Lending Company SEC Registration and Legitimacy Requirements

I. Introduction

Lending is a regulated business in the Philippines. A person or entity that regularly lends money to the public for profit cannot simply operate as an informal lender, online loan app, financing page, social media lender, or cash loan business without complying with legal requirements. In the Philippine context, the legitimacy of a lending company is closely tied to registration with the Securities and Exchange Commission, corporate authority to lend, proper disclosure of loan terms, lawful collection practices, data privacy compliance, anti-money laundering awareness where applicable, and observance of consumer protection rules.

A lending company’s failure to comply with registration and legitimacy requirements can result in administrative sanctions, revocation of authority, civil liability, criminal exposure, consumer complaints, unenforceability issues, reputational harm, and possible closure. For borrowers, knowing how to verify a lender’s legitimacy helps avoid abusive lending, hidden charges, harassment, excessive interest, online shaming, identity misuse, and scams.

This article discusses the legal framework, SEC registration requirements, legitimacy indicators, documentary requirements, prohibited practices, borrower protections, and practical compliance considerations for lending companies in the Philippines.

II. What Is a Lending Company?

A lending company is generally an entity engaged in granting loans from its own capital funds or from funds sourced in accordance with law. It lends money to borrowers and earns through interest, charges, penalties, fees, or other compensation.

Lending companies may offer:

  1. Personal loans;
  2. Salary loans;
  3. Emergency cash loans;
  4. Business loans;
  5. Appliance or gadget loans;
  6. Online loans;
  7. Motorcycle or vehicle-related loans;
  8. Microloans;
  9. Collateralized loans;
  10. Unsecured loans;
  11. Installment loans;
  12. Loans through mobile applications or websites.

A lending company is different from a bank, pawnshop, financing company, cooperative, informal private lender, or investment-taking entity. Each category may be governed by different laws and regulators.

III. Main Legal Framework

The principal law governing lending companies is the Lending Company Regulation Act of 2007, commonly known as Republic Act No. 9474. Under this law, lending companies are regulated by the Securities and Exchange Commission.

Other laws and rules may also apply, including:

  1. The Revised Corporation Code;
  2. SEC rules and circulars on lending companies;
  3. Truth in Lending rules;
  4. Consumer protection rules;
  5. Data Privacy Act of 2012;
  6. Cybercrime Prevention Act, where online conduct is involved;
  7. Revised Penal Code provisions on threats, coercion, unjust vexation, libel, or other offenses;
  8. Anti-Money Laundering Act, where applicable;
  9. Financial consumer protection principles;
  10. Rules on interest, penalties, unconscionable stipulations, and contracts;
  11. Electronic commerce and electronic evidence rules, for online lending platforms;
  12. Local business permit and tax registration requirements.

The SEC is the key agency for registration and supervision of lending companies, but other agencies may become relevant depending on the lender’s operations.

IV. Why SEC Registration Matters

SEC registration matters because lending is a regulated business. A lending company must have legal personality and authority to operate. Registration protects the public by allowing the government to monitor lending entities, impose disclosure requirements, regulate abusive conduct, and sanction unauthorized or predatory lenders.

SEC registration helps establish that:

  1. The company legally exists;
  2. Lending is within its corporate purpose;
  3. The company has authority to operate as a lending company;
  4. The company is subject to SEC supervision;
  5. Borrowers can verify its legitimacy;
  6. Complaints can be directed to a regulator;
  7. The entity is not merely an anonymous or fraudulent lender.

However, SEC registration alone does not automatically mean that every act of the company is lawful. A registered lending company may still violate consumer protection, data privacy, collection, disclosure, interest, or contract rules.

V. Lending Company vs. Ordinary Corporation

A corporation registered with the SEC is not automatically allowed to operate as a lending company. A company may have a certificate of incorporation, but it still needs authority to engage in lending as a regulated activity.

A legitimate lending company generally needs:

  1. SEC registration as a corporation;
  2. A primary or authorized purpose involving lending;
  3. A Certificate of Authority to Operate as a Lending Company;
  4. Compliance with capitalization and documentary requirements;
  5. Business permits and tax registrations;
  6. Compliance with ongoing reporting obligations;
  7. Lawful disclosure, collection, and data practices.

Borrowers should not be satisfied with a screenshot of a generic SEC registration. They should verify whether the entity has authority to operate as a lending company.

VI. Lending Company vs. Financing Company

A lending company generally grants loans from its own funds. A financing company is commonly involved in extending credit facilities, leasing, discounting receivables, factoring, and similar financing activities. Financing companies are also regulated and require proper authority.

The distinction matters because a company may be registered as one type but actually perform activities requiring another authority. An entity that claims to be a “loan provider” but engages in financing, investment solicitation, deposit-taking, or quasi-banking may be operating beyond its authority.

