How to Verify If a Lending Company Is SEC-Accredited in the Philippines

This article explains the Philippine legal framework, what “SEC-accredited” really means, and a step-by-step method—both online and on-paper—to confirm whether a lending company is legitimate. It also covers red flags, remedies, and FAQs for borrowers and in-house compliance teams.

1) Why verification matters

In the Philippines, “accreditation” of lending companies is a shorthand people use for two separate, equally important regulatory permissions under the Securities and Exchange Commission (SEC):

  1. Incorporation/Registration — the firm exists as a corporation under Philippine company law; and
  2. Certificate of Authority to Operate (CA) — specific authorization issued by the SEC allowing the corporation to engage in the business of lending (or financing).

A company may be duly incorporated but still illegal to lend if it lacks a valid Certificate of Authority. Conversely, presenting a business permit or DTI certificate alone is never enough for lending.

2) The legal framework (plain-English overview)

  • Lending Company Regulation Act (LCRA) — requires that any person or entity engaged in the business of granting loans at interest to the public must be a corporation and must secure a Certificate of Authority from the SEC. It also empowers the SEC to supervise, examine, sanction, and, when warranted, revoke the CA and prosecute violators.

  • Financing Company Act (FCA) — closely related but covers financing companies, which engage more broadly in financing/credit activities (e.g., purchase of receivables, leasing). Financing companies likewise need an SEC Certificate of Authority.

  • Financial Products and Services Consumer Protection Act (FCPA) — strengthens consumer protection across financial regulators (including the SEC) and authorizes administrative enforcement, restitution, and penalties for abusive practices.

  • Implementing rules & SEC Memorandum Circulars — detail requirements on capitalization, disclosures, reporting, collection practices, and the use of online lending platforms (OLPs)/apps. Key themes:

    • Registration and disclosure obligations for OLPs used by lending/financing companies;
    • Restrictions on abusive collection, harassment, doxxing, and contact-scraping;
    • SEC powers to issue advisories, cease-and-desist orders, and revocations.

Practical takeaway: for lending/financing, you must see both (a) SEC incorporation and (b) a valid Certificate of Authority. And if they use a mobile app/website, the OLP itself must comply with SEC rules.

3) Who is (and is not) under the SEC for lending

  • Under SEC:

    • Lending companies (LCRA)
    • Financing companies (FCA)

  • Not under SEC for lending authority:

    • Banks/quasi-banks — supervised by BSP (Bangko Sentral ng Pilipinas).
    • Cooperatives — supervised by CDA, though they may offer member loans.
    • Microfinance NGOs — governed by their special law and registered with the SEC as corporations but operate under a different framework (they are not “lending companies” unless separately authorized).
    • Pawnshops — registered with the SEC (as corporations) but licensed and supervised by BSP for pawnshop operations.
    • Sole proprietorships/DTI-only registrantscannot lawfully operate as lending companies under the LCRA.

If the entity is a sole prop showing a DTI name certificate and offering public loans, that’s a red flag.

4) Step-by-step: How to verify a lending company

A. Online verification (public checks you can do yourself)

  1. Search the SEC’s company registry

    • Confirm the exact corporate name, SEC registration number, date of registration, and corporate status (e.g., active, revoked, dissolved).
    • Tip: Be precise with spelling and punctuation; many scams rely on near-matches.

  2. Confirm the SEC Certificate of Authority (CA)

    • Look for a distinct CA number (separate from the SEC registration number) and its current status (granted/suspended/revoked).
    • Cross-check the CA against any SEC advisory or revocation list.

  3. If loans are offered via app/website (OLP):

    • Verify that the app/website is formally associated with a particular SEC-licensed lending/financing company (same corporate name, principal office, and customer-service contacts).
    • Check if the company is among the SEC-recognized OLP operators and that the developer/publisher name on the app store matches the licensed corporate entity (not just a marketing brand).

  4. Look up SEC advisories and orders

    • Search for the corporate name and brand names used in marketing.
    • Pay attention to aliases and stylized brand names (e.g., “X Cash,” “XCredit,” “X-Loans”) that differ from the corporate name.

  5. Cross-regulatory sense-check (if relevant):

    • If the firm claims to be a bank/pawnshop, verify with BSP listings.
    • If it claims to be a cooperative, check CDA.

Documentation you want to see online: (i) SEC Certificate of Incorporation, (ii) SEC Certificate of Authority to Operate, (iii) SEC memo compliance (esp. for OLPs), (iv) updated contact and principal office address.

B. On-paper verification (ask the company)

Request clear, scannable copies of:

  • SEC Certificate of Incorporation (or Amended Articles if name changed)
  • SEC Certificate of Authority to Operate (showing the CA number and issue/validity dates)
  • Latest General Information Sheet (GIS) filed with the SEC (to see active directors/officers and address)
  • Mayor’s/Business Permit (LGU) & BIR Registration (these do not substitute for a CA but help confirm identity and location)
  • Data Privacy Registration/Compliance (for firms processing personal data at scale)
  • Customer-facing disclosures: interest rates, fees, penalties, cooling-off policies, complaints channels

Ask for wet-ink or digitally verifiable copies. Compare the corporate name, address, and CA number across all documents and the website/app.

5) What a valid SEC authorization looks like

  • Two different numbers:

    • An SEC Company Registration Number (corporate existence); and
    • A Certificate of Authority (CA) Number (permission to do lending/financing).

  • Exact corporate name used consistently across certificates, contracts, receipts, and the OLP.

  • Current status: not suspended/revoked; no effective cease-and-desist order.

