Proving Identity Theft in Loan Application Cases

I. Introduction

Identity theft in loan application cases has become increasingly common in the Philippines, especially with the rise of digital lending platforms, online banking, mobile wallets, buy-now-pay-later services, salary loans, credit cards, motorcycle financing, appliance financing, and other fast-credit products. A person may suddenly receive collection calls, demand letters, text messages, emails, credit bureau alerts, barangay notices, or even court papers for a loan he or she never applied for. In other cases, the victim discovers that someone used his name, identification documents, mobile number, email address, selfie, signature, employment details, or personal information to obtain credit.

The central legal problem is proof. The victim must show that he did not apply for the loan, did not authorize anyone to apply in his name, did not receive the proceeds or goods, and did not benefit from the transaction. At the same time, the lender or collection agency may claim that the application was supported by documents, digital records, a mobile number, an email address, a selfie, an electronic signature, or a one-time password. The dispute therefore often turns on evidence: who submitted the application, what information was used, what device or account was involved, where the proceeds went, and whether the lender performed adequate identity verification.

This article discusses how identity theft may be proven in Philippine loan application cases, the applicable legal concepts, the types of evidence that may be used, remedies against lenders and collectors, possible criminal complaints, data privacy remedies, civil defenses, and practical steps for victims.

II. What Identity Theft Means in Loan Application Cases

Identity theft in a loan application occurs when a person uses another person’s identity or personal information without authority to obtain credit, money, goods, services, or financial accommodation. It may involve the unauthorized use of:

  1. Full name;
  2. Date of birth;
  3. Address;
  4. Government-issued identification card;
  5. Tax identification number;
  6. Social Security System, GSIS, Pag-IBIG, or PhilHealth information;
  7. Mobile number;
  8. Email address;
  9. Photograph or selfie;
  10. Signature;
  11. Employment information;
  12. Bank account or e-wallet details;
  13. Biometric or facial image;
  14. Digital login credentials;
  15. Personal references or emergency contacts.

The identity thief may be a stranger, a scammer, an online seller, a lending agent, a loan broker, a relative, a co-worker, an employer representative, a former partner, a household member, or even someone from within the lender’s sales or verification network.

III. Common Loan Identity Theft Scenarios

Identity theft in loan applications may happen in many ways. Common scenarios include:

  1. A person loses a wallet containing IDs, and the IDs are later used to apply for a loan.
  2. A scammer asks for IDs and selfies under the pretense of job hiring, cash assistance, SIM registration, online selling, investment, parcel delivery, or verification.
  3. A relative or friend borrows a victim’s ID and uses it to obtain financing.
  4. A lending agent fabricates applications using copied documents.
  5. A phone number registered under the victim’s name is used to receive one-time passwords.
  6. A victim’s social media photos are used to create fake accounts.
  7. A stolen phone is used to access mobile lending apps.
  8. A forged signature is used in a paper loan application.
  9. An electronic signature is affixed without the victim’s consent.
  10. A loan is released to a bank account, e-wallet, merchant, or seller controlled by someone else.
  11. A person is named as borrower in a loan used to buy goods delivered to another person.
  12. A collection agency pursues the victim based only on a database record, without proof of consent.

Each situation requires a slightly different evidentiary strategy.

IV. The Central Issue: Consent and Participation

In loan identity theft cases, the core question is whether the alleged borrower personally consented to the loan and participated in the transaction. A lender must generally prove the existence of a valid obligation. A victim who denies the loan should focus on showing absence of consent, absence of authorization, absence of benefit, and irregularity in the documents or digital trail.

Important questions include:

  1. Did the victim sign the loan application?
  2. Did the victim submit the identification documents?
  3. Did the victim own or control the mobile number used?
  4. Did the victim receive and input the one-time password?
  5. Did the victim own the email address used?
  6. Did the victim receive the proceeds?
  7. Was the bank account or e-wallet in the victim’s name?
  8. Did the victim receive the purchased goods?
  9. Was the victim physically present at the time of application?
  10. Was the application made from a device, IP address, or location connected to the victim?
  11. Did the victim ever acknowledge the loan?
  12. Did the lender verify identity properly?

A denial alone may not always be enough. The stronger approach is to combine denial with documentary, digital, testimonial, and circumstantial evidence.

V. Applicable Philippine Legal Framework

Identity theft in loan applications may involve several areas of Philippine law.

1. Civil Code

The Civil Code governs obligations and contracts. A valid loan or credit obligation requires consent, object, and cause. If the victim did not consent, there may be no valid contract binding him. If a signature was forged or an application was submitted without authority, the alleged borrower may deny liability.

