How to Verify if a Lending Corporation Is Registered and Authorized in the Philippines

I. Why verification matters

In the Philippines, “lending” can be offered through different legal forms and overseen by different regulators. Many scams mimic legitimate lending firms by using look-alike names, fake “SEC certificates,” or aggressive collection tactics to appear credible. Verifying registration and authority protects you from:

  • dealing with an unregistered entity;
  • signing contracts that may be unenforceable or abusive;
  • paying “processing fees” or “insurance” for loans that never materialize;
  • data privacy and identity theft risks; and
  • unlawful collection practices.

Verification is not a single step. It is a checklist: entity existence + correct license/authority for its lending activity + proper disclosures + operational red flags.

II. Know what you are dealing with: lending entities in Philippine law

Before you verify, identify the category, because the “right” regulator depends on the entity type:

A. Lending Company (under the Lending Company Regulation Act)

A lending company is typically a corporation organized primarily to grant loans from its own capital, subject to licensing and supervision rules applicable to lending companies.

Usual regulator: Securities and Exchange Commission (SEC)

B. Financing Company (under the Financing Company Act)

A financing company generally provides credit facilities such as loans, consumer credit, and other financing arrangements. It is distinct from a lending company and has its own regulatory framework.

Usual regulator: SEC

C. Banks and bank-like institutions

If the entity is a bank, non-bank financial institution with quasi-banking functions, or similar, it is generally under the Bangko Sentral ng Pilipinas (BSP) and has a different licensing regime.

Usual regulator: BSP

D. Cooperatives

If the lender is a cooperative, it may be registered with the Cooperative Development Authority (CDA) and operate under cooperative rules (often with member-based lending).

Usual regulator: CDA (and sometimes other oversight, depending on activities)

E. Pawnshops / remittance / money service businesses

Pawnshops operate under a different legal and regulatory system and may be overseen by the BSP (depending on structure and activity). They are not “lending companies” in the SEC sense.

Usual regulator: typically BSP (for pawnshops and money service businesses), but structure matters.

F. Online lending platforms / lending apps

Some are properly licensed lending/financing companies. Others are lead generators or “brokers” that are not authorized to lend and may only connect borrowers to third parties. Some are outright illegal.

Regulator depends: SEC for lending/financing companies; other agencies for consumer/data/privacy aspects; and potentially local government permits for business operations.

III. What “registered and authorized” means

A corporation can be “registered” but still not authorized to engage in lending.

A. Registration (existence as a legal entity)

This means the business exists as a juridical person (e.g., SEC-registered corporation, CDA-registered cooperative).

Proof: SEC Certificate of Incorporation (or CDA certificate for cooperatives).

B. Authority / license (permission to conduct lending/financing)

This means the entity has the specific authority to operate as a lending company or financing company, or is otherwise permitted to lend under its governing regime (e.g., bank license, cooperative authority).

Proof: SEC Certificate of Authority to Operate as Lending Company/Financing Company (or BSP/CDA authority, depending on entity type).

C. Compliance and good standing (ongoing legitimacy)

Even a previously licensed entity may have its authority revoked, suspended, expired, or not renewed, or may be flagged for violations.

Proof: current status in the regulator’s lists/advisories; absence from public warnings; and consistency of business details.

IV. Primary verification pathway for lending/financing corporations: SEC

If the entity claims to be a lending company or financing company, the SEC is the principal starting point.

Step 1: Confirm the exact legal name and corporate identity

Ask for (and verify consistency across documents):

  • full registered corporate name (not just brand/app name);
  • SEC registration number (company registration number);
  • principal office address as registered;
  • names of officers (President/Treasurer/Compliance Officer, as applicable).

Why it matters: Scammers commonly use a trade name similar to a legitimate company’s name.

Step 2: Verify SEC registration (entity exists)

Validate that the corporate name and registration details match a real corporation.

Documents to request from the lender:

  • SEC Certificate of Incorporation (or latest equivalent proof of registration);
  • Articles of Incorporation and By-Laws (or relevant SEC filings);
  • latest General Information Sheet (GIS) or comparable disclosure document.

What to check:

  • corporate name matches exactly (including punctuation like “Inc.”, “Corp.”);
  • address matches what they use publicly and on contracts;
  • officers’ names match.

Step 3: Verify SEC authority to operate as a lending or financing company

A legitimate lending/financing corporation should be able to show SEC authority specific to the lending/financing business.