  • Disclosure compliance: clear pricing (interest, fees), complaint channels, privacy notices.

6) Red flags that often indicate an unlicensed lender

  • Only shows DTI registration or LGU permit, but no SEC CA.
  • Uses a generic brand/app that doesn’t disclose the corporate entity behind it.
  • Mismatch between app publisher name and the SEC-licensed corporation.
  • No office address or uses a virtual office with no staff presence.
  • Refuses to furnish copies of SEC certificates or gives blurred/edited images.
  • Harassment or abusive collection tactics; threats to post your data or contact your employer/family.
  • Unclear pricing; daily interest quoted without APR; excessive “processing fees.”
  • Claims to be “SEC-accredited” but only displays a company registration (no CA).

7) Special focus: Online lending platforms (OLPs)

If a lender uses an app or web platform, confirm:

  • The app is operated by, or formally authorized for, an SEC-licensed lending/financing company.
  • The app’s privacy permissions (contacts, photos, location) are proportionate and disclosed; aggressive contact scraping is a violation risk.
  • The brand and publisher shown in the app store correspond to the licensed entity (or its disclosed corporate group), not an unrelated third party.
  • The lender follows SEC rules on debt collection, disclosure, and complaints handling.

8) Due diligence checklist (copy-pastable)

Identity & Authority

  • ☐ Exact corporate name and SEC Registration No.
  • SEC Certificate of Authority (CA) No. and status verified
  • ☐ Consistency of details across certificates, website/app, and contracts

Operations & Compliance

  • ☐ OLP/app details match the licensed entity
  • ☐ Clear disclosure of interest, fees, penalties, and repayment schedule
  • ☐ Privacy notice and data handling consistent with the Data Privacy Act
  • ☐ Collection policies compliant with SEC guidance (no harassment/doxxing)

Documentation

  • ☐ Copies of Incorporation, CA, GIS, Business Permit, BIR Registration
  • ☐ Standard loan agreement, disclosure statement, receipts
  • ☐ Customer service and complaints contacts

Watch-outs

  • ☐ Check for SEC advisories/revocations by corporate and brand names
  • ☐ Any BSP/CDA angle (if they claim to be a bank/co-op)
  • ☐ Red flags: DTI-only, mismatched branding, refusal to provide docs

9) What to do if you suspect illegality or abuse

  • Stop transacting until status is clear.
  • Document everything: screenshots of the app/store page, messages, call recordings (if lawful), receipts, IDs presented.
  • Report to the SEC (Enforcement/Investor Protection units) with your evidence.
  • For harassment/doxxing, include proof and consider reporting to the National Privacy Commission (NPC) and, if threats are made, to law enforcement.
  • Consider civil remedies (e.g., to contest unconscionable charges) and seek legal advice if collection suits arise.

10) Frequently asked questions

Q1: Is an SEC Certificate of Incorporation enough? No. You must also verify a Certificate of Authority specifically authorizing lending (or financing) activities.

Q2: The lender shows a mayor’s permit. Is that sufficient? No. LGU permits do not replace the SEC CA for lending/financing authority.

Q3: The lender is a sole proprietorship with a DTI certificate. Is that legal for lending? For public lending as a business, the LCRA requires a corporation with an SEC CA. A sole proprietorship offering public loans is a red flag.

Q4: The app’s brand name is different from the company name. Is that okay? Branding can differ, but the app/website must clearly identify the SEC-licensed corporate operator. If you can’t tie the app to a licensed entity, treat it as suspicious.

Q5: What penalties apply for unlicensed lending? Violations can result in SEC enforcement (advisories, cease-and-desist, revocation), fines, and criminal prosecution under the LCRA/FCA, plus potential liability under the FCPA and Data Privacy Act for abusive practices.

Q6: Are interest rate caps fixed by law for lending companies? There is no general usury ceiling (the historical usury law ceilings are suspended), but disclosure, fairness, and consumer protection rules apply—and specific caps or limits may apply in certain sectors (e.g., credit cards under BSP). Always insist on full written disclosure (nominal/annualized rates, fees, penalties).

11) Model contract clause to request from the lender (borrower-protective)

Transparent Pricing and Collection Clause. “The Lender represents that it holds a valid SEC Certificate of Authority to operate as a [lending/financing] company. The Lender shall disclose, prior to loan release, a written Disclosure Statement showing the annualized interest rate (APR), all fees/charges, and the total cost of credit. The Lender warrants that its collection practices comply with SEC rules on debt collection and the Financial Products and Services Consumer Protection Act, and that it will not contact any third parties except as permitted by law. Borrower may raise complaints through the Lender’s designated channels and to the Securities and Exchange Commission.”

12) Practical workflow you can adopt today

  1. Identify the exact corporate name the lender uses.
  2. Check the SEC corporate registry.
  3. Confirm the Certificate of Authority (number and status).
  4. Search for any SEC advisories/revocations against that name/brand.
  5. Match the app/website and developer/publisher to the licensed entity.
  6. Collect and file copies of all certificates and disclosures.
  7. Decline to proceed if any piece is missing or inconsistent.

13) Bottom line

To be legitimate, a Philippine lending (or financing) company must be (1) an SEC-registered corporation, and (2) the holder of a current SEC Certificate of Authority to Operate. If the business uses an app or website, that OLP must likewise comply with SEC requirements and clearly identify the licensed corporate operator. Anything short of this—especially DTI-only or brand-only presentations—is a red flag. When in doubt, don’t sign, keep evidence, and escalate to the SEC.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login