Can Loan Apps Access My Contacts in Nigeria?

📵 In Nigeria, a loan app that texts your boss, your pastor, or your ex about an unpaid debt isn’t just rude anymore, it’s explicitly illegal.

Everything explained below ⬇️⬇️⬇️

Recommended Content:

FAKE LOAN APPS IN NIGERIA: WARNING SIGNSHOW TO IMPROVE YOUR CREDIT SCORE IN NIGERIA

A missed payment on a small loan should stay between you and the lender. For years in Nigeria it often didn’t: apps quietly harvested a borrower’s entire phone book at signup, then used it as leverage the moment a payment slipped, messaging family, coworkers, and old contacts with claims about unpaid debt. That pattern generated a documented wave of complaints and, eventually, a direct regulatory response.

Know Which Permissions Are Illegal Before You Tap Install


The Federal Competition and Consumer Protection Commission’s Digital, Electronic, Online, or Non-Traditional (DEON) Consumer Lending Regulations, 2025, which formally commenced July 21, 2025, specifically target this behavior with a ban on accessing borrowers’ contact lists and using contacts, photos, or personal data for debt recovery. This article breaks down what the rules actually say, what documented harassment cases looked like, and how to check an app’s permissions before you ever install it.

Check Your Own Credit Report Before You Borrow Again

YES, SHOW ME MY OPTIONSNOT NOW, THANKS

* You’ll stay on an official credit bureau’s site. 🔒 ✅

What the DEON Regulations Actually Ban

On July 21, 2025, FCCPC’s DEON Regulations, 2025 formally commenced, and the regulator has been explicit about what changed. FCCPC’s own announcement describes a complete ban on digital lenders accessing borrowers’ contact lists and a prohibition on using contacts, photos, or personal data for debt recovery. The Commission’s Executive Vice Chairman put it directly: no consumer should be harassed, defamed, or lured into unsustainable debt under the guise of digital lending. Legal commentary summarizing the regulation text describes the practical bans as covering three things: messaging anyone in a borrower’s phone book about their debt, posting a borrower’s picture, name, or BVN on social media, and using abusive or threatening language toward a borrower or the people they know. Lenders that ignore these rules risk losing their license, and their directors can be barred from running a business for up to five years, alongside fines FCCPC has said can reach up to ₦100 million, or a percentage of the company’s turnover.

Real Complaints Filed Over Contact-List Harassment

The harassment DEON targets is documented, not hypothetical. Nigerian outlet Pulse Nigeria reported on Mariam Ogundairo, 27, who borrowed ₦30,000 at 21.6 percent interest over a two-week term; when she fell behind, she said the app contacted people in her phone list claiming she owed money. The same report described a 24-year-old university student who borrowed ₦70,000 in 2023 and, after defaulting, had messages sent to his coursemates calling him a ritualist killer. His own words: it wasn’t the case of unwillingness to pay, it was just a case of impossibility. Citizens’ Gavel, a Nigerian digital rights organization cited in the same reporting, said it had received more than 1,300 complaints about harassment and public shaming tied to loan apps, including a case where nude photos and a fabricated obituary were reportedly shared with a borrower’s contacts after missed payments. Cases like these are part of what pushed FCCPC toward the outright contact-list ban in DEON.

How to Check an App’s Permissions Before You Install It

Before tapping install, open the app’s page on the Play Store or App Store and scroll to the permissions or data-safety section, which lists exactly what the app wants to access, including contacts, SMS, photos, and location. A loan app only needs enough information to verify your identity and process repayment, so a request for full contact-list or photo-gallery access is a warning sign, not a routine formality. Separately, confirm the lender itself is authorized before you hand over any permission at all: FCCPC maintains a public registry at fccpc.gov.ng/registration-of-digital-money-lenders showing which digital lenders hold full approval, conditional approval, or are under watchlist review, and that list is updated as approvals and delistings happen. If a lender doesn’t appear there, it isn’t operating under the DEON framework, regardless of what its app store listing claims.