Civil remedies may include declaration of inexistence of obligation, damages, injunction, correction of credit records, and defense against collection or civil suits.

2. Revised Penal Code

Depending on the facts, the offender may be liable for crimes such as falsification, use of falsified documents, estafa, other deceits, unjust vexation, grave coercion, threats, or related offenses. If signatures, IDs, certificates, employment records, or public documents were falsified, criminal liability may arise.

3. Cybercrime Prevention Act

If the identity theft was committed through a computer system, online platform, mobile application, email, social media, or digital device, cybercrime laws may apply. Computer-related identity theft, computer-related fraud, computer-related forgery, and related offenses may be relevant.

4. Data Privacy Act

The unauthorized collection, use, disclosure, or processing of personal information may raise data privacy issues. A lender, collector, or third party may face liability if personal data was processed unlawfully, used without consent or lawful basis, inadequately protected, or disclosed to contacts and third persons without authority.

5. Lending and Financing Regulations

Lending companies, financing companies, banks, online lending platforms, credit card issuers, and other financial institutions may be subject to different regulators, depending on their nature. Regulatory complaints may be available where there are abusive collection practices, inadequate disclosures, unfair debt collection, harassment, or failure to investigate identity theft claims.

6. Rules on Electronic Evidence

Digital records may be used as evidence if properly authenticated. Loan application logs, electronic signatures, SMS verification, email confirmations, app records, IP logs, device identifiers, geolocation, screenshots, metadata, audit trails, and database entries may become important.

VI. Burden of Proof in Identity Theft Loan Cases

The burden of proof depends on the proceeding.

In a civil collection case, the lender generally has the burden to prove the loan, the borrower’s consent, release of proceeds, and default. The alleged borrower may raise identity theft, forgery, lack of consent, lack of authority, fraud, or absence of consideration as defenses.

In a criminal complaint, the complainant must present evidence showing probable cause that a crime was committed and that the respondent is probably guilty. At trial, guilt must be proven beyond reasonable doubt.

In a data privacy complaint, the issue may be whether personal information was processed unlawfully, negligently, excessively, or without adequate safeguards.

In a regulatory complaint, the relevant regulator may examine whether the lender complied with verification, disclosure, collection, privacy, and consumer protection obligations.

A victim does not need to prove every technical detail at the beginning, but should gather enough evidence to show that the loan was unauthorized and that the lender or authorities should investigate.

VII. Evidence That the Victim Did Not Apply for the Loan

The victim should gather evidence showing non-participation. Useful evidence may include:

  1. Affidavit of denial explaining that the victim did not apply for the loan;
  2. Police report or blotter regarding lost ID, stolen phone, scam, or identity theft;
  3. Notarized affidavit of loss for missing IDs or documents;
  4. Proof that the victim was elsewhere when the loan was supposedly applied for;
  5. Travel records, work attendance logs, CCTV, receipts, or location evidence;
  6. Proof that the mobile number or email used does not belong to the victim;
  7. Certification from a telecom provider, if obtainable;
  8. Proof that the bank account or e-wallet receiving the loan proceeds is not the victim’s;
  9. Bank or e-wallet statements showing no receipt of proceeds;
  10. Proof that goods financed by the loan were delivered to another person or address;
  11. Screenshots of collection messages and calls;
  12. Copies of demand letters;
  13. Copies of the loan application, promissory note, disclosure statement, or contract;
  14. Comparison of signatures;
  15. NBI, police, or cybercrime complaint records;
  16. Data privacy requests and responses;
  17. Communications with the lender disputing the loan.

The victim should create a chronological file of events.

VIII. The Importance of Obtaining the Loan Documents

A victim cannot properly dispute an alleged loan without seeing the documents or records relied upon by the lender. The victim should request copies of:

  1. Loan application form;
  2. Promissory note;
  3. disclosure statement;
  4. Credit agreement;
  5. Borrower information sheet;
  6. Submitted ID documents;
  7. Selfie or biometric verification image;
  8. Signature specimen or electronic signature record;
  9. Proof of one-time password verification;
  10. Mobile number and email used;
  11. Device, IP, and app logs, if available;
  12. Date and time of application;
  13. Approval records;
  14. Disbursement record;
  15. Bank account or e-wallet where proceeds were released;
  16. Merchant invoice or delivery record;
  17. Collection account records;
  18. Assignment or endorsement to collection agency;
  19. Credit bureau reporting record.

If the lender refuses to provide documents, the victim may record the refusal and raise it in a complaint, regulatory proceeding, civil case, or data privacy request.

