The Reserve Bank of India, on 10 June 2025, issued updated Digital Lending Directions superseding the earlier guidelines of September 2022. The revised directions introduce mandatory annual percentage rate disclosures, a cooling-off period for borrowers, and significantly tightened norms governing the role and conduct of lending service providers in the digital loan origination process.
Background
Digital lending in India has witnessed exponential growth, with fintech platforms and lending service providers facilitating a substantial share of retail credit origination. The RBI's original Digital Lending Guidelines of September 2022, based on the recommendations of the Working Group on Digital Lending, established the foundational regulatory framework addressing concerns around transparency, data privacy, and predatory lending practices.
However, regulatory experience since 2022 revealed persistent gaps in implementation. Consumer complaints regarding non-transparent pricing, hidden charges, and aggressive recovery practices by lending service providers continued to rise. The updated directions address these concerns by strengthening disclosure requirements and placing greater accountability on the regulated entities that partner with digital lending platforms.
Key Provisions
The Digital Lending Directions 2025 prescribe the following:
Annual percentage rate disclosure: All regulated entities and their lending service providers must disclose the annualised all-inclusive cost of credit to the borrower before loan sanction. The APR must include processing fees, insurance charges, platform fees, and all other costs borne by the borrower, computed on a standardised basis prescribed by the RBI.
Cooling-off period: Borrowers are entitled to a cooling-off period of three business days from the date of loan disbursal during which they may exit the loan by repaying the principal without incurring any penalty or charges beyond proportionate interest for the period of utilisation.
Lending service provider restrictions: Lending service providers are prohibited from accessing borrower data beyond what is essential for credit assessment. Data collected must be purged within 90 days of loan closure. First loss default guarantees by lending service providers are capped at 5 per cent of the loan portfolio originated through them.
Grievance redressal: A three-tier grievance redressal mechanism is mandated — first with the lending service provider (7-day resolution), then with the regulated entity (15-day resolution), and finally escalation to the RBI Integrated Ombudsman Scheme.
Reporting requirements: Regulated entities must submit quarterly reports to the RBI on digital lending volumes, borrower complaints, and lending service provider performance metrics. Material outsourcing arrangements with lending service providers must be reported within 30 days of execution.
Implications for Practitioners
The APR disclosure requirement will have the most immediate operational impact. Banks and NBFCs using digital lending channels must reconfigure their loan origination systems to compute and display the all-inclusive cost before borrower acceptance. The standardised computation methodology prescribed by the RBI leaves limited room for varying interpretations, which should improve comparability across lenders.
The three-day cooling-off period introduces a new consideration for portfolio planning. Lenders should factor potential early exits into their origination cost models, particularly for short-tenure personal loans where the cooling-off period represents a meaningful fraction of the loan tenure.
For fintech companies operating as lending service providers, the data purging and first loss default guarantee caps require careful review of existing partnership agreements. Practitioners advising fintechs should audit current data retention practices and guarantee structures to ensure alignment with the revised norms before the compliance deadline.