Authorization for Online Lending by SEC-Registered Companies Without Secondary License

Introduction

In the Philippine financial landscape, the Securities and Exchange Commission (SEC) plays a pivotal role in regulating corporate entities and financial activities, including lending operations. SEC-registered companies refer to corporations duly incorporated and registered under the Revised Corporation Code of the Philippines (Republic Act No. 11232). These entities are authorized to conduct business as outlined in their articles of incorporation, but engaging in specialized activities like lending typically requires additional approvals, known as secondary licenses.

A secondary license, in this context, is the Certificate of Authority (CA) issued by the SEC under the Lending Company Regulation Act of 2007 (Republic Act No. 9474) or the Financing Company Act (Republic Act No. 5980, as amended). This CA is mandatory for companies whose primary purpose involves granting loans to the public. Online lending, which encompasses digital platforms for loan origination, disbursement, and collection, has grown exponentially with the rise of fintech. However, the question arises: Can SEC-registered companies engage in online lending without obtaining this secondary license?

This article explores the legal framework, permissible activities, limitations, exceptions, regulatory interpretations, enforcement mechanisms, and practical implications of such authorization—or the lack thereof—in the Philippine context. It delves into the nuances of when online lending might be incidental rather than primary, the impact of specific SEC issuances, and the risks involved in non-compliance.

Legal Framework Governing Lending and Online Lending

Core Statutes

The foundation for regulating lending activities lies in several key laws:

  • Revised Corporation Code (RA 11232): This governs the formation and powers of corporations. Section 35 grants corporations incidental powers necessary to achieve their primary purpose, including the ability to invest surplus funds. However, it prohibits corporations from engaging in banking, quasi-banking, or other regulated financial activities without proper authorization.

  • Lending Company Regulation Act (RA 9474): Defines a "lending company" as a corporation engaged in granting loans from its own capital funds or from funds sourced from not more than 19 persons. It mandates that such companies secure a CA from the SEC, which acts as a secondary license. Without this, a company cannot legally operate as a lender.

  • Financing Company Act (RA 5980, as amended by RA 8556): Similar to RA 9474, this applies to financing companies that extend credit for various purposes, including through online means. It also requires SEC approval via a CA.

  • Securities Regulation Code (RA 8799): While primarily focused on securities, it empowers the SEC to regulate investment activities and prevent fraudulent schemes, which can intersect with online lending if it involves public solicitation of funds.

Specific Regulations on Online Lending

The SEC has issued targeted guidelines to address the digital evolution of lending:

  • SEC Memorandum Circular No. 19, Series of 2019 (Rules and Regulations Governing Online Lending Platforms): This circular specifically regulates online lending platforms (OLPs) operated by lending or financing companies. It requires OLPs to register with the SEC, disclose terms transparently, protect borrower data under the Data Privacy Act (RA 10173), and comply with anti-money laundering rules. Notably, it applies to platforms that facilitate loans, even if not directly lending funds themselves.

  • SEC Memorandum Circular No. 18, Series of 2019: Imposed a moratorium on the registration of new online lending platforms by lending companies to curb predatory practices, which was partially lifted in subsequent years with stricter vetting.

  • SEC Advisory on Online Lending (various issuances from 2018-2025): These warn against unregistered platforms and outline enforcement actions. By 2025, amendments emphasized integration with credit information systems under the Credit Information Corporation Act (RA 9510).

These regulations underscore that online lending is not merely an extension of traditional lending but a distinct activity requiring oversight due to its accessibility, speed, and potential for abuse.

Authorization Without Secondary License: Scope and Limitations

General Rule: No Authorization for Primary Lending Activities

SEC-registered companies without a secondary license are generally prohibited from engaging in online lending as a business activity. The "lending business" is interpreted broadly under RA 9474 to include habitual granting of loans to the public, whether through physical or digital means. If a company's articles of incorporation do not specify lending as a primary or secondary purpose, and it lacks a CA, any systematic online lending could be deemed ultra vires (beyond its powers) or illegal.

For instance, operating an app or website that matches borrowers with lenders, processes applications, or collects payments on a recurring basis typically qualifies as engaging in the lending business. SEC opinions (e.g., SEC-OGC Opinion No. 18-12) have clarified that even peer-to-peer (P2P) platforms, where the platform acts as an intermediary, require registration if they involve credit extension or fund facilitation.

Permissible Activities: Incidental or Non-Commercial Lending

Despite the strict rule, there are narrow circumstances where SEC-registered companies may conduct limited online lending without a secondary license:

  • Incidental Investments: Under Section 35 of RA 11232, corporations can invest idle funds in loans as part of treasury management. This could include online platforms for internal employee loans or one-off advances to affiliates. However, this must not be advertised to the public or habitual. For example, a manufacturing company might use an internal digital system to provide salary advances to employees without needing a CA, as it's not a public lending operation.

