How to Verify SEC Registration of Lending Companies in the Philippines

How to Verify SEC Registration of Lending Companies in the Philippines

This practical legal guide explains how to confirm that a lending company operating in the Philippines is legitimately registered and authorized, and how to spot red flags. It is written for consumers, in-house counsel, compliance teams, and investigators.

1) The Legal Landscape—Why “SEC-Registered” Isn’t Enough

In the Philippines, “lending companies” are primarily governed by:

  • Lending Company Regulation Act of 2007 (LCRA) (Republic Act No. 9474) and its IRR
  • Financing Company Act (R.A. 8556)—often confused with lending companies but a separate category
  • Financial Products and Services Consumer Protection Act (FPSCPA) (R.A. 11765, 2022)—consumer protection and enforcement powers
  • Truth in Lending Act (R.A. 3765)—cost-of-credit disclosures
  • Data Privacy Act (R.A. 10173)—personal data handling, relevant to collection practices

Under the LCRA, a legitimate “lending company” must be a corporation (not a sole proprietorship or partnership), and—crucially—must have two things:

  1. Primary registration with the SEC as a corporation; and
  2. A secondary license called a “Certificate of Authority” (CA) to operate as a lending company.

Many operators advertise “SEC registration” but hold only the corporate registration. Operating without a CA is illegal even if the entity is a duly formed corporation.

2) What You’re Looking For (At a Glance)

  • Exact corporate name and SEC registration number
  • Certificate of Authority (CA) to Operate as a Lending Company—number, date of issue, and status
  • Whether the company is a “lending company” or a “financing company” (different statutes; both require a CA for their category)
  • For app- or web-based lenders: approval/registration of the Online Lending Platform (OLP) used, and whether any cease-and-desist or revocation orders exist
  • Updated local business permits (mayor’s permit, etc.)—not a substitute for a CA, but expected for lawful operations
  • Consumer protection and privacy compliance indicators (clear pricing disclosures, proper handling of contacts/data, lawful collection practices)

3) Step-by-Step Verification

Step 1: Identify the Exact Legal Name

Collect the lender’s exact corporate name (not just brand or app name), principal office, and any registration numbers mentioned in ads, websites, receipts, or contracts. Brand/app names often differ from the legal name.

Pro tip: Ask for a copy of their Articles of Incorporation (primary purpose should include lending) and their General Information Sheet (GIS) showing directors/officers.

Step 2: Confirm SEC Corporate Registration

Search the SEC’s public corporate database or request a Certificate of Incorporation/Company Registration. Check that:

  • The entity is active and not revoked or suspended
  • The primary purpose covers lending (for lending companies) or financing (for financing companies)
  • The registered address and company name match what the lender uses publicly

Red flag: A supposed “lending company” showing only a DTI Business Name certificate (that’s for sole proprietorships). Under R.A. 9474, lending companies must be corporations—they register with the SEC, not DTI.

Step 3: Verify the Certificate of Authority (CA)

Ask for a copy or the full details of the CA to Operate as a Lending Company (or Financing Company, as applicable). Then verify the CA independently with the SEC. Confirm:

  • CA number and date of issuance
  • Current status (valid, suspended, or revoked)
  • Scope (lending vs financing) and branches (if any)
  • Whether the company has been ordered to cease and desist or had administrative cases affecting authority

Red flag: A company with SEC incorporation but no CA. Operation without a CA violates R.A. 9474.

Step 4: For Online/App-Based Lenders—Check the OLP and Enforcement Actions

If the company operates through a mobile app or website, determine:

  • The entity that owns/operates the platform (it should be the licensed lending/financing company or its duly authorized affiliate)
  • Whether the Online Lending Platform (OLP) is registered/approved by the SEC, and any moratoriums/conditions historically imposed
  • Whether the entity or app has been subject to SEC advisories, cease-and-desist orders, or revocations

Red flag: An app with no clear corporate owner, no CA details displayed, or one that uses a different company name from the CA holder without a clear link.

Step 5: Inspect Mandatory Disclosures and Consumer Protections

A compliant lender should provide, before you borrow:

  • Total cost of credit, including interest, fees, and charges (as required by R.A. 3765)
  • Repayment schedule, consequences of late payment, and complaint channels
  • Data privacy notices (R.A. 10173) describing what is collected, why, and how it’s used
  • Collection practice standards: no harassment, doxxing, threats, or contacting unrelated people without lawful basis. (The SEC and the National Privacy Commission have repeatedly acted against abusive collection.)

Red flag: Apps demanding permanent access to contacts/photos, threatening messages, public shaming, or contacting your employer/relatives. These are indicators of unlawful or unfair practices.

Step 6: Cross-Check Local Permits (Supplementary)

While local permits (e.g., mayor’s permit) are not substitutes for the SEC CA, a lender normally also maintains:

  • Mayor’s/Business permit for its principal office/branches
  • BIR registration (official receipts, TIN) Discrepancies here can signal noncompliance.