IX. Affidavit of Denial

An affidavit of denial is often the first formal document prepared by the victim. It should be specific, not generic.

It may state:

  1. The victim’s identity and address;
  2. How the victim learned of the alleged loan;
  3. The name of the lender or collector;
  4. The alleged account number, if known;
  5. A categorical denial of applying for or authorizing the loan;
  6. A denial of receiving proceeds or goods;
  7. A denial of signing any loan document;
  8. A denial of using the phone number, email, bank account, or e-wallet involved, if applicable;
  9. Facts showing possible identity theft;
  10. Prior loss of ID, stolen phone, phishing incident, scam, or unauthorized use of personal data;
  11. Steps taken to report the matter;
  12. Request for investigation and correction of records.

A bare statement that “I do not owe this” is weaker than a detailed explanation supported by exhibits.

X. Police Blotter, NBI, and Cybercrime Reports

A police blotter or report helps document the victim’s prompt denial. It may not prove the entire case by itself, but it creates an official record.

The victim may consider reporting to:

  1. Local police station;
  2. Philippine National Police Anti-Cybercrime Group, if online or digital means were used;
  3. National Bureau of Investigation Cybercrime Division, if appropriate;
  4. Prosecutor’s office, through a criminal complaint;
  5. Barangay, if harassment or local disputes are involved.

Reports are more useful when supported by evidence such as screenshots, IDs used, account numbers, phone numbers, names of collectors, transaction dates, and copies of documents.

XI. Signature Forgery

If the alleged loan involves a handwritten signature, the victim may deny the signature and request production of the original document. Signature forgery may be proven through:

  1. Testimony of the alleged signer;
  2. Comparison with genuine signatures;
  3. Circumstances showing the victim could not have signed;
  4. Expert handwriting examination;
  5. Evidence that the ID or document used was lost or copied;
  6. Inconsistencies in the application form;
  7. Witness testimony;
  8. Absence of proper identification or personal appearance.

A notarized document carries evidentiary weight, but notarization can be challenged if the person did not appear before the notary, the ID was false, the notarial register is defective, or the notarization was irregular.

XII. Electronic Signatures and Digital Consent

Many loans are now processed digitally. Lenders may claim that the victim electronically signed the agreement or clicked acceptance in an app. The victim should ask for proof of digital consent, including:

  1. Account creation date;
  2. Email or mobile verification;
  3. OTP logs;
  4. IP address;
  5. Device ID;
  6. Device model;
  7. SIM or mobile number used;
  8. Login history;
  9. Geolocation, if collected;
  10. Selfie verification;
  11. Timestamp of acceptance;
  12. Audit trail;
  13. Copy of the electronic document allegedly accepted.

An electronic signature is not automatically conclusive. It must be linked to the alleged signer. If the digital account, device, email, or phone number does not belong to the victim, the lender’s proof may be weak.

XIII. One-Time Passwords and Mobile Numbers

Lenders often rely on one-time passwords as proof of verification. However, OTP verification alone may not be enough if the mobile number was not controlled by the victim or was obtained through fraud.

Issues to examine include:

  1. Was the mobile number registered to the victim?
  2. Was the victim in possession of the SIM at the time?
  3. Was the victim’s phone stolen?
  4. Was the SIM replaced or cloned?
  5. Was the number recycled by the telecom provider?
  6. Did the scammer trick the victim into revealing the OTP?
  7. Did the lender verify that the phone number belonged to the borrower?
  8. Were there other identity checks besides OTP?
  9. Was the OTP sent to a number newly linked to the account?
  10. Were there suspicious changes in contact details?

The victim should not admit liability merely because an OTP was used. The issue is whether the OTP was validly linked to the victim’s consent.

XIV. Selfies, Facial Images, and Liveness Checks

Digital lenders may require a selfie holding an ID. Identity thieves may use manipulated photos, stolen images, deepfake-like edits, printed photos, or another person’s face. Sometimes the selfie may show that the applicant is not the victim.

The victim should request a copy of the selfie or verification image. It may prove:

  1. The person in the photo is not the victim;
  2. The ID was digitally altered;
  3. The image is inconsistent with the victim’s age or appearance;
  4. The background location is unfamiliar;
  5. The image was reused from another source;
  6. The liveness check was inadequate.

If the lender refuses to provide the selfie because of privacy concerns, the victim may request controlled disclosure or verification through formal channels.

XV. Disbursement Trail: Where Did the Money Go?

The disbursement trail is often the strongest evidence. If the victim did not receive the proceeds, the alleged loan becomes highly questionable.

