A quiet rebuild of how documents and consent move through Indian lending.
We are an early-stage company working with banks, NBFCs, and fintech lenders in India on the unglamorous, foundational problem of how sensitive customer information is requested, shared, and tracked. We are not ready to say more than that yet — but if you operate in BFSI, we would like to talk.
Based in
Pune, India
Working with
Banks, NBFC's & fintech lenders
Open to
BFSI operators . Investors
The Problem We Care About
Indian lending still runs on workflows that were not designed for the era we are now in.
We are not interested in dressing up an old process with a better UI. The pain in document and consent workflows is structural, and most of the industry knows it.
Document collection is fragmented and slow.
Borrower documents move over email, WhatsApp, and physical paper. Branches re-collect what head office already has. Pages are missing, files are illegible, and approvals stall on the smallest things.
Consent is assumed, not evidenced.
Sensitive personal and financial information changes hands every day, without a real record of what the borrower agreed to, for what purpose, or for how long. When an auditor or a regulator asks, the answer is reconstructed — not retrieved.
The regulatory floor is rising.
The DPDP Act and the direction of RBI guidance are clear: lenders will be expected to demonstrate consent, control, and traceability — not declare them. Most institutions are still operating on processes built for a pre-digital era.
The cost lands on everyone.
Borrowers drop off because the process is exhausting. Lenders lose time, money, and trust on every file. Regulators see ambiguity where they want clarity. The losses are quiet, distributed, and very large.
If you have felt any of this from inside a credit, KYC, onboarding, or operations team — we are probably already thinking about the same things.
Why Now
A foundational moment for Indian
BFSI — not a feature moment.
Three forces are converging at once. They will reshape how every lender in India handles customer information for the next decade.
We think the institutions that take this seriously now — not as a compliance checkbox, but as infrastructure — will operate on a different cost and trust curve from the ones that don't.
The DPDP Act has shifted the burden of proof. Consent, purpose limitation, and the right to withdraw are no longer abstract principles — they are operating requirements that need to be evidenced inside live workflows.
RBI expectations are tightening across the board. Outsourcing, IT governance, customer protection, and grievance redressal guidance all point in the same direction: less ambiguity, more traceability, fewer assumptions about what happened.
The bar for what feels acceptable has moved. Borrowers who can apply for a loan in minutes elsewhere will not tolerate week-long document chases, repeated KYC, or opaque sharing of their personal information. The patience is gone.
How We Think
A few beliefs we keep coming back to.
These are not features. They are the assumptions underneath everything we are building, and the lens we use when something is hard to decide.
01 — Consent
Consent is a primitive, not a paragraph.
The customer's permission for what is collected, for what purpose, and for how long should be a first-class object inside the system — recorded, scoped, revocable, and verifiable later. Not a sentence buried in a PDF.
We believe in growth, built on permission.
02 — Traceability
If it cannot be reconstructed, it didn't happen.
Every meaningful action involving customer information — a request, a share, a view, a withdrawal — should leave a clean, durable record. Not because we expect the worst, but because the absence of a record is itself a liability.
Receipts before reassurance.
03 — Foundation
Compliance is not a layer. It is the floor.
Designing for the DPDP Act and RBI direction from day one is not a constraint we tolerate. It is the only honest way to build for this industry. The work we admire treats regulation as the starting brief, not a late edit.
Built to be audited, not patched.
Who We Are Talking To
Three kinds of
conversations, all welcome.
We are deliberately small and quiet right now. The people we want to hear from are the people whose work this actually touches.
BFSI operators
Heads of credit, KYC, onboarding, and loan operations at banks, NBFCs, and digital lenders. If your team feels the cost of fragmented document workflows every week, we want to learn from you.
Potential design partners
Lending institutions willing to pilot quietly, push hard on the rough edges, and shape what gets built. We are not looking for many — we are looking for the right few.
Investors and advisors
Investors and advisors focused on Indian fintech infrastructure, regulated industries, or the deeper plumbing of financial services. Happy to have an early, candid conversation.
The People Behind It
Operators who have spent a decade inside Indian lending.
The team has more than ten years of lived experience in MSME lending — closer to the file, the field, and the regulator than to any deck. We have watched good institutions lose good customers to bad workflows, and we have done it from inside the building.
We will share names and full bios in due course. For now we would rather spend the time talking to people we want to build with than introducing ourselves on a website.
Founder — name to be announced
10+ years across MSME credit and operations
Co-founder — name to be announced
Lending operations, risk, and regulatory engagement
Engineering lead — name to be announced
Systems for sensitive data in regulated industries
Get In Touch
Want to talk?
There isn't a public product to demo yet, and there won't be for a little while. But inbound from BFSI operators, potential design partners, and investors who care about this space is genuinely welcome — and we read every message.
Or write to us directly at hello@trullycapital.in.