The predatory activities of rapid loan applications raise serious concerns about the exploitation of consumers and highlight the urgent need for Pakistan to implement stricter laws.
A jobless man recently committed himself after receiving “threats” for not repaying a loan, sparking widespread debate on the parasitic nature of such transactions and the strategy adopted by digital lending apps.
The wife of 42-year-old Rawalpindi resident Mohammad Masood said that the sum of the loan’s principal and interest had reached Rs0.7 million.
Masood committed himself since he was unable to keep up with the payments and constant harassment from recovery agencies. However, this is not the first time that stories of extortion and threats from the applications’ recovery agents have surfaced.
The sector has gone from being on the margins to the mainstream in the past two years but for all the wrong reasons. At least twice since June 2022, individuals and the media have complained about the exorbitant loan rates, borrower harassment, and data exploitation tactics of nano lenders.
So, how did we get ourselves here?
While the immediate loan sector in the nation had its beginnings in 2018, it wasn’t until three years later that it truly took off. A slew of new competitors began appearing in the middle of 2021, and they quickly rose to the top of Google Play’s category listings. However, their download numbers rose fast and at a substantial rate, at least in comparison to other apps in Pakistan.
According to Data Darbar, in FY22, around 15.4 million people in the nation downloaded the top eight applications.
About 15.4 million people in the nation downloaded the top eight applications in FY22, according to Data Darbar.
It wasn’t just a matter of downloads, though; the lending market for this sector has expanded at a dizzying rate since 2021. The (Securities and Exchange Commission of Pakistan) estimates that by April of 2023, about 4.5 million borrowers will have received a total of Rs97 billion in loans. Since the beginning, yes. While distribution statistics broken down by year are unavailable, news releases from the governing body suggest that by 2022, the total amount of payouts had surpassed Rs63bn.
Barwaqt is one of the largest nano lenders in the nation today. Although it did not have an NBFC license when it first debuted in June 2021, it has since gotten one. Applications flooded the market in the following months, with 27 rapid loan applications ranking in the top 100 in Google Play’s finance category by June 2022.
Appfigures expects that there will be at least 27.4 million installations of rapid loan applications in Pakistan between July 2021 and June 2023, so we went back and looked at the statistics again. Even though we included 34 different items in our sample (which was as comprehensive as possible), 48.3%, or 13.2 million, of all downloads were from Barwaqt.
Data Darbar shows the popularity of the Barwaqt app each month over the last two years.
Of the 34 app producers, only 6 hold the necessary NBFC license; the others were operating without restriction. Unauthorized applications attracted 4.9 million downloads (17.85 percent) during the course of the 24-month study period. Despite the problem being brought to light several times over the last year, it wasn’t until recently that they were removed from the Play Store.
Distressing dangers
Muzammil Husain, the deceased brother of Masood, spoke with Dawn.com about what happened on the day he died.
Online marketing was how Masood learned about these lending applications. Husain identified several of them as “the main ones,” naming Bharosa, Barwaqt, etc. He clarified that initially, the apps required repayment of the debt within 90 days. He used the money for this purpose: “Is chakar maiunho ne loan le liyatha.”
But after just six days, the calls started coming in. Husain said the calls were blackmailing his brother using information from his phone and threatening him verbally if he didn’t repay the money.
Any app that processes payments will prompt the user for permission to access their phone’s contacts, photos, and other information upon download. For “know your customer” (KYC) purposes, this is necessary.
Masood’s downloaded rapid lending applications worked the same way. The issue here started when people started making death threats and blackmailing each other using the information the applications were accessing. Countries in the global South with an emerging digital sector, such as Kenya, India, Nigeria, the Philippines, and Indonesia, are resistant to these malevolent tactics.
While Masood was having trouble arranging the necessary funds, recovery agents were blackmailing him by threatening to expose intimate photos. About a month ago, someone emailed him a private photo with the threat, “If you don’t pay us, we’ll distribute this to your connections.”
“This was the last stage in which they were going to distribute his images among his contact list,” Husain said. “Bhai ka ye akhrimarhalachalrahathajismaiunho ne pictures viral karnitheen, agaypeechesaray contact numbers pe.”
My brother stopped eating and seldom spoke to anybody after the threat. It would be [embarrassing] if they sent this photo to his family, he remarked.
Every fifteen minutes, they’d give a ring. Husain informed them on the day Masood died that his brother was out of town and that he would be paying them himself. The agents confirmed Masood’s death by contacting his female relatives. When the agents found out, they requested that Husain “give them images of his burial as evidence and arrange the money.”
He said, “They [FIA] have detained some individuals but I don’t feel particularly comfortable [with the development]” in reference to the measures taken against the agents. You’re already familiar with the local system’s ins and outs. They’ve leaped into action now, but what will happen later is anyone’s guess.
“The most important thing is to shut down their accounts [and applications] and make the owners responsible,” Husain added. He claims that “everyone is involved in the entire enterprise.”
Who is responsible, and where is it?
Understanding who has the authority to regulate these applications is essential before discussing the regulatory inactivity in this case. This is when the plot thickens a little.
The Securities and Exchange Commission of Pakistan oversees the country’s non-banking financial institutions, while the State Bank of Pakistan oversees the country’s banking institutions. As a result, offering fast nano credit need an NBFC license.
However, as was previously said, only some of the Play Store’s applications were properly licensed to operate. The others needed to be registered in Pakistan or operating illegally by avoiding the licensing requirements. The SECP would have a difficult time policing businesses that had no basis in law inside the nation.
The ban has arrived.
The Pakistan Telecom Authority (PTA) should have stepped in at this point, given its propensity for blanket internet bans. The regulator has been reluctant to address the issue of actual loan sharks, instead making excuses about how the SECP is responsible for the regulation of lending applications.