Important records include:

  1. Bank account number receiving the funds;
  2. Name of account holder;
  3. E-wallet account details;
  4. Cash pickup recipient;
  5. Merchant payment record;
  6. Delivery address for financed goods;
  7. Invoice and receipt;
  8. Device or account used to withdraw funds;
  9. ATM or cash-out records;
  10. Transfer history after disbursement.

If proceeds were sent to an account not owned or controlled by the victim, the victim should emphasize this in all disputes and complaints.

XVI. Goods Financing and Merchant Loans

In appliance, gadget, motorcycle, vehicle, or merchant-financed loans, the issue is often whether the victim received the goods. Evidence may include:

  1. Sales invoice;
  2. Delivery receipt;
  3. Release form;
  4. CCTV at store or dealership;
  5. Identification presented at release;
  6. Buyer’s signature;
  7. Delivery address;
  8. Name of person who received the item;
  9. Seller or agent who processed the application;
  10. Serial number or registration details of the item.

If the item was delivered to another address or released to another person, this supports identity theft.

XVII. Employment and Salary Loan Fraud

Some loans are approved based on employment documents. Identity thieves may submit fake certificates of employment, payslips, company IDs, or HR confirmations.

The victim may obtain:

  1. Certificate from employer stating no such loan authorization;
  2. Payroll records showing no salary deduction authorization;
  3. Proof that submitted payslips are fake;
  4. HR certification that the lender did not verify employment;
  5. Proof that the victim was not employed at the claimed company;
  6. Proof that the loan proceeds were not credited to the victim’s payroll account.

Employers should be careful in releasing employee data to lenders without proper authority.

XVIII. Credit Cards and Credit Lines

Identity theft may also involve credit cards, revolving credit, or online credit lines. Proof may focus on:

  1. Application documents;
  2. Address where the card was delivered;
  3. Recipient of the card;
  4. Activation logs;
  5. Phone number used for activation;
  6. Merchant transactions;
  7. Delivery courier records;
  8. CCTV in stores;
  9. Online transaction IP logs;
  10. Dispute history.

The victim should immediately request blocking, investigation, and correction of credit reporting.

XIX. Loan App Harassment and Contact Shaming

Some online lenders or collectors contact the victim’s phone contacts, relatives, employer, co-workers, or social media friends. In identity theft cases, this can cause serious reputational harm.

Victims should document:

  1. Screenshots of messages;
  2. Call logs;
  3. Names and numbers of collectors;
  4. Messages sent to third persons;
  5. Threats, insults, or public shaming;
  6. Disclosure of alleged debt to unauthorized persons;
  7. False statements accusing the victim of fraud;
  8. Contact with employer or clients;
  9. Social media posts or group messages;
  10. Demand letters sent to wrong addresses.

Such conduct may support complaints for abusive collection, data privacy violations, damages, or other remedies.

XX. Data Privacy Rights of the Victim

A victim whose personal information was used in a loan application may invoke data privacy rights. These may include the right to be informed, right to access, right to object, right to dispute inaccuracy, right to erasure or blocking in proper cases, and right to damages when legally justified.

The victim may send a written request to the lender asking:

  1. What personal data was collected;
  2. Source of the personal data;
  3. Purpose of processing;
  4. Basis for processing;
  5. Copies of loan application documents;
  6. Identity of recipients or collection agencies;
  7. Whether data was reported to credit bureaus;
  8. Whether data was shared with third parties;
  9. Correction, blocking, or deletion of inaccurate records;
  10. Investigation of unauthorized processing.

If the lender ignores or denies a valid request without basis, a complaint may be filed with the proper data privacy authority.

XXI. Credit Bureau and Negative Credit Record Issues

Identity theft loans may damage the victim’s credit record. A victim may be rejected for legitimate loans, credit cards, employment screening, housing, or business transactions because of a fraudulent account.

The victim should request:

  1. Investigation by the lender;
  2. Suspension of collection during investigation;
  3. Removal or correction of negative reporting;
  4. Written certification that the account is disputed;
  5. Notice to credit bureaus;
  6. Confirmation that the account was not validly contracted by the victim;
  7. Deletion or correction of inaccurate data.

If the lender refuses, the victim may escalate through complaints and legal action.