VII. Lending Company vs. Private Individual Lender

Not every private loan requires SEC registration. A person who occasionally lends money to a friend or relative does not necessarily become a lending company. However, a person or group that regularly lends money to the public for profit may be considered engaged in a lending business and may need to comply with lending company regulations.

Indicators of lending business activity include:

  1. Regular solicitation of borrowers;
  2. Public advertising of loans;
  3. Use of business name or lending brand;
  4. Multiple borrowers;
  5. Standard loan forms;
  6. Interest-based profit model;
  7. Use of agents or collectors;
  8. Online lending page or app;
  9. Repeated lending transactions;
  10. Maintaining a lending office or digital platform.

A private individual cannot evade regulation by calling the business “personal lending,” “cash assistance,” “community fund,” or “online pautang” if the substance shows a lending business.

VIII. Who May Operate a Lending Company?

A lending company is usually required to be organized as a corporation. The law and SEC rules generally regulate lending companies as corporate entities rather than informal individuals or unregistered groups.

The company must meet requirements involving:

  1. Corporate registration;
  2. Nationality restrictions, if applicable;
  3. Minimum capitalization;
  4. Fit and proper qualifications of incorporators, directors, trustees, officers, or controlling persons;
  5. Lawful source of funds;
  6. Place of business;
  7. Corporate name requirements;
  8. Authority from the SEC;
  9. Compliance with continuing obligations.

IX. Corporate Name Requirements

A lending company’s corporate name should not mislead the public. It should reflect the nature of the business and should comply with SEC naming rules.

The name should not:

  1. Imply it is a bank if it is not;
  2. Suggest government affiliation without authority;
  3. Use prohibited or restricted words without approval;
  4. Mislead borrowers into believing it is licensed by another regulator;
  5. Use names confusingly similar to registered entities;
  6. Conceal the company’s lending nature;
  7. Operate under an unregistered trade name.

For lending companies, the name commonly includes words such as “Lending,” “Lending Company,” or similar identifiers required or accepted by the SEC.

X. Certificate of Incorporation vs. Certificate of Authority

A key concept is the difference between:

1. Certificate of Incorporation

This proves that the corporation exists as a juridical person.

2. Certificate of Authority to Operate as a Lending Company

This proves that the corporation is authorized by the SEC to engage in the lending business.

A company may have the first but not the second. Borrowers should look for both.

A corporation that lends money without the required certificate of authority may be operating illegally, even if it has a general SEC registration.

XI. Minimum Capitalization

Lending companies are subject to capitalization requirements. The exact minimum may depend on the law, SEC rules, location of operation, ownership, and whether the company operates through branches, online channels, or other arrangements.

Capitalization rules exist to ensure that the company has real financial capacity and is not merely a shell used to collect fees, misuse borrower data, or conduct scams.

A company should maintain sufficient paid-up capital and comply with SEC requirements regarding proof of capital, deposits, bank certificates, audited financial statements, and related documents.

XII. Basic SEC Registration Process for Lending Companies

The general process usually involves several stages.

Step 1: Corporate Planning

The organizers determine:

  1. Corporate name;
  2. Incorporators and directors;
  3. Shareholding structure;
  4. Principal office;
  5. Capitalization;
  6. Lending business model;
  7. Source of funds;
  8. Loan products;
  9. Online or physical operations;
  10. Compliance officers or responsible personnel.

Step 2: Name Verification and Reservation

The proposed corporate name is checked and reserved with the SEC.

Step 3: Preparation of Corporate Documents

Documents usually include:

  1. Articles of incorporation;
  2. By-laws, where applicable;
  3. Treasurer’s affidavit or equivalent certification;
  4. Details of incorporators, directors, and officers;
  5. Proof of capital;
  6. Board approvals;
  7. Other SEC forms.

Step 4: Application for Lending Authority

The company applies for authority to operate as a lending company. This may require specific forms, supporting documents, business plan, capitalization proof, and compliance undertakings.

Step 5: SEC Evaluation

The SEC evaluates whether the applicant meets the legal requirements.

Step 6: Issuance of Certificate of Authority

If approved, the SEC issues authority to operate as a lending company.

Step 7: Post-Registration Compliance

After SEC approval, the company must secure business permits, tax registration, books of accounts, official receipts or invoices, and comply with reporting obligations.

XIII. Common Documentary Requirements

Although exact requirements may vary depending on current SEC rules and the applicant’s circumstances, a lending company may need to prepare:

  1. Articles of incorporation;
  2. By-laws or corporate governance documents;
  3. Name reservation confirmation;
  4. Treasurer’s certification or affidavit;
  5. Bank certificate or proof of paid-up capital;
  6. List of directors, officers, and stockholders;
  7. Personal information sheets;
  8. Tax identification details;
  9. Proof of office address;
  10. Lease contract or proof of ownership of office;
  11. Business plan or lending operations plan;
  12. Loan contract templates;
  13. Disclosure statement templates;
  14. Collection policy;
  15. Data privacy policy;
  16. Website or app details, if operating online;
  17. Authorization for branches, if any;
  18. Board resolutions;
  19. Undertakings required by the SEC;
  20. Proof of payment of filing fees.

