Online Loan Scam and SEC Registration of Lending Companies in the Philippines

A Legal Article in the Philippine Context

I. Introduction

Online lending has become a major source of short-term credit in the Philippines. Through mobile applications, websites, social media pages, messaging platforms, and digital advertisements, borrowers can apply for loans without visiting a physical office. This convenience has also created opportunities for abuse. Many Filipinos have encountered online loan scams, fake lending companies, abusive collection agents, identity theft, hidden charges, unauthorized deductions, fake approvals, advance-fee schemes, and lending apps that misuse personal data.

In the Philippines, legitimate lending companies and financing companies are regulated, and many are required to be registered with the Securities and Exchange Commission, or SEC. However, SEC registration is often misunderstood. Some scammers falsely claim to be “SEC registered.” Some companies are incorporated with the SEC but have no authority to operate as lending companies. Some apps use the name or registration number of a legitimate company without authority. Others use cloned websites, fake certificates, or misleading advertisements.

This article explains online loan scams, SEC registration of lending companies, what borrowers and investors should check, common red flags, the difference between corporate registration and authority to lend, borrower rights, reporting mechanisms, and practical steps to protect oneself.

II. What Is an Online Loan Scam?

An online loan scam is any fraudulent or deceptive scheme involving the offer, processing, collection, or supposed release of a loan through digital means. It may involve a fake lender, fake app, fake agent, abusive lender, unauthorized company, impersonator, or legitimate-looking entity using deceptive practices.

Online loan scams may occur through:

  • Mobile lending apps;
  • Facebook pages;
  • TikTok or social media ads;
  • Messenger, Viber, Telegram, WhatsApp, or SMS;
  • Fake websites;
  • Search ads;
  • Email offers;
  • Online marketplaces;
  • Fake customer service accounts;
  • Fake “loan consultants”;
  • Impersonation of banks, financing companies, or government programs.

The scam may target borrowers, investors, agents, or even legitimate lending companies whose names are being misused.

III. Common Types of Online Loan Scams

A. Advance-fee loan scam

This is one of the most common scams. The supposed lender approves a loan but demands payment before release.

The fee may be called:

  • Processing fee;
  • Insurance fee;
  • Notarial fee;
  • Anti-money laundering clearance;
  • SEC clearance;
  • Verification fee;
  • Unlocking fee;
  • Wallet activation fee;
  • Tax payment;
  • Transfer charge;
  • Collateral registration fee;
  • Membership fee;
  • Documentary stamp fee;
  • Penalty clearance;
  • Credit score repair fee.

After the borrower pays, the scammer asks for another fee or disappears.

A legitimate lender may charge lawful fees, but extreme caution is needed when a supposed lender demands repeated upfront payments before releasing any loan.

B. Fake approved loan

The scammer tells the borrower that a large loan is approved despite minimal verification. The borrower is then pressured to pay fees immediately to “release” the funds.

Red flags include:

  • Unrealistically high approved amount;
  • No income verification;
  • No credit evaluation;
  • No proper loan agreement;
  • Demand for urgent payment;
  • Payment to a personal e-wallet or bank account;
  • Threat that the approval will expire within minutes.

C. Fake lending app

A fake app may imitate a legitimate lending company. It may collect IDs, selfies, bank details, contacts, and fees, then disappear or use the data for harassment and identity theft.

D. Identity theft loan scam

The scammer obtains personal information and uses it to apply for loans, open accounts, or create fake borrower profiles.

Data commonly stolen includes:

  • Full name;
  • address;
  • phone number;
  • government IDs;
  • selfie with ID;
  • birthdate;
  • mother’s maiden name;
  • employment details;
  • bank or e-wallet account;
  • contacts;
  • social media profile.

E. Fake SEC registration scam

The scammer presents a supposed SEC certificate or registration number to appear legitimate. The document may be fake, altered, expired, unrelated, or belonging to another company.

F. Corporate registration misuse

A company may be registered as a corporation but not authorized to operate as a lending company. Scammers exploit this distinction by saying, “We are SEC registered,” even if they lack authority to lend.

G. Loan collection scam

A person claims that the victim has an unpaid online loan and demands payment. The victim may never have borrowed. The collector may threaten legal action, public shaming, or police involvement.

H. Phishing through loan links

A fake loan link asks the user to enter bank, e-wallet, or personal information. The scammer then drains accounts or uses the information for identity fraud.

I. Investment disguised as lending business

Some schemes ask people to invest in a lending operation promising high returns from online loans. The “investors” are told their money will be lent to borrowers. In reality, the operation may be a Ponzi scheme, unauthorized investment solicitation, or outright fraud.

J. Abusive but real online lending

Not every harmful online lending situation is a “fake lender” scam. Some companies may actually lend money but use unlawful or abusive methods, such as hidden charges, excessive interest, unauthorized data access, harassment, public shaming, and illegal collection practices.

IV. SEC Registration: Why It Matters

The SEC plays a central role in regulating lending companies and financing companies in the Philippines. Registration and authorization are important because lending is not just an ordinary informal business. It involves public interest, consumer protection, financial regulation, and prevention of abusive practices.

A legitimate lending company generally must have proper registration and authority. This usually involves more than merely forming a corporation.

The key point is:

A company may be registered with the SEC as a corporation, but that does not automatically mean it is authorized to operate as a lending company.

This distinction is crucial in detecting scams.

V. Corporate Registration Versus Authority to Operate as a Lending Company

A. SEC corporate registration

Corporate registration means the entity exists as a corporation, partnership, or other juridical entity. It gives the entity legal personality, subject to law.

A corporation registered with the SEC may be authorized to engage in the purposes stated in its articles, but certain regulated businesses require additional authority, licenses, certificates, or compliance.

B. Certificate of Authority to operate as lending company

A lending company generally needs proper authority to engage in lending business. This is different from simple corporate registration.

