If an online lending app is harassing you, threatening your contacts, posting your personal information, or hiding the true cost of your loan, the strength of your SEC complaint will depend less on how angry the messages sound and more on how clearly your evidence proves what happened, who did it, when it happened, and how it violates SEC rules. The goal is to preserve screenshots, messages, call records, app pages, loan documents, and witness statements in a way that the Securities and Exchange Commission can actually review, verify, and act on.
Why Evidence Matters in an SEC Complaint Against an Online Lending App
An SEC complaint against an online lending app is usually an administrative complaint. This means the SEC is looking at whether a lending company, financing company, online lending platform, or its collectors violated laws, circulars, license conditions, disclosure rules, or consumer protection standards.
The SEC is not simply deciding whether you owe money. It is checking whether the lender or collector committed acts such as:
- Harassment or intimidation
- Threats of violence, criminal charges, public shaming, or employer exposure
- Contacting people in your phonebook who are not guarantors
- Publishing your name, photo, ID, or debt information
- Using fake legal documents or pretending to be from a court, police office, barangay, or law firm
- Failing to disclose true charges, interest, fees, and repayment terms
- Operating as an unrecorded online lending platform or without proper authority
The SEC’s 2026 public advisory with the DICT and National Privacy Commission specifically recognized reports of online lending platforms engaging in harassment, intimidation, public shaming, and unlawful use of personal data. It also states that unfair debt collection complaints should be submitted to the SEC through imessage.sec.gov.ph.
Legal Basis: What Rules Protect Borrowers Against Abusive Online Lending Apps?
SEC authority over lending and financing companies
Under Republic Act No. 9474, or the Lending Company Regulation Act of 2007, a lending company must be a corporation and cannot conduct lending business unless it has authority to operate from the SEC. The SEC may regulate lending companies, require reports, exercise visitorial powers, and impose administrative sanctions including suspension, revocation, and fines. (Supreme Court E-Library)
Financing companies are governed by Republic Act No. 8556, or the Financing Company Act of 1998. A financing company is also under SEC authority, except where the Bangko Sentral ng Pilipinas has supervisory authority over quasi-banking functions. RA 8556 also penalizes entities that hold themselves out as financing companies without SEC authority. (Lawphil)
SEC Memorandum Circular No. 18, Series of 2019
SEC Memorandum Circular No. 18, Series of 2019 is the main SEC rule on unfair debt collection practices by financing companies, lending companies, and their third-party service providers. It prohibits collection practices involving violence, threats, illegal action, insults, obscenities, deceptive means, false representations, unreasonable contact hours, and improper disclosure of borrower information.
The same circular treats contacting persons in the borrower’s contact list, other than those named as guarantors or co-makers, as an unfair debt collection practice even if the borrower gave consent to contact access. Violations may lead to fines, suspension, or revocation depending on the offense and circumstances.
Data privacy rules for online lending apps
Online lending complaints often involve both SEC and privacy issues. The 2026 DICT-NPC-SEC advisory states that unnecessary app permissions, excessive processing of contact lists, harassment through personal data, and contacting people other than guarantors for collection are prohibited. It also emphasizes that character references are not automatically guarantors; a guarantor must separately consent to assume responsibility for the loan.
Under Republic Act No. 10173, or the Data Privacy Act of 2012, personal information must be processed according to data privacy principles such as legitimate purpose, proportionality, and transparency. If the lending app harvested contacts, messaged your relatives, posted your photo, or disclosed your debt, the same evidence may support both an SEC complaint and a National Privacy Commission complaint. (Lawphil)
Electronic evidence is legally recognized
Most evidence against online lending apps is digital: screenshots, app screens, SMS, chats, emails, call logs, payment confirmations, and downloadable loan terms. Republic Act No. 8792, or the Electronic Commerce Act of 2000, recognizes electronic data messages and electronic documents, provided their integrity and reliability can be shown. For evidentiary purposes, an electronic document may be treated as the functional equivalent of a written document. (Lawphil)
The Supreme Court’s Rules on Electronic Evidence also govern electronic documents used in civil, administrative, and quasi-judicial proceedings, which is why preserving original files, timestamps, context, and device records is much better than submitting cropped or edited screenshots alone. (Lawphil)
What Evidence Should You Secure Before Filing?
