Appointing nodal officers to tackle cyber security issues, closing down ‘mule’ bank accounts, stepping up monitoring of dormant ones, and calling for more information sharing between various government agencies – these were some of the suggestions that came up during a meeting, organised by the Finance Ministry Tuesday, on issues related to online financial frauds.
The meeting, which was called to discuss issues related to financial cyber security and curbing digital payment frauds, was chaired by Financial Services Secretary Vivek Joshi. It came days after the fallout of the recent case involving erroneous money transfers to the tune of Rs 820 crore at public-sector lender UCO Bank. A second meeting is expected to happen in mid-January next year.
At the meeting, it was discussed that ‘mule’ bank accounts, which are typically bought over by fraudsters from their original users should be closed, since they often form the bedrock of accounts into which money gathered through online scam is deposited.
For accounts that have been lying dormant for a while but suddenly become active with money transfers, Joshi said there should be some restrictions when money is withdrawn. “For instance, the balance would have been Rs 50, but suddenly Rs 50,000 would have come into the account. While it is not an issue when the money comes, there should be some restrictions at the time of withdrawal,” Joshi told reporters after the meeting.
There was also consensus among stakeholders that information sharing between various government departments should be stepped up, and the need for a common platform to facilitate that was pointed out. It was discussed that there is a need to onboard all financial institutions including NBFCs and major co-operative banks on ‘Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS)’ platform, wherein 259 financial intermediaries are already included.
“There should be more information exchange between agencies, it has to be smoother. Right now, the Indian Cybercrime Coordination Centre (I4C) is in regular contact with NPCI, some banks and telecom department but there has to be proper access to all stakeholders on a common platform…” Joshi said.
During the meeting, the Telecom Secretary informed that the department has blocked close to 70 lakh mobile numbers involved in suspicious activity. “Through the I4C Rs 900 crore has been blocked since 2021 from 3.5 lakh persons. Out of this, Rs 600 crore has been blocked so far this year, owing to suspicious transactions,” Joshi added.
Apart from blocking users on the SIM level, the stakeholders also explored blocking users on the device level through International Mobile Equipment Identity (IMEI) numbers.
Different response periods by banks after complaints were also brought up at the meeting, with banks being instructed to reduce the time gap in their response time so that coercive action can be taken against fraudsters as soon as possible. They were also asked to enhance due diligence in their fraud management system.
“An example of the Gujarat model was given in the meeting where the I4C command centre is in contact with bankers and every bank has a nodal person. Banks have been told to appoint a nodal officer along these lines in every state,” Joshi said.
Taking note of frauds occurring in Aadhaar Enabled Payment System (AePS), it was decided that state governments will be asked that part of the data which carries details of Aadhaar biometrics should not be uploaded, Joshi said. The meeting also discussed status on implementation of recommendations of the Digital Lending Working Group including setting up of Digital India Trust Agency (DIGITA) and bringing a new legislation Banning of Unregulated Lending Activities (BULA) Act, an official statement said.
The IT Ministry is learnt to have recommended that detailed know-your-customer (KYC) norms for merchants, especially those that want to offer financial services, should be adopted primarily to target bank accounts used for offering fraudulent lending services. The Indian Express had earlier reported that the Ministry wants a process of company KYC, called ‘Know Your Digital Finance App (KYDFA)’ to be put in place.
The I4C under the Ministry of Home Affairs, made a presentation on the latest statistics of digital payment frauds as reported in the National Cyber Crime Reporting Portal (NCRP), various sources of these financial frauds, modus operandi adopted by the fraudsters, including challenges faced to counter financial cybercrimes. Also, representatives from State Bank of India (SBI) made a presentation on the Proactive Risk Monitoring (PRM) strategy implemented by the bank.
The meeting was attended by Telecom Secretary and senior officials of Department of Financial Services, Department of Economic Affairs, Department of Revenue, Ministry of Electronics & Information Technology, Reserve Bank of India, Telecom Regulatory Authority of India, Unique Identification Authority of India, I4C, NPCI, SBI, Bank of Baroda, Canara Bank, Punjab National Bank, HDFC Bank, ICICI Bank, IDFC First Bank, Airtel Payment Bank, Equitas Small Finance Bank, Google Pay India, PayTM, and Razorpay.
