Digital Lending and Debt Traps: Protecting African Borrowers from Predatory Apps
A trader in Lagos who needs N20,000 to restock before the weekend rarely has patience for a bank’s paperwork. Digital lending apps were built for this moment: no collateral, no branch visit, money in the account within minutes. That convenience has made mobile credit one of the fastest-growing financial products on the continent. It has also, for a significant number of borrowers, become the fastest route into a debt cycle that is difficult to escape.
How the model works, and where it breaks
Most digital lenders assess creditworthiness not through payslips or bank statements but through phone data: contact lists, SMS logs, call history, sometimes location. Borrowers grant these permissions during onboarding, often without reading what they’re agreeing to, because the alternative is no loan at all. That data does two things: it feeds a scoring algorithm, and it becomes leverage. When repayment is late, some lenders have used the same contact list to message a borrower’s family, employer, or coworkers, informing them of the debt in language designed to embarrass rather than inform.
A report by Kenya’s Centre for Intellectual Property and Information Technology Law found that most lending apps collect far more data than the loan process requires, with little transparency about how it’s stored or reused. One Nairobi borrower described a message sent to a relative, naming her outstanding balance and threatening legal action, timed for maximum humiliation. The tactic is common enough across the region to have its own name: debt shaming.
The economics compound the problem. In Kenya, some lenders have charged the equivalent of 200 to 300 percent of the loaned amount over repayment windows as short as seven to fourteen days, a structure that pushes borrowers to take a second loan just to close out the first. In Nigeria, similar patterns show up in regulator complaints: rollover fees, opaque interest calculations, and penalties that inflate a small loan into an unmanageable one within weeks.
Nigeria’s regulatory response
Nigeria’s Federal Competition and Consumer Protection Commission has spent the past year building the sector’s most comprehensive rulebook yet. The Digital, Electronic, Online, or Non-Traditional Consumer Lending Regulations, effective July 2025, require every app-based or online lender to register with the Commission, disclose loan terms clearly before disbursement, and submit bi-annual reports. Lenders are barred from pre-authorised or automatic lending and from marketing that obscures the real cost of a loan.
Enforcement followed once the compliance window closed. By January 2026, the Commission had placed 521 digital lending companies under regulatory scrutiny and blacklisted dozens of apps, including WeCredit and Hen Credit Loan App, for operating outside the framework. Non-compliance now carries penalties of up to N100 million or a percentage of annual turnover, with directors of offending firms facing disqualification.
The rules haven’t gone unchallenged. Telecom-linked lenders offering airtime and data advances, represented by the Wireless Application Service Providers Association of Nigeria, went to court arguing the FCCPC’s rules overlap with obligations they already meet under the Nigerian Communications Commission. A Federal High Court injunction in Lagos suspended enforcement of the disputed provisions pending a hearing scheduled for July 2026, leaving part of the framework in limbo even as the broader regulation stays in force for standalone loan apps. The dispute is a reminder that consumer protection rules still have to navigate jurisdictional turf between regulators, and that borrowers are sometimes caught in the middle rather than shielded by it.
Kenya’s parallel experiment
Kenya moved earlier. The Central Bank of Kenya’s Digital Credit Providers Regulations, in force since 2022, require licensing for any credit app and explicitly prohibit contacting a borrower’s friends, family, or employer without consent during debt recovery. A 2024 amendment made unauthorised contact with third parties a criminal offence rather than a regulatory breach, a distinction that gives borrowers a path to report harassment to police, not just a consumer protection office.
The results are mixed. The Central Bank has licensed only a fraction of the lenders in the market, and unregistered apps continue to circulate outside its authority. Kenya’s experience is instructive for Nigeria and other markets watching from the sidelines: a strong rulebook narrows the space for predatory conduct, but doesn’t eliminate it when enforcement capacity lags the pace at which new apps appear.
What protection actually looks like for a borrower
For all the regulatory movement, the most immediate defence available to a borrower is still basic diligence. Checking whether a lender appears on FCCPC’s or CBK’s public register before installing an app is the simplest safeguard, since delisted or unregistered operators have no legal standing to threaten legal action or contact third parties, however aggressively they try. Reviewing what permissions an app requests, and revoking contact or gallery access where it isn’t essential to the loan, closes off the exact channel most debt-shaming tactics depend on. Documenting harassment, screenshots, timestamps, and caller numbers gives regulators and courts something to act on.
None of this removes the underlying tension. Digital credit exists because millions of Africans are locked out of traditional banking, and for many, a loan app is the only source of emergency cash that doesn’t require collateral or a guarantor. The policy challenge is not to shut that door but to keep it from becoming a trap. Nigeria and Kenya are testing, in different ways, how far regulation can reshape an industry that scaled long before the rules did. The answer depends less on how the frameworks read on paper than on how consistently they’re enforced once the next wave of apps arrives.