The strongest complaint packet usually has six kinds of proof.
| Evidence type | What to save | Why it matters |
|---|---|---|
| Identity of the lender or app | App name, developer name, website, SEC registration name, Certificate of Authority number if shown, Play Store/App Store page, screenshots of advertisements | Shows who the respondent is and whether the online lending platform appears recorded or licensed |
| Loan transaction | Loan agreement, disclosure statement, amount borrowed, amount received, deductions, interest, fees, due date, payment schedule | Proves the financial relationship and possible Truth in Lending violations |
| Collection messages | SMS, Viber, Messenger, WhatsApp, Telegram, email, in-app notifications, robocalls, voicemail, demand letters | Shows harassment, threats, false claims, or abusive language |
| Third-party contact evidence | Screenshots from relatives, coworkers, friends, employers, or contacts who were messaged | Proves contact-list misuse and disclosure of loan information to non-guarantors |
| Payment records | GCash/Maya/bank transfers, receipts, reference numbers, repayment history, screenshots from the app | Helps answer disputes about payment, overcharging, or continuing harassment after payment |
| Timeline and impact | Chronological list, call frequency, missed work, employer messages, public posts, mental distress notes, takedown requests | Helps the SEC understand pattern, gravity, and urgency |
Step-by-Step Guide to Securing Evidence for an SEC Complaint
1. Do not delete the app, messages, or call logs yet
Many borrowers instinctively delete the app because they feel unsafe or ashamed. That can remove important proof.
Before deleting anything:
- Turn off unnecessary app permissions such as contacts, photos, camera, microphone, and location.
- Take screenshots of the app’s permissions page.
- Screenshot your loan dashboard, repayment page, and profile page.
- Save any loan contract, disclosure statement, or PDF available in the app.
- Back up messages and call logs.
If you must uninstall the app for safety, preserve evidence first. The 2026 DICT-NPC-SEC advisory specifically warns that online lending apps must not request unnecessary permissions and must not engage in unbridled contact-list processing.
2. Identify the correct respondent
A common weakness in SEC complaints is naming only the app brand, such as “Fast Cash App,” without identifying the company behind it.
Try to capture:
- App name exactly as shown
- Developer or publisher name in the app store
- Website URL
- Email address and hotline shown in the app
- Corporate name shown in the loan agreement
- SEC registration number, if displayed
- Certificate of Authority number, if displayed
- Screenshots of advertisements or social media pages
- Any collection agency name, law office name, or payment account name used
Use official SEC tools where available, such as the SEC iMessage complaint portal and the SEC “Check with SEC” portal, to verify or report the company. The SEC iMessage page also links to “Check with SEC” among its online services. (Securities and Exchange Commission)
3. Capture screenshots properly
For SEC purposes, screenshots should show context, not just the offensive sentence.
Good screenshots should show:
- Date and time on your phone screen
- Sender’s number, username, profile, or email address
- Full message thread before and after the threat
- App name or platform name
- Your phone’s status bar if possible
- The complete post, comment, or group message if public shaming occurred
- URL, page title, or account name for websites and social media pages
Avoid:
- Cropping out the sender
- Blurring everything before saving the original
- Combining images into a collage only
- Using filters, markup, stickers, or captions on the only copy
- Deleting embarrassing parts of the conversation
You may create a redacted copy for privacy, but keep an unredacted original in a secure folder.
4. Save native files where possible
Screenshots are helpful, but native records are stronger.