Thus, when a lender says “SEC registered,” ask:

  1. Registered as what?
  2. Is it registered as a corporation only?
  3. Does it have a Certificate of Authority to Operate as a Lending Company?
  4. Is the authority current and valid?
  5. Is the app or online platform registered or disclosed under that company?
  6. Is the business name the same as the app name?
  7. Does the registration number match the real company?
  8. Is the website, office address, or contact number listed with the regulator?
  9. Is the company subject to suspension, revocation, or advisory?
  10. Is the person contacting you actually connected with the company?

A corporate registration certificate alone is not enough.

VI. Lending Company, Financing Company, Bank, and Informal Lender

Not all lenders are regulated in the same way.

A. Lending company

A lending company is generally engaged in granting loans from its own capital funds or from funds obtained from a limited number of persons, subject to law and regulation. Lending companies are commonly associated with SEC regulation.

B. Financing company

A financing company may engage in financing activities, including extending credit facilities and other forms of financing. Financing companies are also regulated and may have different requirements.

C. Bank

Banks are regulated by the Bangko Sentral ng Pilipinas. A bank offering online loans is different from a standalone online lending app.

D. Pawnshops, cooperatives, and other credit providers

Other lenders may be regulated by different agencies or special laws.

E. Informal lender

An individual lending personal money may not be a lending company, but this does not mean he can commit fraud, impose illegal terms, or harass borrowers. Civil, criminal, and privacy laws may still apply.

VII. Why Scammers Use “SEC Registered” Claims

Scammers know that borrowers trust official-looking registration. They use phrases such as:

  • “SEC approved”;
  • “SEC registered lending company”;
  • “BIR approved”;
  • “DTI registered”;
  • “Government accredited”;
  • “Legal online loan provider”;
  • “Verified by the Philippines government”;
  • “With SEC certificate”;
  • “Legit loan app”;
  • “Licensed loan corporation.”

Some claims may be half-truths. For example, a business name may be registered with DTI, but that does not authorize lending company operations. A corporation may exist with the SEC, but it may not have lending authority. A certificate may belong to a different entity. A legitimate company may have no connection to the page or agent using its name.

Always verify.

VIII. What to Check Before Borrowing Online

Before applying for an online loan, check the following:

A. Legal name of lender

The app name may differ from the corporation name. Ask for the registered corporate name.

Example:

  • App name: “FastPeso”
  • Corporate name: “ABC Lending Corporation”

You need the legal entity, not just the app brand.

B. SEC registration number

Ask for the SEC registration number and confirm that it matches the legal name.

C. Certificate of Authority

Ask whether the company has authority to operate as a lending or financing company.

D. Official website and contact details

Check whether the website, email, telephone number, and office address match official records and are not merely social media pages.

E. Loan terms

A legitimate lender should disclose:

  • principal amount;
  • amount to be disbursed;
  • interest rate;
  • processing fees;
  • service charges;
  • penalties;
  • due date;
  • annual percentage or effective cost, where applicable;
  • total repayment amount;
  • payment channels;
  • privacy policy;
  • collection practices;
  • borrower rights.

F. App permissions

Check whether the app requests excessive permissions, such as access to contacts, SMS, photos, microphone, location, or files.

G. Reviews and complaints

Look for borrower complaints about harassment, hidden charges, data misuse, and non-release after fees.

H. Payment account

Be cautious if the lender asks payment to a personal e-wallet or individual bank account instead of an official company account.

I. Upfront fees

Be cautious if money must be paid before loan release.

J. Contract copy

Do not proceed without a clear loan agreement.

IX. Red Flags of an Online Loan Scam

The following are major warning signs:

  1. Loan approved instantly with no proper evaluation;
  2. Lender demands upfront fee before release;
  3. Payment must be sent to a personal GCash, Maya, or bank account;
  4. Lender refuses to provide legal corporate name;
  5. Lender only communicates through Messenger or Telegram;
  6. No official office address;
  7. Fake or suspicious SEC certificate;
  8. Registration number belongs to another company;
  9. App asks for contact list access;
  10. App asks for excessive permissions unrelated to lending;
  11. Lender threatens arrest before loan is even released;
  12. Lender offers unrealistically large loan despite low income;
  13. Lender says “no need for documents” but demands fees;
  14. Lender uses poor grammar and pressure tactics;
  15. Borrower is told not to verify with authorities;
  16. Lender claims government partnership without proof;
  17. Lender refuses to issue receipt;
  18. Loan agreement is vague or missing;
  19. Interest and fees are hidden until after approval;
  20. Lender asks for OTP, bank password, e-wallet PIN, or remote access;
  21. App has many clone names;
  22. Customer service disappears after payment;
  23. Lender says the loan cannot be cancelled after unpaid “release fee”;
  24. Lender asks for “tax” or “anti-money laundering clearance” payable to them;
  25. Lender threatens to post personal information.

One red flag should trigger caution. Several red flags suggest a likely scam.

X. Advance Fees: Are They Always Illegal?

Not all fees connected with lending are automatically unlawful. Some legitimate lenders may charge processing fees, documentary charges, or service fees, subject to disclosure and regulation. The problem is when fees are deceptive, excessive, hidden, repeated, or demanded before any legitimate loan release without proper documentation.

A serious red flag appears when:

  • The borrower has not received any money;
  • The lender asks for payment to release the loan;
  • The fee is sent to a personal account;
  • The lender asks for another fee after the first fee;
  • The lender refuses cancellation;
  • The lender threatens legal action if the borrower does not pay fees for a loan never released.

A borrower should not pay repeated “unlocking” or “clearance” fees just because the app says the loan is approved.

XI. If the Loan Was Never Released, Is There a Debt?

Generally, a loan requires delivery or release of money or value. If no money was released to the borrower, the supposed borrower should question whether any debt exists.

Scammers often say:

  • “Your loan is approved, so you must pay the processing fee.”
  • “You already signed the online agreement.”
  • “You must pay cancellation fee.”
  • “You will be sued if you do not pay the release fee.”
  • “Your credit record will be ruined.”
  • “You must pay tax before release.”

If the borrower never received funds, the borrower should preserve evidence and avoid paying more. The issue may be attempted fraud or scam rather than a valid loan obligation.

XII. Online Loan Scam Versus Abusive Collection

It is important to distinguish:

A. Scam before release

The borrower pays fees but never receives the loan. This is likely fraud.

