How to Verify if a Lending Company Is Legit with the SEC (Philippines)

This practical legal guide explains how to confirm whether a lender may lawfully extend loans in the Philippines, what “legit” means in the eyes of the law, and how to spot red flags. It focuses on lending and financing companies under the Securities and Exchange Commission (SEC), with notes on other regulators.

1) Why “SEC-registered” is not enough

A company that merely shows you “SEC Registration” (Articles of Incorporation / Certificate of Incorporation) is not yet authorized to lend to the public. To legally operate as a lender, a corporation must have a Certificate of Authority (CA) to Operate as a Lending Company under the Lending Company Regulation Act of 2007 (RA 9474), or a CA to Operate as a Financing Company under the Financing Company Act (RA 8556, as amended).

Bottom line: Ask for both (a) SEC Registration and (b) the Certificate of Authority specific to lending/financing.

2) The legal framework at a glance

• SEC jurisdiction

  • Lending Companies (RA 9474 + IRR): Non-bank corporations whose primary business is granting loans for consumption/production.
  • Financing Companies (RA 8556 + IRR): Provide credit facilities such as consumer or business financing, factoring, leasing, etc.
  • SEC also issues advisories, cease-and-desist orders, suspensions/revocations, and rules on online lending platforms (OLPs) and debt-collection conduct.

• Other regulators (don’t confuse them with SEC lenders)

  • BSP (Bangko Sentral ng Pilipinas): Banks, Quasi-banks, Pawnshops, Money Service Businesses, Credit Card Issuers—different rules, different look-up tools.
  • CDA (Cooperative Development Authority): Cooperatives and cooperative banks.
  • Microfinance NGOs: Registered with SEC as non-stock entities but must be licensed by the Microfinance NGO Regulatory Council for microfinance lending.
  • DTI (sole proprietorships): Sole proprietors cannot be “lending companies”. If a “lender” shows only a DTI Business Name and no SEC CA, walk away.

3) What “legit with the SEC” means (checklist)

Treat this as your field due-diligence list. A lender is credible when you can confirm:

1. Corporate identity

   • Exact corporate name and principal office match across documents, receipts, website/app, and signage.
   • The entity is a corporation (not a mere trade name / sole prop) for lending/financing activities.

2. SEC credentials

   • SEC Registration Number (incorporation).
   • Certificate of Authority (CA) to operate as a Lending or Financing Company—valid, current, and in the same corporate name.
   • For online/mobile app lenders: the online lending platform (OLP) or app is disclosed to SEC and not subject to an SEC enforcement order.

3. Other business compliance (supporting, not sufficient)

   • Mayor’s/Business Permit in the locality where it operates.
   • BIR Registration (receipts/invoices with TIN).
   • Proper data privacy notices and consent mechanics (the National Privacy Commission enforces this, but it’s a sign of compliance culture).

4. Loan disclosure compliance

   • Clear Truth in Lending Act (RA 3765) disclosures: effective interest rate, finance charges, total cash out, amortization schedule, fees, penalties, right of prepayment, and cooling-off/refund policies if offered.
   • No blank forms; no surrender of ATM cards, passbooks, or personal IDs as collateral; no unauthorized phone/contact scraping.

5. Collection conduct

   • Conforms to SEC rules against unfair, abusive, or harassing debt collection (e.g., no “shaming,” no threats, no contacting unrelated persons, no profanity). Reputable lenders have written collection policies and dedicated complaint channels.

4) How to verify step-by-step (practical workflow)

1. Get the exact legal name of the lender and its SEC Registration No. and CA No. (they should willingly provide copies).

2. Inspect the CA

   • Check corporate name, address, and scope (“to operate as a Lending/Financing Company”).
   • Note the issue date and whether the SEC has publicly announced suspension, revocation, or a cease-and-desist order against the same entity.

3. Cross-check corporate identity everywhere

   • Loan agreement, disclosure statement, official receipts, website/app, and advertisements must reflect the same corporate name. “Doing business as” without proper disclosure is a red flag.

4. For online/app lenders

   • Verify the company behind the app (the corporate name in the app’s About/Privacy/Terms) = the same name on the CA.
   • Beware of “app switches” where the app brand differs from the corporate name and no connection is disclosed.

5. Confirm local business presence

   • If the lender claims a local branch, ask for the Mayor’s Permit for that branch. This doesn’t replace the CA, but inconsistency is a warning sign.

6. Evaluate the loan documents before signing

   • You should receive pre-contractual disclosures showing effective interest rate (EIR) and total cost.
   • Compute the all-in cost (interest + fees + VAT if any + penalties) and review cooling-off / prepayment terms.

