AI debt collection in the Philippines: NPL recovery under RA 11765 without BSP audit risk

Picture an illustrative but typical scene: an ops manager at a mid-size Cebu lending cooperative who runs a team of 14 collectors. Good team, experienced, hits their numbers. Ask what would happen if a borrower filed a BSP complaint and an examiner asked for the full interaction log on a specific account, and the honest answer is a long pause: "We'd have whatever notes the collector wrote down. If they wrote anything." That pause is the entire conversation about AI debt collection in the Philippines right now.

Most people think RA 11765, the Financial Products and Services Consumer Protection Act, is about what you say to borrowers: do not harass, do not threaten, do not call their neighbors. Those rules existed before 11765. The act is really about something more operationally inconvenient: proof. Proof you identified yourself. Proof you contacted them at a reasonable time. Proof consent logging was done before the first outreach. Proof the borrower had a genuine path to dispute. Proof that when they said "stop calling me" you actually stopped.

The SEC MC 18 (s.2019) conduct rules, reinforced by RA 11765, make this explicit. They require financial service providers to maintain records sufficient to demonstrate compliance. Not "we followed the rules." Demonstrate. There is a difference. A collector making 50 calls a day, writing spotty notes in a spreadsheet, sometimes forgetting to log anything, creates regulatory exposure every day they show up, not because they are doing anything wrong, but because they cannot prove they did not. RA 11765 does not require perfection. It requires a paper trail. Most teams do not have one. That is the gap an AI system closes.

A collector on an early arrears portfolio makes 40 to 60 contact attempts per day. Maybe 30 percent connect. The collector takes notes, sometimes in a shared spreadsheet, sometimes in a personal notebook, sometimes they just remember it and plan to update the CRM later. They often do not.

If a borrower files a BSP complaint tomorrow, and this happens more often since 11765 passed, the institution goes looking for the audit trail. What they find: a handful of call log entries with sparse notes, maybe a timestamp from their auto-dialer, and a collector who genuinely cannot remember the specifics of a call six weeks ago about a ₱18,000 balance. I have sat in on BSP prep reviews where teams were reconstructing contact histories from WhatsApp threads and handwritten notebooks the night before an examination. Every one of those sessions was avoidable. AI is the fix, in a concrete, log-every-contact-automatically sense.

Not what it promises on a vendor slide. What it does in the architecture we have built and shipped.

Structured call flows that do not drift. A human collector on their 40th call, talking to a borrower who has been argumentative for 15 minutes, will sometimes say things they should not. Not because they are bad at their job, because they are human. An AI collector follows the exact same call flow on contact 1 and contact 60. The disclosures required by the SEC MC 18 conduct rules and RA 11765, agent identity, purpose of call, the borrower's right to dispute, happen on every single contact, without exception. The script is the policy. The AI enforces the policy by running the script.

Every interaction logged, timestamped, and retrievable. Every outreach attempt, call, SMS, or chat, gets a structured log entry the moment it happens, not at end of day. The entry records channel, timestamp, account ID, script version, borrower response classification, call outcome, compliance flags satisfied, and full transcript or message body, written to an immutable audit store automatically. When an examiner asks for an account's interaction history, you pull it in 30 seconds. That is what the regulation requires, produced on every account, every day, without anyone having to remember to do it.

NPC consent logging captured and stored. One of the quieter requirements in the implementing rules is showing the borrower consented to being contacted on a given channel. For most MFIs this consent lives in a loan application signed a year ago that nobody can locate. An AI system captures consent confirmation at the start of each new channel contact, logs it against the account, and if consent is withdrawn, flags it and removes the account from the relevant outreach queue automatically. And hard escalation to humans when it matters: borrower mentions legal representation, claims hardship under a protected category, explicitly disputes the balance, or the conversation falls outside the script in a way the AI cannot safely handle. The AI does not try to wing it. That discipline is itself a compliance feature.

A modeled Cebu-MFI scenario points to roughly a 70 percent reduction in per-account collector minutes for accounts in early arrears, Days 1 to 30. This is a modeled outcome, not a signed-customer result. People assume the AI is faster at conversations. It is not. Conversations take as long as they take. The reduction comes from three places.

