Excessive Interest and Harassment by Philippine Loan Apps
A comprehensive legal overview
1. Introduction
Over the last decade—and with explosive growth during the COVID-19 lockdowns—hundreds of mobile “loan apps” have offered Filipinos same-day, unsecured micro-loans. While these platforms fill a genuine credit gap, many charge interest and fees far above conventional bank rates and use harassing collection methods. The Philippine legal system now treats both exorbitant interest and abusive collection as consumer-protection issues that engage securities, financial-services, privacy, and criminal law.
2. Regulatory Map
| Regulator | Core authority | Key issuances touching loan apps |
|---|---|---|
| Securities and Exchange Commission (SEC) | Lending Company Regulation Act (RA 9474); Financing Company Act (RA 8556) | – Memorandum Circular (MC) 18-2019 – moratorium & name-reserve rules on online lending platforms (OLPs) – MC 19-2019 – registration and reporting duties of OLPs – MC 28-2021 – mandatory disclosure of data-privacy compliance – Routine cease-and-desist & certificate-of-authority revocations |
| Bangko Sentral ng Pilipinas (BSP) | New Central Bank Act (RA 7653, as amended); Financial Products and Services Consumer Protection Act (RA 11765) | – Monetary Board Res. 1536, s. 2021 & BSP Circular 1133-2021 – interest-rate cap for salary- and payday-type loans ≤ ₱10 000, term ≤ 4 months (0.8 % per day; penalties ≤ 5 % per month; processing fee ≤ ₱50 or 5 %) |
| National Privacy Commission (NPC) | Data Privacy Act (RA 10173) | – NPC Circular 20-01 – guidelines on processing personal data for loan and collection – Numerous 2020-2024 decisions ordering app takedowns and ₱-million fines for “contact-list harvesting” and public shaming |
| Department of Justice / PNP ACG / NBI | Cybercrime Prevention Act (RA 10175); Revised Penal Code | Investigations of threats, libel, unjust vexation, grave coercion & alarms/scandals committed via SMS, in-app chat or social media |
| DTI & LGUs | Consumer Act (RA 7394) / local permits | Charges for false advertising or operating without local business permit |
3. Excessive Interest
Usury Law suspended but “unconscionability” survives. Central Bank Circular 905 (1982) lifted statutory interest ceilings, yet courts routinely strike down rates they deem “shocking to the conscience.” Leading rulings: Medel v. CA (GR 131622, 27 Nov 1998) voided 5.5 % per month; Spouses Abellera v. Spouses Rodriguez (GR 141750, 29 May 2002) voided 6 % per month.
Statutory caps for the smallest loans. Since 3 Nov 2022, BSP Circular 1133 binds lending and financing companies and their OLPs (but not banks or pawnshops) when: principal ≤ ₱10 000 and tenor ≤ 4 months. The effective ceiling is:
- Interest/charges: ≤ 0.8 % of outstanding principal per day (≈ 24 % per month).
- Penalty: ≤ 5 % of outstanding principal per month.
- Processing fee: ≤ ₱50 or 5 % of principal, whichever is lower, deducted only once at disbursement.
Civil‐law relief. Even outside Circular 1133’s scope, Articles 1229 and 1420 of the Civil Code let courts reduce or void interest they find excessive; debtors can raise this as a defense or file a separate action to annul or reform the contract.
4. Harassment & Abusive Collection
What practices are illegal?
| Conduct | Statutory / regulatory basis |
|---|---|
| Extracting borrowers’ phone-book contacts, then blasting defamatory or threatening messages to family and coworkers | Data Privacy Act §§ 12-13 (no lawful basis) → NPC can impose fines up to ₱5 M or 2 % of annual gross revenue; cease-and-desist; criminal liability up to 6 years |
| Calling or texting at unreasonable hours (before 6 a.m. or after 10 p.m.), or more than once daily after a written demand to stop | RA 11765, §4(e)(4); SEC MC 18-2019 |
| Using obscenities, slurs, sexual threats, doxing, or fake “legal notices” to coerce payment | Revised Penal Code: Grave Threats (Art 282), Unjust Vexation (Art 287), Libel (Art 353), Violation of Privacy of Communication (Art 290); RA 10175 (cyber-libel) |
| Publicly posting an alleged “mug-shot” or debt poster on Facebook, community group chats, or workplace bulletin boards | Same as above; plus RA 10175 §4(c)(4) (online libel); Civil Code Art 26 (privacy & dignity) & Art 32 (independent tort action) |
| Misrepresenting as “BSP Sheriff” or “Court Marshal,” threatening arrest on mere default | Usurpation of Authority (RPC Art 177), False Representation under RA 11765 |
| Accessing device camera or microphone without consent | Data Privacy Act + Anti-Photo & Video Voyeurism Act (RA 9995) |
SEC’s “Name-and-Shame” route. After multiple validated complaints, SEC can:
- (a) suspend or revoke the Certificate of Authority (COA) of a lending company;
- (b) coordinate with Google & Apple to delist the offending app;
- (c) endorse to BSP or DOJ for criminal prosecution. In 2023 alone, the SEC permanently barred over 100 OLPs such as “Pesomine,” “CashGo,” and “Finbro” for privacy-abusive collection tactics.
