Financial Crime World

Cybercrime Threatens India’s Financial Institutions, Experts Warn

India has become a hotbed for cybercriminals, with the National Crime Records Bureau (NCRB) reporting a staggering loss of ₹66.66 crore in 2023 due to cybercrimes, with 4,850 reported cases. The Indian Cybercrime Coordination Centre (I4C) revealed that digital financial frauds accounted for a whopping ₹1.25 lakh crore over the last three years.

The Scale of the Problem

  • According to the National Cybercrime Reporting Portal (NCRP), victims of digital financial fraud lost at least ₹10,319 crore in 2023 alone.
  • The Parliamentary standing committee on Finance has reported that domestic fraud as reported by supervising entities (SEs) in FY'23 was ₹2537.35 crore.

The Modus Operandi

Experts warn that the modus operandi of cybercriminals is to convince victims to send money through impersonation or false promises, or by taking credentials such as:

  • Unified Payments Interface ID (UPI)
  • Personal Identification Number (PIN)
  • One-Time Password (OTP)
  • Internet banking ID/password
  • Using them on other apps/websites

The Circulation of Stolen Funds

After a fraudster empties a victim’s bank account, the money undergoes a series of circulations in three stages:

  1. Temporary account: Fraudsters transfer victims’ money to a temporary account.
  2. Circulation among accounts: The money is circulated among a group of accounts.
  3. Withdrawal from sink account: The money is withdrawn from a sink account.

Prevention Measures

To prevent these frauds, experts suggest:

  • Financial institutions must be mandated to replicate Google’s feature of requiring permission before logging in from a new device.
  • Disabling screen-sharing facilities and providing comprehensible data in bank statements.

Challenges in Investigation

Law enforcement agencies face significant challenges in following the money trail due to the speed at which siphoned-off money is circulated across accounts and wallets. To minimize delays, experts suggest:

  • Banks/NBFCs/SEs must provide data in a predetermined format with all terms explained (e.g., CSV or XLSX files).
  • Recording International Mobile Equipment Identity (IMEI) to determine the device and its location.

The Importance of IMEI

Recording IMEI will make for stronger evidence in establishing a device’s connection to fraudsters in court.

The Need for Coordinated Efforts

The Bharatiya Nagarik Suraksha Sanhita 2023, set to replace the Indian Penal Code of 1861, recognizes “organised crime” as a “continuous unlawful activity”. Digital financial frauds are covered under this definition. Law enforcement agencies face difficulties in conducting interstate raids and arrests, requiring coordinated efforts.

Conclusion

Cybercrime can be dealt with like conventional offences by mandating fintech and telecom industries to take preventive steps in their technology and providing data in a manner that enables speedier investigation. Faster availability of data will make it easier to identify and convict pan-Indian gangs.