Shame Nigerian Fintech Firms, Threatening Customers for Late Payments on Loans
She didn’t think about the missing phone or SIM card until rumors started circulating in July.
Yetunde owed money. An online loan fintech company sent WhatsApp and text messages to everyone in Yetunde’s inner circle that she was a debtor and a scammer.
Her close friends, former schoolmates and work colleagues received these messages three or four times a day.
NITDA fines Soko Loan N10 million for breach of privacy
SPECIAL REPORT: How inefficiency and lack of transparency broke CBN’s $ 50 billion COVID-19 loan
– Advertising –
Over 40 countries are calling for Nigeria’s sickle cell drug – NIPRD DG
“I tried to explain to everyone on my contact list I can get in touch that I didn’t get a loan from the online credit company and that it wasn’t easy to get my name off something I didn’t do.
“That was a really traumatic experience. My biggest regret was that I didn’t block the line when my phone was lost, ”she said The ICIR.
Yetunde had never taken out a loan from an online loan app, but she was unable to lock her SIM card after her phone went missing.
If a missing phone got into the hands of a fraudster, a transaction could be carried out on the phone owner’s account without their knowledge.
All the scammer who picked up Yetundes SIM card had to do was download the online credit app, enter some fictitious financial information, and let the algorithm generate a credit rating.
– Advertising –
The fintech creditor usually asks permission to access the contacts on the SIM card before the Credit is approved, a process that takes barely an hour.
The scammer used Yetunde’s SIM card to take out multiple loans from multiple ones online loan Apps that contain: NairaPlus, EasyCredit, TrueNaira, GoCash, CashLion and LCredit.
A month later, online lending firms followed Yetundes’ contacts and said their loan payments were due.
She later reported the case to law enforcement and received a police report and written affidavit.
The police assured her that they would intervene and promised that messages from fintech creditors to people on their contact list would be discontinued.
Two weeks later, her friends were still sending her screenshots of the threat messages from the fintech lending firms.
For thousands of Nigerians like Yetunde, whose identities were stolen by fraudsters, the online loan companies helped publicly shame them without properly verifying their identities.
– Advertising –
A data sharing violation
On August 17, the National Information and Technology Development Agency (NITDA) fined Soko Lending Company, a Nigerian online lending platform, 10 million yen for invasion of privacy.
This came after a number of complaints against the company about unauthorized disclosure, lack of protection of customers’ personal data and damage to its reputation.
A key basis for the fine was the company’s “data protection intrusion messages” to defaulting customer contacts if they did not repay loans.
This clearly violates Article 2.2 of the Nigeria Data Protection Regulation (NDPR), which prohibits illegal data exchange with third parties without a legal basis.
They all failed to disclose to the users who download the apps that if they delayed, their access to users’ contact lists would be shared with third parties. This does not comply with the guidelines of the Google Play Store.
The updated data protection declaration in the Google Play Store stipulates that apps that offer financial services on their platform should disclose to users what they would like to use their personal data for.
Results of The ICIR show that debt collection agents in the six loan apps are brazenly violating their customers’ privacy by sending threatening messages to debtor contacts if they fail to meet their credit obligations.
Edna Inyang, a make-up artist in Abuja, said she received an online loan app from FairMoney, but the terms and conditions did not state that they would share their details with anyone in the event of late payment.
“One of the terms of the loan is that they get permission for my phone contacts, but they did not say that they would share this confidential information with family, relatives, or anyone on your contact list if I was in default,” she said The ICIR.
In January, a Twitter poll Conducted by Techpoint, it found that 56.2 percent of Nigerians are not interested in WhatsApp’s privacy update.
According to Article 19 of the London-based rights group, more than half of the 54 African countries have no data protection or data protection laws.
And while 14 countries do, nine have no regulators to enforce them, the group said.
Social shaming program
The online loan companies use their customers’ social networks to shame them based on The ICIR Results.
Delinquent customers receive messages such as “You can no longer get a loan from us or another credit company / bank” or “Your loan increases by 5 percent every day”.
Sometimes they use threatening messages like, “We’ll give you until 4 p.m. to make your payment today, or otherwise.”
Udoma Nseobong had taken out a N30,000 loan from CashLion Credit and paid the weekly interest consistently for six weeks.
When it came time to pay, he was one day behind schedule and paid off his debt the next day, but the messages were still being sent to his family members.
“I had some challenges that made me skip for a day. On the second day, even after paying with charges, my entire family and I were declared a fraud on the run. I don’t know if the CBN is moderating these people’s activities, ”he said.
A user who identified herself as Feyisetan Salau claimed in the comment section on Google Play by NairaPlus that she had been contacted repeatedly about an unpaid loan by agents who “used offensive and threatening language and increased their interest rates.
“However, the credit collection process / tactic that this organization uses is so unprofessional and appalling. Threat is not the way to go – be professional, ”she added.
An anonymous University of Abuja student also said the texts cost him his relationship and another user said his boss almost fired him for embarrassing the company.
On the loan apps page on the Google Play Store, there have been tons of complaints indicating that these messages had caused deep grief.
To combat these companies’ collection methods, some people have started playing the system.
One user said she wrote to her entire contact list to say that her phone had been stolen and that they should ignore any scammers who could text them. Then she deleted the app.
For example, while a user may be banned from borrowing from a financial institution because of unpaid credit, they can still easily obtain credit from a competitor.
Although the criticism of these practices has steadily increased, Titilayo Adetonya, a customer representative of CashLion, spoke with The ICIR, justified the methods of debt collection by online loan companies.
“There is no defamation of character when we trust people we’ve never met by giving them money and when it is time to pay they don’t pay.
“It is lawful to send these messages to their contacts because we warn them before we send these messages to their contacts, and that’s how we get our money,” she said.
A missing fintech link
In Nigeria, prospective customers looking for credit through online apps are expected to download the app, enter their financial details and let the algorithm generate a credit score.
Most apps require a bank verification number (BVN) and a phone number link to the BVN.
The ICIR searched the Corporate Affairs Commission (CAC) database for the names of the six online loan apps and their names were missing.
This makes it difficult to know who exactly owns an app or even where the money for the loans is coming from.
However, they do reveal the location of their physical address on their information page on the Google Play Store and show that they are based in Lagos.
The ICIR found out that the loan apps, CashLion, NairaPlus, and LCash all belonged to Grola Tech Credit Limited after following their collections team leader through a LinkedIn post.
However, Grola Tech Credit Limited has been registered in the CAC database with registration number 1636828 but has been identified as inactive by the Commission. The company’s directors are Du Yaoyao, a Chinese national, and Ayomikun Ogunkanmi, a Nigerian
Under Section 58 of the Banks and other Financial Institutions Act (BOFIA), anyone wishing to engage in any financial business other than insurance and stock exchange trading in Nigeria must apply in writing to the Central Bank of Nigeria (CBN) for a license.
It wasn’t clear if the online lending firms failed to verify the scammers using Yemisi’s phone number or if their rules weren’t strict enough to spot dubious customers.
Scammers are likely to succeed unless the online loan companies introduce high-level multi-factor authentication such as pictures and fingerprints, said Seun Folorunso, resources manager at the Fintech Association of Nigeria The ICIR.
“Scammers are taking advantage of unsuspecting Nigerians who divulge their details to blackmail these loan companies unless they introduce other high-level identifiers to stop them,” he added.
Editor’s note: This report has been updated to delete the unsubstantiated claim against Migo, a popular credit company.
The ICIR regrets this mistake.