Consumer protection

Insight - Financial Services

December 2023

Consumer protection

This insights page was written by Jayshree Venkatesan and Edoardo Totolo from the Center for Financial Inclusion (CFI). It is regularly updated and highlights what Strive Community is learning about consumer protection for small businesses. Do you have best practices or insights to share about this topic? Reach out to us.


The adoption of digital tools and financial services by micro- and small businesses provides the opportunity to use the increased digital footprint to meet their vast unmet credit requirements. However, a lack of trust arising from consumer protection risks associated with digital financial products and services appears to be a limiting factor in this adoption process. 

The adoption of digital tools can range from accepting payments via mobile money to marketing products on social media, managing inventory, or selling on an e-commerce platform. The Center for Financial Inclusion (CFI) classifies digital tools as “low-stakes” and “high-stakes” based on the costs and benefits of adoption to small businesses.

  •  Low-stakes digital tools tend to be low-cost and do not require a financial or temporal commitment—for example, communicating with consumers or marketing their business on social media. 
  • High-stakes digital tools tend to require formal business registration and include financial transactions or commitments—for instance, selling on an e-commerce platform. 

Small business owners tend to be resource-constrained in terms of time and money and prioritize adoption based on financial and time commitments they need to make. When things go wrong with the use of high-stakes digital tools, the financial impact can be significant, and small business owners lack sufficient redress options to help them overcome this trust deficit. This lack of trust is reflected in their decision to adopt digital tools. 

Research indicates that many micro- and small enterprises (MSEs) adopted low-stakes tools during the COVID-19 pandemic, yet only a few adopted high-stakes tools. Even among MSEs that did adopt high-stake digital tools, usage was inconsistent, and some reverted to their old ways of doing business when pandemic-imposed constraints were removed. While MSEs are reluctant adopters of digital financial services (DFS) and digital tools, we aim to understand the consumer protection issues contributing to this deep-seated trust deficit. 

This insight brief, written by CFI, conducts a meta-study of existing research to identify vulnerabilities small businesses face due to consumer protection risks, which in turn contribute to the drop-off in using DFS and a persistent lack of trust. This brief also distinguishes between consumer protection challenges faced by small business owners and those faced by households to ensure that DFS providers continue to take a nuanced and segmented approach to the needs of the consumers they serve. Finally, this brief offers some recommendations for DFS providers, policymakers, and regulators to better address the trust deficit.

Understanding the trust deficit in DFS for small businesses

With innovation in DFS products and delivery, there is a greater need to identify issues that can contribute to a lack of dignity, agency, or fair outcomes for consumers, especially those who are low-income. While there is a considerable overlap of consumer protection risks between households and micro- and small business owners, the persistent lack of trust observed among small businesses is due to reasons beyond capability and awareness. 

Small business owners face financial and business risks; these can be sudden and create a vicious cycle, with one exacerbating the other. Additional challenges that are created when dealing with DFS come from the limitations of product design, lack of responsive redress systems, and lack of clarity on regulations. 

For instance, small businesses often face liquidity pressures in their operations and need working capital. However, they are forced to use the only product available: short-term digital loans that are more expensive and inadequate for their needs. From a payments perspective, small businesses are likely to receive small-value daily payments and have to make payments to vendors and suppliers at higher frequencies than households. Risks such as higher transaction fees, failed transactions, and fraud can disrupt their cash flows and create undue stress in seeking redress. 

Among several consumer protection regulations, the term “consumer” does not cover businesses. Global guidelines for consumer protection, including those from the UN, use the term “consumer” to refer to a natural person acting for personal, family, or household purposes. This narrow definition excludes small businesses that may be formally registered or are beginning to formalize, and that cannot afford to access expensive legal recourse mechanisms available to larger businesses. Small business owners are as susceptible to misselling and fraud as individual consumers but fall between the cracks for legal recourse. 

Small business owners also tend to be concerned about business continuity. This need for stability and continuity extends to the financial services providers they choose to transact with. DFS providers are seen as fickle; the belief among MSE owners is that they can disappear overnight and are not as well-regulated as banks and non-digital nonbank financial institutions. These issues either create new vulnerabilities or exacerbate existing ones, contributing to the trust deficit displayed by small businesses. CFI uses a vulnerability framework to identify drivers of consumer protection risks for micro- and small businesses using qualitative evidence available from various studies. 

Vulnerabilities that impact DFS use by small businesses

Micro- and small businesses are impacted by four types of vulnerabilities that are specific to the use of DFS, outlined below.


Note: CFI’s vulnerability framework draws from a vulnerability taxonomy proposed by Dr. Peter Cartwright.

What contributes to information vulnerability?

