Digital Credit Providers, or, DCPs have become some of the most active financial service providers in Kenya as they channel their services primarily through the ubiquity of mobile devices and apps. However, since the advent of popular mobile loans, many consumers in Kenya have invariably become indentured slaves to loans that accumulate massive and unserviceable interest and penalties due to obscure terms and conditions.

In addition, as many of these mobile loans go unrepaid, loanees often face the embarrassment and humiliation of having colleagues and family members being called and texted by the DCPs informing them that they have unserviced loans that need to be repaid. This sad state of affairs also led to millions of Kenyans being listed in various credit reference bureaus (CRBs) meaning that they could not access any additional credit facilities or loans until their outstanding and often gargantuan loans are repaid.

Ultimately, owing to the ‘grey’ nature of how DCPs were operating and how millions of Kenyans were getting financially crippled in the process, the Kenyan Government stepped in last year via the Central Bank of Kenya (CBK). CBK was given the regulatory mandate to cover DCPs, in the same manner they do so for traditional banks in Kenya, and on the 18th of March 2022 they came up with the regulations for the licensing of DCPs in Kenya. DCPs were then given 6 months to be compliant by the 17th of September 2022.

Earlier today, CBK issued a press release where they indicated that only 10 applicants out of 288 DCPs had been granted licenses. Meanwhile, all other unregulated DCPs that did not apply for licensing must cease and desist from conducting digital credit business. The surprising thing is that many of the better-known and more established DCPs that control big parts of the market in Kenya are NOT included in the initial list. However, CBK also communicated in their press release that they will continue to update that list as more of them conform to the licensing requirements.

This got me thinking that the only logical reason could be that the majority of the DCPs are struggling with certain aspects of the licensing requirements. These can be downloaded in full but here is a summary of what every DCP is required to provide to be licensed:

An applicant under sub-regulation (3) shall:

1. (a)  be a company incorporated under the Companies Act; and
2. (b)  ensure that its significant shareholders, directors, and chief executive officer meet the fit and proper criteria set out in the Third Schedule.

An application under sub-regulation (1) shall be submitted together with the following additional information:

1. (a)  A certified copy of the certificate of incorporation of the digital credit provider;
2. (b)  A certified copy of the Memorandum and Articles of Association of the proposed digital credit provider;
3. (c)  Notification of the proposed digital credit provider’s registered address;
4. (d)  A certified copy of the Memorandum and Articles of Association of any corporate body that proposes to have a significant shareholding in the digital credit provider;
5. (e)  A certified copy of the constitutive documents of an unincorporated person that proposes to have a significant shareholding in the digital credit provider;
6. (f)  Description of the information and communication technology system to be used in the operations of the digital credit provider;
7. (g)  Description of delivery channels or platforms to be deployed by the digital credit provider;
8. (h)  Description of, and terms and conditions of credit products and services which the proposed digital credit provider intends to provide;
9. (i)  Agreement with a telecommunication or other service provider for provision of channel or platform for the provision of digital credit.
10. (j)  The proposed digital credit provider’s Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) policies and procedures;
11. (k)  The proposed digital credit provider’s data protection policies and procedures
12. (l)  Description and evidence of sources of funds to be invested in the digital credit provider;
13. (m) Evidence of payment of application fee set out in the Fourth Schedule;
14. (n)  Names and addresses of the Shareholders in form CBK DCP 1-3 set out in First Schedule;
15. (o)  Credit policy, code of ethics and market conduct;
16. (p)  The proposed digital credit provider’s pricing model and parameters;
17. (q)  Corporate governance policy;
18. (r)  A sworn declaration signed by every officer as specified in the application form;
19. (s) A certificate issued pursuant to section 19 of the Data Protection Act;
20. (t)  A statement as to compliance with the provisions of Part VII of the Consumer Protection Act;
21. (u)  Any other information as may be required by the Bank.

The document goes into much more detail than shared above where I have highlighted some of the more stringent requirements but my sense is that many DCPs are generally struggling to be compliant with all the requirements for licensing since for the first time they really have to operate in a much more transparent and regulated manner.

This is not going to be easy going forward and we could very well see many of the pending DCPs exit the market and cease operations altogether on this basis. This could have both negative and positive consequences for the market so only time will tell what the next steps look like and how the DCPs will shape up in the near future.