A company should ensure consistency across documents. Inconsistencies in corporate purpose, office address, capitalization, business model, and ownership may delay or jeopardize approval.

XIV. Local Business Permits and Tax Registration

SEC authority is not the only requirement. After registration, a lending company generally needs local and tax compliance.

Common requirements include:

  1. Mayor’s permit or business permit;
  2. Barangay clearance;
  3. BIR registration;
  4. Authority to print receipts or invoices, where applicable;
  5. Registration of books of accounts;
  6. Tax filings;
  7. Local taxes and fees;
  8. Signage permits, if applicable;
  9. Employee registrations with SSS, PhilHealth, and Pag-IBIG, if the company has employees.

Operating without local permits or tax registration can create separate violations even if SEC registration exists.

XV. Branches, Satellites, Agents, and Online Operations

A lending company should not operate branches, satellite offices, kiosks, agents, websites, mobile apps, or social media lending pages in a manner inconsistent with its SEC authority.

Issues may arise when:

  1. A company opens unregistered branches;
  2. Agents collect payments without authority;
  3. A company operates multiple online lending brands;
  4. A mobile app uses a different name from the registered company;
  5. A company hides its real SEC-registered name;
  6. Loan contracts do not identify the true lender;
  7. Collection is outsourced to unauthorized or abusive collectors;
  8. A company uses shell entities to avoid regulation.

The public-facing brand should be traceable to the SEC-registered entity.

XVI. Online Lending Companies

Online lending companies are subject to the same basic legitimacy requirements as physical lenders, with additional concerns involving digital platforms, data privacy, cybersecurity, advertising, e-signatures, and online collection behavior.

An online lending company should clearly disclose:

  1. SEC-registered corporate name;
  2. Certificate of Authority number;
  3. Office address;
  4. Contact information;
  5. Loan terms;
  6. Interest rate;
  7. fees and charges;
  8. Penalties;
  9. Data collection practices;
  10. Privacy policy;
  11. Complaint channels;
  12. Collection practices;
  13. Identity of third-party service providers, where relevant.

An app or website that offers loans but hides the lender’s true identity is a major red flag.

XVII. SEC Verification of Lending Company Legitimacy

Borrowers should verify a lending company before borrowing.

Useful steps include:

  1. Check whether the company is registered with the SEC;
  2. Confirm whether it has a Certificate of Authority to Operate as a Lending Company;
  3. Compare the company name in the loan contract with SEC records;
  4. Check whether the app or brand name matches a registered lending company;
  5. Verify address, contact information, and official channels;
  6. Be cautious if only a social media account, mobile number, or personal e-wallet is provided;
  7. Check whether the company has been subject to advisories or complaints;
  8. Review the loan contract and disclosure statement;
  9. Confirm that fees and interest are clearly stated;
  10. Avoid paying advance fees to unverified lenders.

A legitimate lender should be transparent and verifiable.

XVIII. Red Flags of an Illegitimate Lending Entity

Warning signs include:

  1. No SEC registration;
  2. SEC registration but no lending authority;
  3. Refusal to provide Certificate of Authority;
  4. Use of a personal bank or e-wallet account for company payments;
  5. No physical or official business address;
  6. Only communicates through anonymous chat accounts;
  7. Requires upfront processing fees before loan release;
  8. Uses threats, shaming, or harassment;
  9. Demands access to phone contacts, photos, or messages;
  10. Does not provide written loan terms;
  11. Hides interest and charges;
  12. Uses fake government logos;
  13. Claims “SEC approved” but cannot provide details;
  14. Uses multiple app names but one unknown company;
  15. Collectors refuse to identify themselves;
  16. Posts borrowers online;
  17. Contacts relatives and employers abusively;
  18. Offers guaranteed loans with no verification but asks for fees;
  19. Uses foreign or untraceable entities;
  20. Pressures borrowers to sign quickly.

XIX. Loan Documentation Requirements

A legitimate lending company should document its loans properly. A borrower should receive or have access to written loan terms.

Loan documents may include:

  1. Loan agreement;
  2. Promissory note;
  3. Disclosure statement;
  4. Amortization schedule;
  5. Privacy notice;
  6. Consent forms, if legally appropriate;
  7. Payment instructions;
  8. Collection policy;
  9. Official receipts or acknowledgments;
  10. Collateral documents, if any.

Loan documentation protects both lender and borrower. It reduces disputes over interest, due dates, penalties, and payment history.

