Online lending in the Philippines sits at the intersection of corporate regulation, financing law, data privacy, consumer protection, unfair debt collection rules, cybercrime, and criminal law. A complaint against an online lending app is therefore rarely just a “simple SEC complaint.” In practice, the correct remedy depends on what the app did, who operates it, and which law or regulator is involved.

This article explains the Philippine legal framework, when the Securities and Exchange Commission (SEC) is the proper forum, when another agency is more appropriate, how to prepare a complaint, what evidence matters, the possible violations of law, the remedies available, and the practical issues complainants should expect.

---

I. Why online lending apps are heavily regulated in the Philippines

Online lending apps became controversial in the Philippines because many operated through aggressive collection methods: access to phone contacts, harassment of borrowers, public shaming, threats, use of fake legal notices, excessive charges, and processing practices that borrowers did not fully understand.

In Philippine law, this creates regulatory concern for several reasons:

1. Lending and financing are regulated businesses. A company that lends money or offers financing is not simply an ordinary app business. It must usually be properly organized and, depending on its business model, registered and authorized under Philippine law.

2. A mobile app does not exempt a lender from licensing rules. Calling the platform an “app,” “digital cash advance,” “salary loan platform,” or “credit service” does not remove the need to comply with lending and financing regulations.

3. Collection practices are regulated independently from the loan itself. Even if the debt is real, collection methods may still be illegal.

4. Use of personal data is regulated. Accessing contact lists, photos, messages, or device data can trigger liability under privacy law and unfair collection rules.

5. Consumer-facing disclosures matter. Lenders may be liable for hidden fees, unclear interest, misleading advertising, or abusive contract terms.

Because of these overlapping rules, an aggrieved borrower may have claims before the SEC, the National Privacy Commission (NPC), the police/NBI, and sometimes even the courts.

---

II. What the SEC regulates in relation to online lending apps

In the Philippine context, the SEC’s role is strongest where the app operator is a lending company or financing company, or where the operator is doing business in a way that requires SEC supervision.

A. Lending company vs. financing company

These are not exactly the same.

• A lending company is generally engaged in granting cash loans from its own capital.
• A financing company typically engages in broader financing activities, such as extending credit for goods, receivables, leases, and similar transactions.

An online lending app may be structured under either model. The important point is this: the corporation behind the app matters more than the app itself.

B. SEC registration and authority

An online lending app may violate SEC rules when, among others:

• it is not properly registered as a corporation or entity authorized to do business;
• it operates as a lending or financing company without required authority;
• it misrepresents its corporate identity;
• it uses multiple trade names or apps to conceal its true operator;
• it ignores SEC rules on disclosure, collection conduct, or reporting;
• it continues operating despite suspension, revocation, or SEC orders.

C. The SEC’s special concern over abusive online lenders

The SEC has, for years, taken a strict view against online lending operators that:

• shame borrowers publicly;
• send messages to third-party contacts;
• use threats, insults, or coercion;
• misrepresent consequences of non-payment;
• use unfair or deceptive debt collection methods;
• operate through shadow entities or without proper authority.

So, when the complaint is about the legality of the lender’s operations or the lawfulness of its collection conduct as a regulated lending/financing company, the SEC is often the primary regulator to approach.

---

III. When a complaint should be filed with the SEC

A complaint to the SEC is especially appropriate where the grievance involves any of the following:

1. The app appears to be operating illegally

Examples:

• no clear corporate name;
• no SEC registration details;
• no proof it is a licensed lending or financing company;
• app uses changing names or shell identities;
• no legitimate address or contact details;
• lender refuses to disclose who actually owns or operates the app.

2. The app is a registered lender, but its practices violate SEC rules

Examples:

• harassment in collection;
• contacting people not party to the loan;
• use of obscene, insulting, or threatening language;
• false claims that a borrower will immediately be jailed;
• fake “subpoenas,” “warrants,” “final notices,” or “criminal case” messages;
• posting a borrower’s identity online to shame them;
• collection by impersonating law firms, courts, or government offices.

