If an online lending app is harassing you, contacting your family or coworkers, threatening to shame you online, or using your personal data to pressure you into paying, the strength of your SEC complaint will depend heavily on the evidence you preserve. The SEC can act against abusive collection practices, but it needs clear proof: who did what, when it happened, how it relates to a specific loan or app, and why the conduct violates Philippine lending, financing, consumer protection, and data privacy rules.
Why Evidence Matters in an SEC Complaint Against an Online Lending App
Most online lending app complaints involve fast-moving digital evidence: SMS, chat messages, call logs, screenshots, app permissions, push notifications, contact-list misuse, social media posts, and payment demands. These can disappear quickly when:
- the collector deletes messages;
- the app is removed from Google Play or the App Store;
- the borrower changes phones;
- the number used by the collector becomes unreachable;
- social media posts are taken down;
- the borrower accidentally deletes the chat thread; or
- the phone automatically clears old call logs or notifications.
The SEC’s concern is usually not whether you borrowed money. Its concern is whether the lending company, financing company, online lending platform, or its collectors violated rules on fair collection, proper registration, truthful disclosure, interest and charges, customer service, privacy-related conduct, or authority to operate.
The SEC now uses iMessage, its official web-based ticketing system, for public inquiries, complaints, incidents, and requests. The system creates an electronic ticket and allows users to check the status of submissions. The SEC iMessage user guide also lists “Complaints on Financing and Lending Companies” under the Financing and Lending Companies Department’s Legal and Enforcement Division. (Securities and Exchange Commission)
Legal Basis: What Online Lending App Conduct Can Be Reported
SEC Regulation of Lending and Financing Companies
The SEC supervises lending and financing companies under specific laws. Republic Act No. 9474, or the Lending Company Regulation Act of 2007, regulates lending companies and gives the SEC authority over their establishment and operation. Republic Act No. 8556, the Financing Company Act of 1998, regulates financing and leasing companies and specifically aims to prevent practices prejudicial to public interest. (Lawphil)
Online lending platforms are not treated as lawless apps simply because they operate through mobile phones. If the app is connected with a lending company or financing company, the SEC may examine whether the company and its online platform complied with SEC rules. The 2026 DICT-NPC-SEC public advisory also refers to online lending platforms as mobile lending applications, websites, and other fintech-enabled systems where the products of financing companies and lending companies are made available.
SEC Memorandum Circular No. 18, Series of 2019
The main SEC rule on abusive collection is SEC Memorandum Circular No. 18, Series of 2019, which prohibits unfair debt collection practices by financing companies, lending companies, and third-party service providers hired by them. The circular covers conduct such as threats of violence, threats to take illegal action, abusive language, publication of borrower information, false or deceptive collection methods, unreasonable collection times, and improper contact with persons in the borrower’s contact list.
The circular is important because it makes the lending or financing company responsible even when the harassment is done by a collector, agent, call center, outsourced collection agency, or third-party service provider. It states that outsourced collectors are considered agents, and ultimate responsibility for collection practices remains with the financing or lending company.
Data Privacy and Contact-List Abuse
Many online lending app cases involve data privacy issues: accessing the borrower’s contacts, messaging relatives, posting debt-shaming content, or using personal photos. The Data Privacy Act of 2012, or Republic Act No. 10173, protects personal information in government and private information systems. The National Privacy Commission has also issued rules on personal data processing for loan transactions, including NPC Circular No. 20-01 as amended by NPC Circular No. 2022-02. (National Privacy Commission)
The 2026 DICT-NPC-SEC advisory states that unnecessary app permissions, unauthorized or excessive processing of contact lists, harassment, public shaming, and contacting persons other than guarantors for debt collection are prohibited. It also reminds borrowers to download online lending apps only from official or verified sources and to check whether they are operated by registered and licensed entities.
Financial Consumer Protection
Republic Act No. 11765, the Financial Products and Services Consumer Protection Act, applies to financial products and services and empowers financial regulators, including the SEC, to protect consumers under their jurisdiction. This law strengthens the SEC’s ability to address abusive, fraudulent, or unfair practices involving financial products and services. (Lawphil)
What Evidence Should You Secure?
