+91 7305 345 345Peer to Peer Lending License
1,64,739
Happy Clients
99.9% customers satisfaction guaranteed.
No Hidden charges
Peer-to-Peer (P2P) Lending License Registration
Peer-to-peer (P2P) lending has emerged as a transformative force in India’s financial ecosystem, enabling individuals to lend and borrow directly without the involvement of traditional banks or financial intermediaries. P2P platforms have gained significant traction in recent years. However, as the sector expanded, concerns around mis-selling, data misuse, credit risk masking, and lack of transparency prompted the Reserve Bank of India (RBI) to introduce a structured regulatory framework.
In India, any platform that facilitates direct lending between individuals is required to obtain a Peer-to-Peer Lending Licence and register as a Non-Banking Financial Company (NBFC) Peer-to-Peer Lending Platform (P2P) under the RBI’s Master Directions, which was first issued in 2017 and subsequently amended, most recently in August 2024. P2P platforms are now not just financial intermediaries but regulated entities with clearly defined fiduciary responsibilities, capital requirements, and compliance obligations.
What is a Peer-to-Peer (P2P) Lending License?
A Peer-to-Peer (P2P) Lending License is a formal regulatory approval granted by the Reserve Bank of India (RBI) to companies that wish to operate online platforms facilitating direct loans between individuals. These platforms connect individual lenders who are looking to earn returns on their idle funds with borrowers such as small businesses, salaried individuals, or self-employed people who need quick, unsecured loans.
To ensure that such lending activities are conducted in a safe, transparent, and compliant manner, the RBI requires these platforms to be registered as Non-Banking Financial Companies - Peer-to-Peer Lending Platforms (NBFC-P2P) under the Master Directions – NBFC-P2P issued in October 2017 (and updated through 2024).
Characteristics of Peer-to-Peer (P2P) Lending License in India
The Peer-to-Peer (P2P) Lending License issued by the Reserve Bank of India (RBI) has the following characteristics:
1. Non-Banking Financial Company (NBFC) Classification
P2P platforms are registered as NBFC-P2P, a distinct category of non-banking financial companies regulated by the RBI. The license does not permit platforms to lend their own money; instead, the platform acts solely as an intermediary.
2. Loan Tenure
The maximum tenure of a loan via P2P platforms is 36 months (3 years).
3. Minimum Capital Requirement
The platform must maintain a Net Owned Fund (NOF) of at least ₹2 crore at all times.
4. Escrow-Based Fund Management
All lender and borrower transactions must be routed through escrow accounts managed by a bank-promoted trustee.
5. No Credit Guarantee
P2P platforms cannot provide any assurance of repayment, guarantee principal or returns, or use their balance sheet to cover losses.
6. Cap on Exposure to a Single Borrower
A single lender can only lend up to ₹50,000 to the same borrower across all P2P platforms.
7. Caps on Exposure
- Lenders can invest a maximum of ₹50 lakh across all P2P platforms (with additional documentation for amounts above ₹10 lakh).
- Borrowers can raise a total of up to ₹10 lakh across all P2P platforms.
8. Data Localisation
Under the RBI’s Digital Lending Guidelines (2022) and reinforced in the 2025 updates, the rule is clear:
“All data (including personal, financial, and transactional) collected by the platform or its digital lending apps (DLAs) must be stored and processed on servers located in India.”
9. Limited Scope of Services
The platform can only facilitate the loan agreement between two parties. It can offer cross-sell credit protection products but can also assist in loan recovery as a service to its clients.
10. Grievance Redressal Mechanism
An RBI-mandated grievance redress system, including a nodal officer and access to the Integrated Ombudsman Scheme, must be in place.
Eligibility Criteria
|
Type of Entity |
Must be a company incorporated in India under the Companies Act, 2013 |
|
Capital Requirement |
Minimum Net Owned Fund (NOF) of ₹2 crore |
|
Fit and Proper Promoters |
Promoters and directors must pass the ‘fit and proper’ test, including no criminal background and a clean credit history. |
|
Board Expertise |
The board should comprise members with experience in finance, technology, risk management, and compliance. |
|
IT Infrastructure |
Must have a robust, secure, and scalable digital lending platform hosted in India. |
|
Escrow Mechanism |
Should have arrangements with a bank-promoted trustee company for managing escrow accounts |
|
Business Model |
Should not lend on its account; only facilitate peer-to-peer loans. |
Documents Required for NBFC-P2P License Registration
You need the following documents for registration:
1. Company & Financials
- Certificate of Incorporation
- Memorandum & Articles of Association (MoA/AoA)
- PAN & TAN of the Company
- Board Resolution approving NBFC-P2P application
- Latest audited balance sheet, financial statement & profit-loss account
- Net Owned Fund (NOF) certificate from a Chartered Accountant
2. Promoters & Directors
- KYC documents (PAN, Aadhaar, passport, etc.)
