How to Report Illegal Online Lending Apps to Authorities Philippines

How to Report Illegal Online Lending Apps to Philippine Authorities (A comprehensive legal guide updated to June 18 2025)

1. Why illegal lending apps are a public-interest problem

Unregistered or abusive digital lenders typically (1) operate without the Certificate of Authority (CA) that Republic Act No. 9474 (Lending Company Regulation Act of 2007) requires, (2) harvest excessive personal data in breach of the Data Privacy Act of 2012 (RA 10173), and (3) use threats, public shaming, or doxxing to force repayment—conduct expressly outlawed by SEC Memorandum Circular (MC) No. 18-2019 and reinforced by RA 11765 (Financial Products and Services Consumer Protection Act, 2022). Under RA 9474, operating without a CA is punishable by a ₱10,000–₱50,000 fine and/or six months to 10 years’ imprisonment. RA 10175 (Cybercrime Prevention Act) adds stiffer penalties if the harassment is done through ICT.

2. Key regulators and their jurisdiction

Authority What they investigate Core legal basis How they can sanction
Securities and Exchange Commission (SEC) — Enforcement & Investor Protection Dept. (EIPD) Lending companies and their apps; registration fraud; abusive collection RA 9474; SEC MC 18-2019; MC 10-2021; RA 11232 (Revised Corporation Code) Cease-and-Desist Orders, Certificate-of-Authority revocation, fines up to ₱1 million per offense, criminal referral to DOJ
Bangko Sentral ng Pilipinas (BSP) — Financial Consumer Protection Dept. Banks and BSP-supervised non-bank credit platforms using apps RA 7653, RA 11765, BSP Circular 1160-2022 Administrative fines, restitution, suspension of activities
National Privacy Commission (NPC) Over-collection, unauthorized disclosure, “contact scraping,” or public shaming of borrowers RA 10173; NPC Circular 2023-01 Compliance orders, ₱5 million per violation, criminal referral
PNP Anti-Cybercrime Group (PNP-ACG) & NBI-Cybercrime Division Threats, libel, identity theft, sexual harassment, SIM-bank fraud RA 10175; Revised Penal Code Arrest, search-and-seizure, digital forensic preservation
Department of Trade and Industry–Consumer Protection Group (DTI-CPG) False advertising, deceptive selling of “zero-interest” loans Consumer Act (RA 7394) Administrative fines, product recall
National Telecommunications Commission (NTC) SMS spam, illegal SIM-based loan marketing Public Telecommunications Policy Act (RA 7925) Short-code blocking, telco fines

Tip: A single complaint may be copied to several agencies if it touches multiple violations (e.g., SEC for illegal lending + NPC for privacy breach).

3. Spotting an illegal or abusive online lender

  1. No SEC Certificate of Authority — Check the public “List of Registered Online Lending Platforms” on sec.gov.ph; if absent, treat it as unlicensed.
  2. Excessive smartphone permissions — Apps that demand access to contacts, photo gallery, or microphone for a cash-loan service contravene SEC MC 18-2019 (only camera and basic storage for KYC are permitted).
  3. Harassment scripts — Threatening calls, texts to your employer/relatives, public Facebook posts, or fake “legal notices.”
  4. Unusually high interest or “service fees” — While Philippine law has no usury cap after CB Circular 905-1982, unexplained fees can be “unfair” under RA 11765 and DTI rules.
  5. Anonymous ownership / non-existent physical office — RA 9474 mandates a local principal office; ghost addresses are red flags.

4. Evidence to gather before you file

Item Why it matters
Screenshots of the app page (name, developer, required permissions) Shows the identity of the platform and the scope of data requested
Loan agreement / e-contract PDF Proves the commercial relationship and usurious terms
Payment history or e-receipts Establishes that money was lent and/or repaid
Harassing texts, emails, call recordings, or social-media posts Core proof for privacy, cyber-libel, or unfair collection charges
Proof that the app is not in the SEC list (dated printout) Supports allegation of operating without authority
Valid ID and sworn statement Required by SEC & NPC complaint forms

Keep digital originals. If you print, initial every page and sign a notarized Affidavit of Authenticity.