A strong SEC complaint usually has four kinds of evidence: identity evidence, loan evidence, harassment evidence, and preservation evidence.
| Evidence Type | What to Save | Why It Matters |
|---|---|---|
| Identity of the app/company | App name, developer name, website, privacy policy, SEC registration details, Certificate of Authority if available, screenshots from the SEC list or app store | Shows who the respondent is and whether the app is tied to a registered lending or financing company |
| Loan transaction | Loan agreement, disclosure statement, amount borrowed, amount received, deductions, due date, interest, penalties, repayment history | Shows the transaction being collected and whether disclosures or charges appear questionable |
| Collection abuse | SMS, chat messages, call logs, screenshots, voice notes, social media posts, messages sent to contacts, threats, abusive language | Shows the specific unfair collection practices |
| Preservation proof | Backup folder, file dates, exported chat files, screenshots with timestamps, affidavit or written chronology | Helps show that your evidence was not invented, edited, or selectively created later |
Step-by-Step Guide to Secure Evidence Before Filing With the SEC
1. Do Not Delete the App, Messages, or Call Logs Yet
Your first instinct may be to uninstall the app immediately. That is understandable, especially if you feel unsafe. But if you delete the app too soon, you may lose:
- the in-app loan agreement;
- repayment schedule;
- disclosure statement;
- customer service chat;
- notifications;
- app permissions;
- privacy notice;
- account details; and
- transaction history.
Before uninstalling, take screenshots and screen recordings of the important pages. If the app is aggressively accessing permissions, you may revoke unnecessary permissions after preserving screenshots of what permissions were requested or granted.
For Android phones, take screenshots of:
- the app info page;
- app permissions;
- notification permissions;
- developer details from Google Play;
- privacy policy link;
- data safety information, if available;
- loan dashboard; and
- all in-app messages.
For iPhone users, capture:
- the app’s App Store page;
- app privacy details;
- Settings page showing permissions;
- notifications received;
- loan dashboard;
- repayment page; and
- any in-app chat or collection notice.
2. Identify the Real Respondent, Not Just the App Name
Many borrowers only know the app name. But SEC complaints are stronger when you identify the company behind the app.
Look for:
- registered corporate name;
- SEC registration number;
- Certificate of Authority number, if shown;
- office address;
- customer service email;
- privacy policy owner;
- data protection officer;
- app developer name;
- payment recipient name;
- bank, e-wallet, or payment channel used; and
- collection agency or agent name, if disclosed.
SEC Memorandum Circular No. 18 also requires companies to have collection personnel disclose their full name or true identity to the borrower, and to maintain a customer service department or designated personnel for borrower complaints.
If the app uses one name in the app store, another name in the loan contract, and another name in payment instructions, preserve all three. That mismatch may itself be useful for the SEC when tracing responsibility.
3. Capture the Full Message Thread, Not Just the Worst Line
Do not submit only one cropped screenshot saying, “Magbayad ka kundi ipopost ka namin.” A cropped image is easy to attack as incomplete or misleading.
For every abusive SMS, Messenger, Viber, WhatsApp, Telegram, email, or in-app chat:
- screenshot the message with the sender name or number visible;
- screenshot the date and time;
- screenshot the messages before and after the threat;
- record a short screen video scrolling from the top of the conversation to the abusive part;
- save the contact profile or number details;
- export the chat if the platform allows it; and
- keep the original thread on the phone.
This matters because Philippine rules recognize electronic documents and electronic data messages, but authenticity and reliability still matter. Republic Act No. 8792 gives legal recognition to electronic data messages and electronic documents, while the Rules on Electronic Evidence treat electronic documents as admissible when they comply with evidentiary rules and are properly authenticated. (Lawphil)
4. Preserve Evidence That They Contacted Your Family, Friends, or Employer
Contact-list harassment is one of the most common online lending app abuses. Evidence from third parties can be very powerful.
Ask the contacted person to save:
- the SMS or chat message they received;
- the sender’s number or account;
- the date and time;
- any screenshot showing your name, debt, photo, workplace, or personal details;
- call logs from the collector;
- voicemails or voice notes, if any;
- social media tags, comments, or posts; and
- their relationship to you.
Do not ask them to edit the screenshot. If they want to protect their privacy, they can provide you a copy for the SEC and keep the original on their own device.