XXII. Demand Letter to the Lender

A formal dispute letter should be sent to the lender or collector. It should:

  1. Identify the disputed loan;
  2. Deny the application and obligation;
  3. State that the matter involves suspected identity theft;
  4. Demand copies of all loan documents and verification records;
  5. Demand proof of disbursement;
  6. Demand suspension of collection;
  7. Demand that no negative credit reporting be made or maintained while under dispute;
  8. Demand investigation;
  9. Demand cessation of harassment and third-party disclosure;
  10. Reserve the right to file civil, criminal, regulatory, and data privacy complaints.

The letter should be sent through a trackable method and preserved with proof of receipt.

XXIII. Complaint Against the Identity Thief

If the suspected perpetrator is known, the victim may consider a criminal complaint. Possible evidence includes:

  1. Copy of falsified application;
  2. ID used;
  3. forged signature;
  4. screenshots of communications;
  5. bank or e-wallet trail;
  6. CCTV;
  7. delivery receipt;
  8. witness statements;
  9. admission by the perpetrator;
  10. proof that proceeds or goods went to the perpetrator.

The complaint should clearly connect the suspect to the act of using the victim’s identity.

XXIV. Complaint Against the Lender or Collector

A lender may not be the identity thief. However, the lender may still face liability if it negligently approved the loan, ignored red flags, failed to verify identity, mishandled personal data, continued collection after notice of identity theft, reported inaccurate credit data, or engaged in abusive collection.

Possible claims or complaints may involve:

  1. Negligent verification;
  2. Unfair or abusive collection;
  3. Violation of data privacy rights;
  4. Defamation or reputational harm;
  5. Damages under civil law;
  6. Failure to correct inaccurate records;
  7. Harassment or threats;
  8. Disclosure of personal information to unauthorized third persons.

The strength of the complaint depends on proof of the lender’s conduct and the applicable regulatory framework.

XXV. Civil Action to Declare Non-Liability

If the lender insists on collecting or sues the victim, the victim may raise defenses or file an appropriate civil action. Possible reliefs include:

  1. Declaration of inexistence or nullity of the loan obligation;
  2. Injunction against collection;
  3. Damages for harassment or injury to reputation;
  4. Correction of records;
  5. Removal of negative credit reporting;
  6. Attorney’s fees, where justified;
  7. Return of money wrongfully collected;
  8. Protection against further unauthorized processing of data.

Where the lender files a collection case, the victim should answer on time and raise lack of consent, identity theft, forgery, fraud, absence of consideration, failure to prove loan release, and other defenses.

XXVI. If the Victim Already Paid Under Pressure

Sometimes victims pay because collectors threaten lawsuits, public shaming, employer disclosure, or credit damage. Payment may complicate the defense, but it does not always prove liability.

The victim may argue that payment was made under protest, mistake, intimidation, or to stop harassment. Evidence may include:

  1. Messages showing threats;
  2. Written statement that payment was under protest;
  3. Immediate dispute letters;
  4. Police or regulatory complaints;
  5. Lack of loan documents;
  6. Proof of identity theft;
  7. Receipts of payment.

If possible, victims should avoid making payments on disputed identity theft accounts without legal advice or written reservation of rights.

XXVII. If the Victim’s ID Was Voluntarily Given to Someone Else

Many identity theft cases begin with the victim voluntarily giving copies of IDs or selfies to another person for a different purpose. This does not necessarily mean the victim consented to a loan.

The issue is scope of consent. A person may consent to provide an ID for employment screening, parcel verification, SIM registration assistance, online selling, or a raffle, but not consent to a loan application.

The victim should explain:

  1. Why the ID was given;
  2. To whom it was given;
  3. The limited purpose;
  4. When it was given;
  5. What representations were made;
  6. Why the victim did not authorize a loan;
  7. How the documents may have been misused.

Messages with the person who requested the ID are very important.

XXVIII. If the Victim Was Tricked Into Giving an OTP

A scammer may tell the victim to provide an OTP for a supposed delivery, job application, prize, account verification, or refund. If the OTP was then used for a loan, the lender may argue that the OTP confirms consent.

The victim should show:

  1. The OTP was obtained through deception;
  2. The victim did not know it was for a loan;
  3. The scammer’s messages;
  4. The time sequence of events;
  5. Lack of receipt of proceeds;
  6. Immediate reporting after discovery;
  7. Absence of other borrower verification.

Sharing an OTP may be negligent, but negligence does not automatically create a valid loan obligation if there was no informed consent and no benefit received.

XXIX. If the Victim’s Phone Was Stolen

If a stolen phone was used to obtain a loan, the victim should gather:

  1. Police report for stolen phone;
  2. Affidavit of loss;
  3. Proof of SIM blocking request;
  4. Telecom reference number;
  5. Device purchase records;
  6. Timeline of theft and loan application;
  7. Account login alerts;
  8. Screenshots of unauthorized transactions;
  9. Bank or e-wallet blocking records.

