he Reserve Bank of India has restricted banks and non-banking finance companies (NBFCs) from sharing the credit information of consumers with unregulated entities. According to a report, such transfer of data, without the knowledge or consent of consumers had been happening for long. It is welcome that the central bank has finally cracked the whip and is working to get the lenders to fall in line. Data of any sort is a valuable commodity at present.
Major establishments in the West have shown the way by striking big with data and are almost holding monopoly over the market. But along with the growth in value of data, its misuse has grown manifold concomitantly. For instance, there was this report earlier this year that Amazon staff were listening to Alexa recordings of users of the service. Such a violation of privacy may be benign, but the same cannot be said of companies that deal with finances and money. The RBI has done the right thing by regulating access to credit data of consumers, even if it means that fintech start-ups that depend on such data for their operations will suffer.
Many fintech companies rely on such data, which they have been authorised to access directly from credit information companies, to evaluate customers who apply for loans through them. However, there always prevails the possibility of the misuse of such data. Although the credit data, it is being said, is used by the companies only to verify whether customers are prompt with repayment of loans, it is always possible for such data to be also used to fish out other more critical information about customers. For instance, there are fintech firms that provide customers with credit score reports for more than once a year. For such services the customers are also asked to provide more data such as PAN, identification, address and mobile number for reports on their credit score and advice on ways to improve their standing. By providing such data, customers become vulnerable to identity theft and other such cybercrime.
Given that such services are being provided by unregulated entities, the consumer also stands to lose protections that regulated entities offer. Data being the new oil, it is important that RBI keeps an eye on the ways in which the institutions it regulates are using such information. Unscrupulous practices need to be nipped in the bud to create a safe and sound ecosystem for monetary transactions. Banks and NBFCs should be extremely careful when they part with data about their clients. While they are exercising due diligence in getting to know their customers before they provide him or her access to various services, it is also important that they retain the trust of banking services users through foolproof systems.
Unless the banking system becomes accountable to its customers, the loopholes will remain and depositors will stand to lose their hard earned money. While the RBI plays an alert watchdog to prevent misuse of the banking system, it is also important that customers, too, become extremely careful with the ways in which they use services such as banking over the Internet. It would be wise to not become overly dependent on virtual platforms for monetary transactions given the fact that most users in the country used pirated software that makes these vulnerable to hacking and such other criminal operations. Greater vigilance is essential under the circumstances, both on the part of institutions and individuals, to keep investments safe.