B. Abusive collection after actual release

The borrower received money but the lender uses unlawful collection practices. There may be a real debt, but collection methods may still be unlawful.

C. Excessive charges

The borrower received money but was charged hidden or unconscionable fees. The borrower may dispute the amount while acknowledging the principal or lawful obligation.

Each situation requires different remedies.

XIII. Common Abuses by Online Lending Apps

Even where an app is connected to a registered company, abusive conduct may occur. Common abuses include:

  • Harassing calls and messages;
  • Threats of arrest for ordinary debt;
  • Public shaming;
  • Contacting phone contacts;
  • Calling employers;
  • Sending defamatory messages to relatives;
  • Posting borrower photos;
  • Using borrower IDs for humiliation;
  • Fake legal notices;
  • Misleading statements about criminal cases;
  • Excessive penalties;
  • Hidden charges;
  • Refusal to provide statement of account;
  • Refusal to credit payments;
  • Demanding payment through unofficial channels.

SEC registration does not authorize abusive collection.

XIV. Borrower Rights Even When Debt Is Real

A borrower who received a legitimate loan should pay lawful obligations. But the borrower still has rights.

A lender may not:

  • Threaten violence;
  • Threaten imprisonment for ordinary non-payment;
  • Shame the borrower publicly;
  • Contact unrelated third parties to disclose the debt;
  • Harass family members;
  • Use obscene or degrading language;
  • Pretend to be police, court, or government agency;
  • Use personal data beyond legitimate purpose;
  • Falsify legal documents;
  • Charge undisclosed or unlawful fees;
  • Refuse to provide a proper accounting.

The proper remedy for unpaid debt is lawful collection, negotiation, restructuring, or civil action—not harassment or privacy abuse.

XV. Data Privacy Risks in Online Lending

Online lending scams often start with data collection. Once the borrower uploads IDs and selfies or grants app permissions, the scammer may use the data for:

  • identity theft;
  • fake loan applications;
  • blackmail;
  • harassment;
  • public shaming;
  • account takeover;
  • SIM registration abuse;
  • fake social media accounts;
  • phishing;
  • threats to contacts;
  • fraudulent e-wallet transactions.

Personal data commonly collected includes:

  • full name;
  • address;
  • birthdate;
  • phone number;
  • email;
  • government ID;
  • selfie;
  • employment details;
  • payroll information;
  • bank or e-wallet account;
  • contacts;
  • photos;
  • location;
  • SMS data.

Borrowers should avoid granting unnecessary permissions and should never share OTPs, passwords, or PINs.

XVI. App Permissions: Why They Matter

Some online lending apps ask permission to access:

  • Contacts;
  • SMS;
  • Camera;
  • Photos;
  • Location;
  • Microphone;
  • Files;
  • Call logs.

A legitimate lending app should not collect more data than necessary. Contact-list access is especially risky because it may be used for harassment. Borrowers should be cautious if the loan app requires access to contacts before approving a loan.

If an app uses contacts to shame or threaten the borrower, that may raise privacy and regulatory violations.

XVII. SEC Registration and Online Lending Apps

An online lending app connected to a lending company may need to be properly reported, registered, or disclosed under applicable regulations. The legal entity behind the app should be identifiable.

A legitimate app should provide:

  • registered corporate name;
  • SEC registration information;
  • certificate of authority details;
  • official address;
  • customer service contact;
  • privacy policy;
  • terms and conditions;
  • grievance mechanism;
  • data protection officer or privacy contact;
  • clear loan terms.

If the app hides the company identity, uses only random phone numbers, or refuses to disclose its registration details, it is risky.

XVIII. How to Verify a Lending Company’s Legitimacy

A prudent borrower should verify:

  1. Corporate name;
  2. SEC registration;
  3. Certificate of Authority to operate as a lending or financing company;
  4. Status of certificate;
  5. Whether the company is suspended or revoked;
  6. Whether the app is listed or associated with the company;
  7. Whether the company appears in SEC advisories;
  8. Whether the address and contact details match;
  9. Whether the app uses the company name legitimately;
  10. Whether there are complaints or enforcement actions.

Do not rely only on screenshots sent by the lender. Fake certificates are easy to create.

XIX. What If the Company Is SEC Registered but Still Scams People?

SEC registration does not make every act lawful. A registered company may still violate lending, financing, data privacy, consumer protection, or criminal laws.

Possible violations include:

  • operating unregistered online lending apps;
  • unfair debt collection;
  • undisclosed charges;
  • deceptive advertising;
  • unauthorized data processing;
  • harassment;
  • violation of privacy;
  • lending beyond authority;
  • false statements to borrowers;
  • failure to provide proper disclosures.

A borrower may still file complaints even if the company has SEC registration.

XX. What If the App Uses a Legitimate Company’s Name?

Scammers may impersonate real lending companies. They may copy logos, certificates, websites, and app names.

To protect yourself:

  1. Contact the company through official channels, not the number in the suspicious message.
  2. Ask whether the agent, app, or page is authorized.
  3. Compare email domains and website links.
  4. Check whether payment account names match the official company.
  5. Report impersonation to the company and authorities.
  6. Do not send money until verified.

If you are a legitimate company being impersonated, report immediately and warn the public.

XXI. What If the Lender Is Only DTI-Registered?

DTI business name registration is not the same as authority to lend as a lending company. DTI registration may only mean that a sole proprietor registered a business name.

If a supposed online lending business relies only on DTI registration, ask whether it is legally allowed to conduct the lending activity it is offering. Depending on the business structure and activities, SEC authority may be required.

Borrowers should not treat DTI registration alone as proof of lawful lending operations.

XXII. What If the Lender Claims to Be a Cooperative?

Some legitimate cooperatives provide credit to members. Cooperatives are generally regulated under cooperative law and relevant authorities, not in the same way as lending corporations.

However, scammers may falsely claim to be cooperatives. Ask for:

  • cooperative registration;
  • membership rules;
  • office address;
  • official receipts;
  • loan policies;
  • board authorization;
  • contact details;
  • proof that the person contacting you is authorized.