A short supporting statement can also help:
“I am [name]. On [date/time], I received a message from [number/account] claiming that [borrower’s name] owed money to [app/company]. I did not act as guarantor or co-maker. Attached are screenshots from my phone.”
The 2026 DICT-NPC-SEC advisory specifically states that contacting persons on a borrower’s contact list other than guarantors is prohibited for debt collection purposes.
5. Document Calls Carefully Without Illegal Secret Recordings
Call logs are useful. Secret recordings are risky.
Republic Act No. 4200, the Anti-Wiretapping Law, prohibits a person who is not authorized by all parties to a private communication from secretly overhearing, intercepting, or recording that communication, and unlawfully obtained recordings are not admissible in judicial, quasi-judicial, legislative, or administrative proceedings. (Lawphil)
Safer evidence includes:
- screenshots of call logs;
- number used by the collector;
- date, time, and duration of calls;
- your written notes immediately after the call;
- text messages sent before or after the call;
- voicemail voluntarily left by the collector;
- voice messages sent through chat apps; and
- screenshots showing repeated missed calls.
After a threatening call, write a short incident note while it is fresh:
| Detail | Example |
|---|---|
| Date and time | 12 March 2026, 8:43 PM |
| Number used | 09XX-XXX-XXXX |
| Speaker’s claimed name | “Mark from ABC Lending Collections” |
| Exact words remembered | “Ipapahiya ka namin sa office mo bukas.” |
| Your response | “I asked for the company name and written statement of account.” |
| Follow-up evidence | SMS received at 8:51 PM with same threat |
6. Save Proof of the Loan Amount, Deductions, Interest, and Charges
The SEC complaint should show not only harassment but also the loan context. Preserve:
- loan agreement;
- disclosure statement;
- amount applied for;
- amount approved;
- actual amount received;
- deductions before release;
- interest rate;
- service fee;
- processing fee;
- penalty charges;
- due date;
- repayment instructions;
- proof of payments; and
- collection demand showing total amount claimed.
If the app approved a ₱5,000 loan but released only ₱3,200 and demanded ₱6,000 after seven days, create a simple computation table. Do not exaggerate; use only what the documents show.
SEC rules also address interest and fees. SEC Memorandum Circular No. 3, Series of 2022 implemented ceilings on interest rates and other fees charged by lending and financing companies and their online lending platforms. (Law and Policy Reform Program)
7. Screenshot the App Store Page Before It Disappears
Online lending apps may change names, icons, developers, or listings. Capture:
- app name;
- icon;
- developer;
- package name, if visible;
- downloads or ratings;
- privacy policy;
- permissions/data safety section;
- reviews mentioning harassment;
- date of screenshot; and
- the app URL or listing source if available.
If you cannot access the app store page anymore, screenshot the error page or removal notice. That may help show that the app was previously active but later removed or hidden.
8. Make a Chronology of Events
A chronology helps the SEC understand your complaint quickly.
Use a table like this:
| Date/Time | Event | Evidence File |
|---|---|---|
| 1 March 2026, 10:15 AM | Installed app and granted permissions | Screenshot A1-A4 |
| 1 March 2026, 10:40 AM | Loan of ₱5,000 approved; ₱3,200 received | Loan dashboard B1, GCash receipt B2 |
| 8 March 2026, 7:30 AM | Collector sent abusive SMS | SMS C1-C3 |
| 8 March 2026, 9:10 AM | Collector messaged borrower’s sister | Sister screenshot D1-D2 |
| 8 March 2026, 11:45 AM | Collector threatened to post borrower online | Messenger E1-E4 |
| 9 March 2026, 8:02 PM | Repeated calls from same number | Call log F1 |
This table is often more useful than a long emotional narrative. It lets the agency see the pattern.
9. Organize Files Before Uploading to SEC iMessage
Create a folder with clear filenames:
01_Complaint_Narrative.pdf02_Borrower_ID.pdf03_Loan_Agreement_and_Disclosure.pdf04_Proof_of_Release_and_Payments.pdf05_SMS_Threats.pdf06_Chat_Screenshots.pdf07_Call_Logs.pdf08_Messages_to_Contacts.pdf09_App_Store_and_App_Permissions.pdf10_Chronology.pdf
If you have many screenshots, combine related screenshots into PDFs. Keep the original photos and videos in a separate backup folder. Do not rely on one phone only. Save copies to a secure cloud drive, external drive, or trusted storage.