Information vulnerability is a susceptibility that is created due to information gaps or asymmetry when delivering DFS. It could be due to a small business owner's inability or difficulty in accessing the information provided by a DFS provider, their inability to utilize the information provided, or the manner in which information is revealed.

  • Lack of disclosure and transparency in DFS: MSEs are not homogeneous. They operate at different sizes, growth prospects, ambitions, and capability levels. DFS can be daunting, especially when the costs associated with the product are not entirely clear. CFI’s research with small business owners showed that business owners did not fully understand the costs associated with mobile money, and 42% of the respondents with a mobile money account said they did not know about all the fees associated with their accounts. 
  • Information and awareness: Even when presented with information, small business owners may not have the confidence or the ability to utilize the information provided. For instance, women MSE owners were found to be less likely to understand pricing models and redress policies

What contributes to supply vulnerability?

Supply vulnerability is a susceptibility when small business owners are not provided a real choice or experience a lack of choice. It could result in discrimination and deliberate exclusion of some segments or create other challenges in using DFS like network downtime, security difficulties, and privacy challenges, which make small business owners feel like they lack control. 

  • Discrimination and/or deliberate exclusion: Gender-based discrimination when seeking financial services, whether digital or not, is a factor that prevents women entrepreneurs from growing their business and influences their choice of business to begin with. For instance, women tend to operate home-based businesses in sectors that are considered “appropriate.” Women who participated in focus group discussions conducted during CFI’s research with MSE owners said they were treated differently from their male counterparts, often receiving smaller loans, even when possessing good credit history. The digital delivery of financial services creates additional challenges for women, who encounter structural barriers like lack of trust, awareness, and accessibility. 
The truth is, as a woman they lend me less than a man. Assuming I have a good credit life, I have everything in order … they give me a loan of 2, 3 million pesos, despite the financial behavior I have. But a man goes … It has happened that friends go and ask for loans at the bank, and they disburse him 15, 20 million pesos. So I have seen discrimination there. —Small business owner (Colombia)

In some cases, women business owners reported being asked for more documentation than men. One owner of a food retail microbusiness in Bolivia reflected on her experience of applying for a loan from a bank, “I want this to be known, how can we continue working with the bank if they put those obstacles in our way for so little [loan]? Really, I can understand if it’s for a big amount, fine to ask us for that, but for a small amount, I think there should be few papers, one asks for what one can pay.” While digital lenders may not ask women borrowers for greater documentation, greater care must be taken to ensure that algorithms don’t automatically exclude women or follow discriminatory norms set in the analog world. 

  • Privacy risks: The lack of transparency and clarity on how personal data is used can create a trust deficit for small business owners with DFS providers. Small business owners who started using social media noticed that they were shown ads related to their field and expressed concern about how their data was being used. The lack of clarity also added to their feeling of a lack of control over technology. There was widespread concern about DFS providers’ practices for loan collections, stemming from personal experiences or hearsay within social networks of how providers scrape user data and track down personal contacts in the event of delayed repayments. Here, too, gender played a role, with women business owners expressing greater concern about privacy risks. 
I would want to know what the app is going to cost me. And I should know how to use it. I don’t know how a new app would work. How the data is stored. Could the data get erased? We don’t know anything about these apps, the people, where they’re from. HDFC Bank, I have their trust, such a very established company. If it’s some hidden thing I’ve never heard of, maybe my account would be drained immediately. All your data is going into this app and it could be misused.—Male transport business owner (Source: CGAP

There is also a fear of debt shaming in one’s social network when default details are shared with social networks by digital lenders. Small business owners often use a combination of informal credit from their social networks and more formal credit, and they use digital loans in the absence of other loans. Any form of shaming in their social networks can potentially erode their social capital, which can be debilitating. 

  • Inappropriate pricing and products: The lack of flexibility of formal financial products has been well documented. The lack of trust in DFS is further exacerbated by inappropriate pricing and product design for small business owners. Digital lenders tend to charge higher interest rates for shorter-term loans compared to banks. As a respondent in CGAP’s MSE research said, “We’re looking at a loan of around 4–5 million Kenyan shillings. It is best to borrow through a bank. With a bank, the rate of interest is around 9–12 percent, but others charge 18–25 percent. It is too high.” Compared with households, small businesses are more sensitive to increased costs, taxes, and any additional fees. For instance, research shows that MSE owners tend to factor in implicit costs of becoming visible to formal tax nets, infrastructure costs of data and electricity, and additional fees that might need to be paid. Unless these costs translate into greater revenue and sales, the adoption of DFS will continue to be low. 

