How to Check SEC Registration of a Lending Company in the Philippines

How to Check SEC Registration of a Lending Company in the Philippines

This comprehensive guide explains how to verify whether a lending company is legitimately registered and authorized to operate in the Philippines, the legal bases to look for, red flags, and what to do if you encounter an unregistered or abusive lender.

1) Why SEC Registration Matters

Under Republic Act No. 9474 (Lending Company Regulation Act of 2007) and its IRR, only corporations may engage in the business of granting loans from their own funds for the borrower’s personal, family, household, or business purposes. Registration with the Securities and Exchange Commission (SEC) as a corporation is not enough—a lending company must also secure a Certificate of Authority (CA) to Operate as a Lending Company from the SEC before starting operations.

Operating without a CA (or after revocation) exposes the entity and its officers to administrative, civil, and criminal liability, including fines, imprisonment (in certain cases), and orders to cease and desist.

Key distinction:

  • Lending Companies (RA 9474) lend their own funds.
  • Financing Companies (RA 8556) extend credit or financial accommodation to the public; they have a similar SEC regime but a different statute and specific rules.
  • Banks and NSSLAs (e.g., cooperatives) follow separate laws and supervisors (e.g., BSP, CDA). Make sure you are checking the right regulator.

2) What “Properly Registered” Looks Like

A legitimate Philippine lending company will typically have all of the following:

  1. SEC Certificate of Incorporation (showing the company is a registered corporation).
  2. SEC Certificate of Authority (CA) to Operate as a Lending Company (explicitly referencing RA 9474/its IRR).
  3. Corporate Name Requirement: The corporate name generally includes the words “Lending Company” (or similar required term), signaling its regulated nature.
  4. Minimum Paid-In Capital: At least ₱1,000,000 (as historically required by RA 9474/IRR).
  5. Principal Office located in the Philippines (as indicated in SEC records).
  6. Local Business Permits (mayor’s permit, barangay clearance) and BIR Registration (secondary but still part of lawful operation).
  7. AMLC Registration & Compliance (lending/financing companies are “covered persons” under the AMLA framework and must register and implement AML/CFT controls).
  8. Consumer Protection/Privacy Compliance: Clear, lawful collection practices and proper data privacy notices/consents (Data Privacy Act, NPC issuances).

Online Lending? Lenders offering loans via apps or websites must comply with SEC rules on Online Lending Platforms (OLPs) (e.g., registration/notification requirements, disclosures, and conduct standards). Apps should be traceable to a single, clearly identified SEC-registered lending/financing company with a valid CA.

3) How to Verify SEC Registration (Step-by-Step)

A. Check the SEC’s public corporate database

  • Search the exact corporate name the lender is using.
  • Confirm: (i) company status (registered/active), (ii) SEC Registration Number, and (iii) principal office.
  • Ensure the corporate name matches precisely what appears in ads, app stores, contracts, receipts, and the lender’s website or social pages.

B. Confirm the Certificate of Authority (CA)

  • A company can exist as a corporation without being authorized to lend.

  • Ask the lender to provide a copy of its CA (not just the Certificate of Incorporation).

  • Verify the following on the CA:

    • Company name (exact match with the corporate database),
    • CA Number and date of issuance,
    • Authorized activity (to operate as a lending company),
    • Status (not suspended/revoked).

  • If in doubt, request SEC-verified copies of corporate documents (e.g., Articles of Incorporation, GIS, latest CA) through SEC’s official document request channels.

C. Cross-check Online Lending Platforms (if applicable)

  • If the lender operates through an app or website, confirm that the platform is duly registered to the same corporation and that the app developer/publisher information matches the SEC-registered entity.
  • Beware of apps that use a brand name different from the corporate name and refuse to disclose the underlying SEC-registered entity.

D. Review disclosures and fees

  • The Truth in Lending Act (RA 3765) requires clear disclosure of the total finance charge and effective interest rate prior to loan consummation.
  • Contracts, app screens, and FAQs should show all fees, penalties, and collection methods.

E. Confirm local compliance

  • Ask for copies or details of mayor’s permit, BIR registration, and, when relevant, lease or proof of principal office.
  • While these do not substitute for the SEC CA, they indicate legitimate presence and traceability.

4) Red Flags That Suggest the Lender Is Not Properly Registered

  • No SEC CA presented upon request, or evasive answers (“pending,” “processing,” “confidential”).
  • Corporate name mismatch between certificates and public-facing materials (website, app, receipts).
  • Sole proprietorship or partnership claiming to be a “lending company.” (RA 9474 requires a corporation.)
  • Harassing or abusive debt collection (threats, doxxing, contacting employer/relatives unrelated to the loan, public shaming).
  • Excessive data permissions in apps (e.g., blanket access to contacts, photos, or location unrelated to loan underwriting or servicing).
  • Hidden fees or inability/unwillingness to disclose the effective interest rate and total finance charge.
  • Multiple apps/brands that all refuse to identify the single SEC-registered entity behind them.