- Educational & professional qualification proof
- Director Identification Number (DIN)
- Credit report (CIBIL or equivalent)
- ‘Fit and Proper’ declaration for each director and key managerial personnel
3. Business Plan & Policies
- Detailed business plan of the company with projected financials
- Credit policy and risk management framework
- Escrow account structure & agreements with trustee bank
- Grievance redressal mechanism
- Cybersecurity & IT framework policy (as per RBI IT Framework for NBFCs)
Step-by-Step Application Procedure for Obtaining a Peer-to-Peer (P2P) Lending License
Follow the steps below for obtain a P2P License in India:
Step 1: Incorporate the Company
Register the company under the Companies Act, 2013, as a private or public limited company and ensure that the company’s objectives include financial services and peer-to-peer lending facilitation in the Memorandum of Association (MoA).
Step 2: Raise Capital
Infuse a minimum Net Owned Fund of ₹2 crore in the company. Obtain a CA certificate verifying the NOF, which will be submitted along with the application.
Step 3: Prepare Documents
Step 4: Apply on the RBI's COSMOS Portal
- Visit the COSMOS portal and register as an applicant.
- Submit the online application form along with all required documents.
- After submission, download the application reference number for future communication.
Step 5: RBI Scrutiny and Evaluation
The RBI will examine:
- Promoters’ background and financial integrity
- Fitness of directors
- Viability of the business model
- Compliance with regulations, including IT and data security readiness
Step 6: In-Principle Approval
If the RBI is satisfied with the application and the documents, the RBI issues an in-principle approval valid for 12 months.
Step 7: Final Inspection
Once the platform is operational and compliant, RBI will conduct a final inspection or compliance audit.
RBI will verify:
- Escrow structure and banking arrangements
- Data protection measures
- Functional workflows and policy implementation
- Reporting capabilities to credit bureaus and regulators
Step 8: Certificate of Registration
If everything is in order, the RBI issues the Certificate of Registration under the NBFC-P2P category.
Post-License Compliance Checklist
1. Capital & Structure
- Maintain a minimum Net Owned Fund (NOF) of ₹2 crore at all times.
- Operate only as a technology intermediary, not as a lender or guarantor.
2. Escrow Account Management
- Maintain two separate escrow accounts, one for lender funds and one for borrower funds, through a bank-promoted trustee.
- Ensure that all transactions flow through the escrow; there should be no direct fund handling by the platform.
3. Lender and Borrower Limits
- Limit each lender’s investment to ₹50 lakh across all P2P platforms.
- Investment above ₹10 lakh requires CA-certified net worth ≥ ₹50 lakh.
- Limit each borrower’s borrowing to ₹10 lakh across all P2P platforms.
4. KYC & AML Compliance
- Follow RBI's KYC Master Directions for all users.
- Perform e-KYC/CKYC verification before onboarding.
- Report suspicious transactions to the FIU-IND under PMLA, 2002.
5. Mandatory Disclosures
- Display Key Facts Statement (KFS) before loan execution.
- Disclose interest rates, fees, and loan tenure transparently.
- Publish loan book performance, NPAs, and recovery data on the platform monthly.
6. Regulatory Reporting
- Submit monthly, quarterly, and annual returns to RBI (e.g., DNBS02 returns).
- Maintain records of all transactions, complaints, and policy updates.
7. Grievance Redressal
- Appoint a Grievance Redressal Officer.
- Ensure that complaints are resolved within 30 days.
- Provide access to the RBI Integrated Ombudsman Scheme.
8. Marketing & Mis-selling Restrictions
- Do not advertise assured returns or use misleading performance claims.
- Avoid bundling or cross-selling credit insurance or guarantees with loans.
9. No Balance Sheet Lending or Credit Enhancement
- The platform must not lend from its funds.
- Prohibited from offering any Default Loss Guarantee (DLG) or first-loss cover.
Why Choose Kanakkupillai for Your Peer-to-Peer Lending License Registration in India?