The timeline is crucial. If the loan was applied for after the phone was stolen, the victim has stronger evidence.

XXX. If the Victim’s Relative Used the Identity

Family identity theft is sensitive. A parent, sibling, child, spouse, cousin, or in-law may use the victim’s identity to obtain a loan. The victim may hesitate to file a criminal complaint, but civil liability and credit damage may continue unless the dispute is formally documented.

Options include:

  1. Written admission by the relative;
  2. Settlement with the lender;
  3. Substitution or assumption of liability by the true borrower, if lender agrees;
  4. Complaint for falsification or fraud, if necessary;
  5. Civil action for reimbursement or damages;
  6. Request for correction of credit records.

A private family arrangement does not automatically bind the lender unless the lender agrees or a court rules on the matter.

XXXI. Role of Notarization

Some loan documents are notarized. A notarized document is generally treated as public document and may enjoy evidentiary weight. But notarization does not make a forged signature valid.

The victim may challenge notarization by showing:

  1. He did not personally appear before the notary;
  2. The ID used was not validly presented by him;
  3. The notarial register does not contain proper details;
  4. The signature in the notarial register is not his;
  5. The notary failed to follow required procedures;
  6. The document contains false personal information;
  7. The victim was elsewhere at the time of notarization.

Complaints against notaries may be considered in serious cases.

XXXII. Importance of Timeline

A clear timeline can make or break an identity theft case. The victim should reconstruct:

  1. When the ID was lost, stolen, copied, or submitted;
  2. When the loan was supposedly applied for;
  3. When the loan was approved;
  4. When proceeds were released;
  5. Where proceeds were sent;
  6. When the first collection notice was received;
  7. When the victim disputed the loan;
  8. When reports were filed;
  9. When the lender responded;
  10. When credit reporting occurred.

A timeline helps investigators, lawyers, regulators, and courts understand the case.

XXXIII. Preservation of Digital Evidence

Victims should preserve digital evidence carefully. Screenshots may help, but they should be supported by original messages when possible.

Best practices include:

  1. Do not delete texts, emails, or app notifications;
  2. Take screenshots showing date, time, sender, and full message;
  3. Export chat histories if possible;
  4. Save call logs;
  5. Record collection numbers;
  6. Preserve envelopes and demand letters;
  7. Save emails in original format;
  8. Back up files securely;
  9. Avoid editing images;
  10. Print copies for affidavits and complaints.

For serious cases, digital forensics may be considered.

XXXIV. Witnesses

Witness testimony may help prove identity theft. Potential witnesses include:

  1. Employer confirming work location at the time of application;
  2. Family member confirming loss of phone or ID;
  3. Barangay official who received the complaint;
  4. Store employee who released goods to another person;
  5. Courier who delivered a card or item;
  6. Bank or e-wallet representative;
  7. Telecom representative;
  8. Person who received collection calls;
  9. Person who saw the actual applicant;
  10. Expert witness for handwriting or digital evidence.

Witnesses should execute affidavits when appropriate.

XXXV. Red Flags in Fraudulent Loan Applications

A victim should examine the loan file for red flags, such as:

  1. Wrong address;
  2. Wrong employer;
  3. Wrong income;
  4. Wrong email;
  5. Wrong mobile number;
  6. Photo does not match victim;
  7. Signature differs;
  8. ID appears altered;
  9. Application was made at unusual time;
  10. Proceeds sent to unknown account;
  11. Goods delivered to unrelated address;
  12. Emergency contacts unknown to victim;
  13. Application submitted through an agent;
  14. Multiple loans made in a short period;
  15. No proper proof of borrower’s personal appearance or consent.

These red flags should be highlighted in disputes and affidavits.

XXXVI. Identity Theft as a Defense in Collection Cases

If sued for collection, the alleged borrower must respond within the required period. Ignoring court papers can lead to default and judgment.

Possible defenses include:

  1. No consent to the loan;
  2. Forged signature;
  3. Unauthorized electronic signature;
  4. No receipt of proceeds;
  5. No benefit from the transaction;
  6. Fraud by a third person;
  7. Negligent verification by lender;
  8. Failure to prove identity of borrower;
  9. Failure to authenticate electronic records;
  10. Payment records do not connect to alleged borrower;
  11. Violation of disclosure requirements;
  12. Invalid assignment to collector;
  13. Unconscionable charges or penalties;
  14. Damages from wrongful collection.