• No skipped accounts. Human collectors prioritize, working accounts they think are recoverable and letting hard ones slide. An AI works every account in the queue, every day, in defined priority order. A portfolio of 200 early-arrears accounts gets 200 contact attempts, not the 120 a human realistically gets through.
• No warm-up time. Human collectors spend real time at the start of each shift reviewing notes and getting focused. An AI starts at full speed and stays there.
• No recovery time between difficult calls. A collector who just ended a brutal conversation needs a minute. An AI does not.

The 70 percent is not a technology magic trick. It is the difference between a machine running the same process at the same quality forever and a person doing a high-stress, high-volume job without enough support. Modeling consistently suggests this pattern; it is a modeled outcome, not a one-off result we are reporting from a signed customer.

• Self-identification on every contact. Did the collector identify themselves and their institution at the start of every call? Not sometimes. Every one. The log must show this.
• Contact timing. Were calls made between 6:00 AM and 10:00 PM? On holidays or Sundays without explicit consent? Your timestamps answer this immediately, or they do not and you have a problem.
• Dispute opportunity. Was the borrower given a clear path to dispute? The script must include it and the log must show it was followed.
• Prohibited conduct. Did any contact include threats, obscene language, publication of debtor information, or contact with third parties beyond what is permitted? A full transcript answers this definitively. A timestamp and a disposition code does not.
• Cease and desist compliance. If a borrower asked you to stop, when did you stop? The log must show the exact date and time of the request and the date all outreach stopped.

A properly built AI collections system satisfies every one of these automatically. A human-only team with manual logging satisfies some of them, partially, on a good day.

I will be straight: AI collections is the wrong tool for accounts past 90 days where legal proceedings have started or are imminent. Once an account crosses into litigation territory, the workflow stops being about structured outreach and starts being about legal judgment. Is this account worth a demand letter? Is there an asset to attach? Is the borrower negotiating in good faith on a restructure? Those decisions need a human who understands the specifics and the institution's portfolio position. AI follows a script. It does not do legal strategy.

The sweet spot is Days 1 through roughly 60: high-volume, relatively homogeneous situations where the task is consistent structured outreach and the decision logic is rule-based. That is where automation creates value, and also where the RA 11765 compliance burden is highest in absolute terms, because that is where the most contacts happen.

Here are the economics, from real Philippine market costs. A mid-size MFI running a 300 to 500 account early-arrears portfolio typically has 2 or 3 collectors on the Days 1 to 30 bucket. An experienced collections staff member with SSS, PhilHealth, and Pag-IBIG contributions costs ₱35,000 to ₱50,000 per month fully loaded. Two collectors: ₱70,000 to ₱100,000 per month. An AI collections system covering the same accounts: ₱15,000 to ₱25,000 per month to run.

The savings do not come from firing everyone. They come from not backfilling when someone leaves, redeploying existing collectors to higher-complexity accounts past Day 30 where human judgment matters, and getting 70 percent more contact coverage on the early-arrears book. The economics work at roughly 150 active NPL accounts. Below that, a single well-managed collector is probably cheaper. Above 150, the math consistently favors automation, and the compliance quality is not even comparable.

There are vendors selling "AI collections" that are auto-dialers with a chatbot bolted on. They are not compliant and will not survive a BSP audit. Two questions sort them.

Question one: show me a sample audit log entry from a real production account, PII redacted. A compliant system produces a structured record with exact timestamp, channel, script version, borrower response classification, full transcript, and compliance flags showing which RA 11765 provisions were satisfied. An auto-dialer shows you a call timestamp and a disposition code. "No answer" is not an audit trail entry. Question two: what happens when the AI hits something it is not designed for? A real system has explicit escalation triggers, logs the escalation event, routes to a named human queue, and records who picked up the account and when. An auto-dialer just keeps dialing. If a vendor can answer both with a live demo of redacted production data, they are probably building something real. If they redirect you to a demo with fake accounts and no transcript structure, you are looking at a dialer with a marketing budget.

You do not need to replace your entire collections operation. Start with Days 1 to 15, the highest-volume, lowest-complexity bucket. Borrowers there often just need a reminder, conversations are short, the script is simple, and the AI has the clearest advantage. Build the compliance infrastructure and workflow around that bucket first, measure it for 60 days, and expand from there.

Data hygiene will come up immediately. Your borrower contact records are probably not as clean as you think. Budget for it; it is not the interesting work, but it determines whether the AI can reach the accounts you care about. And talk to your BSP account officer before you deploy. Not because you need permission, a compliant AI system is more regulation-friendly than the manual process it replaces, but getting ahead of it is always better than explaining it during an examination.