4) How to Read the Paperwork You Receive

  • Certificate of Incorporation: proves the company exists as a corporation. Not a license to lend.
  • Certificate of Authority: the license to operate as a lending or financing company.
  • Articles of Incorporation/By-laws: check the primary purpose (lending/financing must be explicit).
  • General Information Sheet (GIS): shows directors, officers, and owners—useful to spot repeat offenders or conflicts.
  • Loan Agreement/Disclosure Statement: must show interest/fees clearly; compare against what was advertised.
  • Privacy Notice/Consent: should be intelligible, specific, and proportional to the service.

5) Distinguishing Lending Companies from Similar Entities

  • Lending Company (R.A. 9474): Typically lends its own funds to the public; must be a corporation and must hold a CA.
  • Financing Company (R.A. 8556): Often engages in financing/credit accommodations (e.g., installment sales, factoring); needs its own CA (not interchangeable with a lending CA).
  • Banks/EMIs (BSP-supervised): If a lender claims to be a bank or e-money issuer, verify with Bangko Sentral ng Pilipinas lists; these are different regulators and licensing regimes.
  • Pawnshops (BSP-registered) and Microfinance NGOs (R.A. 10693): Different regulatory frameworks; being a pawnshop or NGO is not a license to do general consumer lending outside their specific scope.

6) Common Red Flags and How to Respond

Red flags:

  • “SEC-registered” claim without a CA
  • Mismatch between app/brand name and corporate name on the CA, with no clear link
  • No disclosures (APR/fees), or moving targets on interest/penalties
  • Harassing collections (calling your contacts, threats, shaming)
  • Ghost offices or constantly changing addresses
  • Pressure to sign blank forms or to accept cash-out deductions never disclosed upfront

What to do:

  • Document everything (screenshots, receipts, messages)
  • Report to the SEC (for licensing/enforcement), National Privacy Commission (privacy/harassment), and DTI/Local LGU (consumer complaints/business permits)
  • For abusive collection, send a written demand to cease unlawful practices and preserve evidence. Consider criminal/civil remedies with counsel.

7) Practical Checklist (Print/Save)

Corporate identity

  • Exact corporate name matches ads, contracts, receipts
  • SEC corporate registration is active (not revoked/suspended)

Authority to operate

  • Certificate of Authority (CA) exists, matches the corporate name, and is valid
  • If financing company (not lending), CA corresponds to that category

Channels and platforms

  • If app/web, the OLP is disclosed and properly registered/approved
  • No SEC cease-and-desist or revocation orders against the company/app

Disclosures & conduct

  • Total cost of credit disclosed in writing (R.A. 3765)
  • Privacy notice provided; data access is proportional
  • Collection practices are lawful; no harassment/doxxing

Local compliance

  • Current mayor’s/business permit for principal office/branch
  • Proper official receipts and BIR registration

8) Frequently Asked Questions

Q: The company says it’s “SEC-registered.” Is that enough? A: No. You must verify the Certificate of Authority to operate as a lending (or financing) company. Corporate registration alone doesn’t authorize lending activities.

Q: The brand on the app doesn’t match the name on the CA. A: Ask the company to prove the link (e.g., trademark/DBA, corporate resolutions, disclosures). If they can’t, treat it as a red flag.

Q: Can a sole proprietorship legally do lending to the public? A: Not as a “lending company” under R.A. 9474. Lending companies must be corporations with a CA. (Banks, pawnshops, microfinance NGOs, and certain private lending arrangements fall under different rules.)

Q: Are there interest rate caps? A: Caps can vary by product type and regulator over time. Regardless of caps, full disclosure of cost of credit is mandatory, and unconscionable terms can be struck down by courts. Review the contract carefully.

Q: The lender harassed me and contacted my employer and relatives. A: Abusive collection and unlawful data use can violate consumer protection and privacy laws. Preserve evidence and report to the SEC and NPC; consider legal action.

9) Templates You Can Use

Request for Proof of Authority (short form)

We are evaluating your credit offer. Please provide (1) your SEC Certificate of Incorporation; (2) your Certificate of Authority to Operate as a Lending/Financing Company (with number and issuance date); (3) the legal name associated with your app/brand and proof of linkage; and (4) latest mayor’s/business permit. Thank you.

Cease Unlawful Collection Practices (short form)

We demand that you cease any harassing, threatening, or unlawful collection activities, including contacting third parties without lawful basis, and that you process personal data strictly in accordance with the Data Privacy Act and applicable SEC rules. All further communications should be in writing. We reserve all legal remedies.

10) Key Takeaways

  • Two layers of authorization matter: corporate registration and the SEC Certificate of Authority.
  • For apps/online lenders, verify the platform’s approval and watch for advisories/CDOs.
  • Disclosures, privacy, and fair collection are non-negotiable compliance points—violations are actionable.
  • When in doubt, ask for documents and verify independently before borrowing or contracting.

This article provides general legal information and is not a substitute for formal legal advice. For specific cases—especially involving harassment, fraudulent schemes, or potential criminal liability—consult Philippine counsel or coordinate with the SEC and the National Privacy Commission.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login