5. Filing a Complaint (Step-by-Step)
| Forum | What to prepare | Typical outcome | Filing fee |
|---|---|---|---|
| SEC Corporate Governance and Fintech Division | – Filled-out Complaint Form (download from sec.gov.ph) – Valid ID, screenshots/recordings, loan agreement, proof of payment |
Show-cause order → COA suspension/revocation; fines up to ₱1 M + ₱10 k/day | None |
| NPC Complaints and Investigation Division | – Sworn complaint citing specific privacy violations – Proof of contacts-harvesting or shaming |
Cease-and-desist; permanent ban; up to ₱5 M fine; referral for criminal prosecution | None |
| BSP Consumer Assistance Mechanism (if EMI or bank subsidiary is involved) | – Written complaint within 15 days of action/omission | BSP orders full or partial restitution; administrative penalties on supervised entity | None |
| Small Claims Court (A.M. 08-8-7-SC, as amended) | – Statement of Claim (≤ ₱400 000) + evidence of harassment/damages | Judgment to annul unconscionable interest or award damages | ₱2 000–₱7 500 filing |
| PNP Anti-Cybercrime Group / NBI Cybercrime Division | – Complaint-affidavit, device for forensic imaging, screenshots with URL/time-stamp | Inquest or preliminary investigation for threats, libel, unjust vexation | None |
6. Borrower Defenses & Remedies
- Invoke RA 11765’s “safe-harbor.” On proof of abusive collection, regulators may suspend further interest, penalties, or collections until verified.
- Demand “data-erasure.” Under RA 10173 §16, a borrower may insist the lender delete unlawfully obtained contact lists.
- Civil damages. Moral and exemplary damages often dwarf the original loan; courts have awarded ₱100 000-₱300 000 even on loans below ₱10 000 where shaming was egregious.
- Criminal counter-charges. Borrowers may file grave threats or cyber-libel cases; conviction is leverage for debt settlement.
- Compromise & restructuring. SEC MC 18-2019 encourages lenders to offer installment plans rather than harassment; regulators sometimes mediate.
7. Recent Developments to Watch
| Date | Measure | Impact |
|---|---|---|
| May 6 2022 | Enactment of Financial Products and Services Consumer Protection Act (RA 11765) | Makes abusive collection a statutory offense; grants SEC/BSP “restorative justice” powers (refunds, disgorgement) |
| Sept 2023 – Feb 2024 | Google’s new Play-Store policy: Requires Philippine loan apps to submit SEC COA and BSP interest-cap compliance certificate | Hardens “delisting” threat; opaque sideloading channels still exist |
| BSP Circular 1160-2023 | Implements RA 11765 for BSP-supervised institutions; codifies Fair Debt Collection Standards (FDCS) | Could become template for SEC’s upcoming FDCS version covering all lending companies in 2025 |
| Pending 19th-Congress Bills | Senate Bill 1284 / House Bill 4933 – “Online Lending Regulation Act” | Would mandate real-time credit registry reporting, further lower micro-loan interest caps, and criminalize “debt shaming” explicitly |
8. Practical Compliance Checklist for Loan-App Operators
- Corporate housekeeping – Secure SEC Certificate of Incorporation and Certificate of Authority; disclose all beneficial owners.
- Interest policy – Integrate BSP Circular 1133 logic into loan-calculation engine; display APR clearly before confirmation.
- Data-privacy-by-design – Access only name, government ID, selfie, and two mobile numbers explicitly consented as character references. Never scrape full contact list.
- Collection protocol – Adopt RA 11765 Section 4(e) time-of-day limits; maintain recorded line; prohibit profanity and third-party disclosure.
- Complaint desk – 24/7 hotline and email; respond within 7 days.
- Regulator reporting – Quarterly loan-portfolio and complaints matrix to SEC; annual privacy-impact assessment to NPC.
- Third-party collectors – Use written service contracts; ensure collectors undergo privacy & FDCS training.
9. Conclusion
Philippine law now treats excessive interest and harassing collection as twin facets of consumer abuse. Courts can strike down “unconscionable” rates, while regulators wield hard caps (BSP Circular 1133) and broad enforcement under RA 11765 and the Data Privacy Act. Borrowers enjoy multiple, overlapping remedies—administrative, civil, and criminal—against loan-app misconduct. For fintech innovators, strict compliance and transparent, humane collection are no longer optional business niceties but legal necessities.
This article is for informational purposes only and does not constitute legal advice. For specific cases, consult qualified Philippine counsel or the relevant regulators.