Complaints Against Online Lending Apps in the Philippines: Harassment and “Usurious” Interest

Last updated with generally applicable Philippine rules and jurisprudence. This is legal information, not legal advice.

1) What’s going on—and why it matters

Online lending apps (OLAs) exploded in use because they disburse cash fast with light documentation. The flip side is a well-documented pattern of debt shaming, threats/harassment, and sky-high effective interest hidden behind “processing fees,” “service charges,” and short tenors. In the Philippines, several regulators share jurisdiction over these problems, and courts have repeatedly stepped in to strike down unconscionable interest and charges—even though traditional usury ceilings were lifted decades ago.

This article maps the legal landscape, the red flags, your remedies, and practical steps that actually work.

2) Who regulates what (quick map)

Securities and Exchange Commission (SEC) – Primary regulator of lending companies (RA 9474) and financing companies (RA 8556), including those operating through apps. It polices unfair collection practices, misleading ads, and unregistered/illegal lenders; it can issue cease-and-desist orders, impose fines, and revoke Certificates of Authority (CA).
Bangko Sentral ng Pilipinas (BSP) – Regulates banks, EMIs/e-wallets, and credit card issuers; sets market-conduct standards and, for some products (e.g., credit cards), price caps. If your lender is a bank or EMI, you escalate to BSP.
National Privacy Commission (NPC) – Enforces the Data Privacy Act (RA 10173). Targets contact-list scraping, unauthorized disclosure to your friends/family, and lack of valid consent/notice.
Department of Justice, NBI, PNP-ACG – Handle criminal complaints (e.g., grave threats, coercion, cyber libel, extortion, privacy crimes).
Courts (Small Claims/Regular Trial Courts) – Civil actions to erase/trim unconscionable interest and penalties, recover excessive payments, and claim damages.

Tip: If you’re unsure whether your lender is under SEC or BSP, check the entity type (lending/financing company → SEC; bank/EMI → BSP). Regardless, NPC may be involved if your privacy was violated.

3) “Usury” vs. unconscionable interest (why words matter)

The Usury Law’s interest ceilings were effectively suspended in the 1980s; strictly speaking there’s no fixed legal “cap” for most non-card loans.
But the Supreme Court consistently strikes down interest/penalty rates that are iniquitous or unconscionable, reducing them equitably (often to the prevailing legal interest, currently 6% per annum on loans/forbearance per Nacar v. Gallery Frames, 2013).
Courts look at the total cost of credit (interest + fees + penalties + tenor), not just the nominal rate. Hidden, front-loaded fees and 7–14 day terms can push the effective annual rate (APR) into the hundreds or thousands of percent—ripe for judicial reduction.

Example (how the APR explodes): You “borrow” ₱5,000 for 30 days; the app withholds a ₱500 fee and disburses ₱4,500, then collects ₱5,500 at day 30.

Cash you actually received: ₱4,500
Cash you paid back after 30 days: ₱5,500
Effective monthly cost ≈ 22.2%; APR ≈ 1,049%. Courts have invalidated similar arrangements as unconscionable, even if the contract says you “agreed.”

4) Harassment & unfair collection: what’s prohibited

The SEC has issued detailed rules against unfair debt collection by lending/financing companies and their agents. Prohibited conduct typically includes:

Debt shaming (disclosing your debt to your contacts, employer, or the public; posting on social media; mass texts)
Threats of violence, arrest, or criminal cases for simple non-payment; obscene/insulting language; intimidation
Contacting you (or third parties) at unreasonable hours or with excessive frequency
Contacting people who are not the borrower (family, friends, office) except to obtain location/updated contact info, and even then, without revealing the debt
False or misleading claims, e.g., “we will freeze your bank account tomorrow,” “we already have a warrant,” “you’re on an NBI blacklist,” when those actions require court orders or don’t exist
Adding undisclosed charges or collecting fees not in the contract
Impersonating authorities (lawyers/police/courts) or sending documents that look official but are not

If any of these happen, you likely have an SEC administrative case, and possibly criminal and privacy angles, too.

