I. Introduction

Loan apps (online lending platforms, digital lending apps, buy-now-pay-later services, etc.) are now common sources of short-term credit in the Philippines. Along with convenience, they’ve also brought abusive collection practices, data privacy violations, and poor customer service, which pushed regulators to tighten rules.

In Philippine law, there is no single statute called the “Loan App Law.” Instead, loan app customer service is governed by a network of laws and regulations, mainly:

• Financial Products and Services Consumer Protection Act (RA 11765)
• Lending Company Regulation Act (RA 9474) and Financing Company Act
• Bangko Sentral ng Pilipinas (BSP) regulations (for banks, digital banks, EMIs that use apps)
• Securities and Exchange Commission (SEC) memoranda (for lending/financing companies and online lending platforms)
• Data Privacy Act (RA 10173) and NPC issuances
• Consumer Act (RA 7394), plus relevant provisions of the Revised Penal Code and special laws on harassment, cybercrime, etc.

This article walks through what loan apps are legally required to do in terms of customer service in the Philippine setting: disclosure, complaint handling, communication, collection behavior, and data privacy, plus remedies and sanctions. It is for general information only and not a substitute for advice from a Philippine lawyer or regulator.

---

II. Regulatory Framework: Who Regulates What?

1. Securities and Exchange Commission (SEC)

   SEC regulates lending companies and financing companies under:

   • RA 9474 (Lending Company Regulation Act)
   • Financing Company Act and related rules

   For loan apps:

   • SEC requires registration and licensing of lending/financing companies.
   • SEC has issued memorandum circulars on online lending platforms (OLPs): registration, disclosures, and conduct requirements.
   • SEC also issued rules prohibiting unfair debt collection practices and requiring proper customer service channels.

2. Bangko Sentral ng Pilipinas (BSP)

   BSP regulates:

   • Banks, digital banks, quasi-banks, electronic money issuers (EMIs) and other BSP-supervised institutions that may offer loans via apps.

   Under RA 11765 and BSP’s consumer protection framework, banks and BSP-regulated entities using loan apps must:

   • Provide effective complaint handling units;
   • Give clear disclosures;
   • Ensure fair treatment and responsible collection.

3. Financial Products and Services Consumer Protection Act (RA 11765)

   This law:

   • Covers “financial service providers” (FSPs)—including many entities operating loan apps (banks, financing companies, lending companies, EMIs, etc.).

   • Gives BSP, SEC, IC, and CDA explicit consumer protection powers.

   • Sets core principles:

     • equitable and fair treatment
     • disclosure and transparency
     • protection of consumer assets
     • data privacy and protection
     • effective recourse (complaints and redress)

4. National Privacy Commission (NPC) – Data Privacy Act

   Loan apps must comply with:

   • RA 10173 (Data Privacy Act)
   • Its IRR and NPC circulars and advisories

   This directly affects:

   • How customer service interacts with borrowers (what data they may ask for, how they verify identity);
   • Access to phone contacts, photos, location, etc.;
   • Use of personal data in collections and customer communication.

5. Other relevant laws

   • Consumer Act (RA 7394) – general rules against deceptive or unfair acts or practices.
   • Cybercrime Prevention Act (RA 10175) – for online harassment, cyber threats, etc.
   • Revised Penal Code – grave threats, unjust vexation, grave coercion, etc., when collection practices are abusive.
   • Special laws (e.g., Safe Spaces Act, Anti-Photo and Video Voyeurism) can be implicated in extreme “shaming” or harassment practices.

---

III. Licensing and Registration: First Layer of Customer Service Protection

Before an app can legally lend, it must be properly authorized:

1. For SEC-regulated loan apps

   A lending/financing company:

   • Must be duly registered with SEC as a corporation;
   • Must have a Certificate of Authority to operate as a lending or financing company;
   • If it uses a loan app/online lending platform, that platform must be registered/notified with SEC under relevant circulars.

   As part of registration, the company typically must disclose:

   • Its physical office/business address;
   • Contact details (telephone, email, customer service channels);
   • Key officers and owners.

   These disclosures are not just formalities—they underpin the customer’s ability to contact and complain.

2. For BSP-regulated loan apps

   BSP-regulated entities (banks, EMIs, digital banks) must:

   • Secure a BSP license for their core business;
   • Obtain approvals for electronic channels and digital products under BSP rules.

   BSP’s consumer protection regulations require:

   • A clear mapping of customer touchpoints, including mobile/online;
   • A board-approved consumer protection framework, including customer service and complaint handling.

---

IV. Customer Service Duties Under RA 11765

RA 11765 sets baseline duties for all covered financial service providers, including those operating loan apps:

1. Fair treatment and dealing

   Loan apps must:

   • Treat borrowers in a professional, honest, and non-discriminatory manner;
   • Avoid unconscionable, misleading, or oppressive practices;
   • Provide dignified, non-abusive customer service and collections.

