The country’s centralized public credit registry, banks and data privacy

Font Size

By Karl Angelo N. Vidal

IN MAY, S&P Global Ratings upgraded its risk assessment on the Philippine banking industry, uplifting the country’s Banking Industry Country Risk Assessment (BICRA) score to “6” from the previous “7.” S&P uses its BICRA framework to evaluate and compare global banking systems. Scoring is done on a one-to-10 scale, with one being the best score, signifying lowest risks.

The global debt watcher cited that the state-led Credit Information Corp. (CIC), the country’s centralized public credit registry, will strengthen the underwriting standards in the consumer lending segment which will lower the banks’ nonperforming loans (NPLs) and improve transparency.

“Better data availability of credit history is positive for this segment where credit quality has historically been constrained by lack of information,” S&P said in a May 14 report, adding that clarity on creditworthiness should also foster risk-based pricing.

Enacted in 2008, Republic Act No. 9510 or the Credit Information System Act mandates the establishment of a comprehensive and centralized credit information system, with CIC tasked to consolidate the data.

The law also states that submitting entities or lenders such as banks, insurers, cooperatives and state pension funds are required to provide all credit data of their borrowers in their database to the CIC.

In an interview, CIC President and CEO Jaime P. Garchitorena said that having a centralized credit information system is “beneficial.”

“It is beneficial because the more you know your client, you will only lend him what he can afford to pay so it is less likely he is to default,” Mr. Garchitorena told BusinessWorld last June 21.

The concept of a credit registry, Mr. Garchitorena said, is not new in the Philippines. In the 1980s, the government issued a letter of instructions mandating the central bank to form Credit Information Bureau, Inc. (CIBI).

“The only fail point in that old presidential decree is that it did not require lenders to send contribution to then-CIBI. Suffice to say, that didn’t work out very well and at some point in the near past, CIBI became a private organization,” he noted.

The need to establish a centralized credit registry resurfaced when a crisis in the United States on subprime mortgage in 2007 developed into a global financial crisis.

“It became very apparent, at least in the Asia region, that nobody had any credit bureaus. Or if they did, it was not robust enough. So in the Philippines, the law was passed in 2008 and the [implementing rules and regulations] was passed in 2009,” told Mr. Garchitorena, adding that the CIC became dormant for nearly three years.

“The CIC remained largely inactive for about three years until about late 2011 when the Aquino government decided to revitalize it by putting a new board, which I was part of.”

The CIC started collecting data from submitting entities in 2015 when it got the bid for its credit information system.

However, the national credit registry had — and is having — a hard time in collating the credit information as some financial institutions fail to adhere with data formatting as well as update and correct loans which were already paid or resolved.

“There was even a time when we experienced these submitting entities or banks coming here with the boxes [telling us] that they will submit the data. Or even floppy disks,” CIC Senior Vice-President Aileen L. Amor-Bautista quipped.

“A lender has normally three goals,” Mr. Garchitorena said. “Lower NPLs, expand their market, lend their existing market more within specific risk tolerances. The CIC hopes to be able to assist them in all of those three.”

For one, the credit data collated by the CIC can be used by banks to mitigate NPLs or bad loans.

“Banks can make sure that whatever their institutional policies are on risks, whether they have a high or low risk appetite, they can properly contextualize prior to giving them a loan,” he said. “Banks can automatically make sure that their overall portfolio of risk is kept at a reasonable level.”

Mr. Garchitorena also noted that aside from lowering their NPL ratios, banks can also assess their clients across various risk levels.

“It’s not always about managing your NPLs because it just means no one is defaulting in the best case. It should be a matter of managing higher-risk individuals by using data and also making money off the volume of transactions from lower-risk individuals,” noting that a centralized credit information system will also reduce prejudice-based lending practices.

Apart from this, banks and other financial firms can lend more money to its existing clients and extend its lending services to more customers.

“It is possible to use the risk management system that the CIC data will provide to increase the benefits to your lenders, whether that results in larger credit limits or progressively lower interest rates,” CIC president added.

Accessing the credit information system can also expedite the lending process, enabling accessing entities to grant loans anytime.

“In the current mode of investigation prior to lending, it can take anywhere from hours to days to months for a loan to be approved, and it only runs from 9 a.m. to 5 p.m. Since the database is automated, 24/7 lending is a possibility.”

The banking community, meanwhile, is receptive of the initiatives of the CIC, saying that a repository of credit information will benefit not only the banks but the borrowing public as well.

“This is for the good of the whole banking industry,” Asia United Bank President Manuel A. Gomez said in a press briefing on June 22. “[W]e are pushing for the establishment of this credit bureau for the benefit really of not only the banks but the consumers as well.”

For Gregorio B. Anonas III, president of Chamber of Thrift Banks, the credit information system will help address the rising NPLs of thrift lenders.

“Yes, definitely, but it is worth looking at the growth of loans and not just the absolute amount so it’s relative,” Mr. Anonas said in a June 1 text message.

Despite being beneficial for the banking industry in general, Rizal Commercial Banking Corp. President and CEO Gil A. Buenaventura said that banks are also obliged to share their client information which could pose threat.

“At the same time, you’re committed to share whatever you have to that national credit system, which could also be a threat. It works both ways, but the net result I think is beneficial because that’s really one way to increase your customer base,” Mr. Buenaventura said in a round table discussion on June 25.

Amid the escalating cyberthreat environment, the CIC said it is making sure the credit data collated will not be placed in the wrong hands.

CIC’s Mr. Garchitorena said their information technology unit is one of the biggest departments in the state-led firm. It also gets the biggest funding.

“The security policies that we implement, including vulnerability assessment and penetration testing, exceeds that of normal corporations,”Mr. Garchitorena said, adding that the government mandates the state-led firm to practice “extraordinary diligence” when it comes to securing data.

“Extraordinary means something — if a bank does this, then we have to do more. So whatever the current standards are, there’s tendency to expect more from the CIC.”

In fact, the CIC pushed back the date of going live to make sure that the information is indeed secure.

“In all my interviews, I’m very careful to couch my predictions because before going live, security is a major concern. And the environment has become such where many of the… data outside CIC can [be exposed] to fraud and misuse,” he said.

The CIC said it will continue to receive more data as some financial institutions such as rural banks, cooperatives and state-fun financial firms are yet to hand in their client data.

“Considering we have only covered large financial institutions, there’s still that whole mass of borrowers that borrow from rural banks and co-ops,” Mr. Garchitorena said.

The credit information registry added that they are eyeing at least 18 million people with credit data.

“With no consideration of overlapping, we have a potential 18 million people with formal borrowings from credit cards to microfinance,” he said, adding that it can even climb to 30 million when large state pension funds start to send credit data.

“The total universe that’s going to be accepted into the CIC should be close to around 30 million over time.”

To date, the CIC has 5.3 million “thick” files or files with complete information, noting that 2 million of which were “thin” or incomplete.

“Over time, the thin files were converted into thick files because of the increased [know-you-customer] requirement of banks. More details about their clients have been loaded since,” Mr. Garchitorena said.

The system, which is expected to be live in the third quarter, can be accessed by two kinds of users: the SAEs or credit bureaus, as well as the submitting financial institutions, such as banks, cooperatives, lending firms, to name some.

Currently, there are four official SAEs namely local firm CIBI Information, Inc., South Africa’s Compuscan, Italy’s CRIF S.p.A, and United States’ TransUnion Information Solutions, Inc.