Where possible, also save:
- Original SMS export or backup
- Email files with headers
- Chat export files
- PDF loan agreement
- Downloaded statement of account
- App notification history
- Call log screenshots
- Voicemail audio files
- Payment confirmation PDFs or receipts
- Bank or e-wallet transaction details
Send copies to your own email or cloud storage so you can prove when you preserved them. Keep the original phone if the messages are still there.
5. Ask contacted relatives, coworkers, or friends to preserve their own proof
If collectors contacted other people, your complaint becomes much stronger when those people provide their own screenshots.
Ask them to save:
- Screenshot of the message
- Sender’s number or profile
- Date and time received
- Full thread if there were repeated messages
- Any image, edited photo, threat, or debt disclosure
- Call log if they were called
- Their short written statement explaining who they are and how they know you
For example:
“I am Maria Santos, sister of Juan Santos. On 10 June 2026 at 9:14 AM, I received a text from mobile number 09XX-XXX-XXXX stating that Juan owed money to [App Name] and threatening to post his photo online. I was not a guarantor or co-maker of the loan.”
A signed statement is useful. A notarized affidavit is stronger if the SEC, NPC, NBI, PNP, prosecutor, or court later requires sworn evidence.
6. Create a simple timeline
Do not make the SEC officer reconstruct everything from 80 screenshots. Make a one-page timeline.
Example:
| Date and time | What happened | Evidence |
|---|---|---|
| 3 June 2026, 2:15 PM | Loan of ₱5,000 approved; only ₱3,800 received after deductions | Exhibit A-1: loan dashboard; A-2: e-wallet receipt |
| 7 June 2026, 8:02 AM | Collector threatened to message employer | Exhibit B-1: SMS screenshot |
| 7 June 2026, 8:20 AM | Employer received message saying borrower was a “scammer” | Exhibit C-1: employer screenshot; C-2: employer statement |
| 8 June 2026, 11:48 PM | Collector sent profane message after 10 PM | Exhibit D-1: SMS screenshot |
| 9 June 2026 | Borrower paid ₱2,000 but harassment continued | Exhibit E-1: GCash receipt; E-2: later messages |
This format helps show repeated violations, unreasonable contact times, disclosure to third parties, and collection after payment.
7. Organize exhibits before uploading
A good file structure makes your complaint easier to evaluate.
Use file names like:
A-1_App_Profile_and_Developer.pngA-2_SEC_or_CA_Details.pngB-1_Loan_Dashboard_Amount_and_Due_Date.pngB-2_Disclosure_Statement.pdfC-1_Threat_SMS_2026-06-07_0802.pngC-2_Employer_Message_2026-06-07.pngD-1_Payment_Receipt_GCash_Ref12345.pdfE-1_Timeline.pdf
If there are many files, make an evidence index:
| Exhibit | Description | File name |
|---|---|---|
| A | Identity of app and company | A-1 to A-4 |
| B | Loan documents and charges | B-1 to B-5 |
| C | Harassment messages to borrower | C-1 to C-12 |
| D | Messages to third parties | D-1 to D-6 |
| E | Payments made | E-1 to E-3 |
8. Preserve the original device and metadata
For ordinary complaints, the SEC may rely on submitted copies. But if the matter escalates, the original device, account, or file metadata may become important.
Practical preservation steps:
- Keep the phone where the messages were received.
- Do not factory reset the device.
- Do not rename or edit original files unless you first made a separate working copy.
- Back up the entire folder to cloud storage or an external drive.
- Email the evidence folder to yourself.
- Keep SIM cards used for the loan and collection messages.
- Save the original e-wallet or bank transaction history.
- Keep a note of the phone model, SIM number, email account, and app version if known.
For stronger integrity, you may compress the evidence folder into a ZIP file and keep one untouched copy. For serious harassment, threats, identity misuse, or public shaming, preserving the original phone may help law enforcement or a digital forensic examiner verify the evidence later.
