Nigerian fintechs shame and threaten clients for late payment of their loans

YETUNDE Adewole lost her phone in June. She received a replacement weeks later including a new SIM card and everything is back to normal.

She didn’t think about the missing phone or SIM card until rumors started to circulate in July.

Yetunde owed money. An online lending fintech company was sending WhatsApp and SMS to everyone in Yetunde’s inner circle that she was a debtor and a fraudster.

His close friends, former classmates, and co-workers received these messages three or four times a day.


Read also

NITDA fines Soko Loan 10 million naira for data breach

SPECIAL REPORT: How Inefficiency and Lack of Transparency Default on CBN’s N50bn COVID-19 Loan to Small Businesses

Over 40 countries demand sickle cell disease drug from Nigeria – NIPRD DG

– Advertising –

How fintech loan sharks in Nigeria cyberbully trap customer in debt


“I tried to explain to everyone on my contact list, who I could get in touch with, that I hadn’t taken any loans from the online loan company and that they didn’t. was easy to try to clear my name for something I didn’t do.

“It was a really traumatic experience. My biggest regret was that I didn’t block the line when my phone went missing, ”she said. ICIR.

Yetunde had never taken out a loan from an online loan app, but she failed to block her SIM card after her phone went missing.

A WhatsApp message from one of the fintech companies, with Yetunde’s photo next to it.

If a missing phone fell into the hands of a scammer, a transaction could be made to the account of the owner of the phone without their knowledge.

All the scammer who got the SIM card from Yetunde had to do was download the online loan app, enter a fictitious financial detail, and let the algorithm generate a credit score.

The fintech creditor usually requests permission to access the SIM card contacts before the loan is approved, a process that takes barely an hour.

– Advertising –

Scammer used Yetunde’s SIM card to take out multiple loans from multiple online to lend applications which included: NairaPlus, EasyCredit, TrueNaira, GoCash, CashLion and LCredit.

A month later, online loan companies tracked down Yetunde’s contacts, claiming his loan payments were due.

She then reported the matter to law enforcement authorities and obtained a police report and a written affidavit.

Police assured her of their intervention, promising that messaging from fintech creditors to people on their contact list would cease.

Two weeks later, his friends were still sending him screenshots of threat messages from fintech lending companies.

For thousands of Nigerians like Yetunde, whose identities have been stolen by crooks, online loan companies have helped shame them publicly without properly verifying their identities.

A data sharing violation

– Advertising –

On August 17, the National Information and Technology Development Agency (NITDA), slammed Soko Lending Company, a Nigerian online lending platform, fined 10 million yen for invasion of privacy.

This was after a series of complaints against the company for unauthorized disclosures, failure to protect customer personal data and defamation.

One of the main reasons for the fine was the company’s “invasive messages” to contacts of defaulting customers when they failed to repay loans.

This clearly violates Article 2.2 of the Nigerian Data Protection Regulation (NDPR), which prohibits the illegal sharing of data with third parties without a legal basis.

ICIR Reviewed the terms of service for six lending apps hosted on Google Play Store, including: NairaPlus, EasyCredit, TrueNaira, GoCash, CashLion, FairMoney, and LCredit.

They all failed to disclose to users downloading the apps that their rights to access users’ contact lists would be shared with third parties if they were lacking. This is not in accordance with the policies of the Google Play Store.

the updated data privacy policy on the Google Play Store stipulates that applications that offer financial services on its platform must disclose to users what they intend to use their personal information for.

“Your app should post a privacy policy that, along with any disclosure in the app, explains what user data your app collects and transmits, how it is used, and the type of parties it is shared with,” the policy states.

Conclusions by ICIR show that collectors from the six loan applications engage in gross breaches of their clients’ privacy by sending threat messages to debtor contacts when they default on their loan obligations.

Edna Inyang, a makeup artist in Abuja, said she obtained an online loan application from FairMoney, but her terms did not specify that they would share their data with a third party in the event of default.

“One of the terms of the loan is that they get permission to access my phone contacts, but they didn’t say they would share this confidential information with my family, relatives, or people on your list. contacts in the event of default, ”she said. ICIR.

