Harassment by Online Lending Apps in the Philippines

(Status as of 18 April 2025 – for general information only; not a substitute for legal advice)

1. The Phenomenon

Online lending apps (OLAs) exploded in the Philippines between 2016 and 2021, riding on cheap smartphones, mobile wallets, and the unbanked population’s need for instant cash. While convenient, many OLAs resorted to aggressive—or plainly unlawful—collection tactics:

2. Regulatory & Statutory Framework

1. Securities and Exchange Commission (SEC)

   • Memorandum Circular No. 18‑2019 – Registration of Financing & Lending Companies
   • Memorandum Circular No. 19‑2019 – Prohibition on Unfair Debt‑Collection Practices
     Core rules: no profanity, no threats of violence or arrest, no disclosure of debt to third parties, call‑time window 6 a.m.–10 p.m., max 3 call attempts/day, no use of consumer data beyond collection.
   • Enforcement – SEC‑EIPD may suspend or revoke a lender’s Certificate of Authority (CA), issue cease‑and‑desist orders, and impose fines up to ₱1 million per violation plus ₱2,000/day of continuing offense.

2. Republic Act 11765 (Financial Products and Services Consumer Protection Act, 2022)
   Expands consumer‑protection jurisdiction to Bangko Sentral ng Pilipinas (BSP), SEC, Insurance Commission, and Cooperative Development Authority. Mandates:

   • fair, honest, equitable treatment;
   • data privacy compliance;
   • administrative penalties up to ₱2 million or higher in proportion to assets;
   • criminal liability (fine up to ₱2 million and/or 5 years’ imprisonment) for willful violations causing financial distress.

3. Republic Act 10173 (Data Privacy Act of 2012)

   • Unlawful processing (Section 25) and unauthorized disclosure (Section 27) of personal data may mean ₱500,000 – ₱4 million fines and 1–6 years’ imprisonment per act.
   • The National Privacy Commission (NPC) may issue Compliance Orders, conduct on‑site investigations, and recommend criminal prosecution to the Department of Justice.

4. Bangko Sentral ng Pilipinas (BSP) Regulations

   • Circular No. 1160 (2023) – adopts RA 11765 rules for BSP‑supervised financial institutions (BSFIs).
   • Circular No. 1133 (2022) – Responsible Lending Conduct (micro‑finance, salary‑based loans).
   • BSP can fine up to ₱200,000 per day and disqualify directors/officers.

5. Related Penal Provisions

   • Revised Penal Code (RPC):
     • Art. 355 (Libel), Art. 282 (Grave Threats), Art. 287 (Unjust Vexation)
   • RA 10175 (Cybercrime Prevention Act) – raises penalties by 1 degree for ICT‑facilitated crimes.
   • RA 8042/RA 10022 – if threats target an OFW’s employment abroad, may constitute illegal recruitment‑related offenses.

6. Civil Code Remedies

   • Arts. 19, 20, 21 – abuse of rights and acts contra bonos mores
   • Art. 26 – right to privacy, honor, peaceful family relations
   • Art. 32 – independent civil action for violation of constitutional rights (e.g., privacy of communication)
   • Art. 2219 – moral damages; Art. 2224 – nominal damages

3. Administrative & Judicial Precedent

No Supreme Court decision squarely addresses OLA harassment yet, but the CA ruling solidifies administrative remedies.

4. How to Respond If You Are Harassed

1. Collect Evidence

   • Screenshot SMS, chat threads, call logs, social‑media posts
   • Secure copies of the loan agreement, e‑mail notices, payment receipts (if any)

2. Write a Demand (optional but helpful)

   • Invoke SEC MC 19‑2019; demand cessation of illegal collection; set a deadline.