5. Step-by-step: Filing with the SEC (primary forum)

  1. Download and accomplish the “SEC Lending Complaint Form.” Available at any SEC Extension Office or downloadable PDF.

  2. Attach your Affidavit and evidence.

  3. Email the packet to epd@sec.gov.ph or file physically at:

    Enforcement and Investor Protection Department Ground Floor, North Wing, Secretariat Building, PICC Complex, Pasay City 1307

  4. Subject line: “COMPLAINT RE: Illegal Online Lending App – [App Name]”.

  5. Wait for docket number (usually within 3–7 working days).

  6. Respond promptly to clarificatory emails or subpoenas. Non-compliance can delay or dismiss your case.

  7. Possible outcomes:

    • Within 45–90 days, SEC may issue a Show-Cause Order → Cease-and-Desist Order (CDO) → CA revocation.
    • If criminal intent appears, SEC endorses the case to the DOJ for prosecution under RA 9474.

6. Parallel or alternative complaints

Agency How to file Key form / e-mail
NPC (privacy) Online: npc.gov.ph “File a Complaint” portal; attach proof of unauthorized contact scraping complaints@privacy.gov.ph
BSP (if lender is a bank/e-money issuer) Hotline: (02) 8708-7087; Email: consumeraffairs@bsp.gov.ph BSP Consumer Assistance Form
PNP-ACG Walk-in: Camp Crame or nearest regional cybercrime unit; Online: report@pnpacg.ph Sworn complaint & device turnover
NBI-Cybercrime Online queue at c3.nbi.gov.ph; pick up order of payment; file at NBI HQ Taft Ave. NBI CCAD Complaint Sheet
DTI e-Complaint via complaint.dti.gov.ph Consumer Complaint Form
NTC Email ntc.spamreport@ntc.gov.ph with screenshots of unsolicited loan SMS None; free-form complaint

Best practice: lodge the SEC case first, then send the same packet to NPC and PNP-ACG citing the SEC docket number for cross-reference.

7. After filing: What to expect

Timeline (approx.) SEC procedure Your role
Day 0–7 Docketing & preliminary assessment Check email for docket number
Day 8–30 Clarificatory conference (virtual or face-to-face) Present original evidence; answer questions
Day 31–60 Show-Cause Order to respondent You are copied for transparency
Day 61–90 CEASE-AND-DESIST ORDER; public listing on SEC website Forward CDO to app store & local telcos to expedite takedown
3–12 months Administrative fines or CA revocation; criminal referral May be called as witness in DOJ case
12 months+ Court trial (if criminal) Attend hearings; execute judicial affidavit

Restitution or refunds are not automatic; pursue these via (1) a separate civil action for damages, or (2) BSP mediation if the lender is BSP-regulated.

8. Template: Sworn complaint-affidavit (excerpt)

I, [Name], Filipino, of legal age, ... state under oath:

  1. On [date], I installed the mobile application “Quick-Pera Pro”
  2. Said app is not included in the SEC’s List of Registered Online Lending Platforms dated [attach].
  3. Despite paying the agreed loan plus fees, the app’s collectors sent threatening messages … … PRAYER: I respectfully request that the SEC issue a Cease-and-Desist Order and initiate criminal action under RA 9474 and RA 11765.

Sign before a notary public; affix government-issued ID.

9. Preventive tips for borrowers and employers

  1. Always verify the lender’s CA via https://apps.sec.gov.ph/online-lending.
  2. Grant only camera & storage permissions; deny contacts and location.
  3. Use a secondary e-mail/SIM for loan apps to limit data exposure.
  4. Educate HR: never disclose employee data to third-party collectors without a court order.
  5. Report spam SMS promptly to NTC and telco (forward to 7726).

10. Frequently-asked questions

Question Short answer
Can I stop paying once the app is proven illegal? The loan obligation may still stand in civil law; consult counsel before ceasing payment.
Will my complaint be public? SEC decisions are posted online, but personal identifiers are redacted.
Can I sue for moral damages? Yes—file a separate civil action citing Article 26 (privacy) and Article 2219 (moral damages) of the Civil Code.
What if the app is hosted abroad? SEC can still order local takedown; PNP-ACG coordinates with INTERPOL for further action.

Conclusion

The Philippine regulatory framework now gives consumers multiple avenues—SEC as the lead, supported by NPC, BSP, PNP-ACG, NBI, DTI, and NTC—to dismantle rogue lending platforms and punish abusive collectors. The fastest way to protect yourself (and the public) is to document everything and lodge a well-prepared complaint with the SEC, copying other agencies as relevant. Vigilant reporting not only curbs illegal apps but also strengthens jurisprudence for fair-play digital finance in the Philippines.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login