DFS has the potential to offer innovative services beyond digital credit, which can also be designed to meet business needs. Some early innovations have begun, particularly during the COVID-19 pandemic. For instance, NCBA in Kenya has started offering small working capital loans to small business owners instantly on consumer request and processes nearly 4.5 million daily transactions. In Indonesia, Investree utilizes alternate credit scores and data analytics to offer small business owners short-term working capital loans and is looking to build a platform that offers services beyond finance. However, these examples are limited, and much more investment in innovative product development is required to ensure that small businesses can thrive. 

  • Platform security and vulnerability: As embedded finance models evolve, platforms are gaining importance in delivering financial and non-financial services to small businesses. However, platforms are seen as high-stakes tools and bring additional risks if their security is compromised. As a result, they engender little trust among small business owners. In focus group discussions conducted by CFI, the biggest concerns expressed were fraud, theft of money, and hacking of bank accounts. Participants said they were forced to develop different strategies to prevent fraud, such as verifying payments before delivery of merchandise when selling through platforms. A male small business owner in Colombia reported, “I don't remember the app very well, but it did ask me for a lot of data and I [thought]—oh no, not that far—because the normal thing is it sometimes ask for your email, your phone number; but on other platforms [they ask for] the ID number, a lot of things, that's [exceeding] my limit.” 

What contributes to redress vulnerability?

Redress vulnerability is a susceptibility that arises from poorly designed complaint and redress systems.

  • Poor complaint procedures or recourse mechanisms: Digital channels tend to exacerbate the trust deficit due to limited recourse mechanisms users have to enforce their rights. Many small business owners (in fact, about 65%) were worried about making mistakes when using mobile money. Even when recourse mechanisms exist, a lack of awareness of the process can be a deterrent. Women business owners reported that they avoided mobile money because they didn’t know what to do or who to contact if something went wrong with a transaction. 
  • Fraud and scams: With increasing digitalization, fraud and scams are a rising threat, affecting retail consumers and micro-entrepreneurs alike. During the pandemic, as more people depended on digital channels, there was a surge in the numbers and types of frauds and scams. Previous research in Kenya and Tanzania shows that entrepreneurs represent a significant share of borrowers of digital loans. With this surge during the pandemic, it is highly likely that small businesses that use DFS experienced them. However, this is an area that needs to be researched more systematically. Small business owners who participated in CFI’s focus group discussions indicated that the most common type of fraud was people misrepresenting themselves as bank officials offering loans. With fraud, as with redress, the lack of knowledge on what could be done if they ended up as victims was a deterrent to using DFS. Small business owners, who have experienced fraudulent transactions, poor redress systems, or delayed payments when using digital payments, may not believe in security as an appealing value proposition, unlike households. 

What contributes to impact vulnerability?

Impact vulnerability is a susceptibility due to one’s specific business circumstances that can create undue stress, particularly when financial service providers do not have real-time information about business circumstances and are unable to respond with care. Small business owners are often overwhelmed and need access to liquidity instantly. Numerous anecdotes of delayed payments, fraud, and poor redress mechanisms force small business owners to continue relying on cash. Even with business as usual, digital platforms and payment gateways tend to take time to transfer money, forcing small businesses to rely on cash. They also tend to view digitalization as an expense, not an investment, as they factor in implicit costs like increased taxation, infrastructure costs, and data costs that must be additionally incurred.

Recommendations to address the vulnerabilities small businesses face

A review of the available literature shows a connection between consumer protection risks faced by small business owners and the persistent trust deficit which impacts their DFS adoption and use. While constructed from anecdotal evidence, they present hypotheses that CFI intends to explore systematically in the future. The evidence also suggests some implications for DFS providers, which are organized as recommendations to address the vulnerabilities outlined in this brief. Since regulators and policymakers play an important role in consumer protection, recommendations for them are also included.