XX. Truth in Lending and Disclosure Requirements

A lending company must disclose the true cost of borrowing. Borrowers should be informed of the amount financed, interest rate, finance charges, penalties, service fees, deductions, and payment schedule.

A transparent loan disclosure should state:

  1. Principal amount;
  2. Net proceeds released to borrower;
  3. Interest rate;
  4. Computation of interest;
  5. Service or processing fees;
  6. Documentary or notarial charges, if any;
  7. Late payment penalties;
  8. Collection fees, if any;
  9. Due dates;
  10. Total amount payable;
  11. Effective cost of the loan;
  12. Consequences of default.

Hidden charges may be challenged as unfair, deceptive, abusive, or contrary to disclosure requirements.

XXI. Interest Rates and Penalties

Lending companies may charge interest, but interest and penalties must be lawful, disclosed, and not unconscionable. Philippine courts may reduce interest, penalties, and charges that are excessive, iniquitous, or contrary to morals and public policy.

Factors that may be considered include:

  1. Whether interest was clearly agreed upon;
  2. Whether the borrower understood the charges;
  3. Whether the rate is excessive compared with the transaction;
  4. Whether penalties compound unreasonably;
  5. Whether fees disguise additional interest;
  6. Whether the borrower received the full principal;
  7. Whether the lender acted abusively;
  8. Whether the contract is one-sided or oppressive.

A lending company should not assume that any rate is enforceable merely because the borrower signed.

XXII. Advance Fees and Loan Scams

Some fraudulent lenders ask borrowers to pay “processing fees,” “insurance fees,” “release fees,” “verification fees,” or “taxes” before releasing the loan, then disappear or demand more money.

A legitimate lender may charge lawful fees, but these should be clearly disclosed and usually connected to an actual loan transaction. Borrowers should be cautious if:

  1. The lender asks for upfront payment before approval or release;
  2. The lender refuses to issue receipts;
  3. The lender uses personal e-wallet accounts;
  4. The lender promises guaranteed approval;
  5. The lender cannot be verified with SEC;
  6. The lender communicates only through chat;
  7. The lender threatens cancellation unless fees are sent immediately.

Such schemes may involve fraud or estafa, depending on the circumstances.

XXIII. Collection Practices

Lending companies may collect unpaid debts, but collection must be lawful. The right to collect does not include the right to harass, threaten, shame, deceive, or abuse borrowers.

Improper collection practices may include:

  1. Threats of violence;
  2. Threats of arrest for ordinary debt;
  3. Public shaming;
  4. Posting borrower’s face or personal details online;
  5. Contacting relatives with humiliating messages;
  6. Contacting employers without lawful purpose;
  7. Repeated calls at unreasonable hours;
  8. Use of obscene or insulting language;
  9. False representation as police, lawyer, court, or government officer;
  10. Threatening criminal charges without basis;
  11. Disclosing debt to unrelated persons;
  12. Using borrower’s phone contacts for harassment;
  13. Collecting amounts not legally due;
  14. Misleading borrowers about legal consequences.

A registered lending company may still be sanctioned for abusive collection.

XXIV. Use of Collection Agencies

A lending company may engage collectors or collection agencies, but it remains responsible for lawful collection. Outsourcing does not excuse harassment or illegal conduct.

The lender should ensure that collectors:

  1. Are properly authorized;
  2. Identify themselves truthfully;
  3. Follow collection rules;
  4. Protect borrower data;
  5. Avoid threats and abusive language;
  6. Do not disclose debt to third parties;
  7. Keep accurate payment records;
  8. Issue receipts or proper acknowledgments;
  9. Escalate disputes lawfully;
  10. Observe complaint procedures.

Borrowers may complain not only against the collector but also against the lending company that engaged them.

XXV. Data Privacy Compliance

Lending companies process personal information, sensitive personal information, financial data, employment data, contact information, IDs, photos, device data, and sometimes location or digital behavior. They must comply with data privacy principles.

Key principles include:

  1. Transparency;
  2. Legitimate purpose;
  3. Proportionality;
  4. Data minimization;
  5. Lawful consent or other lawful basis;
  6. Security of personal information;
  7. Limited retention;
  8. Respect for data subject rights;
  9. Proper handling of data breaches;
  10. Accountability.

Online lenders are especially scrutinized because some apps have misused borrower contacts, photos, and phone data for shaming or coercive collection.

A lending app should not demand excessive permissions unrelated to credit assessment or loan servicing.

XXVI. Borrower Consent and Mobile App Permissions

Consent must be specific, informed, and freely given. A borrower’s acceptance of a privacy policy does not automatically authorize abusive or excessive data use.

