If you spend enough time around lenders trying to serve everyday people in developing countries, you’ll notice that their biggest frustration is not even defaults. Yes, defaults hurt, but most of them accept that as part of the business. What keeps them stuck is more basic. They struggle to make confident credit decisions because, for a large part of the population, there is nothing reliable to base those decisions on.
The chicken-and-egg nature of this problem is something I’ve been thinking about for a long time. I wrote a piece on it last year, and even before that, I had co-authored a 2021 paper on using open APIs to drive financial inclusion through credit scoring built on telecoms data. The contradiction is obvious the moment you state it plainly. You need credit history to access credit, but you can only build credit history by accessing credit.
So if you’ve never had a formal loan, never held a bank account long enough for it to mean something, never interacted with any financial institution in a way that left a data trail, where does your story begin? For most people trying to enter the formal lending world, it doesn’t begin anywhere. You don’t exist as a credit subject, which is a polite way of saying that nobody is going to give you money regardless of how reliably you’ve managed every dollar that has ever passed through your hands.
So credit providers end up guessing, tightening, or stepping away entirely. None of those outcomes expands the market.
So what has worked in Africa, when so many other things haven’t?
Africa has seen a lot of well-meaning interventions that arrived with serious fanfare and left very quietly. Banking penetration has been a decades-long project with results that remain modest across many markets. Credit bureaus exist, but their coverage is thin because you cannot bureau-fy people who have never been inside the system in the first place. Identification infrastructure is still catching up in most places. But if you ask what technology has reached the population across the continent, there is one practical answer, and it’s the mobile phone.
Phones are everywhere, and I don’t say that loosely. The average Nigerian is carrying two, three, sometimes four SIM lines simultaneously, and that pattern repeats itself across the continent in ways that have consistently surprised economists and policy people who expected adoption to crawl.
What happened instead is that Africans skipped entire layers of infrastructure that the rest of the world spent decades carefully constructing and went straight to mobile. They use their phones for everything, communication, money transfers, business coordination, accessing information, entertainment, maintaining social networks that would otherwise require physical proximity. For most people at the base of the pyramid, the phone is the technology of their entire connected existence, and they have embraced it with an enthusiasm that no government awareness campaign could have manufactured or sustained.
There are even academic papers now making the case that the way a person uses their phone is predictive of their creditworthiness, and the logic holds up. The patterns are there in the data: call frequency, network breadth, airtime recharge behavior, mobile money activity, data usage consistency over time. None of these data points were designed with lending in mind, but together they show patterns of behavioral reliability and economic rhythm that can give lenders a first risk signal where a credit file does not exist. The data is already being generated every single day, sitting with the telcos, produced by the hundreds of millions of people who have no credit score but active SIM cards and consistent patterns of behavior that a decent model can read.
Why NCC can’t solve this alone, and why GSMA should care
The Nigerian Communications Commission has a mandate, and financial inclusion sits outside the center of it, and that’s not a criticism of the NCC so much as a simple observation about institutional scope and design. The GSMA, on the other hand, operates at a continental level and has always had financial inclusion threaded through its thinking about what mobile’s social role actually is and should be. That puts the GSMA in a position to shape something useful across multiple markets.
I’m proposing a consent-based framework, most likely built around open APIs, where customers can authorize access to their phone usage history specifically for the purpose of credit assessment. Consent here has to carry real weight. That means consent cannot just be a checkbox buried inside a loan flow. This framework has nothing to do with telcos quietly selling behavioral data to lenders or anyone having access to anyone’s information without a clear, traceable, customer-triggered permission event tied to a specific loan request. The customer controls access. They open it when they want a loan, they see exactly who is asking for access and what they’re asking for, and the telco releases the data under conditions that make it useful for underwriting without turning it into something that can be repurposed for surveillance or profiling beyond the stated use case.
The economics of this model are straightforward, and that cleanliness is part of why I think it has real legs. The consumer doesn’t pay out of pocket, which matters when you’re talking about people for whom every transaction cost is a real consideration. They’re already the asset in the sense that their data is what makes the whole thing function, but they receive value back in the form of credit access they couldn’t get through any other channel.
The lender pays for the data, which is reasonable because they’re acquiring a risk assessment capability they currently don’t have and need. The telco monetizes an asset they’re already sitting on, generated as a byproduct of their existing operations, without doing anything extractive or exploitative to produce it. Each party gets something it wants and contributes something the others need. That is why the model can sustain itself without requiring ongoing subsidies or regulatory mandates to keep it alive.
The model also needs a customer-visible record. Every time a lender pulls a customer’s telco data, the customer should receive a real-time notification telling them exactly what was accessed, when, and by whom. That notification architecture isn’t technically complicated to build into the system, and it does work beyond the mechanics of data access. It helps build trust by making customers feel like informed participants rather than data sources that get mined without their knowledge. Without that distinction, customers may eventually see the whole thing as another data grab.