3. The app imposes deceptive or oppressive loan terms

Examples:

• hidden service fees deducted upfront;
• misleading disclosure of net proceeds;
• unclear interest computation;
• penalties that appear grossly excessive;
• discrepancy between advertised and actual cost of credit.

4. The app uses personal data as a weapon in collections

This may also be a privacy complaint, but the SEC can still be relevant if the conduct is tied to unfair collection by a regulated lender.

5. The operator refuses to identify itself or honor regulatory obligations

Examples:

• no response to formal demand;
• no legitimate customer service;
• no official complaint desk;
• app disappears after disbursement but collectors continue operating through third parties.

---

IV. When the SEC is not the only, or even the best, forum

A common mistake is assuming that every abusive online lending issue belongs only to the SEC. That is not correct.

A. National Privacy Commission (NPC)

Go to the NPC when the problem includes:

• unauthorized access to contacts, photos, or messages;
• disclosure of your debt to people in your phonebook;
• processing of personal data without lawful basis;
• use of your information beyond what is necessary for the loan;
• threats sent to relatives, employers, co-workers, or friends using your contact list;
• data retention or sharing practices that appear abusive.

B. Philippine National Police (PNP) or National Bureau of Investigation (NBI)

Go to law enforcement when the conduct may amount to:

• grave threats;
• unjust vexation;
• coercion;
• extortion;
• identity misuse;
• cyber harassment;
• unauthorized access;
• online libel in some circumstances;
• falsification or use of fake legal documents;
• scams or fraud.

C. Courts

A court action may be necessary for:

• damages;
• injunction;
• nullification of unconscionable contractual stipulations;
• recovery of money unlawfully collected;
• defense against a collection suit;
• criminal complaints through proper prosecutorial channels.

D. Other possible offices

Depending on the case, complaints may also involve:

• Department of Trade and Industry concerns for unfair consumer practices, if applicable;
• Bangko Sentral ng Pilipinas, if the issue involves a supervised financial institution rather than an SEC-regulated lender;
• local prosecutors for criminal complaints;
• the Department of Justice in certain cybercrime or prosecution contexts.

The correct strategy is often multi-forum: one complaint to the SEC, one to the NPC, and one criminal complaint where facts justify it.

---

V. Core laws and legal principles usually involved

A serious Philippine complaint against an online lending app may invoke several laws at once.

1. Constitution and general legal principles

The Constitution protects privacy, due process, and dignity. Even debt collection is not beyond constitutional limits. A borrower does not lose basic rights merely because of unpaid debt.

2. Corporation and regulatory law

If the operator is a lending or financing company, it must comply with the legal framework governing such entities and with SEC supervision.

3. Data Privacy law

This is often central. Online lenders frequently rely on app permissions and digital profiling. Problems arise when there is:

• no valid consent;
• consent obtained through vague or overbroad clauses;
• no transparency;
• excessive collection of data;
• use of data for public shaming or third-party pressure;
• unlawful disclosure to contacts or employers.

Under Philippine privacy principles, data processing must generally be legitimate, proportional, transparent, and tied to a lawful purpose. Even where consent exists, it is not a blanket license to abuse personal data.

4. Consumer and civil law principles

Loan contracts may be scrutinized for:

• ambiguity;
• unconscionable interest or penalties;
• inequitable stipulations;
• hidden deductions;
• bad faith in enforcement;
• misleading representations.

The Civil Code also matters because it governs obligations, contracts, damages, abuse of rights, and moral damages in appropriate cases.

5. Criminal law

Online collection conduct may cross into criminal behavior where there are:

• threats of harm;
• coercive messages;
• extortionate demands;
• impersonation of public officers or lawyers;
• dissemination of defamatory accusations;
• fake criminal allegations designed to humiliate or pressure.

6. Cyber-related law

If the harassment uses electronic systems, mass messaging, social media, or unlawful digital access, cyber-related offenses may also be considered.

---

VI. Illegal or abusive acts commonly complained of

Not every unpleasant collection act is automatically illegal, but many common online lending practices are highly vulnerable to complaint.