Recommendations for DFS providers

  • Adopt a gender lens while designing DFS. The digital financial capability of women entrepreneurs should be an area of focus and requires systematic investment and evidence building on what works and how safer digital environments can be created. Work by the Mastercard Center for Inclusive Growth suggests that embedded approaches, such as using behavioral approaches in the form of ‘just in time’ messages and nudges, can be effective.
  • Take a segmented approach. Segmenting small businesses can help DFS providers with nuance while creating relevant financial products for their needs. For example, CGAP outlines four business model taxonomies—merchant cash advances, factoring, inventory financing, and platform-based lending—where digital approaches have the potential to drive a significant reduction in the credit gap that exists. The Financial Access Initiative's Small Firm Diaries research shows that small business owners tend to be highly banked and have access to a large number of digital financial solutions. However, their financial lives tend to be much more complex than low-income households. For one, they deal with a larger number of consumers and suppliers and see a higher volume of payments across a range of values, depending on the nature of their business. Most small business owners use every mode of digital payments and cash to accomplish their business goals, often juggling consumer and supplier preferences and their need to manage cash flows. Further, the lack of access to overdraft facilities by small business owners can force them to borrow from informal sources at high-interest rates to cope with daily expenses after they face an unexpected or emergency shock, which can lead to a vicious cycle of over-indebtedness that is hard to break.
  • Embed consumer protection by design. Consumer protection is crucial, not just to build consumer trust in DFS but for providers to see business value from the use of their services. A focus on consumer protection at the outset can be a strong business value differentiator in an increasingly crowded space. However, this requires providers to start putting consumers at the heart of their design process and embed consumer protection by design from the start. Consumer protection by design is a new area being developed by CFI. However, early guidance can be drawn from the UK government’s “Secure by design” approach, which seeks to build security from the start. 
  • Encourage iterative design waves. It is important to acknowledge that the design process is iterative—it can be initiated at any stage of an institution's or product’s life cycle and starts with a consumer problem that needs to be solved. For instance, UK’s Monzo Bank discovered that one in five adults in the UK experienced financial abuse and needed a way to safely disclose their situation to banks. This led them to create a "share with us” feature that allows consumers to disclose without putting them at risk. While this example is applicable to individuals, similar principles can be used to design better grievance redress systems for small businesses that use digital financial services. 
  • Encourage dialogue with regulators and supervisors. As business models evolve, it is important for regulators to address gaps that might arise, for instance, regulatory gaps with platforms and embedded finance models where channels for grievance redressal may not be evident to consumers. There is a need to create a way for DFS providers to interact with regulators to expand protection to small business owners, so they don’t fall between the cracks. 

Recommendations for regulators and policymakers

  • Encourage transparent communication with consumers. Regulators can encourage DFS providers to clearly display and provide a Key Facts Statement to borrowers, mentioning fees and charges transparently, like the Reserve Bank of India mandated for digital lenders in India. While the focus has been on retail borrowers, this is an area of work to be built for small businesses as well.
  • Take a gender mainstreaming approach to designing policies and regulations. There is still a gap in accessing gender-disaggregated data that shows how many women-owned small businesses are accessing and using DFS and the continuing challenges they face in doing so. Taking a gender mainstreaming approach while designing marketing and redress mechanisms would be a step to ensuring that women-owned small businesses are not excluded or discriminated against. For example, the Mongolian Sustainable Finance Association conducted an Annual Sustainable Finance Implementation Assessment among its members, tracking gender policy and strategy, the number of women employees, the number of women consumers, products, and capacity building and reporting of the organizations. As a result, Mongolia’s banking sector introduced women’s loan products in August 2020, and five of the systemically important banks in Mongolia offer loans specifically designed for women entrepreneurs. 
  • Use existing data to identify red flags. Design and rapid test consumer complaint channels and analyze existing data to understand and address information vulnerability challenges. Regulators can closely monitor app stores to observe those catering to small businesses. Keeping an eye on reviews and other user feedback can be used to audit apps that might be causing harm. Supervisors can track transaction failure rates to make sure that small-value, high-volume transactions don’t face a high failure rate or cause users who are likely to be small business owners to go out of pocket while the issue is being resolved.
  • Develop robust market monitoring tools. The range of types of vulnerabilities this brief identifies suggests the need for better market monitoring tools that can capture consumer protection risks as they arise and translate to better framing of regulations and policies. CGAP’s market monitoring tool kit outlines six country case studies of market monitoring tools in the individual consumer context. Similar work needs to be done to identify market risks faced by small business owners specifically.
  • Examine legal definitions. Consumer protection law is restricted to natural persons and does not address the consumer protection challenges faced by small businesses that might be registered as formal companies. This puts those that have transitioned to a formal structure at a disadvantage since any recourse available to them may have to follow a more expensive path. A way forward would be for regulators to acknowledge that small businesses require protection like individuals do and to define a set of guidance parameters, like the UK Financial Conduct Authority did for retail consumers to ensure consumer duty. 

Looking ahead

As small businesses continue to adopt digital payments, they gain access to a cascade of positive effects that ultimately strengthen their resilience and increase their growth, such as increased profitability, adoption of other digital tools, and increased participation in e-commerce. Providers that offer solutions that better address the pain points of small businesses can help drive deeper adoption of digital payments. The consumer protection issues raised in this brief need to be systematically researched. CFI aims to generate research evidence on consumer protection risks faced by small businesses as a part of our strategic work in the consumer protection workstream this year.

Strive Community is working with partners around the globe to encourage small businesses to use digital financial services meaningfully. As we learn through our programs and partners about consumer protection for small businesses, we will continue to update these insights. To learn more about the Center for Financial Inclusion, please visit their website.



Share this article

This page is updated regularly.
Do you have best practices or insights to share?

Reach out to us