10. File Through the Correct SEC Channel
For unfair debt collection by lending and financing companies, the 2026 DICT-NPC-SEC advisory directs the public to report to the SEC Financing and Lending Companies Department through iMessage, with hotline 1-4732 or 1-4SEC. It also lists DICT Cyber Hotline, NBI Cybercrime Division, and PNP Anti-Cybercrime Group for other forms of harassment, threats, frauds, or scams.
When creating your SEC ticket, choose the service closest to Complaints on Financing and Lending Companies. State the complaint clearly:
“Complaint for unfair debt collection practices, contact-list harassment, threats, public shaming, and unauthorized processing of personal data by [app/company name].”
Evidence Checklist for Common Online Lending App Violations
| Violation | Evidence to Secure |
|---|---|
| Threats to shame you online | Screenshots of threats, social media posts, tags, comments, messages to contacts |
| Contacting relatives, employer, or coworkers | Screenshots from contacted persons, their statements, call logs, relationship to borrower |
| Abusive or obscene language | Full message thread, screen recording, sender details |
| False threats of arrest or criminal case | SMS/chat screenshots, call notes, demand letters |
| Collecting at unreasonable hours | Call logs and messages showing time stamps |
| Using fake legal documents | Screenshots or PDFs of “warrant,” “subpoena,” “police blotter,” or fake demand notice |
| Excessive app permissions | Screenshots of phone settings and app permissions |
| Unauthorized contact-list access | Messages received by people who were not guarantors |
| Hidden or excessive charges | Loan agreement, disclosure, amount received, repayment demand |
| Unregistered or suspicious app | App store page, developer name, SEC list search result, payment recipient details |
Common Mistakes That Weaken SEC Complaints
Submitting Only Emotional Narratives
It is natural to feel angry, scared, or humiliated. But the SEC needs facts. Instead of writing only “They harassed me many times,” specify:
- who contacted you;
- what number or account was used;
- what exact words were said;
- when it happened;
- who else was contacted;
- what evidence is attached; and
- what rule was violated.
Cropping Screenshots Too Much
Cropped screenshots may hide the sender, date, or surrounding context. Use full-screen captures whenever possible. If you need to redact something for privacy, keep an unredacted copy for your records.
Deleting the Original Thread
A PDF compilation is useful, but keep the original chat thread on the device if possible. If authenticity is later questioned, the original thread, export file, device, metadata, and your testimony can help.
Secretly Recording Calls
Do not assume that secretly recorded calls are safe to use. Under RA 4200, unauthorized recordings of private communications can create legal problems and may be inadmissible. Use call logs, notes, voicemails, written threats, and chat messages instead. (Lawphil)
Filing Against Only the Collector’s First Name
“Mark,” “Jenny,” or “Attorney Reyes” may not be real. Identify the company, app, developer, payment recipient, and customer service channel. SEC enforcement is stronger when the regulated entity can be traced.
Mixing SEC, NPC, Police, and Small Claims Issues
Different offices handle different issues.
| Concern | Usual Office |
|---|---|
| Unfair debt collection by lending/financing company or OLP | SEC Financing and Lending Companies Department |
| Unauthorized processing of personal data, contact-list misuse, debt shaming | National Privacy Commission |
| Threats, fraud, scams, identity theft, cyber harassment | PNP Anti-Cybercrime Group, NBI Cybercrime Division, DICT Cyber Hotline |
| Collection or payment dispute over a debt | Courts, small claims, or appropriate civil process depending on the claim |
The same evidence packet can often be reused, but the complaint should be tailored to the agency’s jurisdiction.
Special Notes for OFWs, Foreigners, and Borrowers Abroad
Filipinos abroad and foreigners dealing with Philippine online lending apps can still preserve and submit digital evidence. The practical challenge is verification of identity, sworn statements, and document authentication.