If the supposed cooperative lends to the public without proper authority or misuses the cooperative label, it may be problematic.

XXIII. What If the Lender Is a Bank or E-Wallet Provider?

Banks and certain financial institutions fall under BSP supervision. If an online loan comes from a bank, digital bank, e-wallet provider, or BSP-supervised entity, complaints may involve BSP consumer protection channels.

However, many online lending apps are not banks. Determine the true entity before filing.

XXIV. When an Online Loan Becomes a Cybercrime Issue

Online lending scams may involve cybercrime when digital systems are used for:

  • phishing;
  • identity theft;
  • online threats;
  • cyber-libel;
  • unauthorized access;
  • account takeover;
  • fake websites;
  • malware;
  • public shaming;
  • extortion;
  • fraudulent electronic communications.

Victims may report to cybercrime authorities when the scam involves online fraud, threats, identity misuse, or digital evidence.

XXV. Possible Criminal Liability in Online Loan Scams

Depending on the facts, scammers or abusive collectors may be liable for offenses such as:

  1. Estafa or swindling — when deception is used to obtain money;
  2. Cyber-related fraud — when computer systems or online platforms are used;
  3. Identity theft — when personal data is misused;
  4. Falsification — when fake documents, certificates, or legal notices are used;
  5. Grave threats or light threats — when threats are made;
  6. Coercion — when intimidation is used to force payment;
  7. Unjust vexation — for repeated harassment without lawful justification;
  8. Libel or cyber-libel — when defamatory statements are published;
  9. Data privacy offenses — when personal data is unlawfully processed or disclosed;
  10. Unauthorized use of company name or documents — if a legitimate entity is impersonated;
  11. Other offenses depending on the scheme.

The correct complaint depends on evidence and the specific acts committed.

XXVI. Civil Liability

Victims may also pursue civil remedies, including:

  • recovery of money paid due to fraud;
  • damages for harassment;
  • damages for defamation;
  • damages for invasion of privacy;
  • injunction or takedown of posts;
  • correction or deletion of data;
  • refund of unlawful charges;
  • accounting of payments;
  • attorney’s fees in proper cases.

Civil remedies may be pursued separately from administrative and criminal complaints, depending on the situation.

XXVII. Agencies Where Victims May Report

A. Securities and Exchange Commission

Report to the SEC if the issue involves:

  • unregistered lending company;
  • fake lending company;
  • online lending app abuse;
  • harassment by lending or financing company;
  • false SEC registration claim;
  • unauthorized online lending platform;
  • abusive debt collection;
  • excessive or undisclosed charges;
  • scam using a lending company structure.

B. National Privacy Commission

Report to the NPC if the issue involves:

  • unauthorized access to contacts;
  • disclosure of loan information to contacts;
  • public posting of borrower information;
  • use of ID photos for shaming;
  • misuse of personal data;
  • data breach;
  • excessive data collection;
  • failure to provide privacy notice;
  • refusal to delete or correct unlawfully used data.

C. Philippine National Police Anti-Cybercrime Group

Report to PNP cybercrime authorities if the scam involves:

  • online fraud;
  • fake websites;
  • phishing;
  • identity theft;
  • threats through digital messages;
  • cyber-libel;
  • public shaming;
  • fake accounts;
  • extortion.

D. National Bureau of Investigation Cybercrime Division

The NBI may also investigate serious cyber fraud, identity misuse, fake loan apps, and online extortion.

E. Bureau of Internal Revenue

If the entity issues suspicious receipts, refuses receipts, or appears to operate unregistered income-generating activities, tax issues may arise. However, BIR is not usually the first agency for borrower harassment complaints.

F. Bangko Sentral ng Pilipinas

File with BSP if the lender is a BSP-supervised financial institution, such as a bank, digital bank, e-money issuer, or other covered financial service provider.

G. Local police or prosecutor

If threats, coercion, fraud, or identity theft are specific and serious, a criminal complaint may be filed.

H. Courts

Civil court action may be appropriate for damages, injunction, refund, or other judicial relief.

XXVIII. What Evidence Should Victims Preserve?

Evidence is the foundation of any complaint. Preserve:

A. Identity of the lender or scammer

  • app name;
  • company name;
  • SEC registration number shown;
  • certificate screenshot;
  • website;
  • social media page;
  • phone numbers;
  • email addresses;
  • chat accounts;
  • bank or e-wallet account names;
  • QR codes;
  • app developer name;
  • app store link.

B. Loan documents

  • loan agreement;
  • approval notice;
  • amount approved;
  • amount disbursed;
  • fees demanded;
  • due date;
  • statement of account;
  • payment schedule;
  • terms and conditions.

C. Payments made

  • GCash or Maya receipts;
  • bank transfer slips;
  • deposit slips;
  • screenshots of payment instructions;
  • official receipts, if any;
  • transaction reference numbers;
  • account names and numbers.

D. Communications

  • messages;
  • emails;
  • call logs;
  • screenshots;
  • voice messages;
  • threats;
  • fake legal documents;
  • collection notices;
  • social media posts.

E. Privacy violation evidence

  • app permission screenshots;
  • messages sent to contacts;
  • public posts;
  • disclosure to employer;
  • use of photos or IDs;
  • contact list misuse.

F. Identity theft evidence

  • unauthorized loan applications;
  • SIM or account registration alerts;
  • unknown accounts;
  • credit bureau notices;
  • messages from other lenders;
  • reports from contacts.

G. Timeline

Prepare a chronological summary of events with dates and amounts.

XXIX. What to Do If You Paid an Advance Fee and No Loan Was Released

Step 1: Stop paying

Do not pay additional fees just because the scammer says the loan is “almost released.”

Step 2: Preserve evidence

Save all messages, receipts, payment details, and the supposed loan approval.

Step 3: Demand refund in writing

Send a short written demand if the entity can be identified. Do not reveal more personal information.

Step 4: Report to payment platform

If payment was made through an e-wallet or bank, report the transaction as fraudulent. Ask whether the account can be flagged.

Step 5: File complaints

Depending on facts, report to SEC, cybercrime authorities, and possibly the prosecutor.

