Illegal Online Lending App Complaint to the SEC (Philippines)

For educational purposes only; not legal advice. Exact steps can vary by office and the contents of your evidence packet.

---

1) What makes an online lending app “illegal”

A lending app is generally unlawful if it does any of the following:

1. Operates without a Certificate of Authority (CA) to engage in lending/financing from the Securities and Exchange Commission (SEC), even if it has a business name or SEC company registration.

2. Uses an unregistered/undeclared online platform (many rules require each online lending platform to be registered/declared with the SEC).

3. Violates consumer-protection directives, including unfair debt collection practices (UDCP), such as:

   • Contacting your phonebook contacts or employer to shame you;
   • Threats, profane/obscene language, harassment;
   • Posting defamatory content or “wanted” posters;
   • False representations (e.g., “we’re from the court/police”).

4. Collects personal data excessively or misuses it (Data Privacy Act issues), e.g., scraping your contacts or gallery without clear, lawful basis.

5. Misrepresents loan costs (concealing total cost of credit, hidden fees, undisclosed rollovers), or forces contract substitution after disbursement.

6. Uses payment channels that obscure the payee (personal e-wallets, “handler” accounts) and refuses to issue official receipts.

7. Re-loan traps: withholding statements, pushing serial renewals with undisclosed add-on charges.

Key test: A lawful lender has (a) SEC registration and (b) an SEC Certificate of Authority to operate as a lending or financing company. App name ≠ corporate name; both the company and the app/platform should be traceable.

---

2) Who does what (forum & jurisdiction)

• SEC – Administrative enforcement for violations of the Lending Company Regulation Act/Financing Company Act and SEC rules (e.g., UDCP rules, unlicensed operations, unregistered platforms). Powers include cease-and-desist orders (CDO), fines, revocation of authority, and referral for criminal prosecution.
• National Privacy Commission (NPC) – For data privacy violations (scraping contacts, unlawful processing, doxxing).
• City/Provincial Prosecutor – Criminal complaints (e.g., operating without authority, extortion, threats, estafa, cybercrime).
• PNP Anti-Cybercrime Group / NBI-Cybercrime – Case build-up, digital forensics, preservation of electronic evidence.
• Courts – Civil suits (damages; void/unconscionable terms; injunction), and criminal cases once filed by prosecutors.
• Platforms (app stores, social media) – Takedowns, especially when you attach an SEC order/complaint reference.

You can — and often should — run several tracks in parallel (SEC + NPC + Prosecutor + platform reports).

---

3) What to prepare before filing

A) Identity & lender details

• App name(s) and icon, developer page, download link(s), version, screenshots of permission prompts (contacts, camera, storage, SMS).
• Corporate info shown in the app, website, emails, or “About” pages (business name, SEC number if any, addresses, hotlines).
• Payment instructions showing account name/wallet handle receiving funds.

B) Transaction proofs

• Loan agreement/terms & conditions, disclosure screen (APR/fees), due dates.
• Disbursement proof (bank/e-wallet credit).
• Repayment proof (receipts, transfer slips, reference numbers).
• Statements of Account (or your own computation if they refuse to provide one).

C) Unfair collection / harassment evidence

• Call logs, voicemails/recordings (if legally obtained), SMS/IM screenshots.
• Screenshots of messages sent to your contacts/employer.
• Social media posts/“shaming posters” with timestamps/URLs.
• Threats claiming arrest, subpoena, case filed, NBI/PNP visits, etc.

D) Data privacy evidence

• Proof the app required or accessed your contacts/photos/SMS;
• Evidence your contacts were messaged or called;
• Any privacy policy disclosures vs. actual practice.

Preserve original quality files. Make an Evidence Index (number every item). Use a short Affidavit of Capture describing how/when you took each screenshot/recording.

---

4) How to file an SEC complaint (step-by-step)

1. Draft a Sworn Complaint addressed to the SEC (Enforcement/Financing & Lending oversight). Include:

   • Your ID and contact details (request redaction for public copies, if needed).
   • Respondents (company name if known, app names, key officers/“collection managers,” and “John Does” if identities unknown).
   • Narrative of facts: timeline from download → loan → collection → harassment.
   • Violations cited: operating without CA/using unregistered platform; unfair debt collection; misrepresentation; failure to issue receipts; other specific SEC circular breaches.
   • Prayer: CDO; fines/penalties; revocation of CA/registration; order to delete unlawfully collected data; referral to prosecutors; coordination with platforms for takedown.
   • Annexes: your Evidence Index and all exhibits.

2. File with SEC (main or extension office; consumer/enforcement desk). Keep the receiving copy with stamp or electronic acknowledgment.

3. Cooperate in fact-finding: Be reachable for clarifications, affidavits, or verification calls. Provide raw files if asked (not just screenshots).

4. Follow-on actions: If there’s ongoing harassment, ask SEC for interim relief (e.g., immediate directive to stop UDCP), while you also:

   • File a separate NPC complaint for unauthorized processing of your and your contacts’ data;
   • Consider a criminal complaint for threats, extortion, or unlawful debt collection acts (through the Prosecutor) with support from PNP-ACG/NBI.

---

5) What the SEC can do (results you can request)

• Cease-and-Desist Order against the company/app (often used to push app-store takedowns).
• Administrative fines per violation/day; revocation or suspension of the CA and/or corporate registration.
• Blacklist/public advisory naming the app(s)/company.
• Referral for criminal prosecution of responsible officers/collectors.
• Orders addressing unfair collection (stop harassment, stop contacting third parties, correct disclosures).
• Monitoring & follow-up with platforms and payment gateways.