5) Data Privacy Act red flags (NPC jurisdiction)

Under RA 10173, apps must collect and process personal data lawfully, fairly, and proportionately. Common violations include:

Contact-list scraping and photo/gallery access not necessary for loan processing or debt collection
Privacy notices that are vague, bundled, or coerced (“agree or we won’t release funds”)
Sharing your personal data with third parties (e.g., blasting your contacts) without a lawful basis
Retention beyond necessity and insecure storage leading to leaks
Failure to honor rights to be informed, access, object, erasure/blocking, data portability, and to file a complaint

NPC can order compliance, cease-and-desist, erasure, and refer cases for criminal prosecution (e.g., unauthorized processing/ disclosure).

6) Common threats—and what’s real vs. bluff

“We’ll have you arrested.” Bluff. Non-payment of debt is civil, not criminal, unless there’s independent criminal conduct (e.g., estafa with fraud from the start, or bouncing checks under BP 22). No one is arrested without a court-issued warrant in a criminal case.
“We’ll freeze your bank account tomorrow.” Bluff. Freezing or garnishment requires a court order (after judgment or via specific provisional remedies).
“We’ll garnish your salary.” Requires a court judgment and writ of garnishment served on your employer. Not something a collector can do unilaterally.
“We’ve told your boss/contacts; you’re blacklisted with NBI/immigration.” Likely illegal harassment/ privacy breach. There’s no public ‘NBI blacklist’ for private debt. Credit bureaus exist, but reporting must follow law and cannot involve public shaming.

7) Your remedies, step by step

A) Administrative routes

SEC (lending/financing companies & OLAs)
- Grounds: unfair collection practices, misleading ads, operating without CA, illegal online platform, undisclosed charges.
- What to prepare: screenshots/recordings of messages, call logs, IDs, loan agreements/receipts, app name/links, timeline and narrative.
- Possible outcomes: show-cause orders, cease-and-desist, fines, suspension/revocation, referral for prosecution.
NPC (privacy violations)
- First write the company (data controller) asserting your privacy rights and demanding: stop debt shaming; delete contact-list copies; disclose with whom your data was shared; and confirm corrective actions.
- If ignored or the response is inadequate, file with NPC with your evidence and your first demand attached.
BSP (if lender is a bank/EMI/credit card issuer)
- Use the financial consumer protection channel: demand transparent computation, stop harassment, and ask for review/adjustment of unconscionable charges.

B) Civil actions (court)

Small Claims for money disputes up to the current threshold (recently increased; check the latest amount with the court). You can sue without a lawyer to:
- Dispute unconscionable interest/penalties
- Recover overpayments and claim damages for harassment (if quantifiable)
Affirmative suits to invalidate unconscionable terms, reform the contract, or seek injunctions against continuing unlawful collection.

Courts routinely reduce excessive rates/penalties and replace them with equitable interest (commonly 6% p.a. on the principal actually received).

C) Criminal complaints (NBI/PNP-ACG/Prosecutor)

Grave threats, coercion, extortion, cyber libel, privacy offenses (unauthorized disclosure), identity theft. Bring your evidence bundle.

8) Evidence that convinces regulators and courts

Screenshots of texts, in-app messages, and social posts (include timestamps, URLs/handles)
Call logs; voicemails (keep in original format).

Caution: The Anti-Wiretapping Act restricts secret audio recordings of private conversations. When in doubt, avoid surreptitious call recording; rely on written/voicemail evidence and contemporaneous notes.
Loan documents (T&Cs, payment schedules, receipts, disbursement proofs)
Computation sheets (their figures + your own recomputation)
Witness statements (e.g., boss/co-worker who received harassing calls)
A timeline showing how fees, penalties, and threats escalated.

9) How to recompute your loan (and spot abuse)

List cash in (what you actually received after all upfront fees).
List cash out (what you must pay and when: principal, interest, penalties).
Convert short-term charges into effective rates:
- Monthly ≈ $(Total Due ÷ Cash Received) − 1$ over 30 days
- APR ≈ $(1 + daily rate)^{365} − 1$ where daily rate solves the cash-flow.
Flag as unconscionable if the effective monthly/annual cost is wildly disproportionate, especially with short tenors + hefty upfront fees.
Demand a recomputation (principal actually received + reasonable interest) and waiver of illegal collection practices.