A. Public shaming

Examples:

• sending messages to all contacts that the borrower is a “scammer” or “estafador”;
• posting the borrower’s name and photo online;
• threatening exposure on social media;
• contacting co-workers, neighbors, family members, or the employer.

This is one of the strongest bases for both SEC and privacy complaints.

B. Accessing contact lists for harassment

Many apps historically requested access to contacts, SMS, call logs, files, or media. Even if an app obtains technical access, that does not automatically make all later use lawful. Using that data to pressure payment may be unlawful, disproportionate, and abusive.

C. Threats of imprisonment

In the Philippines, non-payment of debt is generally not a crime by itself. A lender cannot lawfully threaten jail simply because a loan is unpaid. Criminal liability may exist only if there are separate facts constituting a distinct offense, such as fraud, but ordinary failure to pay a loan is not itself imprisonable debt.

So messages saying “You will go to jail tomorrow if you do not pay today” are often legally deceptive.

D. Fake legal notices

Some collectors use documents titled “subpoena,” “warrant,” “final demand from court,” “summons,” or “criminal case notice” that are not issued by a real court, prosecutor, or authorized office. This may be a serious violation and can support administrative and criminal complaints.

E. Obscene, insulting, or degrading language

Collectors cannot insult, shame, or verbally abuse borrowers. Even where collection is legitimate, abusive language can be unlawful.

F. Excessive hidden charges

A borrower may complain where:

• the app advertises one amount but disburses much less after deductions;
• effective cost is much higher than represented;
• service charges, processing fees, rollover fees, and penalties pile up without clear disclosure;
• the amount demanded appears grossly disproportionate.

G. Harassment at unreasonable hours or through repeated spam

Relentless calls, mass texts, or message bombing may strengthen claims of harassment, unfair collection, or privacy abuse.

H. Contacting unrelated third parties

A lender may seek to locate a borrower in lawful ways, but indiscriminate messaging to contacts to shame the borrower is highly problematic.

I. Using aliases or disappearing identities

Some apps use one trade name in the app store, another in the contract, another in the payment channel, and another in collection messages. This lack of transparency may help prove regulatory evasion.

---

VII. Who may file the complaint

The following may have standing or practical basis to complain:

• the borrower;
• a co-borrower;
• a person wrongfully harassed even if not the borrower;
• an employer whose workplace was harassed;
• family members or contacts whose data was misused;
• a lawyer or authorized representative for the affected person.

A person who was not the debtor may still file a complaint if their personal data was misused or if they were directly harassed.

---

VIII. Against whom should the complaint be directed

This is one of the most important parts of the case.

The respondent should be identified as accurately as possible, for example:

• the corporation operating the app;
• the lending company;
• the financing company;
• the parent or affiliated entity, if supported by evidence;
• collection agencies acting for the lender;
• named officers or responsible persons, where justified;
• unknown officers/agents, if the exact names are still being determined.

A frequent challenge is that the app name is not the same as the corporate name. The complainant should therefore gather:

• app screenshots;
• “About” page details;
• privacy policy name;
• terms and conditions;
• official receipts or payment reference pages;
• emails and SMS headers;
• demand letters;
• bank account or e-wallet recipient name;
• store listing information.

The legal respondent is usually the entity behind the app, not merely the app’s brand.

---

IX. Evidence: the backbone of the complaint

Online lending cases are won or lost on documentation. The most useful evidence usually includes:

1. Identity of the app and operator

• app name;
• logo;
• app store screenshots;
• website screenshots;
• corporate name stated in terms and conditions;
• SEC registration details, if shown;
• email addresses and domains used.

2. Proof of the loan

• application screenshots;
• loan approval notice;
• principal amount;
• amount actually received;
• repayment schedule;
• charges and deductions;
• promissory note or digital agreement;
• transaction history.

3. Proof of abusive collection

• text messages;
• chat messages;
• emails;
• voice recordings where lawfully preserved;
• screenshots of harassment;
• messages sent to third parties;
• social media posts;
• fake notices and threats.