Problematic practices include:

  1. Accessing entire contact lists without necessity;
  2. Uploading borrower contacts to servers;
  3. Sending collection messages to unrelated contacts;
  4. Accessing photos, files, or messages unrelated to the loan;
  5. Using personal data for public shaming;
  6. Sharing data with undisclosed third parties;
  7. Retaining data after the loan is closed without lawful basis;
  8. Using consent buried in vague terms.

A legitimate lending company should limit data collection to what is necessary for identity verification, credit assessment, loan release, servicing, collection, and legal compliance.

XXVII. Advertising and Marketing Rules

Loan advertisements should be truthful and not misleading. A lending company should not advertise in a way that deceives borrowers about approval, interest, fees, or consequences.

Problematic advertisements include:

  1. “Guaranteed approval” with hidden conditions;
  2. “Zero interest” but with high service fees;
  3. “No requirements” but later demanding sensitive data;
  4. “SEC approved” without proof;
  5. Fake testimonials;
  6. Misleading use of celebrity images;
  7. False government affiliation;
  8. Concealing the real lender;
  9. Advertising one rate but charging another;
  10. Using bait-and-switch loan terms.

Marketing materials should match the actual loan contract.

XXVIII. Lending Through Social Media

Many unregistered lenders operate through Facebook pages, TikTok, Instagram, Telegram, or messaging apps. Social media lending is not exempt from regulation.

A lender using social media should still have:

  1. SEC-registered corporate identity;
  2. Certificate of Authority;
  3. Official loan documents;
  4. Clear disclosure of rates and charges;
  5. Lawful privacy policy;
  6. Official collection channels;
  7. Receipts and records;
  8. Complaint mechanisms;
  9. Local and tax compliance.

Borrowers should avoid lenders that use only personal accounts, anonymous pages, or changing group names.

XXIX. Lending Through Agents

Some lenders use agents or brokers to find borrowers. This can create legitimacy issues.

Agents should not:

  1. Misrepresent loan terms;
  2. Collect unauthorized fees;
  3. Use fake approvals;
  4. Impersonate the lending company;
  5. Hide the real lender;
  6. Promise guaranteed release;
  7. Keep borrower documents unlawfully;
  8. Use personal accounts for company funds;
  9. Harass applicants;
  10. Process loans for unregistered lenders.

A lending company should have written agreements and controls over agents.

XXX. Borrower’s Right to Information

Borrowers should be able to ask for:

  1. SEC registration details;
  2. Certificate of Authority details;
  3. Corporate name and address;
  4. Loan contract;
  5. Disclosure statement;
  6. Amortization schedule;
  7. Computation of balance;
  8. Official receipts;
  9. Payment history;
  10. Data privacy policy;
  11. Contact details for complaints;
  12. Identity of authorized collectors.

Refusal to provide basic information is a legitimacy concern.

XXXI. Borrower Complaints Against Lending Companies

Borrowers may complain when a lending company:

  1. Operates without authority;
  2. Charges undisclosed fees;
  3. Imposes unconscionable interest;
  4. Harasses borrowers;
  5. Publicly shames borrowers;
  6. Misuses personal data;
  7. Contacts employers or relatives abusively;
  8. Refuses to issue receipts;
  9. Collects amounts already paid;
  10. Uses threats or intimidation;
  11. Misrepresents legal consequences;
  12. Uses fake SEC documents;
  13. Fails to provide loan documents;
  14. Engages in fraud.

Possible complaint channels may include the SEC, National Privacy Commission, police or prosecutor for criminal acts, barangay or courts for civil disputes, and other relevant agencies depending on the facts.

XXXII. SEC Sanctions

The SEC may impose sanctions against lending companies that violate law or rules. Sanctions may include:

  1. Warning;
  2. Fines;
  3. Suspension of authority;
  4. Revocation of Certificate of Authority;
  5. Revocation of corporate registration, in serious cases;
  6. Cease and desist orders;
  7. Disqualification of officers;
  8. Administrative proceedings;
  9. Referral for criminal prosecution;
  10. Public advisories.

Administrative sanctions may apply even if borrowers also have private civil or criminal remedies.

XXXIII. Criminal Exposure

Certain acts connected with lending may create criminal exposure, such as:

  1. Operating without required authority;
  2. Fraudulent collection of advance fees;
  3. Use of threats or intimidation;
  4. Cyber libel or online shaming;
  5. Unjust vexation;
  6. Grave coercion;
  7. Identity theft or misuse of personal data;
  8. Falsification of documents;
  9. Estafa or swindling;
  10. Violation of specific lending company laws;
  11. Unauthorized use of corporate or government names;
  12. Harassment amounting to criminal conduct.

The existence of a debt does not authorize criminal acts by the lender.

