The Kenyan government has taken its crackdown on the rampant data abuse in the digital lending space to another level by commissioning an audit of players in that sector.
Less than three weeks after the country’s apex bank licensed only 10 digital lenders from a pool of 288 applicants, the Office of the Data Protection Commission (ODPC) has now announced a planned audit on 40 digital lenders who were reported by Kenyans for data abuse.
Before 2021, hundreds of digital lenders operated in Kenya without any license or regulation, and unethical practices like debt-shaming and predatory lending became rampant.
This continued until last year when the Kenyan government stepped in and overhauled the industry, requiring all digital lenders to register for new licences and operate under the central bank’s strict surveillance.
Lenders who did not meet the application deadline were barred from operating countrywide, while the majority of those who did are still waiting for a licence—or an order to cease operations.
Now, 40 digital lenders are being investigated. They are all part of the yet-to-be-licensed digital lenders who are waiting for a favourable response from the CBK.
According to the ODPC, the office received 1,030 complaints and accepted 555, out of which 299 were directed against digital lenders who had misappropriated customers’ personal data.
Digital lenders have been barred from sharing customers’ information with all kinds of third parties, a contravention of which is punishable by law. If the ODPC finds truth in the complaints against these lenders, not only could they be ordered to cease operations, they could also be subject to litigious actions from complainants.