4. Proof of data misuse

• screenshots from contacts who received messages;
• copies of group messages;
• employer notices;
• logs showing when contacts were messaged;
• app permission screens;
• privacy policy;
• device permission history, where available.

5. Proof of harm

• emotional distress;
• workplace disruption;
• medical consultation where applicable;
• reputational damage;
• blocked accounts;
• forced payments made under intimidation;
• affidavits from recipients of the harassing messages.

6. Proof of your own actions

• formal demand letter sent by you or your lawyer;
• complaint emails to the company;
• tickets filed through the app;
• any response or refusal from the lender.

Evidence should be organized chronologically. In practice, a clean timeline often matters more than volume.

---

X. How to write the complaint

A strong complaint is factual, organized, and restrained in tone. It should avoid pure anger and focus on legally relevant details.

A. Suggested structure

1. Caption or heading

Identify that it is a complaint against the company/app for unlawful online lending and/or unfair collection practices.

2. Complainant details

State the complainant’s name and contact details.

3. Respondent details

State the app name and, if known, the corporate name, address, email, and persons responsible.

4. Statement of facts

Tell the story in date order:

• when the app was downloaded;
• when the loan was taken;
• how much was promised and how much was actually received;
• when payment became due;
• what collection acts happened;
• when contacts were messaged;
• what threats were made;
• what data was accessed or disclosed;
• what harm resulted.

5. Legal grounds

State the violations in plain legal language. Examples:

• operating as an online lender in violation of SEC regulatory rules;
• engaging in unfair, abusive, and unlawful debt collection practices;
• processing and disclosing personal data without lawful basis or beyond legitimate purpose;
• employing threats, intimidation, and deceptive legal claims;
• imposing unconscionable or inadequately disclosed charges;
• causing damage through bad faith and abuse of rights.

6. Reliefs requested

Ask for specific action, such as:

• investigation;
• cease-and-desist;
• suspension or revocation of authority;
• sanctions against the company and responsible officers;
• directive to stop unlawful collection and data processing;
• deletion or correction of unlawfully processed personal data;
• referral to other agencies if warranted.

B. Affidavit style helps

Philippine regulators and law enforcement often give more weight to a verified complaint or complaint-affidavit, especially if supported by annexes. A notarized narrative with attached exhibits is more serious than a short email rant.

---

XI. Legal theories commonly used in a Philippine complaint

A complaint may be framed through one or more of the following theories.

1. Unlawful business operation

The entity is engaged in lending or financing without proper authority or in violation of regulatory conditions.

2. Unfair collection practice

The company’s collection methods are abusive, coercive, humiliating, deceptive, and contrary to law and regulation.

3. Privacy violation

The app processed personal data unlawfully, excessively, or for unauthorized purposes, including disclosure to third parties.

4. Abuse of rights

Under civil law, even a person with a right, such as a creditor, may incur liability if the right is exercised in a manner contrary to justice, honesty, or good faith.

5. Unconscionable stipulations

Charges, penalties, deductions, or one-sided terms may be challenged for being oppressive or contrary to law, morals, or public policy.

6. Fraud or misrepresentation

The app may have misrepresented the true cost of the loan, the identity of the lender, or the consequences of non-payment.

---

XII. What remedies may be sought from the SEC

The SEC is primarily an administrative regulator. It is not simply a collection mediator. Depending on the case, the SEC may be asked to:

• investigate the company;
• require explanation or compliance;
• suspend or revoke its certificate or authority;
• impose fines or administrative sanctions;
• order cessation of unlawful practices;
• scrutinize its operations and disclosures;
• coordinate with other agencies on related violations.

What the SEC usually does not replace is a full damages suit in court or a criminal prosecution. Administrative proceedings can punish and restrain the company, but separate remedies may still be needed for compensation or criminal accountability.

---

XIII. Can the borrower stop paying while complaining?

Legally, the answer requires care.

A complaint against abusive collection does not automatically erase a valid debt. If the borrower truly received money under a valid loan, the underlying obligation may still exist, subject to defenses on charges, penalties, and unlawful practices.

