Kenya cracks down on digital lenders over data privacy issues

Image Credits: Tala

Digital lenders that share personal data of loan defaulters, with third parties, risk license withdrawal in Kenya after lawmakers added a clause — granting the banking regulator the mandate to revoke permits of operators who breach customer confidentiality — to the new law passed by the country’s National Assembly. 

Typically, loan apps collect borrowers’ phone data, including contacts, and demand access to messages to check the history of mobile money transactions — for credit scoring and as conditions for disbursing loans. Rogue lenders then use some of the contact information collected to recover the loans disbursed in cases where borrowers default. Reports indicate that digital lenders resort to debt-shaming tactics, like calling friends and family, to compel their borrowers to repay the loans.

The change adds to a raft of measures taken by Kenyan lawmakers to protect citizens from rogue digital lenders who offer high-priced collateral-free loans. It grants the regulator, Central Bank of Kenya, power to oversee the operations of standalone digital lenders (not affiliated with banks) after a period of self-regulation. Digital lenders will, going forward, be required to obtain licenses to operate in Kenya, unlike previously, when they just had to register — which led to the proliferation of rogue apps. 

The Central Bank of Kenya amendment 2021 bill also gives the regulator the power to cap interest rates and to suspend or revoke the licenses of digital lenders that breach “the conditions of the Data Protection Act or the Consumer Protection Act.”

Kenya’s Data Protection Act requires firms to disclose to customers the reasons for collecting their data. It also ensures that borrowers’ confidential information is safe from infringement by unauthorized parties. This comes as consumer lobbies accuse loan apps of sharing customer information with data and marketing companies.

The digital lenders will also be required to reveal all the information concerning their products, and this includes details on pricing, penalties for defaulters and means of debt recovery. This is in line with the country’s Consumer Protection Act which requires sellers to disclose to consumers all the terms and conditions pertaining to the purchase of goods or services. Almost all lending apps were found to use debt-shaming tactics to recover debt in Kenya.

Kenya is home to about 100 mobile lending apps, including Okash and Opesa, both owned by the Chinese-owned browsing giant Opera, and which have faced claims of using predatory lending tactics in Kenya. Okash and Opesa are some of tens other loan apps that were found to charge exorbitant interest rates and to have exploitative terms — like issuing 30-day loans instead of the 60 days stipulated by Google Play Store policies. The interest rates of the two Chinese loan apps were exorbitant, reaching up to 876% annualized, rates yet banks’ yearly rates rarely exceed 20%. Other apps, including the San Francisco-based Branch International Ltd., and PayPal-backed Tala, were found to charge extortionist rates, with annualized interest rates of 156-348% and 84-152.4%, respectively.