7. Screen for enforcement history

   • Reputable lenders can point you to their clean record (e.g., no SEC order against their name). If they are evasive, reconsider.

5) Common red flags (walk away if you see these)

• No Certificate of Authority (or shows only DTI registration / barangay permit).
• Name mismatch between documents, app, receipts, and the CA.
• Pressure tactics: “Sign now,” “guaranteed approval if you leave your ATM/ID/contacts.”
• Hidden or shifting pricing; refusal to provide Truth-in-Lending-compliant disclosures.
• Contact scraping / mass texting / shaming of your contacts; threats of arrest or public exposure.
• Fake or altered SEC documents, expired permits, or blurred/unreadable certificates.
• Insistence on blank post-dated checks or remote e-signatures without disclosures.
• Promises of investment returns tied to lending—this mixes lending with unregistered investment schemes.

6) Key distinctions most borrowers miss

• SEC vs. BSP: If it’s a bank/pawnshop, you won’t find a Lending/Financing CA; you’ll check BSP lists instead.
• Sole proprietors can’t hold an SEC Lending Company CA. If the “lender” is a person with a DTI business name, that’s not a licensed lending company.
• Microfinance NGOs lend under a special framework; confirm their MFNGO license in addition to SEC non-stock registration.
• Credit cooperatives: verify with CDA, not SEC.

7) Your documentation checklist (borrower’s toolkit)

Ask for clear copies (digital or printed) of the following before you sign:

• SEC Certificate of Incorporation and Certificate of Authority (Lending/Financing).
• Latest General Information Sheet (GIS) or corporate profile (to see directors/officers).
• Mayor’s/Business Permit for the operating location.
• BIR Registration and sample official receipt bearing the same corporate name and TIN.
• Loan Agreement and Truth-in-Lending Disclosure Statement showing EIR, all fees, and amortization schedule.
• Privacy Notice and Consent (especially for app-based lenders).
• Collection Policy and complaint channel details.

If any of these are refused or inconsistent, treat it as a warning.

8) If you suspect an illegal or abusive lender

1. Stop engagement and keep copies/screenshots of ads, chats, texts, app pages, and IDs you provided.

2. Write a dated incident record (who/what/when/where/how).

3. Send a written demand to the lender for disclosures or to cease abusive collection.

4. Report to:

   • SEC (Enforcement/Investor Protection units) for unlicensed lending or violations by SEC-supervised lenders.
   • National Privacy Commission for privacy breaches (contact scraping, unauthorized disclosures).
   • NBI/PNP for harassment, threats, defamation, or cybercrimes.
   • Local government for permit violations.

5. Preserve digital evidence (export app data, save logs, take dated screenshots).

6. Consider legal counsel for injunctions, damages, or to address unlawful collection.

9) FAQs

Q: Is a photocopy or screenshot of the CA enough? A: It’s a start, but confirm authenticity and current status. Insist on a clear, readable copy and verify details across all documents and platforms they use.

Q: The lender shows only a Mayor’s Permit—legit? A: No. A Mayor’s Permit is not authority to lend. You still need to see the SEC CA.

Q: Are interest rates capped for SEC lending companies? A: There is no general statutory usury ceiling (the old Usury Law ceilings are suspended), but lenders must fully disclose pricing and comply with consumer protection and unfair debt-collection rules. Excessive, deceptive, or unconscionable charges can still be challenged.

Q: The app brand is different from the company name—is that okay? A: It can be, only if the company clearly discloses that it owns/operates the app and the CA is in that company’s name. Lack of disclosure is a red flag.

10) Practical scripts you can use

• Document Request: “Before we proceed, please send clear copies of your SEC Certificate of Incorporation and Certificate of Authority to Operate as a [Lending/Financing] Company, plus your Mayor’s Permit, BIR Registration, and Truth-in-Lending Disclosure showing the effective interest rate and total cost of credit.”

• Name-Match Check: “Kindly confirm that the corporate name on the Certificate of Authority is the same name that appears on our loan agreement, receipts, and your app/website.”

• Collection Boundaries: “Please note we do not consent to contacting persons other than the borrower/authorized co-obligors. Any form of harassment, shaming, or threats violates SEC rules and may be reported.”

11) Short due-diligence summary (TL;DR)

• Ask for the SEC Certificate of Authority (not just incorporation).
• Match names across certificates, contracts, receipts, and the app/site.
• Demand Truth-in-Lending disclosures (EIR, total cost, fees, penalties).
• Watch collection practices—no shaming or threats.
• When in doubt, don’t sign; document and report.

Disclaimer: This guide is for general information and borrower due diligence in the Philippines. It is not legal advice. For a specific case, consult a Philippine lawyer or the appropriate regulator.