Step 6: Protect identity

If IDs and selfies were submitted, monitor for identity theft. Change passwords and secure accounts.

XXX. What to Do If a Fake Loan Was Taken in Your Name

If you discover a loan account you did not apply for:

  1. Request details from the lender.
  2. Deny the unauthorized loan in writing.
  3. Ask for copies of the application, ID, selfie, device information, and disbursement account.
  4. File an identity theft or fraud report.
  5. Report to NPC if personal data was misused.
  6. Report to SEC if the lender failed to verify identity or is abusive.
  7. Notify credit bureaus if the fake loan may affect your credit record.
  8. File a police or cybercrime complaint.
  9. Preserve all communications.

Do not pay a loan you did not take without first disputing it. Payment may be interpreted as acknowledgment.

XXXI. What to Do If the App Harasses Your Contacts

  1. Ask contacts to send screenshots.
  2. Revoke app permissions.
  3. Preserve the loan app details.
  4. Send a cease-and-desist message to the lender.
  5. File with NPC for privacy violations.
  6. File with SEC for abusive collection.
  7. File with cybercrime authorities if threats or defamatory posts were made.
  8. Inform contacts they are not liable unless they signed as co-borrowers, guarantors, or sureties.

Third parties should not be harassed for another person’s debt.

XXXII. What to Do If the App Posts Your Photo or ID Online

  1. Screenshot the post, comments, profile, and URL.
  2. Report the post to the platform.
  3. File with NPC for unauthorized disclosure.
  4. File with SEC for abusive collection.
  5. Consider cyber-libel or criminal complaint if defamatory statements were made.
  6. Demand takedown from the lender or platform.
  7. Preserve evidence before the post disappears.

Public shaming is not a lawful debt collection method.

XXXIII. What to Do If the Lender Threatens Arrest

A collector may threaten:

  • police arrest;
  • NBI case;
  • barangay detention;
  • warrant;
  • court case;
  • estafa;
  • imprisonment;
  • immigration hold;
  • employer notification.

For ordinary unpaid debt, imprisonment for debt is not the proper remedy. Criminal liability requires a separate criminal act, such as fraud, falsification, or bouncing checks in certain cases.

Ask for official case details. Do not panic. Preserve the threat and report if abusive.

XXXIV. Can an Online Lending Company File a Case?

Yes, a legitimate lender may file a civil collection case for unpaid lawful debt. In some circumstances, criminal complaints may be filed if there is actual fraud or other criminal conduct.

However, a lender cannot lawfully invent criminal cases, fake warrants, or use threats to force payment. A borrower should distinguish between legitimate legal action and intimidation.

XXXV. Can Borrowers Ignore Online Loans From Unregistered Apps?

Caution is needed. If money was actually received, the borrower may still have a civil obligation to return at least the principal or lawful amount, depending on circumstances. However, the borrower may dispute illegal interest, hidden charges, harassment, privacy violations, and the authority of the lender.

If no money was received, there may be no valid loan to repay.

Borrowers should avoid simply disappearing if they received funds. It is better to demand a lawful statement of account, pay only through official channels, and report unlawful practices.

XXXVI. Interest, Charges, and Unconscionability

Online loan scams often involve short repayment periods and high charges. For example, a borrower may apply for ₱5,000 but receive only ₱3,500 due to fees, then be required to pay ₱6,000 in seven days. The effective cost may be extremely high.

Charges may be questioned if:

  • not disclosed before acceptance;
  • hidden as processing fees;
  • excessive compared with principal;
  • imposed after loan release without agreement;
  • compounded unreasonably;
  • deducted upfront deceptively;
  • inconsistent with the loan agreement;
  • unconscionable or contrary to public policy.

Courts and regulators may scrutinize oppressive charges.

XXXVII. Loan Agreement: What It Should Contain

A proper loan agreement should clearly state:

  1. Name of lender;
  2. Name of borrower;
  3. principal amount;
  4. amount to be disbursed;
  5. interest rate;
  6. service and processing fees;
  7. penalties;
  8. due date;
  9. repayment schedule;
  10. official payment channels;
  11. borrower rights;
  12. collection policy;
  13. privacy policy;
  14. consent to data processing;
  15. dispute resolution;
  16. signatures or valid electronic acceptance;
  17. contact information of lender.

If the agreement is vague, hidden, or unavailable, the borrower should be cautious.

XXXVIII. Payment Safety

When paying an online lender:

  1. Pay only through official channels.
  2. Verify account name.
  3. Avoid personal accounts unless officially confirmed.
  4. Keep receipts.
  5. Screenshot payment instructions.
  6. Ask for official acknowledgment.
  7. Require updated statement of account.
  8. Do not send OTPs.
  9. Do not share bank login.
  10. Do not allow remote access to your phone.

A scammer may claim nonpayment even after receiving funds if payment is sent unofficially.

XXXIX. Unauthorized Collection Agents

Some collectors may not be properly authorized. They may use personal numbers and abusive messages.

Borrowers may ask:

  • What company do you represent?
  • What is your full name?
  • What is your authority to collect?
  • What is the account number?
  • What is the official payment channel?
  • Can you send an official statement of account?
  • Are you a third-party collection agency?
  • Where is your office?

If the collector refuses to identify himself and uses threats, preserve the evidence and report.

XL. Fake Lawyers, Fake Police, and Fake Court Officers

Scammers and collectors sometimes claim to be:

  • attorneys;
  • law office staff;
  • police officers;
  • NBI agents;
  • prosecutors;
  • court sheriffs;
  • barangay officials;
  • immigration officers.

Ask for official identification and case details. Verify independently through official channels. Do not pay money to a person claiming to be an officer unless there is a legitimate legal process and official payment mechanism.

Impersonation may be a serious offense.

XLI. Fake SEC Certificates and Documents

Fake SEC documents may include:

  • altered certificate of incorporation;
  • fake certificate of authority;
  • fake QR code;
  • outdated certificates;
  • certificate belonging to another company;
  • certificate with mismatched company name;
  • fake advisory clearing the app;
  • fake complaint dismissal;
  • fake government seal.