2. Disclosure and transparency

   Before and during a loan, the loan app must disclose in a clear, understandable way:

   • Total loan amount, interest rate, and all fees/charges;
   • Computation basis (e.g., per day, per month, flat or declining balance basis);
   • Repayment schedule and due dates;
   • Consequences of late payment (penalties, default interest, collection processes);
   • Contact details for inquiries and complaints.

   Disclosures must be prominently displayed in the app and digital contracts—not hidden in fine print or pop-ups that disappear quickly.

3. Effective recourse and complaint handling

   RA 11765 requires FSPs to:

   • Establish and maintain effective, efficient, timely, and accessible mechanisms to handle financial consumer complaints.
   • Provide multiple channels (e.g., phone, email, in-app chat, website, physical office address).
   • Acknowledge complaints within a reasonable timeframe;
   • Investigate and resolve complaints promptly, providing written explanations of decisions;
   • Maintain records of complaints and resolutions for regulatory inspection.

   Regulators may require escalation processes, including:

   • frontline customer service
   • internal complaint units
   • external complaint handling through BSP/SEC and, eventually, courts.

4. Accountability for third-party service providers

   If a loan app uses:

   • Third-party call centers,
   • Debt collection agencies, or
   • Outsourced IT and customer support,

   it remains legally responsible for their actions in dealing with borrowers. Outsourcing does not transfer liability.

---

V. Specific Customer Service Expectations in Loan Apps

1. Clear and accessible contact information

   The app and website should prominently display:

   • Customer service hotlines (mobile and/or landline);
   • Email address;
   • Physical office address or at least the principal business address registered;
   • Operating hours and expected response times.

2. In-app complaint handling

   Modern regulations and good practice expect:

   • An in-app “Help,” “Support,” or “Report a problem” section;
   • Ticketing or reference numbers for complaints;
   • Status updates on complaint resolution.

3. Language and communication

   • Communications should be in language borrowers can reasonably understand (often Filipino or English, and sometimes local languages).
   • Customer service personnel should avoid threatening, demeaning, or insulting language, especially in collections.

4. Service level expectations (SLA)

   While exact timelines differ by regulator and internal policy, generally:

   • Initial response or acknowledgment within a few business days;
   • Resolution within a reasonable period, especially for disputes affecting credit standing or continued access to services;
   • Clear explanation if more time is needed, with updates.

---

VI. Debt Collection and Anti-Harassment Rules

Loan apps are under strict scrutiny for harassing and “shaming” borrowers. SEC and other regulators have laid down rules that, in effect, double as customer service standards in collections.

1. SEC rules on unfair debt collection practices

   SEC circulars on unfair debt collection practices (for lending and financing companies) generally prohibit:

   • Threats of violence, harm, or criminal charges solely to coerce payment;
   • Use of obscene, profane, or insulting language;
   • Public shaming – posting about a borrower’s debt on social media, group chats, or other public channels;
   • Contacting the borrower’s employer, relatives, friends, or contacts to pressure payment, except in strictly limited circumstances (e.g., if they are co-borrowers or guarantors, or with lawful basis);
   • Repeatedly calling or messaging at odd hours or using multiple accounts to harass;
   • Impersonating law enforcement, lawyers, or government officials.

   Customer service and collections staff must be trained to comply with these prohibitions.

2. Use of contact lists and “phone scraping”

   Abusive loan apps have been known to:

   • Access the borrower’s phone contacts;
   • Send shaming texts or messages to friends, colleagues, and relatives;
   • Threaten to “blast” the borrower’s photos or personal data if they do not pay.

   These practices may violate:

   • Data Privacy Act (unlawful processing, unauthorized disclosure);
   • SEC rules on unfair collection;
   • Criminal laws on threats, coercion, libel, unjust vexation, and cyber harassment.

3. Permissible reminders

   Legitimate collection reminders should be:

   • Directed primarily to the borrower;
   • Within reasonable hours;
   • Using factual, non-threatening language (e.g., amount due, due date, options for repayment);
   • Avoiding shame, humiliation, or threats of harm.

4. Third-party collection agents

   If a loan app engages third-party collection agencies:

   • It must ensure they follow the same rules;
   • Provide scripts and policies aligned with law;
   • Monitor and sanction abuses;
   • Cooperate with regulators investigating complaints involving outsourced collectors.

---

VII. Data Privacy and Customer Service

The Data Privacy Act (RA 10173) is central to loan app operations.

1. Lawful processing and consent

   Loan apps must:

   • Process personal data on a lawful basis (e.g., contract, legal obligation, legitimate interest, consent);
   • Seek informed consent when required;
   • Explain in a privacy notice what data they collect, why, and how it is used.

   For customer service:

   • They may collect only data necessary to verify identity and process queries.
   • They must avoid excessive data collection (e.g., asking for unrelated information).

2. Access to device information

   Many problematic loan apps ask for permissions to:

   • Access contacts, photos, messages, or location.

