from the lender. A disputed entry can take as many as 30 days to resolve even if the lender cooperates; otherwise, it is a harrowing process. For instance, an individual who disputed a ghost loan was asked by the app-based lender to produce a ‘no dues’ certificate before rectifying the credit record! Sometimes, lenders are deliberately vindictive and recovery officials use the threat to wreck credit records with impunity to extract payments. All this stems from poor grievance redress systems and the fact that the regulator has rarely stirred itself on behalf of victims of fraud. 
 
The Solution
One simple solution would be for the industry to work with CICs and follow the practice adopted by credit card companies to report fraud and disputed transactions. CIC could send out a mobile phone alert when new borrowing is reported on one’s credit profile. The message should include a number and email to allow people to raise an immediate dispute and initiate corrective action if the dispute is false. A centralised system that would cover all four CICs operating in India can easily be set up with RBI-registered fin-tech companies paying for the convenience of fast on-boarding, while also reducing the incidence of fraud.
 
While it does not resolve the problem of flimsy on-boarding and dodgy data-entry, it protects individuals by providing immediate information and giving them better control over their credit reports. Such control is crucial because fin-tech companies are constantly expanding their business in ways that people cannot be expected to understand or keep pace with. 
 
For instance, a new source of panic and concern among people is ‘loans’ showing up on their credit reports from lenders such as Arth Digital, Clix Capital, Simpl Pay, Capfloat, Karur Vysya Bank and others. It turns out that most of these companies have partnered with large fin-tech marketplaces or food delivery companies, such as Amazon, Zomato, Jio Mart and others, that offer no-cost EMI-based payments or ‘buy-now-pay-later’ schemes that are backed by loans from such companies. Most people who avail these offers are unaware that they show up as loans/borrowings on their credit reports and impact their credit scores. People complain that while the marketplaces, focused on pushing sales, make it very easy to avail such facilities, the terms of the loans are never clear and it is almost impossible to opt out and make a full payment. If RBI quickly mandates and implements a system of alerting customers, it would help create better awareness, increase transparency, ensure a drastic improvement in grievance redress and allow better oversight by the regulator.
 
 

Comments
Sudhir Mankodi
9 months ago
solution suggested by you that whenever a new loan disbursement is reported, the alert has to go to the registered email and cell phone number is the best in the given situation. I would suggest one step further that such trigger should go at the enquiry stage itself so that the prospective conman is barred from even sanction of such loan. forget about disbursement.
ajitpadhyin
9 months ago
I am also vicitim of Dhani Apps can any one help me how to resolve my issue. If you known the process.
sucheta
Replied to ajitpadhyin comment 9 months ago
Look up https://www.mlfoundation.in/ - become a member (it is free) and write to [email protected]
Ramesh Popat
9 months ago
bachke kaha jaoge, yaha har mod par hai.... hadsa !
aaaa fansa... unavoidable !
Kamal Garg
9 months ago
This was waiting to happen. The mushrooming of all sorts of fintech companies offering small and paltry loans to all sorts of people just based upon some photo/PAN number/ID was a disaster in waiting. And for that matter, RBI has to be squarely blamed for creating all this mess and approving these fintech companies to operate and work.
1. I agree that some sort of Swachch Data Abhiyaan should be launched by RBI to clear this mess.
2. Why on earth there is another agency called CERSAI/e-KYC when we already have all banks having all customer KYC data (in person and physically verified), all mutual funds have customer KYC data (again in person and physically verified) and by the way, we all must know that in case of banks and mutual funds, some responsible officer of bank/MF has to approve the in-person verification of the customer.
sathya2011
9 months ago
Nice analysis.
There is a need for regulators to bring in document based validation as most of the times the fine print is not understood when you move for online submission of documents and approvals. It is also important that genuine borrowers need to be careful in handling the process. It is better to be conservative in the process rather than lose the hard earned money unscrupulously.
Free Helpline
Legal Credit
Feedback