---

6) Your other legal levers (beyond the SEC case)

• Data Privacy Act (NPC): Orders to cease processing, delete data, and pay administrative fines for unlawful contact scraping and disclosures.

• Criminal law:

  • Grave threats/coercion, unjust vexation, extortion, cybercrime components;
  • Estafa if misrepresentations caused you to part with money;
  • Use of obscene/defamatory posts → libel/cyberlibel.

• Civil remedies:

  • Damages under Civil Code Arts. 19/20/21 for abuse of rights;
  • Reduction/voiding of unconscionable penalties and charges (courts can pare down penalties and interest to reasonable levels);
  • Injunction to stop harassment/doxxing;
  • Annulment/reformation of oppressive terms;
  • Return of over-collections with legal interest.

• Employment angle: If they harass your employer, you can seek injunctive relief to bar contact with third parties and protect your workplace.

---

7) Payment, restructuring & safety tips (if you still owe)

• Ask for a Statement of Account (SOA) that separates principal, interest, penalties, and fees.
• If you’ll pay, prioritize principal; insist on official receipts naming a corporate payee (not private e-wallets).
• Do not hand over IDs or “video apologies.” Those are often used to extort.
• Propose written restructuring with a clean schedule and waiver of harassment; get any settlement in writing.
• If the lender refuses SOAs/receipts and continues harassment, stop direct negotiations and proceed with regulatory and legal filings.
• Protect your data: revoke app permissions, uninstall, change device permissions, and inform contacts not to engage with collectors.

---

8) Template: Sworn Complaint (SEC) – skeleton

Complainant: [Name, age, address, contact] Respondents: [Company (if known); “XYZ Loan App”; Officers/Collectors; John Does] Allegations:

1. On [date], I downloaded [App]. The app demanded access to [contacts/SMS/photos].
2. On [date], I received ₱[amount]. My disclosure screen showed [fees/charges/APR].
3. On [date], collectors began [threats/contacting my employer/posting photos]. Annex A-__ are screenshots/recordings.
4. I verified [no Certificate of Authority / platform not declared / misleading disclosures / UDCP]. Violations: Operating without/contrary to SEC authority; unfair debt collection; misrepresentation; non-compliance with online platform rules. Reliefs: Issue CDO, impose fines, revoke/suspend app/company authority, order deletion of unlawfully processed data, and refer for criminal prosecution. Verification & Jurat: [Sworn before notary/admin officer]

---

9) Common defenses you’ll see — and how to counter

• “We’re a third-party collector.” → Show payments flow, in-app branding, and messages tying the collector to the app/company.
• “Borrower consented by installing the app.” → Consent must be freely given, specific, informed; blanket access and contact shaming are not legitimized by boilerplate.
• “You owe us; harassment is allowed.” → Debt collection must still be lawful and fair; owing money never authorizes threats, obscenity, or third-party disclosure.
• “We are registered.” → Demand proof of a valid Certificate of Authority and, for online operations, registration/approval of the platform(s) used.

---

10) Practical checklists

Filing Packet (SEC)

• Government ID; contact info (with redaction request if necessary)
• Sworn Complaint (timeline, violations, prayer)
• Evidence Index
• App screenshots (store listing, permissions, profile)
• Contracts/T&Cs; disclosure/fee screen
• Disbursement & repayment proofs
• Harassment evidence (calls, messages, posts)
• List of impacted third parties (employer/contacts messaged)
• Any prior demand letters and replies

Parallel Filings

• NPC complaint (privacy violations)
• Prosecutor complaint (threats/extortion/illegal ops)
• PNP-ACG/NBI blotter/preservation request
• Platform takedown reports (attach SEC docket/complaint copy)

---

11) FAQs (quick hits)

• Do I have to keep paying while I complain? If you admit the principal, paying/consigning principal can reduce exposure, but do not tolerate harassment or pay to personal accounts. Coordinate with counsel.
• They messaged my boss and clients—what now? Add this to SEC (UDCP), NPC (privacy), and seek injunctive relief in court if harm is ongoing.
• Can the SEC refund me? The SEC imposes administrative sanctions; it may order corrective action. For damages/over-collections, file civil claims or include restitution in criminal complaints.
• They threatened “warrant of arrest tomorrow.” Collectors can’t issue warrants; that’s harassment/misrepresentation—include it as a violation.
• They say “app name is different from company name.” App aliases don’t cure lack of authority or unfair practices. Name all known aliases in your complaint.

---

12) Debtor’s decision tree

1. Is there a valid SEC Certificate of Authority for the company AND declared platform?

   • No/Unknown → File SEC complaint (illegal operation) + NPC + Prosecutor (as facts warrant).
   • Yes → If harassment/UDCP present, file SEC for unfair practices anyway.

2. Ongoing harassment/doxxing?

   • Yes → Add NPC + criminal filings; seek injunction.
   • No → Proceed with SEC case; demand proper SOA/receipts; negotiate only in writing.

3. Do you contest charges?

   • Yes → Consider civil action to reduce/void unconscionable penalties and stop unlawful practices, while consigning principal (if undisputed).
   • No → Pay principal and lawful charges through traceable channels; continue regulatory cases for UDCP/data abuses.

---

Bottom line

Against abusive or unlicensed lending apps, your strongest path is a papered, parallel approach: SEC (authority & unfair collection violations), NPC (privacy abuses), criminal complaints (threats/fraud), plus platform takedowns—all powered by clean, chronological evidence. Name the company and the app, preserve every message and receipt, and be explicit in your prayer: CDO, revocation, fines, deletion of unlawfully processed data, and referral for prosecution.