Check consistency:

  • legal name;
  • registration number;
  • date;
  • office address;
  • signature;
  • purpose clause;
  • authority type;
  • app name;
  • website;
  • payment account name.

If uncertain, verify with official sources. Do not rely on a document sent by the lender alone.

XLII. SEC Advisories and Revocation

The SEC may issue advisories, warnings, suspension orders, or revocation orders against certain lending companies or apps. A company may have once been registered but later suspended or revoked.

Borrowers should be cautious if:

  • the app was subject to complaints;
  • the certificate was revoked;
  • the app name appears in advisories;
  • the company changed app names after complaints;
  • the company claims old authority but operates new apps;
  • the company refuses to show updated authority.

A prior registration is not always enough.

XLIII. If You Are an Investor in an Online Lending Scheme

Some people are invited to invest in online lending operations. They may be promised fixed returns such as 5%, 10%, or 20% monthly from borrowers’ interest.

This can be risky. Questions to ask:

  1. Is the company authorized to solicit investments?
  2. Is there an SEC registration statement or exemption?
  3. Is the promised return guaranteed?
  4. Where will funds be used?
  5. Who are the borrowers?
  6. Are investor funds pooled?
  7. Is there a Ponzi-like payout structure?
  8. Are returns paid from real collections or new investor money?
  9. Is there audited financial information?
  10. Are the people offering investments licensed or authorized?

A lending company’s authority to lend does not automatically mean it can solicit investments from the public.

XLIV. Investor Red Flags

Be cautious if the investment offer includes:

  • guaranteed high returns;
  • referral commissions;
  • pressure to recruit;
  • vague lending portfolio;
  • no audited statements;
  • no clear borrower data;
  • no investment registration;
  • no risk disclosure;
  • payouts from new members;
  • promise of “passive income” from online loans;
  • use of influencers instead of legal documents;
  • claim that SEC lending registration equals investment authority.

Report suspicious investment schemes to the SEC.

XLV. Borrower Privacy and Data Protection

A borrower has rights over personal data. Lending companies should:

  • collect only necessary data;
  • explain the purpose of collection;
  • secure borrower data;
  • limit access to authorized personnel;
  • avoid disclosure to unrelated third parties;
  • allow data subject rights where applicable;
  • not use data for harassment;
  • not collect contact lists unnecessarily;
  • not publish borrower data;
  • not retain data longer than necessary.

If a lending app misuses data, the borrower may file a privacy complaint.

XLVI. How to Draft a Complaint Against an Online Loan Scam

A complaint should include:

A. Complainant information

  • full name;
  • address;
  • contact details;
  • ID, if required.

B. Respondent information

  • app name;
  • company name;
  • registration number claimed;
  • phone numbers;
  • email;
  • website;
  • social media links;
  • payment accounts;
  • collector names;
  • address, if known.

C. Facts

State chronologically:

  • when you saw the loan offer;
  • how you applied;
  • what documents you submitted;
  • what amount was approved;
  • what fees were demanded;
  • what amount you paid;
  • whether funds were released;
  • what threats or harassment occurred;
  • what personal data was misused;
  • what relief you seek.

D. Evidence

Attach screenshots, receipts, app details, messages, IDs submitted, and payment proof.

E. Relief requested

Examples:

  • investigation;
  • refund;
  • cease-and-desist;
  • takedown of app or page;
  • sanctions;
  • deletion of unlawfully collected data;
  • criminal investigation;
  • correction of records;
  • prohibition against contacting third parties.

XLVII. Sample Complaint Narrative

On [date], I saw an online advertisement for a loan through “[App/Page Name].” The page claimed to be SEC registered and offered a loan of ₱____. I submitted my personal information, ID, and selfie.

On [date], I was informed that my loan was approved but that I needed to pay a processing fee of ₱____ before release. I paid through [GCash/bank] to account name [name]. After payment, the agent demanded additional fees for “clearance” and “tax.” No loan proceeds were released.

When I refused to pay more, the agent threatened to post my ID and contact my relatives. Attached are screenshots of the messages, payment receipts, the claimed SEC certificate, and the account details used.

I respectfully request investigation for online loan fraud, false representation as a lending company, and misuse of personal information.

XLVIII. Sample Cease-and-Desist Message

I dispute your claim and your unlawful collection methods. No further payment will be made unless you provide the legal name of the lender, proof of authority to lend, complete statement of account, official payment channel, and proof that the loan proceeds were released.

You are directed to stop threats, harassment, public shaming, and unauthorized use or disclosure of my personal information. I am preserving evidence and will report this matter to the proper authorities.

XLIX. Sample Demand for Refund of Advance Fees

I paid ₱____ on [date] to [account name/number] based on your representation that my loan would be released. No loan proceeds were released. Your demand for additional fees is rejected.

I demand refund of ₱____ within [number] days through [payment channel]. If you fail to refund, I will file complaints for online loan fraud and related violations with the proper agencies.

L. What If the Borrower Shared IDs and Selfies?

If you shared IDs and selfies with a suspicious lender:

  1. Preserve screenshots of what was submitted.
  2. Report the scam.
  3. Monitor for unauthorized loans.
  4. Change passwords.
  5. Secure e-wallets and bank accounts.
  6. Enable two-factor authentication.
  7. Watch for SIM-related fraud.
  8. Warn contacts about possible impersonation.
  9. Consider filing a data privacy complaint.
  10. Keep a police or cybercrime report for future identity theft disputes.

LI. What If the Borrower Shared OTP or Bank Details?

If OTP, bank password, PIN, or remote access was shared:

  1. Contact the bank or e-wallet provider immediately.
  2. Change passwords and PINs.
  3. Freeze or secure accounts if necessary.
  4. Report unauthorized transactions.
  5. File a cybercrime report.
  6. Preserve messages and call logs.
  7. Do not communicate further with the scammer.
  8. Monitor accounts.

Legitimate lenders should not ask for OTPs or passwords.

LII. What If the App Is Already Installed?

If you installed a suspicious lending app:

  1. Take screenshots of the app, permissions, and loan details.
  2. Revoke permissions.
  3. Back up evidence.
  4. Uninstall after preserving records.
  5. Run device security checks.
  6. Change passwords.
  7. Monitor contacts and accounts.
  8. Report the app to the platform and authorities.

