The fatal lure of instant loan apps

Several Indians have ended their lives owing to harassment by recovery agents of unregulated digital lending apps mostly linked to entities based in China. Probe agencies are now cracking the whip on such apps that lure customers into debt traps by offering quick loans

Updated - September 11, 2022 01:34 pm IST

Published - September 09, 2022 01:45 am IST

“Mummy, I am leaving.” This is how Amit Yadav, 35, a mechanic from Madhya Pradesh’s Indore, concluded his note on August 23 before adding the words “ek fakir insaan (a bankrupt person)” below his name and signature.

The police said Yadav died by suicide after poisoning his wife Tina, 30, daughter Yana, 3, and son Divyansh, 1, as he was unable to repay a loan of ₹40,000 he had taken five months ago from several digital lending apps. Yadav, in his note, said he was taking the extreme step to “protect his honour”.

On July 19, firefighter Y. Sudhakar, 33, took his own life by jumping in front of a train in Telangana, leaving behind his wife Sirisha, a homemaker, and 22-month-old daughter Ispita. Kumar, Sudhakar’s brother, says their relatives and friends had been receiving lewd messages about Sirisha from an unknown number over the non-payment of a loan of ₹5,000 taken using the Golden Rupee app. Kumar says recovery agents continued to harass them seeking more money even after they had repaid the loan.

Yadav and Sudhakar were among the several Indians trapped in a spiral of debt who ended their lives over the past two years owing to harassment by loan recovery agents of unregulated digital lending apps that are mostly linked to entities based in China. The apps offering quick loans without much documentation or collateral to unsuspecting borrowers mushroomed in the country during the COVID-19 pandemic. It became a popular option for borrowing money, especially for cash-strapped families and people facing joblessness.

However, their high interest rates, short repayment windows, coercive recovery methods and misuse of personal information have prompted the Reserve Bank of India (RBI) and Central probe agencies to crack down on the entities that run these loan apps and the payment gateways and crypto exchanges used by them to transfer overseas the money extracted from borrowers.

On August 2, Sujeet Kumar, Rajya Sabha member from the Biju Janata Dal, raised concerns in Parliament over “dubious digital loan apps with links to China and backed by Chinese entities lending unscrupulous loans in violation of RBI guidelines”. He said Odisha alone had seen 1.5 lakh downloads of these apps and asked if the country’s regulatory framework was adequate enough to tackle the threat posed by them.

In response, Union Finance Minister Nirmala Sitharaman said the Central government had taken cognisance of such cases where digital loan apps “originating from one particular country” were being misused to harass citizens and extort money. She added that the Union Ministries of Finance, Corporate Affairs, Electronics and Information Technology, and Home were working together to take action against such apps.

Ms. Sitharaman said, “I can broadly indicate that in the past couple of months, particularly in Telangana, a lot of people have faced harassment, and in those cases, actions have been initiated. That is not to say action is not being taken elsewhere. We are also consciously taking action against Indian citizens who have helped in getting these companies established and the shell companies through which they are operating.”

The Enforcement Directorate (ED) has launched a money laundering investigation into unauthorised online micro-loan apps based on multiple FIRs registered in Hyderabad and Bengaluru over the past two years. According to the agency, most instant loan apps have links to entities based in China. Chinese nationals or companies directly own several financial technology (fintech) firms in Gurugram, Delhi, Mumbai and Bengaluru or control them by using proxies as directors. To initiate the lending business, they infused funds into these firms directly or indirectly from overseas locations such as Hong Kong.

Deals inked with defunct NBFCs

As per the law, a lending company needs to be either a bank or a non-banking financial company (NBFC) that is registered with the RBI. When the RBI refused to provide these Chinese entities with an NBFC licence to start their digital lending business, they identified 38 defunct NBFCs with meagre capital ranging from ₹3.50 crore to ₹11 crore.

