Online Lending Harassment Philippines

Online Lending Harassment in the Philippines

A comprehensive legal overview (May 2025)

1. What is “online lending harassment”?

Online-lending harassment refers to any abusive, unreasonable or illegal collection tactic employed through digital channels (mobile apps, SMS, social media, e-mail, voice‐over-IP calls, etc.) by financing or lending companies (and their third-party agents) against borrowers or the borrowers’ contacts. Typical acts include doxxing, public shaming posts, threats of bodily harm or arrest, and spam calls sent outside permissible hours.(Credit Information Corporation, Al Jazeera)

2. Core statutory and regulatory framework

Layer Key instruments Highlights
Corporate & market conduct RA 9474 (Lending Company Regulation Act) & RA 8556 (Financing Company Act) SEC registration & Certificate of Authority (CA) required; SEC may suspend/revoke CAs for abuses.(SEC Appointment System)
SEC Memo-Circular 18-2019 Enumerates eight unfair debt-collection practices (e.g., contacting before 6 a.m./after 10 p.m., accessing the contact list, threats, obscenities). First offence: ₱25 k (lending cos.) / ₱50 k (financing cos.); third offence: fines up to ₱1 M, 60-day suspension or CA revocation.(SEC Appointment System)
SEC Memo-Circular 10-2021 (Moratorium on new online-lending platforms, “OLPs”) Frozen issuance of new OLP licences from 02 Nov 2021 pending new rules; violators (e.g., Cashtrees) lost their licence.(Inquirer Business, GMA Network)
Data privacy RA 10173 (Data Privacy Act) • NPC Circular 20-01 (Guidelines on Loan-Related Transactions) & NPC Circular 2022-02 (amendments) Prohibits harvesting contact lists, pictures or location data for harassment; NPC may order takedowns (Google removed dozens of apps in 2023 on NPC request).(National Privacy Commission, National Privacy Commission, Philstar)
Consumer-protection layer RA 11765 Financial Products & Services Consumer Protection Act (FCPA) + IRRs: SEC (May 2023) & BSP Circulars 1160/1169 (2023) Codifies five consumer rights (equitable treatment, disclosure, protection of data, redress, education). Empowers SEC/BSP to impose fines up to ₱2 M per violation and disgorgement; BSP-CAM & adjudication channel for bank-related complaints.(ACCRALAW, syciplawresources.com, BSP)
Criminal sanctions Revised Penal Code (grave threats, unjust vexation, libel), RA 10175 (Cybercrime Act), RA 8484 (Access Devices Act), RA 9995 (Photo/Video Voyeurism), RA 9262 (VAWC) Allows arrest of collectors who send death threats, doctored nude photos or libellous posts; cyber-libel is punishable by up to 8 years’ imprisonment.(Inquirer.net)

3. What conduct is expressly banned? (SEC MC 18‐2019)

  1. Violence or threat thereof against person, reputation or property.
  2. False threats of legal action (e.g., “warrant of arrest tomorrow”).
  3. Obscene or profane language in any medium.
  4. Publishing borrower data or “group chats” for shaming.
  5. Disclosing false loan information to third parties.
  6. Deceptive misrepresentations to obtain payment or information.
  7. Contacting outside 06:00-22:00 (with narrow exceptions).
  8. Contacting persons in the phonebook who are not guarantors/comakers.(SEC Appointment System)

NPC Circular 20-01 mirrors these prohibitions for data processing, adding a categorical ban on using the borrower’s selfie or ID photo for harassment.(National Privacy Commission)

4. Enforcement landscape

Enforcer Powers & recent actions
Securities & Exchange Commission (SEC) Investigates, issues cease-and-desist orders (CDOs), imposes fines, suspends or revokes licences, asks Google/Apple to delist apps. 72 OLPs have been shut since 2019; Cashtrees licence revoked 24 Mar 2022.(bankero.com.ph, GMA Network)
National Privacy Commission (NPC) Conducts privacy sweeps, orders takedown of abusive apps, fines up to 5 % of gross annual income, and prosecutes privacy crimes. Example: WeFund (JuanHand) found non-compliant on camera permissions (Jan 2025 order).(National Privacy Commission)
Bangko Sentral ng Pilipinas (BSP) For banks/EMIs: requires Consumer-Protection Risk Management Systems; complaints handled via BSP-CAM and Chatbot BOB under Circular 1169.(BSP)
Law enforcement (PNP-ACG / NBI) Conduct entrapment, seize equipment, file cyber‐libel and threat charges. 369 cyber-harassment suspects arrested in Q1 2025 alone; 35 supervisors of a Makati OLP were charged in Oct 2023.(Inquirer.net, Moneymax)
Congressional oversight Senate Blue-Ribbon/Trade panels held hearings in Apr 2025 on abusive collection and “digital shaming,” urging heavier criminal penalties.(Philippine News Agency)