If harassment has started, preserve evidence before uninstalling.

LIII. Can the Borrower Be Liable for Using a Scam App?

A victim of a scam is not liable merely for being deceived. However, the borrower should avoid participating in fraud, submitting fake documents, using false identity, or borrowing with no intention to repay.

If money was actually released, the borrower should address any lawful obligation. If no money was released and only fees were collected, the borrower may be a fraud victim.

LIV. Can the Lender Access the Borrower’s Contacts if the Borrower Consented?

Consent to app permissions does not automatically justify all uses of data. Even if contacts were accessed, using them to shame, threaten, or disclose debt may be excessive, unfair, and unlawful.

Data processing must still be lawful, legitimate, necessary, proportionate, transparent, and secure.

LV. Can Online Lending Apps Contact References?

A borrower may list references. A lender may contact references for limited, legitimate verification purposes if properly disclosed and authorized. But there is a difference between verification and harassment.

A reference should not be:

  • told unnecessary loan details;
  • threatened;
  • asked to pay if not a guarantor;
  • publicly shamed;
  • repeatedly harassed;
  • misled into believing they are liable;
  • sent the borrower’s ID or photo;
  • included in group harassment.

LVI. Co-Borrower, Guarantor, Reference: Differences

A. Borrower

The person who received the loan and is primarily liable.

B. Co-borrower

A person who also borrowed and may be liable for the debt.

C. Guarantor or surety

A person who agreed to answer for the debt under specified terms.

D. Reference

A contact person for verification. A reference is not automatically liable for the debt.

Collectors often pressure references as if they are guarantors. Unless a person legally agreed to be liable, mere listing as a reference does not automatically create debt liability.

LVII. If the App Uses Shame Lists or Group Chats

Some collectors create group chats with the borrower’s contacts and post accusations. This may involve:

  • privacy violation;
  • harassment;
  • defamation;
  • cyber-libel;
  • unfair collection;
  • abuse of rights.

Victims should preserve the group chat name, members, messages, timestamps, and account details.

LVIII. If the App Claims You Are Blacklisted

A lender may threaten that the borrower will be blacklisted from all banks, jobs, passports, or government services. Many such threats are exaggerated or false.

A legitimate credit report or negative credit history is different from public shaming or fake blacklisting. Lenders must follow lawful credit reporting rules and data privacy requirements.

A scammer’s “blacklist” threat should be documented and reported.

LIX. If the App Claims It Will File a Barangay Case

A barangay may mediate certain disputes, but barangay proceedings do not authorize online shaming, police arrest, or automatic garnishment. If a real barangay notice is issued, verify it with the barangay.

A fake barangay summons sent by random collectors may be evidence of intimidation.

LX. If the App Claims It Will Garnish Salary

Salary garnishment generally requires proper legal process, not a mere text message from a collector. A lender cannot simply tell an employer to deduct wages unless there is lawful authority, employee consent, or court process.

A collector contacting an employer may also violate privacy and reputation rights.

LXI. If the App Claims It Will Visit Your House

A lender may send demand letters or authorized collectors, but they cannot use threats, violence, trespass, or public humiliation. If collectors come to your house:

  1. Do not let them enter without consent.
  2. Ask for ID and authority.
  3. Record details safely.
  4. Avoid confrontation.
  5. Call barangay or police if threatened.
  6. Pay only through official channels.
  7. Do not sign documents under pressure.

LXII. If the App Refuses to Provide Statement of Account

A borrower should demand a clear statement showing:

  • principal;
  • amount disbursed;
  • interest;
  • fees;
  • penalties;
  • payments credited;
  • remaining balance;
  • official payment channels.

Refusal to provide accounting is a red flag, especially if the collector demands payment through personal accounts.

LXIII. If the App Was Removed From the App Store

An app may disappear after complaints or enforcement. Preserve:

  • app name;
  • installed screenshots;
  • app package or developer name, if visible;
  • loan agreement;
  • payment records;
  • messages;
  • company name;
  • contacts.

Removal from app stores does not erase liability.

LXIV. If You Are Being Harassed for Someone Else’s Loan

If you are contacted because someone listed you as a reference or because your number was in their contacts:

  1. State that you are not the borrower, co-borrower, or guarantor.
  2. Tell the collector to stop contacting you.
  3. Preserve messages.
  4. File a privacy or harassment complaint if contact continues.
  5. Block after preserving evidence.
  6. Inform the borrower to report data misuse.

You are not automatically liable just because your number appears in someone’s phone.

LXV. SEC Complaint: Key Points

When filing with the SEC, focus on:

  • whether the entity is authorized;
  • app name and company name;
  • abusive or unfair collection;
  • false registration claims;
  • advance-fee scam;
  • undisclosed charges;
  • harassment;
  • unauthorized online lending operations;
  • fake or misleading advertisements.

Attach evidence and request investigation.

LXVI. NPC Complaint: Key Points

When filing with the National Privacy Commission, focus on:

  • what personal data was collected;
  • how it was collected;
  • whether consent was valid;
  • whether data collection was excessive;
  • how data was disclosed;
  • who received the data;
  • what harm occurred;
  • what relief is requested.

Attach screenshots of messages to contacts, public posts, app permissions, and privacy policy.

LXVII. Cybercrime Complaint: Key Points

For cybercrime authorities, focus on:

  • online fraud;
  • fake accounts;
  • phishing links;
  • digital threats;
  • identity theft;
  • public posts;
  • fake legal documents;
  • payment accounts;
  • phone numbers;
  • IP or URL details if available.

Bring the device if possible and keep original evidence.

LXVIII. Payment Platform Reports

If you paid through an e-wallet or bank, report the scam to the platform. Provide:

  • transaction reference;
  • recipient account;
  • amount;
  • date and time;
  • screenshots of scam messages;
  • police or complaint reference, if available.

The platform may not always reverse the payment, but it can flag accounts and assist investigations.