  • Intra-Group Lending: Loans within a corporate group (e.g., parent to subsidiary) via online portals are often exempt, provided they are not extended to third parties and comply with transfer pricing rules under the Tax Code (RA 8424, as amended).

  • Non-Profit or Cooperative Contexts: If the company is registered as a non-stock corporation or cooperative under the Cooperative Code (RA 9520), online lending to members might fall under different regulators like the Cooperative Development Authority (CDA), bypassing SEC secondary licensing. However, if it involves public solicitation, SEC oversight may still apply.

  • Facilitation Without Credit Extension: Pure technology providers, such as software developers creating lending apps for licensed entities, do not need a CA. But if the company retains any role in loan approval or risk-bearing, it crosses into regulated territory.

These exceptions are fact-specific and often require SEC confirmation through legal opinions. Online elements amplify scrutiny, as digital platforms can easily reach the public, blurring the line between incidental and commercial activities.

Regulatory Interpretations and SEC Opinions

The SEC has issued numerous opinions and rulings interpreting these boundaries:

  • SEC-OGC Opinion No. 20-05: Addressed fintech startups, stating that platforms aggregating loan offers from licensed lenders (without the platform lending itself) might not require a CA if they function solely as marketplaces. However, any fee-based matching or data processing could trigger registration.

  • SEC-OGC Opinion No. 21-14: Clarified that e-commerce companies offering "buy now, pay later" (BNPL) options integrated into their platforms may need a CA if installment plans constitute credit extension, unless partnered with licensed financiers.

  • Post-2020 Developments: Amid the COVID-19 pandemic, the SEC encouraged digital financial inclusion but maintained strict licensing. By 2023-2025, with the rise of blockchain-based lending, opinions emphasized that decentralized finance (DeFi) platforms must still comply if targeting Philippine residents.

Case law supports this: In SEC v. Performance Foreign Exchange Corporation (G.R. No. 222426, 2018), the Supreme Court upheld SEC's authority to shut down unlicensed investment schemes disguised as lending. Similar enforcement against online platforms like unauthorized P2P apps reinforces that authorization without license is exceptional.

Risks, Penalties, and Enforcement

Engaging in unauthorized online lending exposes companies to severe consequences:

  • Administrative Sanctions: Under RA 9474, fines range from PHP 10,000 to PHP 100,000 per violation, plus revocation of corporate registration. SEC MC 19-2019 adds penalties for data breaches or unfair collection practices.

  • Criminal Liability: Officers may face imprisonment of 6 months to 10 years for operating without a CA. Usury under the Usury Law (Act No. 2655, as amended) or estafa under the Revised Penal Code (RA 3815) could apply if loans involve excessive interest or fraud.

  • Civil Remedies: Borrowers can seek rescission of contracts, and the SEC can issue cease-and-desist orders, as seen in crackdowns on apps like "Cashwagon" and others in 2019-2022.

  • Reputational and Operational Risks: Unlicensed operations deter investors and partners, and platforms may be blocked by the National Telecommunications Commission (NTC).

To mitigate, companies should seek SEC pre-clearance or restructure operations to partner with licensed entities.

Practical Implications and Best Practices

For SEC-registered companies eyeing online lending:

  • Assessment: Review articles of incorporation and activities to determine if lending is incidental. Consult SEC for opinions.

  • Compliance Pathways: If scaling, apply for a CA, which requires minimum capital (PHP 1 million for lending companies), fit-and-proper directors, and anti-money laundering programs.

  • Fintech Innovations: Participate in the SEC's Regulatory Sandbox (introduced in 2021) to test online lending models under temporary waivers, potentially leading to full authorization.

  • Alternatives: Collaborate with banks (regulated by Bangko Sentral ng Pilipinas) or licensed lenders for white-label solutions.

In an era of digital transformation, the Philippine government promotes financial inclusion through initiatives like the National Strategy for Financial Inclusion 2022-2028, but always within regulatory bounds.

Conclusion

Authorization for online lending by SEC-registered companies without a secondary license is limited to incidental, non-public activities that do not constitute a lending business. The Philippine regulatory framework prioritizes consumer protection and financial stability, mandating licenses for commercial operations. Companies must navigate these rules carefully, seeking expert advice to avoid pitfalls. As fintech evolves, ongoing SEC issuances may refine these boundaries, but the core principle remains: no license, no lending business.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login