In January, a Twitter poll conducted by Techpoint found that 56.2% of Nigerians did not care about updating the privacy of WhatsApp.

More than half of Africa’s 54 countries have no data protection or privacy laws, according to the London-based company rights group Article 19.

And while 14 countries do, nine do not have regulators to enforce them, the group said.

Social shame regime

Online loan companies use their clients’ social networks to shame them, based on ICIR results.

Defaulting customers receive messages such as “You will no longer be able to get a loan from us or any other loan company / bank” or “Your loan will increase by 5% every day. “

Sometimes they use threatening messages like, “We are giving you until 4:00 pm to make your payment today or otherwise.” “

Udoma Nseobong had taken out a loan of 30,000 naira from CashLion Credit and he paid weekly interest consistently for six weeks.

When it came time to pay, he defaulted by one day and paid off his debt the next day, but the messages were sent to family members nonetheless.

“I had challenges that I missed for a day. On the second day, even after paying the fee, I was declared a runaway fraudster along with my whole family. I don’t know if the CBN is moderating the activities of these guys, ”he said.

A user who identified himself as Feyisetan Salau claimed in the comments section of Google Play of NairaPlus that she had been contacted several times about an unpaid loan by representatives who used “abusive and threatening language and raised interest rates.”

“However, the loan collection tactic / process that this organization uses is so unprofessional and appalling. Threat is not the way – be professional, ”she added.

An anonymous Abuja University student also said texting cost him his relationship, and another user said his boss nearly fired him for embarrassing the company.

There have been countless complaints on the Loan Apps page on the Google Play Store, indicating deep grief these posts have caused.

To combat the debt collection methods of these companies, some people have started playing with the system.

One user said he wrote to his entire contact list to say his phone had been stolen and that they should ignore any scammers who might text them. Then she deleted the app.

While a user could be banned from borrowing from a loan company due to bad loans, for example, they could still easily get credit from a competitor.

Although criticism of these practices has grown steadily, Titilayo Adetonya, a representative of CashLion clients who spoke with ICIR, justified the methods of debt collection by online loan companies.

“There is no libel when we trust people we’ve never seen give them money and when it’s time to pay they don’t pay.

“It’s legal to send these messages to their contacts because we notify them before we send these messages to their contacts and that’s how we get our money,” she said.

A missing fintech link

In Nigeria, potential clients who are looking for loans from online apps have to download the app, enter their financial information, and let the algorithm generate a credit score.

Most apps ask for a Bank Verification Number (BVN) and a phone number link to the BVN.

ICIR searched the Corporate Affairs Commission (CAC) database for the names of the six online loan applications and their names were missing.

This makes it difficult to know exactly who owns an app or even where the loan money is coming from.

However, they do reveal the location of their physical addresses on their information page on the Google Play Store showing that they are based in Lagos.

ICIR discovered that loan applications, CashLion, NairaPlus and LCash were all owned by Grola Tech Credit Limited, having followed its collection team leader through a LinkedIn post.

Grola Tech Credit Limited was however registered in the CAC database under registration number 1636828 but identified as inactive by the commission. The directors of the company are Chinese national Du Yaoyao and Nigerian Ayomikun Ogunkanmi

In accordance with Section 58 of the Banks and Other Financial Institutions Act (BOFIA), anyone wishing to engage in any financial activity other than insurance and stock exchange in Nigeria must apply in writing to the Central Bank of Nigeria (CBN) the granting of a license.

It was not clear if the online loan companies hadn’t checked the crooks who used Yemisi’s phone number, or if his rules weren’t strict enough to spot dubious customers.

Scammers are likely to be successful unless online lending companies introduce high-level multi-factor authentication like images and fingerprints, said Seun Folorunso, head of resources at the Fintech Association of Nigeria. ICIR.

“The crooks take advantage of unsuspecting Nigerians who expose their data to extort these loan companies unless they introduce other high-level identification means to stop them,” he added.


Editor’s Note: This report has been updated to remove the unfounded claim made against Migo, a popular loan company.

ICIR regrets this error.

Comments are closed.