5) Special Considerations for Online/App-Based Lending

  • Registration/Authorization: The company must have an SEC CA; the platform (app/website) must comply with SEC OLP rules (e.g., one principal entity per platform, proper disclosures).
  • Data Privacy Act compliance: Apps must provide specific, informed consent, data minimization, and allow the user to exercise data subject rights (access, correction, deletion where applicable).
  • Collections conduct: SEC circulars prohibit unfair debt collection practices (e.g., profane language, threats of harm, contacting persons not listed as co-makers/guarantors, public shaming).
  • Advertising: Claims in ads must be truthful and consistent with actual rates/charges and corporate identity.

6) What To Ask the Lender (Template)

  1. “Please provide your SEC Registration Number and Certificate of Authority (CA) to Operate as a Lending Company, including the CA number and issuance date.”
  2. “Is your app/website registered under the same corporate name shown on your SEC certificates? Please provide the legal name and show the connection.”
  3. “Kindly disclose the effective interest rate (EIR), total finance charge, fees/penalties, and collection practices in writing.”
  4. “Who is your Data Protection Officer (DPO) and what is your privacy notice URL/email for data rights requests?”
  5. “What is your principal office address and customer support contact information?”

7) Document Checklist for Your File

  • Copy of SEC Certificate of Incorporation
  • Copy of SEC Certificate of Authority (CA) to Operate as a Lending Company
  • Latest General Information Sheet (GIS) (to see current directors/officers)
  • Articles of Incorporation/By-laws (to confirm purpose includes lending)
  • Mayor’s Permit and BIR Registration
  • Privacy Notice and DPO contact
  • Standard Loan Agreement, amortization schedule, full fee/rate disclosure, and collection policy
  • For OLPs: App/website ownership details, platform registration/notification evidence, and mapping from brandlegal entity

8) If You Suspect an Illegal or Abusive Lender

  • SEC (Enforcement and Investor Protection/Corporate Governance and Finance): File a complaint with copies of IDs, contracts, payment proofs, screenshots, call recordings, and the lender’s contact details.
  • National Privacy Commission (NPC): File a complaint for data privacy abuses (e.g., unauthorized scraping of contacts, excessive data processing, or harassment using personal data).
  • PNP Anti-Cybercrime Group (ACG): For harassment, extortion, or threats.
  • DTI/Local Government: For deceptive advertising or permit-related issues.
  • App Stores: Report fraudulent or policy-violating apps (keep screenshots and transaction references).

9) Practical Tips for Borrowers and Compliance Teams

  • Insist on exact names. Always compare names in certificates vs apps/websites/receipts. A one-letter difference can indicate a different entity.
  • Save everything. Keep screenshots of rates shown before you click “Accept,” copies of contracts, and payment confirmations.
  • Check revocations/advisories. The SEC regularly issues advisories, cease-and-desist orders, and revocation lists for erring lenders and OLPs.
  • Watch for layered entities. Some groups use multiple corporations/brands. Verify which corporation is actually extending your loan and holding your data.
  • Mind the interest computation. Focus on the Effective Interest Rate (EIR) and total finance charge, not just the nominal rate.
  • Collections boundaries. You are not required to allow harassment, doxxing, or threats. Keep records and report abuses promptly.

10) Frequently Asked Questions (FAQ)

Q1: Is a DTI Business Name certificate enough? No. Lending companies must be corporations and need an SEC Certificate of Authority. A DTI business name applies to sole proprietors and is not valid authority to operate a lending business.

Q2: Do Certificates of Authority expire? They remain valid unless suspended or revoked or unless SEC rules impose renewal requirements. Always verify current status (not just existence).

Q3: Can a financing company issue small consumer loans like a lending company? Yes, but it must comply with the Financing Company Act and SEC rules applicable to financing companies, and—if operating online—the OLP rules. The entity type and authorizations must match the activity.

Q4: Are interest rates capped? The Usury Law ceilings were effectively lifted decades ago by Central Bank circulars; however, specific caps can apply in certain sectors (e.g., credit cards) or under specific laws/regulations. Regardless of caps, lenders must comply with disclosure and fair dealing rules.

Q5: The app shows a brand name only—no corporation. Is that okay? No. The legal entity must be clearly identified, and it must have an SEC CA. Lack of corporate identity is a major red flag.

11) Quick Self-Audit (for Lenders/OLPs)

  • Corporate name includes “Lending Company” (or required term) and matches all channels
  • SEC CA on file, visible at place of business, and readily shareable to customers
  • OLP compliance for any app/website; one principal entity per platform; disclosures in place
  • Truth in Lending disclosures (EIR, total finance charge, fees/penalties) provided before consummation
  • Collection policy aligned with SEC circulars (no harassment/public shaming)
  • Privacy notice and DPO contact disclosed; data minimization practiced
  • AMLC registration and AML/CFT controls implemented
  • Permits/BIR current; principal office accurate and staffed

12) Bottom Line

To confirm if a lending company is legitimate in the Philippines, you must verify two pillars:

  1. The corporation exists and is active (SEC corporate registration); and
  2. It holds a valid SEC Certificate of Authority to Operate as a Lending Company (and, if online, it follows OLP rules).

If either pillar is missing—or if the lender refuses to provide documents, hides behind a brand name, or engages in abusive practices—treat it as a serious warning sign and consider reporting to the proper authorities.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login