RBI's New Rules Give Fintech Firms Wider Access To Credit Data

Financial technology firms could get wider access to credit data of millions of Indians after the Reserve Bank of India laid down new rules for entities that are able to access such data from credit information companies or credit bureaus.

Until now, regulated firms such as those registered as non-bank lenders had access to such data. The RBI's latest set of rules do not specify that only regulated entities can access this data for purpose of analytics, allowing more companies to seek data from credit bureaus. The regulator, however, mandates that these "specified users" should be incorporated in India and owned and controlled by Indians. These entities should also have diversified ownership and relevant experience, the RBI said.

The Credit Information Companies Act limited data access to banks, NBFCs, regulated brokers, credit institutions, insurance providers and telecom companies among others, explained Navin Surya, chairman, Fintech Convergence Council. Unregulated financial services companies had to go through eligible partners for access, he said.

A diverse set of entities may be able to put credit data to use and provide better tailored products to consumers.

The move expedites the decision-making process by reducing the time required to exchange information, enhance transparency, and minimise manual intervention, Tarun Soni, head of finance at Bizongo, a B2B e-commerce firm, said in an emailed statement.

In the absence of access to formal credit data, fintech firms have used proprietary models to assess creditworthiness of different segments of customers. A wide range of parameters, including in some cases smartphone data and social media footprint, alongside employment and education are used to judge creditworthiness. Many of these parameters are untested as reliable indicators for the willingness and ability of a borrower to repay dues.

This could change with access to formal credit data but only to some extent.

"It's important to note that fintech firms cater to demography that may not have a credit score currently," Priti Rathi Gupta, founder of LXME, a financial platform for women, said. "But in the long run, as digitisation permeates deep into the country, the credit information will be more widely captured."

A person familiar with the matter said the regulator wants to curb reckless lending and improve credit data processing. The new framework can help in that. For instance, companies offering buy-now-pay-later products and payments firms will be able to access credit data first-hand and appropriate design and market products, this person said on the condition of anonymity.

However, the immediate impact may be small.

Customers new to formal lending remain a challenge and small businesses still see erratic business conditions. In such cases, technology alone cannot help because other policies, like moratoriums, may impact the eventual outcome of lending to these segments, the person quoted above explained.

According to Surya, having direct access to data will mean better oversight of who is using the data, for what purpose and whether this data is retained.

The RBI, in its notification, has mandated specified users to get appropriate certification to ensure robust and secure systems are used to preserve and protect data.

"The onus to ensure compliance lies with the CICs through the specified user setup. Indirectly, the CICs themselves are also included," said Vivek Ramji Iyer, national leader for the financial services risk advisory at Grant Thornton Bharat LLP.

The primary focus is on ensuring the data and its respective models are healthy, Iyer said.

The RBI framework specifies that such access will only be permitted for companies owned and controlled by Indians. This, according to the person quoted anonymously above, is in line with data localisation norms imposed by the regulator on entities such as card networks.

After payments, it is natural for them to enforce localisation even for credit data amid geopolitical uncertainty, this person said.