In the same vein, the SBP has cleverly avoided blame by stating it is unrelated to the oversight of NBFCs. While that’s generally correct, it leaves out a crucial fact: the central bank must still keep an eye on all those transfers. Plus, did you know what? The SBP oversees the two businesses, JazzCash and EasyPaisa, which handle the majority of the transactions for these rapid lending applications.
Due diligence on the merchant’s business practices is an integral part of Know Your Customer checks that all payment processors must do. However, such restrictions did not apply to questionable lenders, many of whom were based outside of Pakistan.
The SECP has, for the most part, also attempted to evade responsibility by dividing software into “licensed” and “unlicensed” categories. In July 2022, it organized a meeting with NBFCs in response to media reports, and then it published a press statement criticizing unlawful players for tarnishing the industry’s reputation.
It’s perplexing since the strategies used by legal and illegal players are so similar. Both charge outrageous rates of interest, misrepresent the product, harass customers who use it, and don’t give a hoot about things like customers’ right to privacy in their personal information. True, the SECP has recently taken a more active role in regulating its own topics.
To address some of the most serious issues, it released a circular on December 27, 2022, outlining a set of norms for NBFCs involved in digital lending. For instance, it forbade them to make any up-front deductions. In the past, it was normal practice for lenders to tack on processing costs of up to 30% of the loan amount. Similar to how the regulator banned NBFCs from having several apps, this effectively ended the practice of NBFCs outsourcing their licenses to unregulated third parties.
(The Data Darbar)
Moreover, the SECP has begun communicating with other oversight bodies. The PTA-approved cybersecurity company audit was a requirement of the new regulations for NBFCs. The two groups likely started working together to combat predatory lending after this. It also coordinated with the SBP to prevent unauthorized app purchases and issued a circular to that effect in early June.
However, the SECP has avoided taking any action in response to the predatory pricing of loans, claiming that it “does not control the interest rates, neither on the loans given via digital applications, nor by any other methods.”
The rationale for this is rather simple: it is up to the market, not the government, to set prices according to the risk level of individual borrowers.
In principle, this may be attractive to those in the financial sector. However, there are several nations with instances of interest rate regulation, including explicit limits. Eighteen states in the United States, the libertarians’ holy land, have set interest rate ceilings of 36% or less.
Even while Google has a similar policy on payday lending apps for some areas, it, too, delayed almost a year before taking action in Pakistan despite being aware of the spread of predatory lenders on the Play Store.
It’s obvious that the same 36 percent restriction wouldn’t apply in Pakistan, where interest rates are now above 22 percent. However, the agency has yet to take any action about pricing beyond requesting disclosures.
Investigating Possible Suspects
The Cybercrime Wing of the (FIA) also made an announcement after Masood’s ordeal gained attention, saying that they had arrested nine people and filed charges against another 19 for engaging in the blackmail of citizens via mobile applications that offer loans from the Rawalpindi branch of the online loan service located on Saidpur Road.
The FIA claims that the accused defendants had daily quotas of making between 100 and 150 calls to random persons and their acquaintances. The office searches also uncovered a specialized unit that made what they called “torture calls.”
In order to harass and intimidate residents, these agencies routinely collected sensitive information about them via loan applications.
Tahir Tanveer, an assistant director at the FIA, told Dawn.com that agents went to the Rawalpindi home of the deceased victim to take a complaint from the man’s brother. “We seized and forensically analyzed the victim’s mobile phone to determine the money-lending applications he had used,” Tanveer said.
Hamrah and Sarmaya were two of the firms the FIA eventually initiated action against. The fact that a single business may service several loan applications is crucial.
“We have detained their staff and taken their laptops,” Tanveer said. We are now conducting raids on these phone centers in order to compile lists. So that something like [the Rawalpindi event] doesn’t happen again, we also have stress counselors accessible to victims who may be suffering similar threats and blackmail,” he said.
Several cities throughout Pakistan are participating in the protests. Tanveer claims that these apps attract users with aggressive online marketing and that they then use that user data to steal money through “auto-loaning” and “photojacking” and to access the user’s photos, videos, and contact list for blackmail.
They then repeatedly contact the users until they pay back the original loan plus interest.
“One of the difficulties we have is that when individuals come to us with complaints, we analyze the numbers, and we find out that, for instance, let’s say it’s [appearing as] a Jazz number, but when we contact Jazz, we find out that the number is not given by Jazz.
Spoofing is when a criminal tricks another by making a fake phone number appear on their screen. The old number won’t occur,” he continued.
These applications, contrary to common belief, use something other than contract workers. They instead operate their own call centers, employing hundreds of people.
According to a business representative, Easy Loan app operator Sarmaya has already terminated 250 of its 2,500 agents due to claims of misbehavior and complaints of aggressive behavior towards consumers.
Data Darbar provides a count of the people employed by different lending applications in Pakistan.
The FIA has said that it would be cracking down on these applications in accordance with the Prevention of Electronic Crime Act of 2016. There is some wiggle room under the legislation. Cyberstalking and other forms of financial or technological fraud are illegal, yet the law does not adequately penalize them. Second, you need help to recognize them.
That rules out a direct filing of an FIR by us. Instead, we need to compile a report and challan to hand it to the court. It’s a bailable offense, too,” Tanveer added, adding that it would take years for the perpetrators to face actual punishment even if the matter were taken to court.
According to Tanveer, the FIA is unable to create laws regarding the usage of these illegal applications; all it can do is compile a list of them.
These institutions continue to place blame on one another for the problems plaguing the digital lending market. However, because millions of lives are at risk, there is an immediate need for accountability and unanimity amongst the SBP, PTA, SECP, and FIA.