Verifying the SEC Registration of Online Lending Apps and Fintech Companies

The rapid expansion of the Philippine fintech sector has democratized access to credit, yet it has simultaneously paved the way for predatory and unlicensed entities. For consumers and legal practitioners alike, verifying the legitimacy of an Online Lending App (OLA) is a critical step in ensuring financial safety and legal recourse. Under Philippine law, the Securities and Exchange Commission (SEC) is the primary regulatory body tasked with the oversight of lending and financing companies.

1. The Statutory Framework

The operation of lending and fintech entities is governed by two primary statutes:

  • Lending Company Regulation Act of 2007 (Republic Act No. 9474): Regulates entities engaged in granting loans from their own capital or from funds sourced from not more than 19 persons.
  • Financing Company Act of 1998 (Republic Act No. 8556): Regulates entities primarily organized for the purpose of extending credit facilities through installments, leasing, or factoring.

In 2026, the regulatory environment is further strengthened by the Financial Products and Services Consumer Protection Act (Republic Act No. 11765), which grants the SEC expanded powers to adjudicate complaints and penalize unfair debt collection practices.

2. The Dual Registration Requirement

A common misconception is that a Certificate of Incorporation (CoI) is sufficient to operate a lending business. In the Philippine context, registration is a two-tier process:

Document Purpose Legal Effect
Certificate of Incorporation Primary Registration Grants the entity legal personality as a corporation. It does not authorize lending activities.
Certificate of Authority (CA) Secondary License Explicitly authorizes the corporation to operate as a Lending or Financing Company. Operating without this is a criminal offense.

Any fintech company or OLA must possess both. A company might be a "legitimate" corporation but an "illegal" lender if it lacks a valid CA.

3. Mandatory Disclosure Requirements (SEC MC No. 19, Series of 2019)

Under SEC Memorandum Circular No. 19 (2019), all lending and financing companies must adhere to strict transparency rules. Legitimate OLAs are required to display the following in their apps, websites, and advertisements:

  • The Registered Corporate Name (e.g., "ABC Lending Investor Corp.")
  • The SEC Registration Number
  • The Certificate of Authority (CA) Number

If an app only lists a "brand name" (e.g., "QuickCash") without providing the underlying corporate entity and CA number, it is likely non-compliant or unregistered.

4. Step-by-Step Verification Protocol

To verify an entity, follow this systematic approach:

  1. Identify the Corporate Entity: Check the "About Us" or "Terms and Conditions" section of the OLA to find the full corporate name.
  2. Consult the SEC Official Lists: The SEC maintains updated databases on its website:
    • List of Lending Companies with Certificate of Authority
    • List of Financing Companies with Certificate of Authority
    • List of Recorded Online Lending Platforms (OLPs)
  3. Cross-Reference the OLP Name: Since 2019, the SEC requires companies to "record" the specific name of their apps. Even if a company has a CA, they must specifically register the OLA name they use in the app stores.
  4. Verify via SEC eSPARC or i-View: For more detailed checks, the SEC’s online portals allow users to verify if a company’s status is "Active," "Suspended," or "Revoked."

5. The 2026 Regulatory Landscape: Lifting the Moratorium

As of March 2026, the SEC has moved toward lifting the 2021 moratorium on the registration of new online lending platforms. The new guidelines introduce:

  • Single Certificate of Authority Policy: Consolidating branch and head office licenses.
  • Revised Capitalization Requirements: Linking minimum paid-up capital to the number of OLPs a company operates.
  • Cyber-Resilience Standards: Mandatory annual penetration testing and data localization requirements to protect borrower information.

6. Red Flags of Illegal Fintech Operations

Borrowers should exercise extreme caution if an OLA exhibits any of the following:

  • Absence of CA Number: No visible secondary license number in the app or marketing materials.
  • Personal Account Repayments: Requiring payments to be sent to personal bank accounts or GCash/Maya numbers rather than a corporate account.
  • Contact Scraping: Requesting access to your full phone contact list or social media accounts as a condition for the loan.
  • Harassment: Threats of "shaming" or contacting persons in your phonebook. Under SEC and NPC (National Privacy Commission) rules, this is strictly prohibited.
  • Pre-deducted "Service Fees": While common, excessive fees that result in a significantly lower net proceeds than the principal may violate the Truth in Lending Act.

7. Reporting Violations

If an entity is found to be operating without a Certificate of Authority or is engaging in predatory practices, reports should be filed with:

  • SEC Enforcement and Investor Protection Department (EIPD): For unregistered operations.
  • SEC Financing and Lending Companies Department (FLCD): For violations of lending rules.
  • National Privacy Commission (NPC): For data privacy violations or "contact shaming."

Non-compliance can result in administrative fines of up to ₱2,000,000, the revocation of the Certificate of Incorporation, and potential criminal prosecution under the Revised Penal Code and special lending laws.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login