XXXIV. Civil Liability

A lending company may face civil liability for:

  1. Breach of contract;
  2. Unlawful collection;
  3. Excessive or unconscionable charges;
  4. Misrepresentation;
  5. Damages from harassment;
  6. Violation of privacy;
  7. Defamation;
  8. Abuse of rights;
  9. Negligent handling of borrower data;
  10. Wrongful reporting or blacklisting;
  11. Collection of amounts not due.

Borrowers may seek damages where legally justified.

XXXV. Enforceability of Loans by Unregistered Lenders

A loan from an unregistered or unauthorized lender raises legal issues. The borrower’s obligation to return money actually received may still be considered separately from the lender’s regulatory violations. However, illegal lending operations may expose the lender to sanctions, and unlawful interest, penalties, or charges may be reduced or invalidated.

A borrower should not assume that borrowing from an unregistered lender means no money is owed. Likewise, an unregistered lender should not assume it can enforce all charges despite operating illegally. The court or regulator may examine the facts, legality, equity, and public policy considerations.

XXXVI. Registration Does Not Validate Abusive Terms

Even a registered lending company cannot enforce abusive, illegal, or unconscionable terms simply because it is SEC-registered.

Registration does not excuse:

  1. Hidden charges;
  2. Misleading disclosure;
  3. Excessive interest;
  4. Illegal penalties;
  5. Unauthorized data use;
  6. Harassment;
  7. Public shaming;
  8. Deceptive collection;
  9. Breach of consumer rights;
  10. Violation of privacy.

Borrowers may still challenge unfair terms and abusive conduct.

XXXVII. Compliance Program for Lending Companies

A legitimate lending company should maintain a compliance program covering:

  1. SEC registration and renewals;
  2. Corporate records;
  3. Board oversight;
  4. Loan product approval;
  5. Interest and fee review;
  6. Disclosure templates;
  7. Borrower complaints;
  8. Data privacy compliance;
  9. Cybersecurity;
  10. Collection practices;
  11. Agent and collector training;
  12. Advertising review;
  13. Record retention;
  14. Regulatory reporting;
  15. Internal audit;
  16. Anti-fraud controls;
  17. Consumer protection policies.

Compliance should be operational, not merely documentary.

XXXVIII. Corporate Governance

Good governance helps prevent abusive lending. Directors and officers should ensure that the company operates lawfully.

Governance responsibilities include:

  1. Approving lawful loan products;
  2. Monitoring capital and financial condition;
  3. Ensuring accurate disclosures;
  4. Supervising collectors and agents;
  5. Handling complaints;
  6. Preventing data misuse;
  7. Avoiding conflicts of interest;
  8. Maintaining corporate records;
  9. Filing reports;
  10. Responding to regulators;
  11. Preventing fraudulent practices;
  12. Ensuring ethical marketing.

Officers may be held accountable when violations occur under their authority or participation.

XXXIX. Record-Keeping Requirements

A lending company should keep accurate records of:

  1. Loan applications;
  2. Borrower IDs and verification documents;
  3. Loan approvals;
  4. Loan agreements;
  5. Disclosure statements;
  6. Release of proceeds;
  7. Payment records;
  8. Receipts;
  9. Collection communications;
  10. Complaints and resolutions;
  11. Data consents and privacy notices;
  12. Corporate approvals;
  13. Financial statements;
  14. Tax records;
  15. SEC filings;
  16. Branch and agent records.

Poor records can lead to disputes, regulatory findings, and inability to prove claims in court.

XL. Receipts and Payment Acknowledgments

Borrowers should receive receipts or payment confirmations. Lending companies should accurately record all payments.

A borrower should keep:

  1. Official receipt;
  2. Electronic payment confirmation;
  3. Collection receipt;
  4. Bank transfer record;
  5. Screenshot of payment;
  6. Updated statement of account;
  7. Name of collector;
  8. Date and time of payment;
  9. Reference number;
  10. Remaining balance confirmation.

Disputes often arise when payments are made to collectors who fail to remit. Companies should control and audit collection channels.

XLI. Statement of Account and Balance Verification

Borrowers may request an updated statement of account. A proper statement should show:

  1. Principal;
  2. Interest;
  3. Fees;
  4. Penalties;
  5. Payments received;
  6. Dates of payments;
  7. Remaining balance;
  8. Computation method;
  9. Due dates;
  10. Contact person for disputes.

A lender that cannot explain the computation of the balance may face credibility and compliance issues.

XLII. Collateral and Security

Some lending companies require collateral, postdated checks, salary deduction authority, vehicle documents, gadgets, jewelry, land titles, or other security.

Collateral arrangements should be lawful, documented, and proportionate. Lenders should avoid:

  1. Taking original IDs as coercive security;
  2. Retaining ATM cards or payroll cards unlawfully;
  3. Confiscating property without legal process;
  4. Using blank signed documents abusively;
  5. Repossessing property through force or intimidation;
  6. Charging penalties not disclosed;
  7. Misusing postdated checks;
  8. Holding personal documents to pressure payment.