That means these points must be distinguished:

• The debt may exist.
• The collection method may still be illegal.
• Some fees or penalties may be challengeable.
• The contract may contain clauses that are invalid or unconscionable.
• The lender may be liable even if some principal remains unpaid.

So, filing a complaint is not the same as automatic cancellation of the debt. But neither does the existence of debt excuse illegal conduct by the lender.

---

XIV. Is non-payment of an online loan a criminal offense?

Generally, no. In the Philippines, mere failure to pay debt is not imprisonment-worthy by itself.

This is a critical point because abusive online collectors often weaponize fear. They may threaten immediate arrest, criminal cases, or jail to force payment. As a rule, those threats are misleading unless there is a separate factual basis for another offense independent of mere non-payment.

A borrower should distinguish between:

• civil liability for debt, and
• criminal liability for a separate fraudulent act.

The mere fact that a borrower is late or unable to pay does not automatically make them a criminal.

---

XV. Can an online lender contact your employer, relatives, or friends?

This is one of the most litigated practical issues.

A lender may try to reach a borrower using legitimate contact channels, but broadcasting the debt to third parties for pressure is highly vulnerable to challenge. In Philippine practice, contact with third parties becomes legally dangerous when it involves:

• disclosure of the debt to unrelated persons;
• humiliating statements;
• pressure through social circles;
• repeated unsolicited messages to persons not party to the obligation;
• use of contact list harvesting;
• derogatory accusations.

In many cases, this is not a lawful “collection method” but an unlawful use of personal data and harassment tactic.

---

XVI. What if the app was removed, renamed, or disappeared?

This is common. Online lenders sometimes change branding, move platforms, or vanish from app stores while continuing collections.

A complaint is still possible if the borrower preserved records showing:

• the app’s prior name;
• the terms and conditions;
• disbursement trail;
• payment instructions;
• collection messages;
• wallet or bank destination names;
• corporate identifiers in receipts, emails, or policies.

The disappearance of the app does not erase the evidence trail.

---

XVII. Common defenses used by online lenders

Borrowers should anticipate these responses.

1. “The borrower consented.”

Consent is not absolute. It does not legalize every future use of personal data. Consent may be invalid if vague, bundled, coerced, or disproportionate to the actual processing done.

2. “We were only collecting a valid debt.”

Collection of debt is not a license to harass, shame, threaten, or unlawfully disclose personal data.

3. “Third-party collectors acted on their own.”

The lender may still face responsibility if collectors acted within apparent authority, under instruction, or for its benefit.

4. “The borrower agreed to the terms.”

Not all stipulations are enforceable merely because they were clicked. Hidden, unconscionable, misleading, or illegal terms remain challengeable.

5. “The borrower is just avoiding payment.”

Even a delinquent borrower retains rights under Philippine law.

---

XVIII. Strategic ways to strengthen a complaint

A. Separate the issues

Write separately about:

• loan validity;
• hidden charges;
• collection harassment;
• privacy violations;
• fake legal threats;
• third-party disclosures.

This prevents the complaint from becoming muddled.

B. Build a timeline

A good timeline might show:

• date app installed;
• date of loan approval;
• net amount received;
• due date;
• first collection message;
• first threat;
• date contacts were messaged;
• date employer was contacted;
• date formal complaint was sent.

C. Use annexes properly

Mark each document as Annex “A,” “B,” “C,” and refer to it in the narrative.

D. Preserve metadata where possible

Original screenshots, URLs, sender IDs, email headers, payment timestamps, and app version details may help prove authenticity.

E. Obtain affidavits from third parties

If your contacts received defamatory or threatening messages, their sworn statements can be powerful.

---

XIX. Risks and weaknesses in weak complaints

A complaint may fail or underperform when:

• the corporate respondent is not properly identified;
• there is no proof connecting the app to the company named;
• screenshots are cropped or incomplete;
• the complainant cannot show actual abusive messages;
• the complaint is all accusation and no annexes;
• the complainant confuses non-payment issues with regulatory issues;
• the complaint seeks only “cancel my loan” without legal basis.