Deals were inked between the fintech firms and the NBFCs, providing security deposits worth over ₹100 crore and bringing in more funding through the Foreign Direct Investment route. The NBFCs then registered separate merchant IDs with various payment gateways for the fintech firms to start their lending business using loan apps.

The ED on September 3 conducted raids at the premises of online payment gateways such as Razorpay, Paytm and Cashfree in Bengaluru as part of its probe into the money laundering case. The agency said it had seized funds worth ₹17 crore kept in “merchant IDs and bank accounts of these Chinese-controlled entities”. The companies said they were cooperating with the ED.

The RBI, too, took notice of the growing number of individuals and small businesses falling prey to unregulated digital lending platforms and mobile apps offering quick loans in a hassle-free manner. On December 23, 2020, the central bank issued a note asking members of the public to verify the antecedents of companies offering such loans. “Consumers should never share copies of KYC (Know Your Customer) documents with unidentified persons, unverified/unauthorised apps and should report such apps/bank account information associated with the apps to concerned law enforcement agencies or use the Sachet portal,” the note said.

On January 13, 2021, the RBI constituted a Working Group on ‘digital lending including lending through online platforms and mobile apps’. As per the findings of the Working Group, from January 1, 2021, to February 28, 2021, around 600 of the 1,100 lending apps available for Android users in India across 81 application stores were illegal. During the same period, Google removed 115 apps from its Play Store for policy violation on the request of the Intelligence Bureau, the report said.

Despite the RBI’s guidelines to regulate digital lending platforms, the apps continued to offer loans, ranging from ₹2,000 to ₹20,000, to thousands of customers with minimum KYC requirements and based only on online verification. According to the police, to provide a loan, the apps ask customers to upload their Aadhaar card, PAN card and a live photograph. Customers are also asked to share a One Time Password (OTP) that is generated. The borrowers give various permissions while activating the app, giving it complete access to their contact list, location, chats, photo gallery and camera. This information is then uploaded to servers hosted in China and other parts of the world. The police say loan recovery agents operate from call centres situated in different parts of the country that have access to the data stored in these servers. Each call centre employs six to seven telecallers, who are paid around ₹25,000 per month and given incentives based on the targets they achieve.

Missing the fine print

A police officer says smartphone users often miss the fine print while giving permission to such apps. The catch is that at the time of sanctioning the loan, 15%-25% of the amount is deducted as a processing fee and the remaining sum carries an interest rate ranging from 182% to 365% per annum. A steep rate of penalty is added to the total repayable amount in case of default. “The rate of recovery of loans is as high as 90%. The net profit is 25% or more,” says an ED official. However, the NBFCs receive only 0.20%-0.50% of the interest collected.

The police officer says the source code for most Chinese loan apps is the same. “It means they change just the names and layout, but the money goes through the same network,” he says.

“Apple automatically checks all malicious apps, and if the source code is same or not. Hence, the accused use the Google Play Store.” He says data theft is a concern as these networks can later use it for other cyber crimes. “With the help of the customer’s OTP, the apps can access a victim’s bank account and understand their paying capacity too.”

Himanshu Goel, 28, an employee at a private company in Delhi’s Narela who drew a monthly salary of ₹25,000, says his Facebook timeline was filled with ads for loan apps. “They would offer ₹50,000 within two minutes and none of them looked suspicious.” He downloaded the Stream Loan app from the Google Play Store in May and to verify his bank account, the app credited ₹1. “I instantly received ₹5,000,” he says.

Mr. Goel says he is the sole breadwinner in his family and took the loans to meet urgent financial needs. A week later, telecallers demanded that he pay a penalty of ₹10,000 for not repaying the loan on time, the demand then increased to ₹50,000 and finally he ended up paying ₹1 lakh. Mr. Goel says the telecaller, who contacted him on WhatsApp, couldn’t understand Hindi. He said his wife also received threats from a telecaller based in Delhi, but she complained to the police and got him arrested. The loan recovery agents also blackmailed people in his contact list of 3,500, and threatened him, his wife and sister using morphed images. “My relatives ostracised us after this incident,” says Mr. Goel, who doesn’t use his old number anymore and has deleted his family’s images from his phone. His wife too doesn’t upload her images anywhere. “Our family has been laughed at, we cannot afford to lose our money and the little dignity we have in society.”