MTN killing Xtratime shows how fragile small-ticket credit still is
MTN recently stopped giving out Xtratime loans, and the reasons sit somewhere in the space between FCCPC regulatory pressure and compliance positioning that I won’t pretend to fully judge from where I’m sitting. But every time a major credit provider, whether it’s a bank, a telco, or anyone else operating at that scale in the small-ticket credit market, decides to exit: the people who absorb the damage are usually the people at the bottom of the pyramid.
There’s that saying about when two elephants fight, it is the grass that suffers, and it applies here with a precision that should make anyone in financial services uncomfortable. The regulatory arguments are real, compliance concerns are legitimate and the internal risk calculations that led to the decision are probably defensible on paper. Unfortunately, none of that changes the outcome on the ground for millions of people who are borrowing airtime and data to cover the gap between today and whenever their next income cycle lands.
Those people don’t get a press release explaining the regulatory rationale. Instead, they get a closed door slam shut in their faces, and then they turn to the next available option, which is very rarely another regulated institution with reasonable rates and consumer protection obligations. It’s a moneylender with very different incentives, or a family network already under its own financial strain, or simply going without and managing the consequences of that.
Or worse still, forced to consider unethical alternatives.
The telco data model I’m describing is partly a direct response to this kind of fragility in the system. If the underwriting infrastructure for small-ticket credit is better, more distributed across multiple lenders rather than concentrated in a few major players, then the system becomes more resilient to these kinds of exits. One major player pulling back doesn’t collapse the whole market because the capability to assess creditworthiness for people without formal credit files is embedded in the infrastructure itself rather than sitting inside any single institution’s proprietary system.
Walking through how this actually works when someone needs a loan
Here is how it works when someone needs a loan.
Someone needs a loan, maybe it’s $10, maybe it’s $100, and the amount doesn’t change how the process works. They approach a lender. The lender, rather than asking for a credit score that doesn’t exist or collateral that the borrower doesn’t have, instead asks for consent to access six months of phone usage data through the telco. The customer gives that consent on their device through the available interface, a push notification, an in-app prompt, and the telco generates a one-time, purpose-limited data package in direct response to that consent event.
That package needs specific properties for privacy and trust. It is genuinely single-use, meaning the lender cannot pull the same data again without initiating a completely fresh consent process with the customer.
The phone numbers that appear within the dataset are not exposed raw. They are hashed or encrypted with consistent values across the dataset, and even then the lender should only receive the features needed for underwriting. The lender can see behavioral patterns, such as whether this person regularly communicates with a stable network of contacts or whether their call behavior is consistent and not erratic, without receiving the actual phone numbers in that person’s communication history. The lender looks at the timing patterns, the usage consistency, the behavioral signals that the model surfaces, makes a credit decision, and either extends the loan or declines.
When the customer comes back for another loan later, the process starts fresh with a new consent event and a new one-time data pull. Nothing accumulates on the lender’s side without an explicit new permission, and the customer’s data doesn’t sit in a lender’s database being used for purposes they never agreed to.
One hard part in this model is USSD. Many of the people this whole framework is designed to reach still rely on USSD for their phone interactions because smartphone penetration, while growing fast, hasn’t reached everyone yet. Building a clear consent flow over USSD is technically harder than building it through a smartphone interface, and any implementation that only works smoothly for smartphone users has already left out a portion of the exact population it was supposed to serve. That is solvable, but it requires deliberate attention during design, not bolted on after the smartphone version is built.
Telco data can become the first credit file
The data exists, and the need exists. The technology to connect them in a consent-based way that protects customers and still makes commercial sense also exists. What has been missing is an institution with enough reach to build the framework, and the strongest candidate for that framework is an organization like the GSMA that operates simultaneously across the telco industry and the financial inclusion space without being owned by a single telco or lender.
The people who need credit the most are consistently the ones who have the least documentation of their reliability, and that is where traditional credit systems fail. Telco data doesn’t solve every dimension of that problem, and I’m not suggesting it does. It is not a replacement for credit bureaus. But it addresses the immediate blocker, which is giving lenders a credible signal to assess someone who has never had a formal credit relationship in their life.
When lenders have something credible to look at, some of them will lend. When some of them lend to people who couldn’t access credit before, and those people repay, the data trail from those transactions starts to build the credit history that was missing in the first place. But that repayment history has to become portable, through credit bureaus, open finance rails, or another recognized system. Otherwise, the borrower only graduates inside one lender’s database.
That is the practical value of consented telco data: it can become the first credit file for people who currently have none.
Discover more from Adedeji Olowe
Subscribe to get the latest posts sent to your email.