3. File an Administrative Complaint

   Agency	When to Choose	Filing Mechanics
   SEC – Enforcement & Investor Protection Dept.	OLA is a lending or financing company, registered or not	Online complaint form + affidavit + evidence; no filing fee
   National Privacy Commission	Contact scraping, disclosure of personal data	Online complaints portal; mediation phase precedes formal case
   BSP Consumer Assistance Mechanism	Bank, EMI, or quasi‑bank app	E‑mail or https://consumer BSP portal; 15‑day resolution window

   Tip: You may file in both SEC and NPC; they handle different violations.

4. Pursue Criminal Charges

   • Swear a complaint‑affidavit before the Office of the City/Provincial Prosecutor (or NBI Cybercrime Division for cyber‑libel/threats).
   • Attach screenshots certified by the barangay e‑Notary or printed with your affidavit.

5. Civil Action for Damages

   • Venue: RTC if damages > ₱2 million; otherwise MTC.
   • Causes: violation of privacy, moral damages for humiliation, exemplary damages to deter.
   • You may ask for a Temporary Restraining Order against further postings or messages.

6. Protect Your Contacts

   • Inform friends and HR in advance that any defamatory message is a scam.
   • Suggest blocking the number or reporting the Facebook account.

7. Pay Only Through Official Channels

   • If you intend to settle, pay via the app or company bank account—not to the collector’s personal GCash—to create an audit trail.
   • Keep screenshots of the payment confirmation and ledger update.

5. Preventive Measures for Future Borrowers

6. Compliance Checklist for Legitimate OLA Operators

For fintechs and collections agencies seeking to stay on the right side of Philippine law.

1. Corporate & Product Registration

   • SEC Certificate of Incorporation and Certificate of Authority (CA) as financing/lending company (MC 18‑2019).
   • If operating an e‑wallet, secure an EMI license from BSP (Circular 649).

2. Transparent Disclosures (RA 11765, Sec. 4)

   • Total cost of credit, APR, penalty rates, cooling‑off rights, borrower’s data‑privacy rights.

3. Data‑Privacy Program

   • Privacy Manual, Data Protection Officer registration, Privacy Impact Assessment on contact‑scraping, PAIA compliance under NPC.

4. Debt‑Collection Rules (SEC MC 19‑2019)

   • No use of profanity or personal insults.
   • No threats of harm, arrest, or criminal prosecution absent court judgment.
   • No disclosure of borrower’s debt to third parties (unless guarantor/co‑maker).
   • Call window 6 a.m.–10 p.m.; max 3 calls/day; identify caller name/company.

5. Consumer‑Assistance & ADR Mechanism

   • Must respond to borrower complaints within 10 business days (RA 11765 IRR).

6. Record Retention & Audit

   • Keep call recordings and chat logs for at least 3 years; subject to SEC audit.

Non‑compliance risks administrative fines, criminal prosecution, and reputational damage that quickly de‑platforms an app from Google Play/Apple App Store (both stores delist OLAs flagged by the SEC).

7. Looking Ahead

• SEC FinTech Roadmap 2025 pledges a centralized blacklist API so app stores automatically bar unlicensed OLAs.
• Pending bills (14th Congress, H.B. 9032 / S.B. 2120) propose to codify an “Anti‑Abusive Debt‑Collection Practices Act” patterned after the U.S. Fair Debt Collection Practices Act, extending coverage to all collectors, not just lending companies.
• AI‑driven credit scoring: The NPC is drafting guidelines to ensure explainability and prevent discriminatory lending decisions.

8. Key Take‑Aways

1. Harassment is unlawful in multiple dimensions—consumer‑protection, data‑privacy, civil, and criminal.
2. Regulators are active: between 2019 and 2024, the SEC revoked or suspended over 100 OLAs; NPC issued million‑peso fines.
3. Borrowers have concrete remedies—administrative, criminal, and civil—but success hinges on preserving solid evidence.
4. Lenders ignore the new regime at their peril: RA 11765 imposes higher fines, personal director liability, and criminal sanctions.

Quick Resource Phonebook

Disclaimer: This article is for informational purposes only and does not create an attorney‑client relationship. For advice on a specific situation, consult a lawyer licensed in the Philippines.