A senior police officer of Delhi Police’s Cyber Cell says there has been a rise in cases of harassment related to Chinese loan apps since last year. “Earlier, we had investment app scams, now loan apps are being used to extort money,” he says. With the growing number of Internet users, the scope of cyber crime has widened, he says. On August 20, Delhi Police busted a firm that ran a predatory instant loan app after receiving over 100 complaints on the National Crime Records Bureau portal. An officer says, “It took us two months to arrest 23 people working across the country.”

Deputy Commissioner of Police, Intelligence Fusion and Strategic Operations, K.P.S. Malhotra says six Chinese nationals were involved in the crime — Lynda, Akira, Zoya, Kobe Bryant, Lup Rong and Zixia Zhang — and an FIR was registered against them. The police say around ₹500 crore was routed to associates in China through cryptocurrency and hawala routes. “The Internet Protocol addresses and money routes have been found to be located in China. The apps were being hosted from Amazon Web Services and Ali Baba servers, which are in operation in India but do not comply with the norms here.”

After the August 20 crackdown, operatives are shifting call centres to Pakistan, Nepal and Bangladesh, an officer says. Different syndicates run such businesses, the officer says, as several people are needed to make threat calls, convert extorted money to cryptocurrency, create fictitious bank accounts and buy SIM cards. “It is a network that doesn’t just operate for Chinese loan apps but for all cyber frauds,” the officer says.

“We have found that people from China, Singapore, Hong Kong and Dubai are involved in such activities too, but Chinese nationals have a larger stake in this,” the officer at the Cyber Cell says.

According to Maharashtra Police’s Cyber Cell, Chinese loan apps have amassed ₹160 crore in the past two years and a lookout notice has been issued against the Chinese kingpin. The Cyber Cell has so far investigated 25 cases involving loan apps with call centres in Bangladesh, Nepal and India.

Madhukar Pandey, Additional Director General of Police, Maharashtra Cyber Cell, says each recovery agent is given a target of collecting ₹40,000 per day. “They are given a script, including threats, which they cannot deviate from. If the customer exhibits vulnerability, a link is sent to a payment gateway, which is operated by a different team. The two teams operate in silos.”

Cracking down on offenders

On February 24 this year, the RBI cancelled the Certificate of Registration issued to P.C. Financial Services (PCFS), which earned ₹1,320.13 crore in a year via the Cashbean app. According to the ED’s seizure documents accessed by The Hindu, the CEO of PCFS said the company was part of Opera Limited, headquartered in Norway, but all its major investors were Chinese nationals.

“Opera Group realised that third world countries offer good markets for its instant loans without collateral business. Moreover, there was no competition in the Indian market at that time,” said the CEO’s statement recorded under Section 37 of the Foreign Exchange Management Act, 1999. He said no one in PCFS raised objections as all the directors were on “salary basis”. The ultimate beneficiary was a Chinese national, Zhou Yahui, says an ED official.

Set up in 1995 by Indian directors, the company secured an NBFC licence in 2002. Following an RBI approval in 2018, its ownership shifted to the Chinese-controlled entities, the ED alleges. Of the total revenue from the app, ₹468 crore was sent overseas as payments for various services and ₹723 crore claimed as domestic expenditure. Fake invoices were raised through 111 shell companies that claimed to be engaged in businesses like logistics (64), gems and jewellery (17) and audio-visual services (30).

“All foreign service providers were chosen by the Chinese owners and the price of the services was also fixed by them. Exorbitant payments were blindly allowed by the dummy Indian directors of PCFS without any due diligence and on the instructions of the country head, Zhang Hong, who directly reported to Zhou Yahui,” according to the agency. As it turned out, the company had allegedly remitted foreign exchange worth ₹429 crore to 13 overseas companies located in Hong Kong, China, Taiwan, the United States and Singapore.