Collateral enforcement must follow law and contract.

XLIII. Postdated Checks

Some lenders require postdated checks. Borrowers should understand that dishonored checks may have legal consequences under specific laws if elements are present.

Lending companies should not misuse checks by:

  1. Filling blanks contrary to agreement;
  2. Depositing checks despite settlement;
  3. Threatening criminal charges without basis;
  4. Using checks to impose unconscionable pressure;
  5. Failing to account for payments.

Borrowers should not issue checks unless they understand the obligation and have funds.

XLIV. Payroll Deduction and Salary Loans

Some lending companies offer salary loans through employers or payroll deduction arrangements. These require clear authorization and lawful deduction practices.

Issues may include:

  1. Validity of employee authorization;
  2. Employer participation;
  3. Limits on deductions;
  4. Final pay deductions;
  5. Data sharing between employer and lender;
  6. Employee consent;
  7. Dispute over balance;
  8. Employer liability for improper deductions.

A lending company should not pressure employers to disclose employee information or deduct wages without proper authority.

XLV. Lending to Employees by Employers

Employers sometimes operate internal lending programs. Whether SEC lending company registration is required depends on the nature of the program, regularity, profit motive, structure, and whether lending is offered as a business to the public or merely an employment benefit.

An employer that effectively runs a lending business beyond incidental employee assistance should seek legal advice on regulatory requirements.

XLVI. Cooperatives and Lending

Cooperatives may provide credit facilities to members under cooperative laws and regulation. A cooperative is not automatically a lending company regulated in the same way as a private lending corporation. However, a cooperative cannot use its status to conduct unauthorized lending to the general public outside its lawful authority.

Borrowers should verify whether the entity is truly a registered cooperative and whether they are dealing with a legitimate cooperative activity.

XLVII. Pawnshops, Banks, and Other Regulated Entities

Banks, pawnshops, financing companies, money service businesses, and cooperatives may engage in credit-related activities under separate regulatory frameworks. A borrower should know what kind of entity they are dealing with because the regulator, requirements, and remedies may differ.

An entity should not misrepresent itself as a bank, pawnshop, cooperative, or financing company if it does not have proper authority.

XLVIII. Investment Solicitation Disguised as Lending

Some schemes claim to be lending companies but actually solicit investments from the public, promising high returns from lending operations. Lending company authority does not automatically authorize public investment solicitation.

Warning signs include:

  1. Guaranteed high returns;
  2. Referral commissions;
  3. Investment packages;
  4. “Fund our lending pool” offers;
  5. No securities registration;
  6. Ponzi-like payout structure;
  7. Use of lending as cover for investment-taking;
  8. Promise of passive income from borrower collections.

Public investment solicitation generally requires separate legal authority and compliance with securities laws.

XLIX. Foreign Ownership and Foreign Online Lenders

Foreign participation in lending companies may be subject to nationality, investment, SEC, and other legal requirements. Foreign online lenders targeting Philippine borrowers may also raise jurisdiction, licensing, consumer protection, data privacy, and enforcement concerns.

Borrowers should be cautious when a lender:

  1. Has no Philippine-registered entity;
  2. Uses foreign addresses only;
  3. Has no SEC lending authority;
  4. Uses foreign apps with local collectors;
  5. Demands payment to personal accounts;
  6. Provides no local complaint channel;
  7. Collects personal data from Philippine borrowers.

Foreign incorporation does not automatically authorize lending in the Philippines.

L. Business Model Review Before Registration

A proposed lending company should review its business model before applying.

Questions to ask include:

  1. Will loans be online, in-office, or through agents?
  2. What loan products will be offered?
  3. What is the source of funds?
  4. What interest and fees will be charged?
  5. Who are the target borrowers?
  6. Will the company use an app or website?
  7. What personal data will be collected?
  8. Who will collect payments?
  9. Will branches operate?
  10. Will collateral be accepted?
  11. Will checks be required?
  12. Will investors fund the loan portfolio?
  13. Will the company advertise publicly?
  14. Will it use third-party credit scoring?
  15. Will it share data with affiliates?

The answers may determine what legal requirements apply.

LI. Sample Legitimacy Checklist for Borrowers

Before borrowing, check the following:

  1. Full registered company name;
  2. SEC registration number;
  3. Certificate of Authority number;
  4. Official office address;
  5. Official website or verified page;
  6. Contact numbers and email;
  7. Loan contract;
  8. Disclosure statement;
  9. Interest rate and fees;
  10. Total amount payable;
  11. Payment channels;
  12. Receipt policy;
  13. Privacy policy;
  14. Collection policy;
  15. Complaint channel;
  16. Whether the lender appears in warnings or complaints;
  17. Whether the app name matches the registered company;
  18. Whether advance fees are being demanded;
  19. Whether the company uses abusive language;
  20. Whether the lender allows time to review documents.