9. Be careful with call recordings
Many collectors harass borrowers through calls because they think calls leave less evidence. You can still preserve call logs, voicemail, screenshots of missed calls, and written summaries.
Be careful about secretly recording calls. Republic Act No. 4200, the Anti-Wiretapping Law, prohibits recording private communications without authorization from all parties, and illegally obtained recordings may be inadmissible in judicial, quasi-judicial, legislative, or administrative proceedings. (Lawphil)
Safer evidence includes:
- Call log screenshots
- Voicemail left by the collector
- Follow-up text messages confirming what was said
- Your written incident note made immediately after the call
- Witness statement from someone who personally heard the call on speaker, if applicable
How to Submit the Complaint to the SEC
The SEC’s iMessage system is the current official web-based ticketing platform for public inquiries, complaints, incidents, and requests. The SEC user guide says iMessage replaces informal channels such as email and Google Forms, automatically generates a unique electronic ticket, and allows users to track the status of submissions. (Securities and Exchange Commission)
Basic filing steps
- Go to the SEC iMessage complaint portal.
- Open a new ticket.
- Sign in or create the required account if prompted.
- Choose the service related to complaints on financing and lending companies.
- State the respondent’s company name and app name.
- Briefly describe the violation.
- Attach your complaint narrative, timeline, and evidence index.
- Upload the most important exhibits first.
- Keep the ticket number.
- Monitor the ticket for SEC replies or compliance requests.
The iMessage user guide lists “Complaints on Financing and Lending Companies” under the Financing and Lending Companies Department, Legal and Enforcement Division. (Securities and Exchange Commission)
What to write in the complaint narrative
Keep the narrative factual and chronological. Avoid insults or long emotional explanations. The evidence should speak.
Use this structure:
Complainant details Name, contact number, email, address, and whether you are the borrower, contacted third party, employer, relative, or guarantor.
Respondent details App name, company name, website, email, phone numbers, payment account names, and any SEC registration or authority number shown.
Loan details Date borrowed, principal amount, amount actually received, charges deducted, due date, and payments made.
Acts complained of List each act: threats, insults, public shaming, contacting non-guarantors, disclosure of debt, false legal threats, excessive calls, hidden charges, or unrecorded platform.
Evidence summary Refer to exhibits by label, not by vague phrases like “see attached.”
Relief requested Request SEC investigation and appropriate administrative action under SEC rules.
Sample concise statement
I respectfully submit this complaint against [Company Name/App Name] for unfair debt collection practices. I obtained a loan through the app on [date]. Beginning [date], collectors using the numbers shown in Exhibits C-1 to C-5 sent threatening and insulting messages. They also contacted my sister and employer, who were not guarantors or co-makers, and disclosed my alleged loan obligation, as shown in Exhibits D-1 to D-3. I request investigation and appropriate SEC action under SEC Memorandum Circular No. 18, Series of 2019, and related laws and regulations.
When to File With Other Agencies Too
Some conduct may need more than an SEC complaint.
| Problem | Agency to consider | Evidence to prepare |
|---|---|---|
| Unfair debt collection by lending or financing company | SEC | Loan records, app identity, threats, messages, calls, third-party contact proof |
| Contact-list harvesting, public shaming, misuse of personal data | National Privacy Commission | Privacy notice, app permissions, messages to contacts, screenshots of disclosure |
| Threats, extortion, identity theft, cyber libel, hacking, scams | PNP Anti-Cybercrime Group or NBI Cybercrime Division | Threat messages, sender accounts, URLs, payment accounts, call logs, device details |
| Fraudulent lender or investment-style scam | SEC Enforcement and Investor Protection Department, NBI, PNP | Ads, payment requests, promises, company identity, receipts |
| False barangay, police, court, or prosecutor threats | PNP/NBI and SEC | Fake summons, fake warrant, fake demand letter, sender details |
The 2026 DICT-NPC-SEC advisory lists SEC FINLEND for unfair debt collection practices and also refers the public to DICT, NBI Cybercrime Division, and PNP Anti-Cybercrime Group for other harassment, threats, fraud, and scams.
