Hello everyone,

Welcome to the 205th edition of The Pattern.

On May 20, the RBI issued revised draft directions on the conduct of regulated entities in loan recovery, after substantial stakeholder feedback on its February version. Among the changes, it proposed allowing lenders to deploy technology-based mechanisms that restrict or disable certain functionalities of financed devices, including smartphones and tablets, when a borrower defaults. Most of the draft tightens how recovery agents behave — contact hours, call recording, certification. The device provision is the one that will define how small-ticket digital lending works from here.

The safeguards are tighter than the headlines suggest. Lenders can impose restrictions only if the loan was taken specifically to purchase that device, and the loan contract must explicitly state upfront that such restrictions can apply on default. Even then, a lender cannot act immediately — the account must first be 90 days past due, with the borrower failing to clear dues despite notices. Emergency calls and important alerts must keep working, and if a borrower clears their dues and access isn't restored on time, the lender pays compensation of ₹250 per hour for the delay.

How we got here

Before the RBI stepped in, lenders were already partnering with phone manufacturers to remotely disable smartphones through pre-installed apps when borrowers defaulted, using it as a form of security for what were otherwise completely unsecured loans. No contract clause, no consent mechanism, no floor on what a borrower could still access. It worked as a deterrent, but none of it was governed by anything.

The RBI told lenders to stop. By November 2025, smartphone loan defaults were rising. DPDZero, a Bengaluru-based collections firm, reported a 20 per cent month-on-month increase in borrowers not repaying their smartphone loans.

At the October 2025 MPC, Governor Malhotra said the mechanism was under examination, and Deputy Governor Rao said the RBI was trying to balance "customer rights and requirements, data privacy, and also the creditors' requirements".

Seven months of balancing, and the draft is the result.

The logic holds — up to a point

In vehicle finance, nobody debates whether a lender can repossess a car. This is the same principle applied to a ₹12,000 Redmi instead of a ₹5 lakh Creta. Credit demand from low-income, new-to-credit borrowers is rising, and for this segment, traditional collateral or credit checks are often not available. Remote locking acts as a digital collateral substitute. Without it, lenders either stop serving this segment or absorb higher losses. Both are worse for inclusion than a graduated, contractually disclosed restriction that only kicks in after 90 days of non-payment.

I get the logic. I've been in this space long enough to know that small-ticket unsecured lending doesn't scale without enforcement tools. 

But a phone isn't a car.

You can lose your car and still check your bank balance, pay a bill on UPI, apply for a job, or call your kid's school. Lose your phone and all of that goes with it.

According to Counterpoint Research, cited in this Business Standard piece financing accounted for 40 per cent of all smartphone volume sales in India in 2025, and in the premium segment above ₹30,000, nearly two-thirds of purchases were made on finance. At the premium end, the iPhone increasingly moves on instalments. At the other end — the ₹8,000 to ₹15,000 device financed through an NBFC — the borrower's phone is often their only screen, their only internet connection, and their only way into UPI.

To its credit, the RBI anticipated this. There's no kill switch: the draft requires a notice at 60 days past due, 21 days to pay, a second notice, seven more days, then only a graduated restriction (Inc42). "Essential services" are fenced off entirely:

“The bank shall not restrict / disable certain essential functionalities, such as access to internet, incoming calls, emergency SOS features, and receipt of emergency Government or public-safety notifications.”

Which sharpens the real question: what counts as "non-essential"? UPI? What about WhatsApp, which a large share of the country runs work and livelihood on? As one legal analysis of the draft noted, a mobile phone is no longer an ordinary consumer product — it is a payment instrument, identity gateway, work device, education tool, emergency contact system, and access point for public services. Restrict access to it, even gradually, and you risk cutting someone off from the digital economy India has spent a decade building.

Where this lands

Formalising device restriction with safeguards is the right call. The alternative — pretending lenders weren't doing it, watching defaults climb, and leaving borrowers with no protections — was worse on every count. The 90-day threshold, the upfront contract disclosure, and the ₹250-per-hour penalty for delayed restoration all suggest a draft that has thought about both sides.

The execution is what I'll be watching. Built well, this extends credit to millions who have no other collateral to offer. Built badly — a restriction that fintechs treat as a default setting rather than a last resort — it pushes the most vulnerable borrowers further from the system.

Comments close this Sunday, May 31. Whatever comes out of it will set the terms for device-financed credit in India for years.

Reading list

• Rs 25,000 EMI vs SIP: The Brutal Truth About Middle-Class Car Loans In India

• India's Retail Credit Growth Surges 31% As Gold Loans Boom: Report

• Bank fraud cases more than halve but value climbs to ₹48,000 cr: RBI data

• 55% Indian banking customers want improved digital support across the app, web and chatbot: EY report

Thank you for reading. If you liked this edition, forward it to your friends, peers, and colleagues. You can also connect with me on X here and follow FinBox on LinkedIn to get the latest updates.

Cheers, 
Mayank 

All opinions expressed are my own and do not necessarily reflect the views of FinBox or its promoters.