The victim may also file counterclaims where appropriate.

XXXVII. Small Claims Cases

Some collection cases may be filed as small claims. In small claims proceedings, the alleged borrower should still raise identity theft clearly and submit evidence.

Useful attachments include:

  1. Affidavit of denial;
  2. Police or NBI report;
  3. Affidavit of loss;
  4. Demand dispute letter;
  5. Lender’s documents showing wrong information;
  6. Screenshots of harassment;
  7. Bank or e-wallet statements;
  8. Proof of non-receipt of proceeds;
  9. Proof that the phone or email used was not the victim’s;
  10. Any admission by the true borrower.

Because small claims procedure is simplified, the evidence should be organized, concise, and easy to understand.

XXXVIII. Criminal Complaint for Falsification

If the loan documents contain forged signatures, false statements, fake IDs, or fabricated certificates, falsification may be considered. The complaint should identify:

  1. The falsified document;
  2. The false entry or forged signature;
  3. Why it is false;
  4. Who prepared, used, or benefited from it;
  5. How it caused damage;
  6. Supporting documents and witnesses.

If the identity thief is unknown, the complaint may initially be against unidentified persons, but evidence should be gathered to identify them.

XXXIX. Criminal Complaint for Estafa or Fraud

If the offender used deceit to obtain money or goods from the lender in the victim’s name, estafa or fraud-related offenses may be considered. The victim may not be the direct financial loser if the lender released the money, but the victim may still suffer injury through credit damage, harassment, and misuse of identity.

The lender may also be a complainant against the true offender. In practice, victims should encourage the lender to investigate the real recipient of proceeds rather than pursue the innocent person named in the fraudulent application.

XL. Computer-Related Identity Theft and Cyber Fraud

If the fraudulent loan was applied for through an app, website, email, or digital system, cybercrime remedies may apply. Relevant evidence includes:

  1. App account records;
  2. Email address used;
  3. Phone number used;
  4. IP address;
  5. Device information;
  6. Location logs;
  7. Digital wallet trail;
  8. Screenshots of phishing;
  9. Scam messages;
  10. Login history.

The victim should report promptly because digital evidence can be deleted, overwritten, or become difficult to obtain.

XLI. Data Privacy Complaint

A data privacy complaint may be appropriate where personal data was processed without authority or where the lender or collector mishandled the victim’s personal information.

Possible grounds include:

  1. Unauthorized use of personal data for a loan;
  2. Failure to secure personal data;
  3. Refusal to correct inaccurate data;
  4. Unlawful disclosure to contacts or employer;
  5. Excessive collection of personal information;
  6. Use of contacts list for collection harassment;
  7. Continued processing after identity theft notice;
  8. Failure to respond to access or correction requests.

The victim should attach evidence of requests, responses, screenshots, and harm suffered.

XLII. Regulatory Complaints

Depending on the type of lender, complaints may be filed with the appropriate regulator. The complaint should focus on:

  1. Failure to verify borrower identity;
  2. Abusive collection practices;
  3. Excessive charges;
  4. Misleading loan records;
  5. Failure to investigate identity theft;
  6. Unauthorized credit reporting;
  7. Data privacy violations;
  8. Harassment of third persons;
  9. Refusal to provide loan documents.

A regulatory complaint may not always erase the debt immediately, but it can pressure the lender to investigate and comply with consumer protection rules.

XLIII. Civil Damages

A victim may claim damages if wrongful collection, credit damage, harassment, or misuse of identity caused injury. Possible damages include:

  1. Actual damages, if proven by receipts or records;
  2. Moral damages for anxiety, humiliation, or reputational harm, where legally justified;
  3. Exemplary damages in proper cases;
  4. Attorney’s fees, where allowed;
  5. Costs of suit;
  6. Damages under data privacy laws, where applicable.

Damages require proof. The victim should document medical consultations, lost opportunities, rejected loan applications, employer issues, reputational harm, and expenses incurred.

XLIV. Demand to Stop Collection

After disputing the loan, the victim may demand that the lender and collection agency stop collection while investigating. The demand may include:

  1. Stop calling and texting except through formal written channels;
  2. Stop contacting relatives, employer, co-workers, and references;
  3. Stop threatening public disclosure;
  4. Stop reporting or maintain a disputed status with credit bureaus;
  5. Provide complete documents;
  6. Identify the basis for claiming the victim is the borrower;
  7. Investigate the real recipient of proceeds;
  8. Confirm closure or correction in writing.

Any continued harassment after formal notice strengthens the victim’s position.

