The Reserve Bank of India (RBI) has released the Digital Lending Directions, 2025 on May 8, 2025, introducing a revamped framework to govern digital lending activities in India. These updated directions replace earlier circulars and include new measures aimed at increasing transparency, ensuring fair practices, and safeguarding borrower interests.
Who Needs to Follow These RBI New Digital Lending Directions?
The directions apply to:
- Commercial Banks
- Primary (Urban), State, and Central Co-operative Banks
- NBFCs (including Housing Finance Companies)
- All-India Financial Institutions
Clearly, any financial institution involved in digital lending must align with these guidelines without exception.
Key Features of the RBI New Digital Lending Directions 2025
1. Clear Responsibility in RE-LSP Partnerships
Regulated Entities (REs) must enter into written contracts when partnering with Lending Service Providers (LSPs). These contracts should clearly define the roles and responsibilities of each party. Moreover, REs must regularly monitor their LSPs and take corrective actions whenever needed. Importantly, the RE remains fully accountable for borrower-related services, even if the LSP handles them.
2. Borrowers Receive Stronger Protections
To protect borrowers, RBI has laid out several customer-first policies:
- Loan Disbursals: REs must directly transfer loan amounts to borrowers’ bank accounts. No third-party routing is allowed.
- Repayment Process: Borrowers should repay loans directly to the RE’s account, avoiding any LSP intermediary accounts.
- Cooling-Off Period: Borrowers now have the option to exit a digital loan during an initial period (at least one day) without penalty. If they exit, the RE may retain a reasonable one-time processing fee.
- No Auto Credit Increases: Credit limits can only increase after the borrower explicitly requests and authorizes the change.
3. Tight Controls on Data Use and Storage
To ensure data privacy and security, RBI has mandated the following:
- Minimal and Purpose-Driven Data Collection: Apps must seek explicit permission before accessing any personal data and limit collection to essential information only.
- Local Data Storage: All personal data must stay on servers located in India.
- Consent Management: Borrowers have the right to grant or revoke consent and even request deletion of their data.
- No Biometric Data: Apps and LSPs cannot store biometric data unless legally permitted.
4. Strict Norms for Default Loss Guarantees (DLG)
The new directions allow REs to partner with LSPs offering Default Loss Guarantees, but with clear limitations:
- DLGs must not exceed 5% of the total disbursed amount from the associated loan portfolio.
- Only companies registered under the Companies Act, 2013 can provide such guarantees.
- REs must not use DLGs as a replacement for robust credit checks.
- Also, once invoked, a DLG cannot be reinstated—even if the loan is later recovered.
5. Mandatory Reporting of DLAs
REs must submit complete information about their Digital Lending Apps (DLAs) on RBI’s CIMS portal by June 15, 2025. Furthermore, this data must be updated regularly. RBI plans to publish the submitted information on its official website, thereby increasing transparency across the ecosystem.
RBI New Digital Lending Directions Implementation Timeline
| Provision | Effective From |
|---|---|
| General Directions | May 8, 2025 |
| Multi-Lender LSP Rules (Para 6) | November 1, 2025 |
| DLA Reporting (Para 17) | June 15, 2025 |
Why These Directions Matter
Over the last few years, digital lending has grown rapidly, but not without concerns—such as aggressive recovery tactics, misuse of personal data, and excessive interest rates. With this new framework, RBI aims to foster responsible innovation while protecting both lenders and borrowers. These directions also provide much-needed clarity to fintechs and banks engaging in digital credit.
The Digital Lending Directions, 2025, represent a crucial milestone in India’s digital finance journey. These rules not only bring better regulation to the sector but also build public trust. Borrowers can now make better-informed choices, and financial institutions must strengthen their compliance systems to stay in line with RBI’s expectations.
For further updates on RBI circulars and exam-relevant insights, keep following Banking Insights.
Frequently Asked Questions (FAQ)
The RBI Digital Lending Directions, 2025, are guidelines to regulate digital lending by banks, NBFCs, and fintechs, ensuring borrower protection and data privacy.
They apply to Commercial Banks, Co-operative Banks, NBFCs (including Housing Finance Companies), and All-India Financial Institutions engaged in digital lending.
An LSP is a third party that assists regulated entities in digital loan origination, processing, servicing, or recovery.
DLG is a guarantee where a third party promises to compensate the lender for a portion of loan defaults. RBI caps this at 5% of the disbursed loan portfolio.
No. Loans must be disbursed directly to the borrower’s bank account, with few regulatory exceptions.
Data collection must be minimal and with consent. All personal data must be stored in India, and borrowers can revoke consent and request data deletion.
It’s a minimum one-day window during which a borrower can cancel the loan without penalty by repaying the principal and proportionate interest.
Yes, partially. EMI programs on credit cards follow separate guidelines. Other card-based loans fall under these directions.
Most provisions are effective from May 8, 2025. Para 6 is effective from November 1, 2025, and Para 17 from June 15, 2025.
You can file complaints at the RBI CMS portal or send a physical complaint to RBI Chandigarh. Lenders and LSPs must also provide grievance officer contact details.