   Under data privacy principles:

   • Access must be necessary and proportionate to a lawful purpose.
   • Using contact list data for harassment or shaming is generally unlawful.
   • Customers should be allowed to decline non-essential permissions.

3. Data subject rights in customer service

   Borrowers have the right to:

   • Access their personal data (e.g., what data the loan app holds about them);
   • Request correction of inaccurate information;
   • Be informed of data breaches that significantly affect them;
   • Object to processing in certain cases;
   • Lodge complaints with the NPC.

   Customer service must be capable of handling such data-related requests, or know how to escalate them.

4. Data security and confidentiality

   • Loan apps must implement organizational, physical, and technical measures to secure personal data.
   • Customer service agents should be trained not to disclose borrower data to unauthorized persons (e.g., random callers claiming to be the borrower’s friend or spouse).

---

VIII. Truth in Lending and Disclosure Rules

Apart from RA 11765, the Truth in Lending Act (RA 3765) and related regulations require clear disclosure of loan costs, including for app-based loans.

Customer service and the app interface must ensure that borrowers see:

• Interest rate (nominal and effective, where applicable);
• Service charges, processing fees, penalties, and other charges;
• Net proceeds (after deductions);
• Amount and number of installments, with due dates;
• Any optional products (e.g., insurance), which must be clearly identified and not unfairly bundled.

Failure to properly disclose can be considered a deceptive or unfair practice, subject to regulatory and possibly criminal consequences.

---

IX. Internal Policies, Training, and Governance

Loan apps are expected to have internal policies and controls that translate legal requirements into day-to-day customer service:

1. Customer service manuals and scripts

   • Clear rules on how agents should answer queries;
   • Approved scripts for responding to payment difficulties and complaints;
   • Prohibitions on abusive language, threats, public shaming, and unauthorized data use.

2. Training and supervision

   • Regular training on:

     • consumer protection principles;
     • data privacy;
     • anti-harassment rules;
     • handling vulnerable clients (e.g., OFWs, elderly, those in financial distress).

   • Supervisors should monitor calls, chats, and messages for compliance.

3. Board and senior management responsibility

   • Under RA 11765 and sectoral rules, the board of directors and senior management are responsible for:

     • approving the consumer protection framework;
     • ensuring adequate resources for customer service;
     • acting on patterns of complaints and regulatory findings.

4. Documentation and reporting

   • Customer service must keep logs of complaints, including nature, resolution, and turnaround time.
   • Regulators may require regular reports on complaint statistics and actions taken.

---

X. Sanctions for Non-Compliance

Loan apps and their owners/officials may face:

1. Administrative sanctions

   Imposed by BSP or SEC, such as:

   • Fines and penalties;
   • Suspension or revocation of license/authority;
   • Disqualification of directors and officers;
   • Orders to cease and desist from certain practices;
   • Orders to refund or rectify harm.

2. Civil liability

   Borrowers may:

   • Claim damages for breach of contract, violation of consumer rights, or data privacy violations;
   • Seek injunctions or other court remedies.

3. Criminal liability

   Individual officers, employees, or agents may be prosecuted under:

   • Lending and financing laws (for unlicensed lending or prohibited acts);
   • RA 11765 and implementing rules (if penal provisions apply);
   • Data Privacy Act (for unlawful processing, unauthorized disclosure, etc.);
   • Revised Penal Code and special laws (for threats, coercion, libel, cybercrime, etc.).

---

XI. Practical Takeaways

For loan app operators

• Treat customer service and collection as a legal compliance function, not just a cost center.

• Ensure your app and website clearly show:

  • who you are (licensed entity),
  • how to contact you,
  • what the loan costs,
  • how complaints can be filed and escalated.

• Train all staff (including outsourced teams) on:

  • consumer protection and privacy,
  • proper scripts,
  • prohibited collection practices.

• Regularly review complaints as an early warning system of legal and reputational risk.

For borrowers (informational only)

• Check if the loan app is legitimately licensed (with SEC, BSP, etc.) and has clear contact details.
• Read terms, fees, and privacy notices, especially about data access and collection behavior.
• If harassed or shamed, keep screenshots and records of calls, messages, and posts.
• Use the app’s complaint channels; if unresolved, consider raising issues with regulators or seeking legal advice.

---

XII. Conclusion

In the Philippines, loan app customer service is not just a matter of good business practice—it is a legal obligation built on:

• RA 11765 and sectoral consumer protection rules,
• SEC and BSP requirements for disclosure and complaint handling,
• Data Privacy Act constraints on how personal data is used, and
• Strict prohibitions on abusive and harassing collection practices.

As digital lending grows, regulators continue to refine these requirements, placing customer service and fair treatment at the center of loan app operations. Anyone operating or using a loan app should stay alert to updates in laws and regulations and, for specific concerns, seek advice from qualified professionals or relevant government agencies.