The better approach is to show: who did what, when, how, and with which evidence.

---

XX. Administrative complaint vs. criminal complaint vs. civil action

These are different.

A. Administrative complaint

Filed before a regulator like the SEC or NPC. Purpose: regulation, sanction, compliance, restraint.

B. Criminal complaint

Filed through proper law enforcement or prosecutorial channels. Purpose: penal liability for threats, coercion, cyber offenses, falsification, etc.

C. Civil action

Filed in court. Purpose: damages, injunction, rescission, declaration of invalidity of oppressive clauses, recovery.

The same facts may support all three, but each has its own standards and objectives.

---

XXI. The role of demand letters

Before filing, many complainants send a formal demand or cease-and-desist demand to the company. This can help by:

• putting the company on notice;
• showing good faith;
• documenting the company’s refusal or non-response;
• creating a paper trail.

A demand letter may ask the lender to:

• stop contacting third parties;
• stop unlawful processing of personal data;
• stop threats and harassment;
• identify the lawful basis of data use;
• provide a full statement of account;
• disclose the true corporate identity and authority;
• preserve records.

This is not always required before regulatory complaint, but it is often tactically useful.

---

XXII. Can a borrower recover damages?

Potentially yes, especially through proper civil action and depending on the facts. Recoverable theories may include:

• actual damages;
• moral damages for humiliation, anxiety, sleeplessness, reputational harm;
• exemplary damages in aggravated cases;
• attorney’s fees in proper cases.

A regulator may sanction the lender, but actual money damages typically require the proper legal route and proof.

---

XXIII. Special issue: unconscionable interest and deductions

Online loans often look small but become expensive because of:

• upfront deductions;
• daily penalties;
• rollover charges;
• service fees;
• collection fees;
• short loan tenors that inflate effective cost.

In Philippine law, courts are generally cautious about oppressive financial terms. Not every high rate is automatically void, but where the arrangement is grossly one-sided or disguised through fees rather than transparent interest, a borrower may have a serious argument.

The key is to compute:

• amount promised;
• amount actually received;
• total demanded;
• tenor;
• effective cost of credit;
• penalties and add-ons.

A mathematical schedule attached to the complaint often helps expose hidden oppressiveness.

---

XXIV. Privacy-specific issues in online lending cases

Because this subject is especially important, it deserves separate treatment.

A. Over-collection of data

Apps may ask for permissions that are not necessary for credit evaluation.

B. Function creep

Data gathered “for verification” is later used for collection pressure.

C. Third-party exposure

Contact persons become unwilling targets of debt collection messages.

D. Lack of transparency

Borrowers often do not know which entity has their data, where it is stored, or with whom it was shared.

E. Data minimization and proportionality

A valid lender should only process data that is reasonably necessary and lawfully grounded. Harvesting an entire phonebook to weaponize future collections is difficult to justify under sound privacy principles.

---

XXV. Practical drafting points for a Philippine-style complaint-affidavit

A persuasive complaint-affidavit often includes these parts:

1. personal circumstances of complainant;
2. identification of respondent entity;
3. statement that respondent operates an online lending app;
4. facts of loan application and disbursement;
5. terms and deductions;
6. onset of collection efforts;
7. exact threatening messages quoted or paraphrased;
8. identification of third parties contacted;
9. explanation of emotional, social, and workplace harm;
10. statement that non-payment of debt is not by itself a crime;
11. allegation that respondent engaged in unfair collection and unlawful data processing;
12. prayer for investigation, sanctions, and immediate restraint.

The tone should be calm, factual, and precise. Overstatement weakens credibility.

---

XXVI. What respondents fear most in these complaints

From a compliance perspective, online lenders are most exposed by evidence showing:

• real use of contacts to shame debtors;
• false criminal threats;
• mismatch between app identity and legal entity;
• absence of proper authority;
• mass complaints showing a pattern;
• hidden charges and misleading disclosure;
• third-party collector misconduct tied back to the lender.