If a sworn statement or affidavit is required and you are outside the Philippines:
- documents executed in a country that is part of the Apostille Convention may need an apostille from the competent authority in that country;
- documents from non-Apostille countries may still require consular authentication or legalization; and
- Philippine documents for use abroad are handled through the apostille system, with the Philippines becoming a party to the Apostille Convention on 14 May 2019. (Apostille Government)
For online filing, prepare clear scans of your passport, Philippine ID if available, screenshots, and a written explanation of your location and relationship to the loan or complaint.
Frequently Asked Questions
Can I file an SEC complaint against an online lending app even if I really owe money?
Yes. Owing money does not give a lender the right to harass you, threaten you, shame you publicly, contact unrelated people in your phonebook, or use unfair collection practices. The SEC complaint focuses on the company’s conduct, not simply the existence of the debt.
Are screenshots enough for an SEC complaint?
Screenshots can be enough to start a complaint, but they are stronger when supported by full message threads, screen recordings, exported chats, call logs, app details, payment records, and a chronology. Electronic evidence should be preserved in a way that shows authenticity, integrity, and reliability.
Should I uninstall the lending app immediately?
Preserve evidence first if it is safe to do so. Screenshot the loan dashboard, permissions, messages, disclosure statement, repayment details, app store page, and privacy policy. After preservation, you may revoke unnecessary permissions and secure your phone.
What if the collector contacted my relatives or employer?
Ask them to save screenshots, call logs, sender details, and a short written statement saying they were contacted about your debt and whether they were ever a guarantor or co-maker. Contacting persons in the borrower’s contact list other than guarantors is specifically prohibited for debt collection under the 2026 DICT-NPC-SEC advisory.
Can collectors threaten me with arrest for not paying an online loan?
A simple unpaid debt is generally a civil matter. Threats of arrest, fake warrants, or fake criminal accusations should be preserved carefully because SEC Memorandum Circular No. 18 prohibits threats to take actions that cannot legally be taken and false or deceptive means to collect a debt.
Can I use a secretly recorded phone call as evidence?
Be careful. RA 4200 prohibits unauthorized secret recording of private communications and makes unlawfully obtained recordings inadmissible in judicial, quasi-judicial, legislative, or administrative proceedings. Safer evidence includes call logs, written notes, voicemails voluntarily left by the collector, and written threats sent by SMS or chat. (Lawphil)
Where do I report contact-list abuse and debt shaming?
For unfair debt collection by lending or financing companies, report to the SEC through iMessage. For privacy violations such as unauthorized processing of contacts, debt shaming, or misuse of personal data, the National Privacy Commission may also be involved. For threats, fraud, scams, or cybercrime, the 2026 advisory lists DICT Cyber Hotline, NBI Cybercrime Division, and PNP Anti-Cybercrime Group.
What penalties can the SEC impose for unfair collection practices?
Under SEC Memorandum Circular No. 18, violations may lead to monetary penalties. For lending companies, the circular lists ₱25,000 for the first offense and ₱50,000 for the second offense; for financing companies, ₱50,000 for the first offense and ₱100,000 for the second offense. For a third offense, the SEC may impose higher fines, suspension, or revocation of authority depending on the facts and gravity of the violation.
What if the app is not registered or not on the SEC list?
Preserve the app store page, developer name, payment recipient, screenshots, website, privacy policy, and messages. If the app is unregistered or suspicious, the matter may involve not only unfair collection but also unauthorized lending, fraud, scam activity, or cybercrime. The SEC, NBI, PNP Anti-Cybercrime Group, DICT, and NPC may have different roles depending on the facts.
Key Takeaways
- Strong SEC complaints against online lending apps are built on organized evidence, not just a general statement that harassment happened.
- Preserve full message threads, call logs, app details, loan documents, payment records, screenshots from contacted relatives, and a clear chronology.
- SEC Memorandum Circular No. 18 prohibits unfair debt collection practices by lending and financing companies, including threats, abusive language, deceptive collection, publication of borrower information, and improper contact with people in the borrower’s contact list.
- Contact-list harassment and debt shaming may also raise Data Privacy Act issues before the National Privacy Commission.
- Avoid secretly recording calls because RA 4200 can make unauthorized recordings legally risky and inadmissible.
- File through the proper SEC iMessage service for complaints involving financing and lending companies, and keep your ticket number and complete evidence backup.