Paul had been searching for a loan. He needed a specific amount, and on the afternoon of May 7, 2026, he was working through his options. Somewhere in that process, he had left his number, and an agent reached out over WhatsApp.
She introduced herself as Dorcas, representing a platform called TopCredit, with a pitch: a business loan of up to ₦200,000, repayable over five months, at 7 per cent interest.
He was, as he would later put it, pressed for cash at that specific moment. He read the repayment terms Dorcas sent. He replied “Ok” and then “Plan A” before Dorcas had even finished sending the details. It was 1:54 PM.
By 3:19 PM, less than 90 minutes later, Paul was typing a very different kind of message: “I don’t understand what just happened.” By then, three loan apps had disbursed money into his account without his conscious understanding that he was accepting three separate loans. He had received a combined ₦21,650 across all three.
He was being asked to repay ₦36,100, with a 7-day deadline already counting down.
“You people gave me 8550 as loan and una dey ask me to pay 16050. Is this a joke??”
It was not a joke. It was, the evidence suggests, a carefully structured enrollment operation, facilitated by FCCPC-registered lending platforms, and executed through a WhatsApp contact that had joined the platform only the previous month.
The agent, the link, and the apps nobody asked to install
Dorcas is the agent.
Her WhatsApp profile shows she joined “in the last month.” She operates not through an official business channel but through a personal number, +234 708 950 2971. Her opening message identified her as being from TopCredit.
What she was, more precisely, was a loan enrollment agent, the kind of intermediary that has multiplied across Nigeria’s digital lending ecosystem, operating on commission, working through informal channels, and accountable to nobody once a disbursement clears.
Early in the conversation, Dorcas sent Paul a link: bfsaoo.com, which redirects to a page called LoanStore which is operated through the domain bytesopay.com.
The page presents three loan platforms, Mintbag, HiCredit, and TopCredit, each advertising up to ₦500,000 at 0.1% per day interest, with a green “APPLY” button beside each.
Nothing on the page identifies who runs it, who is accountable for it, or what the combined effect of applying across multiple platforms would be. The page carries a single line of reassurance at the bottom: “All APPs Are Provided by Licensed Companies.”
What the page also carries, buried in plain sight, is a set of instructions for disabling a core Android security feature.
The LoanStore page walks users through the steps to turn Play Protect off. It instructs them to open the Play Store, tap the profile icon, tap Play Protect, go to Settings, and switch the scan toggle off. This is framed as a routine prerequisite for accessing the loan.
Because the apps are not distributed through the Google Play Store but through APK files sent directly over WhatsApp, Google Play Protect flags them as unverified.
Dorcas sent Paul two APK files over WhatsApp, labelled BUSINESS 2.apk and BUSINESS 3.apk. She told him to use the link she had sent to register, using his WhatsApp number, and to send her a screenshot once his application was under review so she could “update it” and convert it to a business account.
She had, in other words, backend access or administrative influence over accounts on these platforms. She was not merely making a referral. She was managing the process.
When Paul pushed back, saying that installing three apps was too much work, Dorcas had an answer. In a voice note sent at 2:10 PM, she told him the three platforms were “combining together.” She elaborated: TopCredit had already been “updated” inside her system, and Mintbag and HiCredit were partners.
All he needed to do was fill the remaining two forms, and the system would automatically combine them into a single business homepage from which he could pick the amount he needed.
This was the key misrepresentation.
Paul believed he was completing one application across what he had been told was a unified system. He was, in fact, initiating three separate loan contracts with three separate entities, each of which would disburse independently, charge independently, and demand repayment independently.
What the loan records actually show
The order details screenshots shared with Technext tell a story that is difficult to square with Dorcas’s pitch of a ₦200,000 business loan at 7% interest.
Across the three apps, the loans were seven-day-term loans and due for repayment on May 14, 2026. Paul received ₦8,550 from two platforms, and one credited him with ₦4,550.
Every app charges a 3% per day overdue fee. The combined repayment demand means he is being asked to repay ₦14,450 more than he actually received, on money disbursed through what he believed was a single application process.
The bank alert for one disbursement shows the sender as Phoenix Payment Solutions Limited, processed through PalmPay, the same entity registered as the operator of Mintbag, confirming that at least one of the platforms and its payment infrastructure are the same company.
Paul told Technext that the money is still sitting in his account. He has not spent it. He tried to return it, but found no repayment channel outside the apps. When he raised the situation with Dorcas at 3:19 PM on the same day the loans were disbursed, she responded with a single word: “How.” Her messages went quiet after that.
Technext attempted to reach Maywood Lending Limited, the registered operator of the TopCredit and HiCredit apps, and Phoenix Payment Solutions Limited, the registered operator of the Mintbag app, for comment. Both companies did not respond.
Reaching them was itself an exercise in frustration. The TopCredit website, top.topcreditng.com, from which Dorcas sent an APK download link during the conversation, does not exist.
Notably, Tajow Investment Limited, a separate FCCPC-registered company that operates its own platform at topcredit.com.ng, has publicly stated that it has no connection to any loan app called TopCredit Apps, creating a confusing landscape for any consumer trying to identify the right party to complain to.
The existence of two unrelated entities using variations of the same brand name, in the same market, points to a regulatory blind spot that neither the FCCPC nor the CBN appears to have addressed.
The big problem: registered, but not necessarily accountable
The FCCPC’s public register of approved digital money lenders confirms that both companies in this story are registered.
Entry 129 on the register shows Maywood Lending Limited holding approval for the TopCredit and HiCredit apps, as well as a third app called Best Cash. Entry 106 confirms Phoenix Payment Solutions Limited as the approved operator of Mintbag. The same Phoenix Payment Solutions Limited sent the bank transfer Paul received.
This is why FCCPC registration matters.
It requires digital lenders to meet technical, legal, and ethical requirements set by the Commission. The Commission’s Limited Interim Regulatory Framework and Guidelines for Digital Lending 2022, and the updated DEON Consumer Lending Regulations 2025, require lenders to avoid unfair, unreasonable, and unjust terms in loan contracts, to be transparent in their relations with customers, and to establish effective complaint channels.
The FCCPC Act further requires money lenders to avoid terms that limit or exempt them from liability for losses caused by their gross negligence.
What the framework does not adequately address is the conduct of third-party agents operating outside official channels, enrolling customers through personal WhatsApp numbers, sending APK files that require users to disable device security, misrepresenting multiple loan apps as a single combined product, and disappearing once the disbursement has cleared.
The agent is the point of failure. The platforms are the beneficiaries of the enrollment. The consumer is left holding loan obligations he did not understand he was accepting.
The 3% per day overdue fee that all three platforms charge is a specific point of concern. At that rate, a single missed day on any of the larger loans adds roughly ₦480 to the liability on that app alone.
A week past the May 14 due date, before accounting for the other two platforms, would add over ₦3,000 on a single loan. Multiply that across three apps running simultaneously, and the debt compounds in ways that bear no relationship to the amount of money the borrower actually received.
Paul is one person with one story. But the architecture of what happened to him, the referral aggregator page, the APK files outside official stores, the Play Protect override instruction, the agent-managed enrollment, the multi-app simultaneous disbursement, the misrepresentation of separate contracts as a unified system, and the silence that followed when he objected, describes a system, not an incident.
The FCCPC has the mandate to investigate it. Whether it does is a different question.
Readers who have had similar experiences with these or other digital lending platforms can share their accounts with Technext at editor@technext24.com.
Technext Newsletter
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!