Where To CheckWhat It ConfirmsWho Runs ItTake Action
Search FCCPC Lender Registry →Read the DEON Regulations Text →Report Harassment to FCCPC →Check Your Credit Report →

⚠️ If an App Already Threatened Your Contacts, That Is Reportable — If a loan app has messaged people in your phone book, threatened to expose your photos, or used abusive language toward you or your contacts, that is a direct violation of the DEON Regulations, not just bad customer service. Save screenshots of every message before you block or delete the app, since a deleted conversation is harder to use as evidence later. Report the lender’s name and what happened to FCCPC’s dedicated task force at lenderstaskforce@fccpc.gov.ng, and note that this conduct is also potentially actionable under Nigeria’s Data Protection Act, separate from any FCCPC complaint.

Steps

  1. Before installing, open the app’s Play Store or App Store listing and check exactly which permissions it requests, including contacts, SMS, photos, and location.
  2. Search the lender’s name against FCCPC’s official registry at fccpc.gov.ng/registration-of-digital-money-lenders to confirm it holds full or conditional approval under the DEON Regulations.
  3. If the app is already installed, go into your phone’s settings and manually revoke contact, SMS, and photo permissions for any loan app that doesn’t need them to function.
  4. If a lender has already contacted people in your phone book or threatened to, document the messages with screenshots and report the lender to lenderstaskforce@fccpc.gov.ng.

Your Contacts Are Not Collateral

Nigeria’s loan app industry spent years treating a borrower’s phone book as an unofficial guarantee, and the DEON Regulations, 2025 were written specifically to shut that down. The rule is simple even where enforcement is still catching up: a registered lender has no legal basis to contact, threaten, or expose anyone in your contact list over a debt that belongs to you alone.

Protecting yourself starts before you install anything, by checking permissions and confirming FCCPC registration, and continues after, by knowing where to report a lender that crosses the line. The same discipline that keeps you off a predatory app’s radar, checking a lender’s status before you borrow, is the same habit that keeps your credit file clean for the next application.

Frequently asked questions

Can a loan app legally message people in my contacts if I miss a payment?

No. Under the DEON Regulations, 2025, FCCPC banned digital lenders from accessing or using a borrower’s contact list, and messaging people in it about a debt is a prohibited debt-recovery practice.

What exactly is the DEON Regulations 2025?

It is FCCPC’s Digital, Electronic, Online, or Non-Traditional Consumer Lending Regulations, which formally commenced July 21, 2025, covering registration, disclosure, and harassment rules for digital lenders operating in Nigeria.

How do I check if a loan app is officially registered with FCCPC?

Visit FCCPC’s public registry at fccpc.gov.ng/registration-of-digital-money-lenders, which lists lenders by approval status and is updated as approvals and delistings occur.

What permissions should a legitimate loan app never require?

Full access to your contact list and photo gallery is a red flag; a lender only needs what is necessary to verify your identity and process repayment, not your entire phone book.

What can I do if a loan app already contacted my family or employer about my debt?

Screenshot the messages, then report the lender directly to FCCPC’s task force at lenderstaskforce@fccpc.gov.ng, since this conduct may also be actionable under Nigeria’s Data Protection Act.

What happens to lenders caught violating the contact-harassment ban?

FCCPC has said penalties can include fines of up to ₦100 million or a percentage of the company’s turnover, director disqualification of up to five years, and delisting from app stores.

Sources consulted: fccpc.gov.ng, legit.ng, royalheritagelaw.com, creditnigeria.com, pulse.ng, firstcentralcreditbureau.com (checked July 2026)

⚠️ Disclaimer

This is an independent information portal, not affiliated with CBN, FCCPC, NIBSS, CAC, CRC Credit Bureau, FirstCentral, or any provider named above. We don’t process transactions, loans, or guarantee approval from any provider. Requirements and terms change over time — always confirm current rules through official channels before acting.

Rolar para cima