LXIX. Protecting Yourself From Future Scams

Practical safeguards:

  1. Verify lender authority before applying.
  2. Do not pay upfront release fees.
  3. Do not share OTPs or passwords.
  4. Avoid apps requiring contact access.
  5. Read loan terms before accepting.
  6. Use official websites and app stores.
  7. Avoid social media-only lenders.
  8. Do not rush due to “limited time” pressure.
  9. Pay only through official channels.
  10. Keep copies of all documents.
  11. Monitor credit and loan records.
  12. Use strong passwords and two-factor authentication.
  13. Report scams promptly.
  14. Warn family and contacts if data was exposed.
  15. Avoid borrowing from one app to pay another.

LXX. Practical Checklist Before Applying for an Online Loan

Before applying, ask:

  • What is the lender’s legal name?
  • Is it a lending company, financing company, bank, or cooperative?
  • Does it have proper authority?
  • Is the app officially connected to the company?
  • Is the interest rate disclosed?
  • What amount will actually be disbursed?
  • What is the total repayment amount?
  • Are there upfront fees?
  • Are payment channels official?
  • What permissions does the app require?
  • Is the privacy policy clear?
  • Are there complaints of harassment?
  • Can I afford repayment?
  • Is there a safer alternative?

If the lender cannot answer clearly, do not proceed.

LXXI. Practical Checklist If You Suspect a Scam

Do the following:

  • Stop paying;
  • stop sharing documents;
  • screenshot everything;
  • record payment details;
  • revoke app permissions;
  • secure bank and e-wallet accounts;
  • change passwords;
  • notify contacts if needed;
  • report to payment platform;
  • file complaints with proper agencies;
  • monitor for identity theft.

LXXII. Frequently Asked Questions

1. Is SEC registration proof that an online lender is legitimate?

Not always. Corporate registration is different from authority to operate as a lending company. Verify both registration and authority.

2. Can a company be SEC registered but still unauthorized to lend?

Yes. A corporation may be registered with the SEC but may not have the required authority to operate as a lending company.

3. Is DTI registration enough for online lending?

Not necessarily. DTI business name registration alone does not prove authority to operate as a lending company.

4. Should I pay a processing fee before receiving the loan?

Be very cautious. Advance-fee demands before loan release are a major scam red flag, especially if paid to personal accounts.

5. What if I already paid a fee but no loan was released?

Stop paying additional fees, preserve evidence, demand refund, report to the payment platform, and file complaints with authorities.

6. Can I be sued if no loan was released?

If no funds were released, there may be no actual loan obligation. Scammers may still threaten you. Preserve evidence and report.

7. Can online lenders access my contacts?

They should not collect or use contact data beyond what is lawful, necessary, and properly disclosed. Using contacts for harassment may violate privacy rights.

8. Can they post my photo for nonpayment?

Public shaming may violate privacy, defamation, cybercrime, and regulatory rules. Preserve evidence and report.

9. Can they contact my employer?

Debt collectors should not disclose your debt to your employer or pressure your workplace without lawful basis. This may be a privacy and harassment issue.

10. Can I be jailed for not paying an online loan?

Mere nonpayment of debt is generally not a crime. Criminal liability requires a separate criminal act, such as fraud or falsification.

11. What if the collector claims to be from a law office?

Ask for the law office name, lawyer’s full name, address, and case details. Verify independently. Fake legal threats should be reported.

12. What if the app is registered but charges very high interest?

Registration does not automatically validate all charges. Hidden, excessive, or unconscionable charges may be challenged.

13. What if my friend listed me as a reference and collectors harass me?

You are not automatically liable as a reference. Tell them to stop, preserve evidence, and file complaints if harassment continues.

14. Where should I report an online loan scam?

Depending on the facts, report to SEC, National Privacy Commission, PNP Anti-Cybercrime Group, NBI Cybercrime Division, payment platforms, or prosecutor’s office.

15. Should I uninstall the app immediately?

First preserve evidence and screenshots. Then revoke permissions and uninstall if appropriate.

LXXIII. Key Legal Principles

  1. Online lending is regulated; not everyone may lawfully operate as a lending company.
  2. SEC corporate registration is different from authority to operate as a lending company.
  3. Scammers often misuse SEC registration claims to appear legitimate.
  4. Advance fees before loan release are a major scam warning sign.
  5. If no money was released, the existence of a valid loan may be disputed.
  6. Borrowers should verify the legal entity behind the app.
  7. App permissions and data access create serious privacy risks.
  8. Debt does not authorize harassment, threats, or public shaming.
  9. Mere nonpayment of debt is generally not a crime.
  10. Fake legal notices, fake warrants, and impersonation should be reported.
  11. Payment should be made only through official channels.
  12. A reference is not automatically liable for a borrower’s debt.
  13. Excessive or hidden charges may be challenged.
  14. Victims should preserve evidence before blocking, deleting, or uninstalling.
  15. Complaints may be filed with SEC, NPC, cybercrime authorities, BSP in proper cases, and courts or prosecutors.

LXXIV. Conclusion

Online lending can be useful when properly regulated, transparent, and fair. But it can also be a vehicle for fraud, harassment, privacy violations, and financial abuse. In the Philippines, one of the most important protective steps is understanding SEC registration. A lender’s claim that it is “SEC registered” should never be accepted blindly. Borrowers must distinguish between ordinary corporate registration and actual authority to operate as a lending or financing company.

Online loan scams often rely on urgency, fear, and confusion. They promise fast approval, demand upfront fees, misuse official-looking certificates, collect personal data, and threaten borrowers who refuse to pay. A legitimate lender should be transparent about its legal identity, authority, loan terms, fees, privacy policy, and collection process.

Victims should act quickly: stop paying suspicious fees, preserve evidence, secure personal data, revoke app permissions, report payment accounts, and file complaints with the proper agencies. Where harassment, public shaming, identity theft, or false legal threats occur, borrowers may pursue regulatory, privacy, cybercrime, civil, and criminal remedies.

The safest rule is simple: verify before borrowing, never pay advance release fees to suspicious lenders, never share OTPs or passwords, and do not allow debt or desperation to override caution. A lawful loan begins with transparency; a scam begins with pressure.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login