Documents to request:

  • SEC Certificate of Authority to Operate as a Lending Company or Financing Company (as applicable);
  • any SEC licensing/registration evidence specifically stating authority to engage in lending/financing.

What to check:

  • the certificate is issued to the same corporate name and registration number;
  • it states the correct business (lending company vs financing company);
  • the certificate is not altered (check typography, seal appearance, signature format);
  • the dates and validity (if any) are coherent.

Step 4: Check if the entity is listed in SEC public lists/advisories (when available)

Regulators may publish:

  • lists of registered/authorized lending and financing companies;
  • enforcement actions, revocations, suspensions;
  • advisories against illegal online lending.

Practical check without relying on a single “certificate”:

  • if the lender appears on official lists (or is not excluded due to enforcement);
  • if its brand/app name is linked to the registered corporation.

Step 5: Confirm that the online lending app is tied to the licensed entity

For app-based lenders, confirm:

  • the app/website states the corporate name, SEC registration number, and authority;
  • privacy policy and terms identify the same entity;
  • the data controller/processing entity is the licensed company.

Red flag: The app only shows a brand name, a Gmail address, or no corporate disclosures.

V. Alternative pathways: BSP and CDA (and why you must classify correctly)

A. If the lender is a bank or BSP-supervised entity

Banks and BSP-supervised financial institutions should have identifiable licensing status and be part of the BSP-supervised ecosystem.

Verification focus:

  • confirm the entity is indeed a bank/NBFI/pawnshop under BSP oversight;
  • check corporate disclosures and permits consistent with BSP supervision;
  • verify the institution’s official channels and contact points.

Red flag: The entity markets itself as “BSP registered” but cannot identify the specific BSP-supervised category and official identity.

B. If the lender is a cooperative (CDA)

A cooperative lender often lends to members and should be CDA-registered.

Verification focus:

  • CDA registration and good standing;
  • membership rules, loan policies, and cooperative disclosures;
  • whether lending is restricted to members or offered broadly like a commercial lender.

Red flag: It solicits the general public like a commercial lender but hides behind “cooperative” language without cooperative documentation.

VI. Local business permits are not the same as authority to lend

Some entities show:

  • Barangay clearance
  • Mayor’s/Business permit
  • DTI business name registration (for sole proprietors)
  • BIR registration

These prove the ability to operate a business locally and pay taxes. They do not prove authority to operate as a lending/financing company.

Rule of thumb: For lending/financing corporations, SEC authority (or BSP/CDA authority where applicable) matters more than a city permit.

VII. Document checklist: what to ask for and how to inspect it

A. Corporate identity documents

  • SEC Certificate of Incorporation
  • Articles of Incorporation and By-Laws
  • latest GIS (or equivalent)
  • Board resolution/authority of signatory (if contract signer’s authority is unclear)

B. Authority to lend/finance

  • SEC Certificate of Authority to Operate as Lending/Financing Company
  • any SEC proof of license/registration specific to lending/financing

C. Transaction documents (loan process integrity)

  • loan agreement or promissory note
  • disclosure statement or schedule of payments
  • proof of amortization computation
  • official receipt policies (if fees are involved)
  • collection policy and complaint escalation path

D. Data privacy and consent documents

  • privacy notice
  • consent forms for personal data processing
  • data retention and deletion policies
  • contact details of the privacy office or DPO (where applicable)

Inspection tips:

  • Names, addresses, and registration numbers must match across all documents.
  • Beware of “photo certificates” without verifiable details, unusual fonts, missing signatories, or inconsistent dates.
  • Check if the contract identifies the lender as the corporate entity—not just a brand.

VIII. Behavioral red flags that often correlate with lack of authority or illegality

Even if documents are shown, the following are high-risk indicators:

A. Upfront fee schemes

  • “Processing fee,” “insurance,” “membership,” “verification,” “activation,” “release fee,” “tax” required before disbursement.
  • Payment requested via personal e-wallets/accounts or to individuals.

Why it matters: Many fraudulent lenders operate purely on advance-fee collection.

B. No verifiable office or inconsistent contact channels

  • no landline, no corporate email domain, only messaging apps;
  • address is vague, residential, or untraceable.