For privacy complaints, the NPC states that a complaint may be filed with a notarized complaint-assisted form or verified complaint, together with evidence and witness affidavits. NPC materials also state that investigating officers have 30 calendar days from receipt to give due course or dismiss a complaint without prejudice, and that the full process may take about 10 to 12 months up to final adjudication. (National Privacy Commission)
Special Notes for OFWs, Foreigners, and People Outside the Philippines
If you are abroad, you can still preserve and submit digital evidence. The important points are identity, chronology, and authenticity.
Practical tips:
- Use Philippine time when listing events, or state both local time and Philippine time.
- Keep screenshots showing the country code of numbers that contacted you.
- Save app store pages available in your country and, if possible, Philippine-facing pages.
- Ask relatives in the Philippines who received messages to preserve their own screenshots.
- If an affidavit is needed, ask the receiving agency whether it requires notarization, consular notarization, apostille, or local notarization abroad.
For Philippine public documents to be used abroad, the DFA Apostille system applies. For documents executed abroad and intended for use in the Philippines, authentication requirements depend on where the document was issued and whether the country is covered by the Apostille Convention or requires consular legalization. Check the DFA Apostille information page when sworn documents are needed across borders. (Apostille Philippines)
Common Mistakes That Weaken SEC Complaints
Deleting the app too early
Deleting the app may erase the loan dashboard, disclosure statement, app notifications, account ID, and repayment history. Capture those first.
Submitting screenshots without context
A screenshot saying “Magbayad ka na” is weaker than a screenshot showing the sender, date, time, full threat, loan reference, and repeated contact.
Not proving that third-party contacts were not guarantors
If your cousin or coworker was contacted, state clearly whether that person was merely in your contacts, a character reference, or a guarantor. The 2026 advisory emphasizes that character references and guarantors are different, and that a guarantor must separately consent to be bound.
Mixing multiple apps in one confusing complaint
If three lending apps harassed you, separate the facts and exhibits by app. Otherwise, the SEC may have difficulty determining which company committed which act.
Posting everything publicly before filing
Public posting may expose your own personal data or the personal data of your contacts. Preserve evidence privately first. If you need to redact copies for safety, keep the originals.
Sending only emotional statements
It is understandable to feel scared or humiliated. But an SEC complaint should still be evidence-driven. A short, factual, well-labeled complaint is usually more effective than a long narrative without exhibits.
Ignoring payment and loan records
Even if your main complaint is harassment, the SEC may still need to see the loan transaction, amount received, deductions, due date, and payments to understand the context.
Required Documents and Practical Timeline
| Item | Recommended content | Notes |
|---|---|---|
| Complaint narrative | 1–3 pages, chronological, factual | Use exhibit labels |
| Evidence index | Table of exhibits | Helps SEC review attachments quickly |
| Screenshots | Full screen, uncropped originals | Keep redacted copies separate |
| Loan documents | Agreement, disclosure, dashboard, repayment schedule | Important for Truth in Lending and fee disputes |
| Payment proof | E-wallet, bank, OTC receipts, reference numbers | Include dates and amounts |
| Third-party statements | Screenshots and short statement from contacted persons | Notarize only if required or if escalating |
| Valid ID | Government ID of complainant | Often requested for formal complaints |
| Timeline | Date, time, act, evidence | Helps show pattern and repeated violations |
| SEC ticket record | Ticket number, replies, uploads | Keep all portal updates |
SEC iMessage should generate a ticket when you file, and the system allows users to check ticket status and post replies or upload additional files when needed. (Securities and Exchange Commission)
There is no single fixed timeline for every SEC online lending complaint. The speed depends on whether the respondent is identifiable, whether the company is under SEC jurisdiction, the completeness of evidence, the number of complaints, and whether the matter is routed for monitoring, investigation, enforcement, or referral. Under the SEC Rules of Procedure, an investigation may begin from a public complaint, referral, or anonymous tip, and the operating department has discretion to expand the investigation based on evidence gathered. (SEC Appointment System)
Frequently Asked Questions
Are screenshots enough for an SEC complaint against a lending app?