Securing an NBFC-P2P license from the Reserve Bank of India requires more than meeting capital requirements. It demands a combination of legal expertise, technical understanding, and a deep familiarity with the Reserve Bank of India (RBI)’s compliance framework.
- End-to-End Licensing Support: We provide a complete solution from company incorporation to obtaining the NBFC-P2P license. Our experienced professionals handle the drafting of documents, preparation of internal policies, submission of the RBI application, and representation throughout the approval process.
- Deep Understanding of RBI Regulations: Our experts are fully up-to-date with the RBI’s evolving guidelines, including Master Directions, Digital Lending norms, KYC/AML rules, and IT compliance. We ensure your platform meets every legal and operational standard from day one.
- Legal & Tech Advisory: Our consultants work closely with your tech team to ensure a secure system design, seamless credit bureau integrations, and readiness for audits or RBI inspections.
- Timely Filing: With dedicated project managers, defined timelines, and checklists, we help you avoid delays and errors.
- Ongoing Regulatory Compliance: Beyond licensing, we help manage your ongoing obligations, including RBI filings, cybersecurity audits, credit bureau reporting, lender and borrower limits, and ensuring inspections are prepared.
Frequently Asked Questions
Is there any RBI-mandated IT framework for NBFC-P2P companies?
Yes. NBFC-P2P entities must comply with the RBI’s IT Framework for NBFCs (2017), which includes guidelines on data security, system audits, disaster recovery, access control, and business continuity.Where should the platform's data be hosted?
All customer data, including personal, financial, and transactional information, must be stored and processed in servers located in India, in compliance with the RBI’s Digital Lending Guidelines (2022) and updated 2025 directions.Is it mandatory to have cybersecurity audits?
Yes. An annual cybersecurity audit conducted by a CERT-In empanelled auditor is mandatory. Reports must be documented and made available during RBI inspections.Do P2P platforms need to implement two-factor authentication (2FA)?
Yes. Platforms must implement two-factor authentication (2FA) for user logins and transaction authorizations to ensure security and prevent unauthorized access.Can P2P platforms access user contacts or call logs from their devices?
No. As per the Digital Lending Directions, 2025, platforms (and their DLAs) are strictly prohibited from accessing sensitive device data such as contact lists, call logs, SMS, and location.Is consent required for collecting user data?
Yes, absolutely. All personal data must be collected only with explicit, informed, and revocable user consent, recorded digitally with time-stamps. Consent must not be bundled with other terms or conditions.What kind of IT infrastructure is expected by the RBI?
The RBI expects a robust, scalable, and secure IT system, including: • Encrypted communications (SSL/TLS) • Secure API integrations • Data loss prevention (DLP) measures • Role-based access controls • Real-time monitoring and logging systemsIs a live demo of the platform required during the licensing process?
Yes. During the RBI evaluation phase, applicants are often required to demonstrate their platform’s IT workflows, including onboarding, KYC, loan disbursal, escrow integration, and grievance redressal.Do NBFC-P2P companies need to report their Digital Lending Apps (DLAs)?
Yes. Every Digital Lending App (mobile or web) used to interface with customers must be reported to the RBI’s CIMS portal, along with URLs, app names, developer info, and app store links.What happens if a platform outsources IT functions?
If outsourcing any IT or backend operations to third-party vendors, the platform must: • Ensure the vendor complies with RBI norms • Include data protection clauses in SLAs • Conduct periodic audits • Remain fully responsible for data security breachesIs integration with credit bureaus required at the tech level?
Yes. All NBFC-P2P platforms must digitally integrate with at least two Credit Information Companies (CICs), enabling real-time reporting of borrower credit activity.What is expected in a Disaster Recovery (DR) and Business Continuity Plan (BCP)?
A robust DR/BCP should include: • Data backup protocols • Alternate server availability • Downtime response strategy • Periodic DR drills and reporting The plan must be approved by the board and tested annually to ensure its effectiveness.Are there penalties for IT non-compliance or data breach?
Yes. Failure to comply with the RBI’s IT and data protection standards may lead to: • Monetary penalties • Suspension of license • Restriction on onboarding new customers • Even cancellation of registration in severe breach casesWhat makes Us Different
300+ Services
Relax at home, we take care of Tax/Compliance
Reasonable
competitive price with professional service delivery
Customer Satisfaction
Prioritize client satisfaction and expectations at every step
Google Reviews
99% of Customers rated us 5* in Google.
Turn Around Time
99% of services will be delivered on within timeline
Compliance
We manage 99.9% of compliance within due date
Our Banking Partners