10) Practical playbook (do’s & don’ts)

Do:

Pay what is truly due on the principal actually received while you formally dispute unconscionable charges in writing.
Channel all payments via official methods and keep receipts.
Write to the lender invoking SEC rules, Data Privacy rights, and jurisprudence on unconscionable interest; ask for a written promise to stop contacting third parties.
Escalate simultaneously: SEC (unfair collection), NPC (privacy), BSP (if applicable).
Inform your contacts briefly that any messages about you are debt-shaming and they may forward such messages to you for evidence.

Don’t:

Be coerced into paying mystery fees or via personal accounts of collectors.
Share more data than necessary (IDs, selfies, contacts) once in dispute.
Agree to blank settlements that waive your rights without clear computations.
Be intimidated by arrest/blacklist bluffing.

11) Template snippets you can adapt

(A) Demand to stop harassment & recompute

Subject: Account $Your Name, App & Loan ID$ – Demand to Cease Unfair Collection, Data Privacy Breach, and Unconscionable Charges

I received only ₱$X$ after your upfront fees on $date$, yet your app demands ₱$Y$ in $N$ days and your agents have contacted $names/relationship$, disclosing my alleged debt.

Cease contacting third parties and using threatening/insulting language.

Delete any copies of my contact list and confirm in writing within 5 business days.

Provide a detailed computation (principal actually received, itemized interest/fees/penalties) and propose a lawful recomputation consistent with Philippine jurisprudence on unconscionable interest (legal interest of 6% p.a. as benchmark).

Confirm your complaints channel and the name of your Data Protection Officer.

Non-compliance will be escalated to the SEC (unfair collection), NPC (Data Privacy), and appropriate law-enforcement.

(B) SEC complaint outline

Parties; app name; company (if known)
Facts (timeline; how much disbursed vs. demanded; harassment instances)
Violations (unfair collection practices; misleading charges; operation without CA, if applicable)
Evidence list (attachments)
Reliefs: cease-and-desist; fines; directive to correct computations; disclosure of agents

(C) NPC complaint outline

Personal data affected; how it was collected (e.g., forced permissions)
Specific privacy rights violated (informed consent, proportionality, unauthorized disclosure)
Your prior demand letter and any response
Evidence (screenshots, witness statements)
Reliefs: stop processing/sharing; data erasure; accountability of agents

12) Special notes for lenders/collectors (compliance checklist)

Register as a lending/financing company, secure/maintain SEC CA, and register your app/platform before launch.
Disclose total cost of credit, fees, and repayment schedule clearly; avoid front-loaded charges that create predatory APRs.
Adopt fair collection SOPs: no third-party disclosures, no false threats, reasonable contact windows, recorded training of agents.
Implement privacy by design: collect only necessary data; minimize permissions; maintain secure storage; honor data-subject rights promptly.
Maintain a financial consumer protection program (governance, complaints handling, remediation).

13) FAQs

Q: Is it illegal for an app to access my contacts? Often yes, if it’s not necessary for the stated purpose or if consent is forced/unclear. Even with consent, disclosing your debt to contacts is usually unlawful and sanctionable.

Q: Can they file estafa if I don’t pay? Not for mere non-payment. Estafa needs fraudulent deceit at the time of borrowing or other specific acts (e.g., bouncing checks).

Q: Can I sue even if I “agreed” in the app? Yes. Courts may invalidate unconscionable terms despite your click-through consent.

Q: What if the lender is unregistered or offshore? You can still file with SEC/NPC (and law enforcement). SEC can block/penalize local operators and platforms; NPC can act on the processing of your data within PH jurisdiction.

14) Bottom line

Harassment and debt shaming by OLAs are illegal and sanctionable.
The Philippines no longer has fixed usury ceilings, but courts slash unconscionable interest/penalties and apply 6% p.a. legal interest instead.
You have strong, parallel remedies: SEC (collection abuses/illegal ops), NPC (privacy), BSP (banks/EMIs), courts (civil), and law enforcement (criminal).
Organize your evidence, demand lawful recomputation and privacy compliance, and escalate in writing.

If you want, I can turn this into a ready-to-file packet (fillable letters + checklists) tailored to your facts.