The ED has so far seized assets worth over ₹270 crore in the case involving PCFS. Properties valued at ₹51 crore have also been attached under the Prevention of Money Laundering Act.

A similar modus operandi was detected in another case pertaining to Kudos Finance and Investment Private Limited, whose promoter, Pavitra Pradip Walvekar, was earlier arrested and assets worth ₹72.32 crore attached by the agency. As alleged, despite having a net-owned fund of only ₹10 crore, the NBFC circulated loans of over ₹2,224 crore. The operations were funded by 39 fintech entities, which got ₹544 crore in profit. Kudos received about ₹24 crore.

The ED has also attached ₹77.25 crore in the case related to Mad Elephant Network Technology, X10 Financial Services, Baryonyx Technologies, Track Fined, Jamnadas Morarjee Finance, Cloud Atlas Future Technology, RazorPay Software Private Limited, says the official. Several other micro-financing apps, including IRupee, Rupee Home, Cash In, ERupee, Cash Master and Krazy Rupee, are also under the ED scanner. During the probe, the ED found that ₹14,656 crore was transferred using shell companies, of which ₹10,509 crore was purportedly routed to Hong Kong and mainland China. The agency has attached ₹40.64 crore in bank balance and ₹4.92 crore in cryptocurrency.

Following the money trail

The ED also gathered evidence showing that cryptocurrency exchanges were used by the masterminds to transfer funds. It recently froze the bank balance of Yellow Tune Technologies Private Limited, its payment gateway, and the assets of Flipvolt cryptocurrency exchange worth ₹370 crore. The same amount was also allegedly deposited by 23 entities, including the accused NBFCs and fintech firms, into the wallets of Yellow Tune Technologies that were held with the exchange. The company’s owners are yet to be traced.

“After we initiated the probe, most of the apps were closed and the funds diverted,” says another official, alleging that this “shell entity” was set up by Chinese nationals Alex and Kaidi (real names unknown) in connivance with chartered accountants and company secretaries. Its bank accounts were opened in the name of dummy directors. “These Chinese nationals left India in December 2020 and later, the Internet banking credentials and digital signatures of dummy directors and other particulars were shipped abroad and used by the Chinese nationals to launder the proceeds of crime,” it says.

The exchange has not been able to share all the details of suspect transactions with the ED as it allegedly had lax KYC norms, no due diligence mechanism, no check on the source of funds of depositors, and no mechanism for raising suspicious transaction reports.

The agency has also frozen ₹64.67 crore linked to Zanmai Lab Private Limited, which owns cryptocurrency exchange WazirX, as part of the probe against the NBFCs and their fintech partners. “These companies and their virtual assets are untraceable at the moment... maximum amount of funds were diverted to WazirX exchange and the crypto assets purchased have been diverted to unknown foreign wallets,” the agency had earlier said, alleging that this crypto exchange also could not give any account for the missing assets. “By encouraging obscurity and having lax AML [anti-money laundering] norms, it has assisted 16 accused fintech firms in laundering the proceeds of crime using the crypto route,” the ED has alleged.

The way forward

On August 10, the RBI issued its first set of guidelines to crack down on illegal activities in the digital lending industry. As per the new norms, all loan disbursals and repayments will be required to be executed only between the bank accounts of the borrower and the regulated entities — such as a bank or an NBFC — without any pass-through or pool account of the lending service providers or any third party. Last week, the central bank asked the industry to implement the norms by November this year.

According to RBI Deputy Governor M. Rajeshwar Rao, the norms are designed to end regulatory arbitrage and protect customers, and puts the onus on the regulated entities on behalf of whom the apps do the lending. Going forward, Mr. Rao says, the passage of a law banning lending by unauthorised entities and the creation of a self-regulatory organisation for digital lenders will bring transparency to the industry.

Those in distress can call Sanjivini, Society for Mental Health at 011-4076 9002.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in


Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.