Screenshots can be enough to start a complaint, especially if they show the sender, date, time, full message, and app or company identity. But screenshots are stronger when supported by original messages, call logs, loan documents, payment receipts, app screenshots, and statements from contacted third parties.
Should I delete the online lending app after harassment starts?
Preserve evidence first. Screenshot the loan dashboard, repayment details, app permissions, profile page, company details, and any available contract or disclosure statement. After preserving evidence, you may restrict permissions or uninstall if needed for safety.
What if the collector used different phone numbers?
List each number in your timeline. Screenshot the messages and call logs from each number. If the wording, payment account, loan reference, or app name connects them to the same lending app, explain that connection in your complaint.
Can I include screenshots from my relatives or employer?
Yes. In fact, those screenshots are very important if the lending app contacted people who were not guarantors. Ask the person who received the message to preserve the original message and provide a short statement explaining what they received and whether they consented to be a guarantor.
What if the app says I allowed access to my contacts?
Consent to app permissions does not automatically allow harassment, public shaming, excessive processing, or debt collection from non-guarantors. The 2026 DICT-NPC-SEC advisory states that contacting persons in a borrower’s contact list other than guarantors is prohibited for debt collection purposes.
Can the SEC cancel my loan?
The SEC complaint process focuses on regulatory violations by lending and financing companies. It may lead to investigation, fines, suspension, revocation, or other administrative action. Disputes about the exact amount owed, overpayment, damages, or criminal liability may require separate remedies depending on the facts.
Should I file with the SEC or NPC?
File with the SEC for unfair debt collection, unlicensed lending, undisclosed charges, or online lending platform violations. File with the NPC when the issue involves misuse of personal data, contact-list harvesting, public shaming, unauthorized disclosure, or violation of data privacy rights. Many online lending cases involve both.
How do I prove that a public shaming post came from the lending app?
Capture the post, account name, URL, comments, date, time, profile page, and any connection to the collector or loan account. Ask people who saw the post to screenshot it too. If the post was later deleted, your preserved screenshots and witness statements become more important.
Is it okay to secretly record collector calls?
Be very careful. RA 4200 prohibits recording private communications without authorization from all parties, and illegally obtained recordings may be inadmissible. Safer evidence includes call logs, voicemail, written incident notes, follow-up messages, and screenshots showing repeated calls. (Lawphil)
What if I do not know the company behind the app?
File with the information you have: app name, developer name, store page, website, screenshots, phone numbers, emails, payment accounts, and loan documents. State clearly that the corporate identity is unknown and request SEC assistance in identifying whether the app is connected to a registered lending or financing company.
Key Takeaways
- Preserve evidence before deleting the app, messages, call logs, or payment records.
- Strong SEC complaints prove four things: the lender’s identity, the loan transaction, the abusive act, and the timeline.
- SEC Memorandum Circular No. 18 prohibits threats, insults, public shaming, false representations, unreasonable contact hours, and improper contact with non-guarantors.
- Contact-list access is not a license to harass your relatives, coworkers, or friends.
- Keep full, uncropped screenshots and original digital records whenever possible.
- Organize your complaint with a short narrative, timeline, evidence index, and labeled exhibits.
- Use SEC iMessage for complaints on financing and lending companies, and keep your ticket number.
- File with the NPC too if the case involves misuse of personal data, public shaming, or contact-list abuse.
- For threats, scams, identity misuse, or cybercrime, preserve the same evidence for the NBI Cybercrime Division or PNP Anti-Cybercrime Group.