Our Blog


How Safe Is Users Data With Fintech Lending Platform

In recent years, the online lending industry has thrived globally. In the past month, suicide cases have come to the attention of the authorities in India. It was linked to alleged harassment by the recovery agents of unscrupulous FinTech platforms.

Mahesh Dommati, a 28-year-old tech worker in Hyderabad, India lost his job during the COVID-19 lockdown. He was unable to repay the 6,000 rupee loan he had taken out from an application called Slice. The recovery agents accessed his contact list and called his family and friends, demanding that they pay on his behalf.

Although the Reserve Bank of India (RBI) has mandated the regulation of online lending, there was a clear lack of supervision in lending applications. No one was monitoring if the Fair Practices Code was being adhered to.

In reality, untrustworthy FinTech platforms are constantly exploiting data in ways that would make consumers feel abhorred upon discovering the truth. The greater question is,  are consumers ready to compromise their data in exchange for greater convenience and better experience?



Covid-19 Crisis and the Cash Crunch

Even though the problem of dishonest FinTech lenders is not new, the COVID-19 pandemic has further brought the issue to the forefront. A large population around the world faced massive cash flow issues due to the lockdowns. Consequently, business revenue was almost down to zero. This caused many consumers to fall into debt traps, as they would surf websites for instant loans and eventually get trapped into paying very high-interest rates.

Taking advantage of the needy borrowers, deceitful FinTech platforms would offer them payday loans. Predatory loan applications with high processing fees, short tenures, and steep penalty charges on default are the features that make people fall into debt traps. They would even promise quick loans to those without credit history or collateral. Therefore, quick loans have also been criticized for their high-interest rates, short repayment cycles, aggressive recovery methods, and misuse of borrowers’ data.

In November 2019, Google dominated India’s app market over 98% of smartphones with its Android platform. They introduced a new developer policy. FinTech apps offering loans with a repayment period of fewer than 60 days would be banned from the Play Store.
Furthermore, loan apps were asked to disclose the minimum and maximum period of repayment, the interest rate plus fees, and the total cost of the loan.


Consumers Love Fintech Convenience, But Fret Over Privacy

Experts in the field confirmed that loan recovery issues have long persisted.  For a change, a layer of security is added for data privacy. This balance lies between ease of use and data privacy. 

In October 2019, The Indian National Privacy Commission (NPC) issued a ban on data processing. 26 lending apps were banned for data privacy violations, including debt-shaming. The order led to the takedown of these sites from the tech giant, Google. 


NPC is said to have received a total number of 689 complaints against online lending companies from July 6th, 2018 to July 31st, 2019. On this figure, 113 complaints were made against Fynamics’s online lending app. The app breached privacy by using the personal information on the complainant’s contact list. It was so that they could contact the complainant’s friends, relatives, and co-workers. This leads to the sharing of unwarranted, false information. In some cases, they were even asked to settle the loan on behalf of the data subjects. 



Are FinTech Customers Protected in Malaysia?



Lending apps have the potential to generate consumer benefits, but this requires trustworthy institutions and consumer financial literacy. Not many individuals fully understand the consequences of sharing personal data.

Due to the breadth of scope, scale, and dynamism of FinTech platforms, the sector is often regulated by multiple regulators, which overlap with one another.  For instance, the government regulators include governmental, self-regulators, and market regulators. 

In the Malaysian market, the regulatory bodies aid in providing strong support and accelerate FinTech growth. Personal Data Protection Act 2010 (PDPA) requires all individuals and organizations that process personal data in their dealings to comply with rules set out in the PDPA, except for the Federal Government and the State Government.

The enforcement of PDPA would strengthen consumer confidence in e-commerce and business transactions. This would also decrease the number of cases of credit card fraud, identity theft, and selling of personal data without customer consent. The PDPA imposes strict regulations on whoever collects or processes personal data (user data) illegally and grants individual rights to data subjects.

The General Principle in PDPA states clearly that one is prohibited from processing consumers’ data without permission. To further explain the context of the PDPA, it is the process that allows the control of data through automated means or methods or computing, or any other process.

Ultimately, the objective of PDPA is to mitigate the risk of misuse and misappropriation of personal data. Any failure to comply with the PDPA will result in a fine, ranging between RM10,000 to RM500,000 and/or imprisonment of up to three years, depending on the breached section/rule.

How HomeCrowd uses and protects your data?


You can read more about it here HomeCrowd Data Privacy Policy 


Please take note that we will enhance our data security infrastructure and update the policy from time to time.


20 April 2021 | by HomeCrowd team


HomeCrowd Sdn Bhd