CBK Freezes All Online Lenders Without Operating Licenses

Loan Apps Kenya

Two things have happened today: the CBK has announced that only 10 digital lenders have been licensed to run their operations in Kenya. Secondly, it has revealed that it received 288 applications, and is in the process of reviewing those that have not been approved. This means that the list might go higher than 10 companies, and there is a high chance that the majority of them could get rejected.

The CBK has also said that the companies that have not been named in the said list must stop their operations immediately up to that time their license review process will be approved. This follows the lapse of the 6-month transition period after CBK digital online regulations were published back in March.

“We urge these applicants to submit the pending documentation expeditiously to enable the completion of the review of their applications. All other unregulated DCPS that did not apply for licensing must cease and desist from conducting digital credit business,” says CBK in a statement.



The regulations state that no person shall establish or carry out digital credit business in Kenya or otherwise hold himself out as carrying out digital credit business unless licensed under the amendment.

Any person who contravenes the provisions of the preceding regulation commits an offense and shall be liable upon conviction to a fine of five hundred thousand shillings or imprisonment for a term of two years or to both.

Any person who was at the commencement of these regulations conducting digital credit business which is not regulated under any other written law shall apply to the CBK for a license within six months of publication of these Regulation.

NOTE: Many online lenders have not been registered because there was no law stopping their operations. This means that they will have to register their lending operations afresh and abide by the stated laws.


A digital lender shall put in place appropriate policies, procedures, and systems to ensure the confidentiality of customer information and transactions.

An online credit provider shall not share customer information with any person without the customer’s consent.

 Directors, officers, employees, and agents of a digital credit provider shall protect the confidentiality of customer information and transactions.

No director, officer, employee, or agent of a digital credit provider shall during, or upon, and after the termination of engagement or employment with the digital credit provider (except in the proper course of his duty and or with the digital credit provider’s written consent) divulge or make use of any secrets, copyright material, or any correspondence, accounts of the digital credit provider or its customers.

Customer Consent

A digital credit provider shall ensure that the customer’s consent is obtained before the submission or sharing of credit information with a credit reference bureau.

A customer may give consent through oral, print, or electronic means, subject to the satisfaction of the digital credit provider as to the authenticity of the electronic consent.

A digital credit provider who furnishes negative information to a bureau with respect to a customer shall, in writing or through electronic means, notify the customer of the intention to submit the negative information at least thirty days before submitting the negative information to the bureau or within such shorter period as the contract between the digital credit provider and the customer may provide.

A digital credit provider who has furnished credit information to a bureau shall, within thirty days from the date the information was furnished to a bureau, notify the customer that the customer’s credit information has been forwarded to the bureau.

Place of Business

Online lenders should have at least one physical office according to the provisions of the bill.

No branch or place of business of a digital credit provider shall be opened, relocated, or closed without the prior written approval of the Central Bank.

Credit Collection

This has been an issue for the majority of Kenyans who have been harassed by debt collectors, some of whom go to the extent of insulting them or calling members of their families to shame them for not repaying loans in a timely manner.

To this end, the CBK states that a digital credit provider, its officers, employees, or agents shall not in the course of debt collection engage in any of the following conduct against the customer or any other person:

  • use of threat, or violence or other criminal means to physically harm the person, or his reputation or property;
  • use of obscene or profane language;
  • make unauthorized or unsolicited calls or messages to a customer’s contacts;
  • improper or unconscionable debt collection tactic, method or conduct.
  • any other conduct whose consequence is to harass, oppress, or abuse any person in connection with the collection of a debt.


  1. CBK clearly advised that DCP that did not apply for the license are the ones who should cease operations. So there are additional 278 that are on various levels of review awaiting outcome

Comments are closed.