C. Identity and data harvesting

  • demands for excessive permissions in an app (contacts, photos, call logs) not proportionate to underwriting;
  • “loan approval” contingent on handing over social media credentials.

D. Abusive or unlawful collection patterns

  • threats, harassment, contacting unrelated third parties, shaming tactics;
  • misrepresenting law enforcement authority or court processes.

E. Too-good-to-be-true terms

  • instant approval with no credit checks, extremely low interest, or guaranteed approval regardless of profile—paired with upfront fees.

IX. Cross-checking the lending transaction for legal robustness

Even with a registered and authorized lender, the loan may still be problematic if disclosures are unclear or terms are abusive.

A. Transparency of total cost

A compliant loan transaction should clearly state:

  • principal
  • interest rate (and how calculated)
  • fees and charges
  • penalties for late payment
  • total amount payable
  • payment schedule and due dates

Verification approach: Ask for an amortization schedule and a clear breakdown of interest and fees. If the lender refuses or provides shifting numbers, treat as a warning sign.

B. Contract identity and signatures

  • The lender must be correctly named.
  • The signatory must have authority.
  • You should receive a copy of the executed agreement.

C. Receipts and proof of payments

  • Payments should be receipted in the name of the lending entity, not an individual.
  • Keep screenshots, reference numbers, and receipts.

X. Handling “brand names” and third-party intermediaries

In the Philippines, it is common for:

  • a brand/app name to differ from the corporate name;
  • a marketing affiliate to pose as the lender;
  • “agents” to solicit via social media.

Verification rule: Only treat the transaction as legitimate if the contractual lender is the properly authorized entity, and the funds flow and receipts reflect that.

Red flags:

  • you are asked to pay an “agent” directly;
  • the agreement is with a different entity than the one advertised;
  • “brokers” claim you are “approved” but need fees to release.

XI. If the lender appears unregistered or unauthorized: what to do

A. Do not pay and do not share more data

If you have not paid yet:

  • stop communication;
  • do not submit IDs/selfies beyond what you already sent;
  • do not grant app permissions.

If you already paid:

  • preserve evidence: chat logs, receipts, bank/e-wallet details, screenshots, URLs, app name/version.

B. Report to the appropriate body (based on entity type)

  • SEC: for suspected illegal lending/financing companies and online lending operators posing as such.
  • BSP: if the entity claims to be a bank/pawnshop or BSP-supervised institution.
  • CDA: if a “cooperative” is misrepresenting its status.
  • PNP/NCID or NBI Cybercrime: for scams, identity theft, cyber-enabled fraud.
  • NPC: for privacy/data misuse concerns.
  • DTI: for consumer complaints where applicable (especially if deceptive practices are involved in consumer-facing services).

C. If harassment occurs

  • document calls/messages;
  • avoid engaging emotionally; keep communications factual;
  • consider formal complaints with supporting proof.

XII. Practical “quick verification” checklist (field guide)

Use this when you have only minutes to assess:

  1. Get the exact corporate name (not just the app/brand).
  2. Get the SEC registration number and principal office address.
  3. Request the SEC authority to operate as a lending/financing company.
  4. Check consistency across certificate, contract, privacy policy, website/app store listing.
  5. Refuse upfront fees before disbursement.
  6. Pay only to the entity’s official accounts with receipting in the entity’s name.
  7. Treat aggressive urgency as a red flag (“pay now or slot expires”).
  8. Do not grant excessive app permissions (especially contacts/call logs) as a condition.

XIII. Common misconceptions

“They have an SEC certificate, so they’re legal.”

SEC registration alone does not automatically mean authority to operate as a lending/financing company. Verify the specific authority.

“They’re DTI-registered, so they can lend.”

DTI registration is for business names of sole proprietors and does not confer lending authority.

“They have a business permit, so it’s safe.”

A mayor’s permit is not a lending license.

“They’re online, so they can be anonymous.”

A legitimate lender must be identifiable, with a legally accountable entity and proper disclosures.

XIV. Key takeaways

  • Verification is two-tiered: existence (registration) and permission (authority/license).
  • In most lending/financing corporation cases, the SEC is the primary regulator to verify both corporate registration and authority to operate.
  • Match the brand/app to the licensed corporate entity.
  • Be cautious with upfront fees, inconsistent documents, and data-grabbing apps—these often correlate with illegality.
  • Keep evidence and report promptly when you suspect unauthorized lending or fraud.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login