If several items are missing, the borrower should avoid the transaction.

LII. Sample Compliance Checklist for Lending Companies

A lending company should maintain:

  1. SEC certificate of incorporation;
  2. SEC Certificate of Authority;
  3. Updated general information sheet;
  4. Audited financial statements;
  5. Business permits;
  6. BIR registration;
  7. Loan templates;
  8. Disclosure statement templates;
  9. Privacy notice;
  10. Data processing records;
  11. Collection policy;
  12. Borrower complaint procedure;
  13. Advertising review process;
  14. Agent agreements;
  15. Collector training records;
  16. Receipts and accounting controls;
  17. Cybersecurity safeguards;
  18. Incident response plan;
  19. Board minutes and approvals;
  20. Regulatory filings.

LIII. Sample Borrower Request for Verification

A borrower may send a message such as:

“Before proceeding with the loan application, please provide your SEC-registered corporate name, SEC registration number, Certificate of Authority to Operate as a Lending Company, official office address, loan disclosure statement, privacy policy, and official payment channels. I would also like to confirm the total amount payable, interest, fees, penalties, and due dates.”

A legitimate lender should be able to provide clear information.

LIV. Sample Complaint Narrative Against an Unauthorized Lender

A borrower complaint may state:

“I applied for a loan from [name/page/app] on [date]. The lender claimed to be authorized to lend but refused to provide its SEC Certificate of Authority. It required me to pay advance fees of ₱[amount] through [account]. After payment, the lender failed to release the loan and demanded additional charges. The lender also threatened to contact my relatives and employer. I request investigation of this entity for possible unauthorized lending, fraud, abusive collection, and misuse of personal information.”

Attach screenshots, receipts, account details, messages, and identification of the app or page.

LV. Sample Internal Policy Statement for Lending Companies

A lending company may adopt a policy such as:

“The Company shall operate only within the authority granted by the Securities and Exchange Commission. All loan products shall be documented, disclosed, and reviewed for compliance with applicable laws. The Company shall prohibit harassment, threats, public shaming, unauthorized disclosure of borrower data, hidden charges, and misleading advertising. All collectors, agents, officers, and employees shall comply with lawful collection standards, data privacy requirements, and consumer protection principles.”

LVI. Frequently Asked Questions

Is SEC registration enough to prove a lender is legitimate?

Not always. The lender should have both SEC corporate registration and authority to operate as a lending company. It should also comply with disclosure, collection, privacy, tax, and local permit requirements.

Can an individual operate a lending business without SEC registration?

Occasional private lending may not necessarily require lending company registration. But regularly lending to the public for profit may require compliance with lending company laws.

Can a lending company charge any interest rate it wants?

No. Interest must be agreed upon, disclosed, and not unconscionable. Courts may reduce excessive interest or penalties.

Is an online lending app legal?

It may be legal if operated by a properly registered and authorized lending company and if it complies with disclosure, privacy, collection, and consumer protection rules.

Can a lender access my contacts?

A lender should not collect or use personal data beyond what is lawful, necessary, and proportionate. Misuse of contacts for shaming or harassment may violate privacy and other laws.

Can a lender post my name or photo online if I do not pay?

No. Public shaming and unauthorized disclosure of borrower information may expose the lender to liability.

Can a lending company threaten arrest for unpaid debt?

Ordinary nonpayment of debt does not automatically justify arrest. Threats of arrest may be abusive or misleading unless based on a legitimate criminal process.

Can a borrower refuse to pay because the lender is unregistered?

The borrower should get legal advice. The borrower may still be liable to return money actually received, but the lender may face sanctions and unlawful charges may be challenged.

Where can borrowers complain?

Depending on the issue, complaints may be brought to the SEC, National Privacy Commission, law enforcement, prosecutors, courts, or other relevant offices.

What documents should a legitimate lender provide?

At minimum, the borrower should receive clear loan terms, disclosure of interest and fees, payment schedule, privacy notice, official lender identity, and payment channels.

LVII. Conclusion

Lending company legitimacy in the Philippines requires more than having a business name or social media page. A lawful lending company should be incorporated, registered with the SEC, authorized to operate as a lending company, properly capitalized, locally permitted, tax-compliant, transparent in its loan disclosures, fair in its charges, lawful in its collection practices, and compliant with data privacy obligations.

For borrowers, the safest approach is to verify the lender before applying, demand clear documentation, avoid advance-fee scams, review interest and penalties, protect personal data, and report abusive or unauthorized lenders. For lending companies, compliance must be built into the business model from the beginning. SEC authority, proper documentation, lawful advertising, fair disclosure, responsible collection, and privacy protection are not optional; they are essential conditions for operating a legitimate lending business in the Philippines.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login