State Duma deputies approved in the second and third readings a bill introducing a cooling-off period in consumer lending.
The legislation is designed to curb fraudulent schemes that rely on social engineering to steal funds. When scammers manipulate a borrower into signing a credit agreement, the borrower can end up saddled with debt while money flows to attackers.
Advocates of the changes cite credit-institution data showing that in 2023 approximately 4.4 billion rubles were extended to customers who later transferred those funds to attackers without the borrower’s voluntary consent.
What will change
Under the proposal, a borrower would receive loan funds only after a defined cooling-off period. The minimum period is four hours for loans between 50,000 and 200,000 rubles, and at least 48 hours for loans exceeding 200,000 rubles. The same timing would apply if the loan amount or lending limit is increased.
During this cooling-off window, a borrower who is influenced by a scammer or who has relatives or friends who can be consulted should be able to recognize suspicious actions and contact the lender or law enforcement to halt the withdrawal of funds.
The bill introduces new requirements for guarantors, vehicle loans, loans for education, refinancing without increasing loan size, and it does not apply to loans issued through an authorized person. If funds are paid directly to a seller for goods or services, there will be exemptions, except in the case of online purchases.
The Central Bank would have the authority to adjust the cooling-off period requirements for lenders that demonstrate effective anti-fraud practices.
Before approving a loan, banks and financial institutions would need to access data on all loan applications, approvals, rejections, and signed agreements. This information would be stored for five years.
To verify a customer’s identity, lenders would consult official government databases and ensure that debtor and buyer information matches before funds are released.
Because the lender faces potential fraud, a ban on rescue payments would be enforced within the loan agreement.
As of March 1, 2026, the Central Bank and microfinance institutions will have access to the relevant database information for monitoring compliance.
The main provisions of the bill were planned to take effect on September 1, 2025.
Credit in 5 minutes
A partner at a law firm notes that in many cases, criminals do not need extensive access to a borrower’s identity during loan applications, which makes deception easier.
It is often possible to complete a loan application in just a few minutes, while current checks on transactions by lenders leave room for improvement. Centralized records and shared databases are not always comprehensive.
When fraud is suspected, borrowers should contact the bank’s security department and their own lawyer.
Experts advise practical steps to reduce risk, such as limiting online banking activity. In a mobile banking app, users can set transaction limits or spending caps for a given period.
Additionally, families can enable joint notifications for account activity to monitor unusual transactions.
Another option is to implement personal loan controls. Citizens can set higher self-imposed loan limits or monitor loan activity via official portals or in person at a financial service center.
Measures discussed in late 2024 from the presidential administration aim to calm lending and strengthen anti-fraud rules. The government and the central bank have been tasked with developing mechanisms to notify lenders about contract terms and the potential to freeze funds during the cooling period.
These directives followed discussions on economic issues and continue to shape policy on consumer lending and fraud prevention.