XLV. How to Structure the Evidence File

Victims should organize their evidence in folders:

Folder 1: Identity Documents

Copies of valid IDs, affidavits of loss, police reports, and proof of stolen or compromised documents.

Folder 2: Loan Records

Demand letters, account numbers, application forms, promissory notes, disclosure statements, screenshots, and lender responses.

Folder 3: Proof of Non-Participation

Work attendance, travel records, bank statements, e-wallet records, proof that mobile number or email was not used by the victim.

Folder 4: Disbursement Evidence

Bank, e-wallet, merchant, delivery, or cash-out records showing where the proceeds or goods went.

Folder 5: Harassment and Collection Evidence

Call logs, messages, social media posts, emails, third-party messages, and witness statements.

Folder 6: Complaint Records

Police, NBI, cybercrime, regulatory, data privacy, and court filings.

Organized evidence makes the claim more credible.

XLVI. Sample Theory of the Case

A strong identity theft defense may be presented as follows:

“The alleged loan is not a valid obligation of the victim because the victim did not apply for it, did not sign any loan document, did not authorize any person to use his identity, did not control the mobile number or email used in the application, did not receive the loan proceeds, and did not benefit from the transaction. The application was processed using personal data obtained without authority. The lender failed to verify the identity of the true applicant and released the proceeds to an account or person not connected to the victim. Upon learning of the alleged loan, the victim promptly disputed it, reported the identity theft, and requested investigation and correction of records.”

This theory should be supported by documents, not merely asserted.

XLVII. What Lenders Should Prove

A lender pursuing the alleged borrower should be prepared to prove:

  1. The identity of the borrower;
  2. The borrower’s consent;
  3. The authenticity of signature or electronic acceptance;
  4. Proper verification of identity;
  5. Release of proceeds to the borrower or for the borrower’s benefit;
  6. Compliance with disclosure rules;
  7. Correct computation of balance;
  8. Authority of the collector or assignee;
  9. Compliance with data privacy and collection rules;
  10. Proper credit reporting.

If the lender cannot prove these, the identity theft defense becomes stronger.

XLVIII. Practical Steps for Victims

A victim should act quickly and systematically:

  1. Do not ignore collection notices.
  2. Do not admit liability.
  3. Do not make payment without written reservation or advice.
  4. Ask for complete loan documents.
  5. Send a written dispute letter.
  6. File a police or cybercrime report.
  7. Execute an affidavit of denial.
  8. Report lost IDs or stolen phone.
  9. Secure bank and e-wallet statements.
  10. Document all collection harassment.
  11. Demand correction of credit records.
  12. File regulatory or data privacy complaints if necessary.
  13. Answer court papers on time.
  14. Consult a lawyer for litigation, criminal complaints, or serious credit damage.

Prompt action helps show good faith and reduces the risk of default judgment or worsening credit harm.

XLIX. Mistakes to Avoid

Victims should avoid:

  1. Ignoring demand letters;
  2. Arguing only by phone without written records;
  3. Paying just to stop harassment without documenting protest;
  4. Deleting messages or screenshots;
  5. Failing to request loan documents;
  6. Failing to report lost IDs or stolen phone;
  7. Posting defamatory accusations online;
  8. Missing court deadlines;
  9. Giving more personal information to suspicious collectors;
  10. Signing settlement documents that admit liability without understanding them;
  11. Assuming a police blotter alone will erase the loan;
  12. Waiting too long to dispute credit reports.

L. Conclusion

Proving identity theft in loan application cases in the Philippines requires more than a simple denial. The victim must build a clear, evidence-based story showing lack of consent, lack of authorization, non-receipt of proceeds, and irregularity in the loan application process. The strongest cases usually combine affidavits, police or cybercrime reports, loan documents, digital records, disbursement trails, proof of non-receipt, proof of forged or unauthorized signatures, and documentation of collection conduct.

The alleged borrower should demand the lender’s proof, dispute the loan in writing, report the identity theft, preserve evidence, protect credit records, and respond promptly to any collection case. Depending on the facts, remedies may include civil defenses, criminal complaints, regulatory complaints, data privacy complaints, injunction, damages, correction of credit reports, and declaration of non-liability.

Identity theft cases are evidence-driven. The key is to show that the victim’s personal information was used, but the victim did not knowingly, freely, and personally enter into the loan transaction or receive its benefits. A lender, collector, investigator, prosecutor, regulator, or court will be more likely to act when the victim presents a complete, consistent, and well-documented record.

This article is for general legal information in the Philippine context and is not a substitute for legal advice from counsel based on the specific facts of a case.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login