5. Remedies for borrowers & harassed non-borrowers

  1. Document evidence – screenshots, call logs, voice recordings (allowed under the two-party consent rule if harassment is proven).
  2. Demand letter – seek rectification/cease within 15 days (helps show exhaustion of remedies for SEC filing).
  3. File with SEC – use MC 18 complaint form; attach proof, ID, and sworn statement. Online filing accepted via e-mail/portal.(Moneymax)
  4. Privacy complaint with NPC – notarised form, mediation then formal investigation; NPC may order deletion of data or compensate for damages.(National Privacy Commission)
  5. BSP-CAM – for BSP-supervised institutions; possible mediation or adjudication with enforceable ruling within 30 days.(BSP)
  6. Criminal action – report to PNP-ACG/NBI CCD for threats, libel, coercion; courts may issue protection orders under VAWC for gendered abuse.
  7. Civil damages – tort under Article 19/20/21 Civil Code; actual, moral and exemplary damages plus attorney’s fees may be claimed.
  8. Mental-health support – DOH hotlines (1553) & private NGOs; harassment has led to documented anxiety and suicide attempts.(Al Jazeera)

6. Recent jurisprudence & case studies

Year Case / order Key ruling
2019 Cash Whale et al. CDO (SEC-CDO 09-19-055) Declared mass SMS shaming an unfair practice; ordered app store delisting.(SEC Appointment System)
2022 Cashtrees Lending Corp. licence revocation Operating eight unregistered OLPs during moratorium = grave violation; licence cancelled.(GMA Network)
2023 Makati “Quan-Tro” raid 35 supervisors indicted for grave threats and cyber-libel after OLP sent death threats and doctored nude photos.(Moneymax)
2024 Google Play purge (33 apps) SEC-Google protocol delisted apps lacking SEC clearance or with MC 18 violations.(Philstar)
2025 PNP-ACG v. Anonymous (May 2025) Arrest of 46 collectors for multi-province harassment; cyber-libel and coercion charges filed.(Facebook)

7. Compliance checklist for lending companies

  1. Register & maintain CA – ensure paid-up capital, beneficial-owner disclosure, Board “fit-and-proper” under SEC MC 19-2022.(RESPICIO & CO.)
  2. OLP registration – file detailed OLP audit report 10 days before launch; adhere to MC 10-2021 moratorium until lifted.
  3. Privacy-by-design – limit permissions to necessary KYC; disable “contacts” & “storage” access for collection.
  4. Debt-collection protocol – scripted calls, no automated spam; logs retained for three years for SEC audit.
  5. FCPA compliance – Board-approved Consumer Protection Manual, FCP Assistance Mechanism (FCPAM), quarterly report to SEC/BSP.
  6. Training & whistle-blower channel – mandatory annual MC 18 / data-privacy training; secure internal hotline.

Non-compliance now carries multi-layer liability: administrative (fines, licence loss), civil (damages), and criminal (imprisonment of officers).

8. Policy trends & outlook

  • Lifting of moratorium? A draft SEC guideline (exposed March 2025) proposes raising minimum paid-up capital to ₱10 M and mandatory escrow for consumer redress; SEC hints the moratorium may lift by Q4 2025.(RESPICIO & CO.)
  • Higher criminal penalties – Senate Bill 2654 seeks to criminalise “digital public shaming” with up to 12 years’ jail.
  • Cross-border enforcement – SEC/NPC exploring MoUs with Vietnam & Indonesia regulators to curb offshore harassment call centres.
  • Algorithmic collections – NPC Advisory 2023-01 on “deceptive design patterns” warns against manipulative push-notifications.(National Privacy Commission)

9. Conclusion

The Philippine regime on online-lending harassment has matured into a multi-agency, multi-layer enforcement model combining corporate regulation (SEC), data privacy (NPC), consumer-protection (BSP), and criminal law. Borrowers now enjoy clearer rights, faster complaint channels and rising precedent for damages. Lenders, meanwhile, face escalating compliance costs and personal liability for directors who ignore the rules.

Practice tip: Always begin with evidence preservation and check whether the lender is SEC-registered; this single step often determines the most efficient remedy.

(This article is for informational purposes only and does not constitute legal advice. For specific cases, consult Philippine counsel.)

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login