Controlling entry: registration and licensing

An appropriate regulatory model for emerging digital credit markets would be one centered on consumer credit rules. Here, all non-deposit-taking providers of credit to the public (digital or otherwise), regardless of their business model, would be bound by a set of consumer protection principles. To regulate the entry of lenders usually comes down to a choice between registration and licensing. 

Registration certifies that a credit-only FSP is permitted to lend (as its primary business) in a situation where it otherwise might not be allowed, or the legal status is unclear, giving assurance to consumers. It affirms that minimum standards apply to the lender and its shareholders and management. Registration also allows the authority to exert modest control over entry and carry out monitoring and light-touch supervision (e.g., tracking, reporting, spot-checks, complaint review). Registration requires the firm to provide:

• Basic institutional information, e.g., location, legal status, capital structure, officers, and board, and
• Periodic information about operations (e.g., financial statements, scale and portfolio quality indicators) and the characteristics, terms, and costs of products offered.

For example, South Africa requires lenders to register. They must submit information including ID, tax number, products offered, loan book value and numbers, business premises, staffing plan, administrative procedures, business and criminal record.¹

In these settings, authorities maintain databases where consumers can check whether a digital lender is registered and in good standing. As compared to licensing, registration affords the regulator less ex ante control and enforcement power over the FSP, which might make it less suitable in some settings. Ideally, supervisors should monitor registered FSPs to identify when certain players, subsectors, products or delivery channels might pose serious risks to large numbers of consumers or to systemic stability. Industry associations may also play a role in registration and even self-regulation with enforceable codes of conduct.

Licensing is sometimes seen, e.g., in the case of Kenya, as key to enforcing conduct standards. It is usually reserved for prudentially-regulated institutions. However, explosive growth in digital credit may result in major abuses, defaults, and frauds affecting large numbers of consumers. In such situations, especially where banks play a significant role in funding digital credit, licensing requirements for digital lenders could be justified. Licensing is unlikely to be appropriate where there is an effective financial consumer protection regime, and where digital lenders raise funds privately rather than through deposits from the public. 

As compared to registration, licensing imposes much more stringent requirements – e.g., capital, business plan, fit and proper standards, internal controls, operational policies, IT systems, etc. – with more time-consuming scrutiny and costly procedures. Licensing:

• Restricts entry to qualified providers only, with entry standards set to ration licenses and conserve supervisory resources;
• Enables and requires more intensive oversight, audit, reporting, on-site inspections.
• Signals that government has taken on a fiduciary duty and will effectively supervise providers.
• Often does not involve bespoke regulation of digital lenders but rather application of existing licensing regimes (e.g., for credit institutions in general).
• May be too burdensome for the lenders and the regulator, especially for small credit-only providers and when the sector is at an early stage of maturity.

Australia, for example, requires licensing for virtually all consumer credit providers. License applicants must submit documentation of fit and proper standards, adequate resources, staff training and oversight, compensation and risk management plans, dispute resolution provisions, etc. ASIC monitors compliance with periodic checks.²

Recommendation: The regulatory framework should provide for registration, but not necessarily licensing, of consumer credit providers (including digital lenders). This allows the regulator to monitor the lenders’ conduct and take enforcement action as appropriate.