Pattern evidence matters. A single rude message is one thing; a documented system of abusive collection is another.

---

XXVII. Class or group complaints

Where many borrowers experienced the same conduct, coordinated complaints may be more persuasive. Repetition across complainants can show:

• a company-wide policy;
• standardized unlawful messaging;
• recurring privacy abuse;
• identical fake notices;
• a systemic, not accidental, violation.

Even if each person files separately, similar annexes and similar wording of threats can reveal a pattern.

---

XXVIII. Defenses available to borrowers even outside a complaint

If sued for collection, a borrower may still raise defenses such as:

• lack of proof of the true lender;
• defective statement of account;
• hidden deductions;
• unconscionable penalties;
• ambiguity in contract terms;
• set-off or reduction due to illegal charges;
• invalidity of abusive stipulations;
• bad faith in collection.

So the borrower should not think only in terms of offense; defense matters too.

---

XXIX. A note on evidence authenticity

Since these cases are digital, authenticity is always an issue. Best practices include:

• save original screenshots immediately;
• include full screen showing date/time where possible;
• keep original files, not just compressed forwards;
• preserve emails in full;
• do not alter or annotate the original image;
• prepare a separate marked copy for explanation;
• keep device logs and app version information where possible.

For litigation, digital evidence may require more formal authentication later.

---

XXX. What a strong prayer for relief might ask for

A complaint may ask the regulator to:

• investigate the respondent’s authority to operate;
• determine whether it is a duly registered and authorized lending/financing company;
• investigate unfair and abusive collection practices;
• direct the respondent to cease contacting third parties;
• direct the respondent to cease unlawful data processing and disclosure;
• impose administrative sanctions;
• suspend or revoke authority if warranted;
• refer the matter to the proper agencies for privacy or criminal investigation;
• require respondent to explain all charges and deductions;
• require a lawful and accurate statement of account.

The prayer should match the regulator’s powers. Asking the SEC to do something purely judicial may dilute the complaint.

---

XXXI. Common misconceptions

Misconception 1: “If the lender is abusive, I never have to pay anything.”

Not automatically. The underlying obligation must still be analyzed separately.

Misconception 2: “If I clicked ‘I agree,’ they can do anything with my data.”

False. Consent is not a blank check.

Misconception 3: “They can have me arrested for unpaid debt.”

Generally false as to mere non-payment.

Misconception 4: “Only the borrower can complain.”

Not true. Third parties whose data was misused may also have claims.

Misconception 5: “Only the SEC can handle this.”

Not true. The SEC may be central, but privacy and criminal forums may be equally important.

---

XXXII. Model analytical framework for any online lending complaint

A lawyer or complainant should ask five questions:

1. Who is the real operator?

Identify the legal entity behind the app.

2. Was the business lawfully authorized?

Check whether it is properly organized and regulated.

3. What exactly was the loan bargain?

Determine principal, net proceeds, interest, deductions, penalties, and disclosures.

4. What collection acts were done?

Separate lawful reminders from unlawful threats, harassment, and third-party disclosure.

5. What evidence proves each element?

No proof, no case.

This framework keeps the complaint disciplined and legally effective.

---

XXXIII. Final legal position in Philippine terms

A complaint against an online lending app before the SEC is strongest where the operator is a lending or financing company, or claims to be one, and where the complaint shows either:

• unlawful or irregular operation, or
• abusive, deceptive, coercive, and unfair collection conduct tied to that regulated business.

But a Philippine online lending case is usually broader than SEC regulation alone. The conduct may simultaneously involve:

• administrative violations;
• privacy violations;
• civil wrongs;
• criminal acts.

The borrower’s unpaid obligation, if any, must be distinguished from the lender’s conduct. A valid debt does not legalize harassment. A loan agreement does not legalize public shaming. App permissions do not legalize indiscriminate disclosure of private information. And non-payment, by itself, is not a crime.

That is the heart of the Philippine legal approach to complaints against abusive online lending apps: credit may be lawful, but coercion, humiliation, deception, and data abuse are not.