MODULE- 4

NATURE OF BANKING FRAUDS

Bank: A bank is a financial institution that offers a range of services, including deposits, loans, and
investment products. It serves as a secure repository for individuals and businesses to store money,
provides credit, facilitates transactions, and plays a vital role in the economic system.

Fraud: Fraud is generally defined as the intentional deception or misrepresentation made by a person
with the intent to gain an unfair or dishonest advantage, causing harm to another party.

In Derry v. Peek, Case Lord Herschell observed “Fraud” means a false statement made
Knowingly or without belief in its truth, or recklessly careless, whether it be true or false.

Colloquially, the terms “fraud” and “scam” are used interchangeably to refer to any kind of
financial wrongdoing. Legally speaking, fraud usually refers to a broader and more serious
crime, with scams representing one type of fraud

As per section 17 of Indian Contract Act 1872:

“Fraud Defined – Fraud means and includes any of the following acts committed by a party to a
contract, or with his connivance, or by his agent, with intent to deceive another party thereof or his
agent, or to induce him to enter into the contract.”

1) The suggestion, as a fact, of that which is not true, by one who does not believe it to be true.

2) The active concealment of a fact by one having knowledge or belief of the fact

3) A promise made without any intention of performing it

4) Any other act fitted to deceive

5) Any such act or omission as the law specially declares to be fraudulent.

Explanation.—Mere silence as to facts likely to affect the willingness of a person to enter into a
contract is not fraud, unless the circumstances of the case are such that, regard being had to them, it is
the duty of the person keeping silence to speak , or unless his silence is, in itself, equivalent to speech.

As per Section 447 of Companies Act, 2013:

“Fraud” in relation to affairs of a company or any body corporate, includes any act, omission,
concealment of any fact or abuse of position committed by any person or any other person with the
connivance in any manner, with intent to deceive, to gain undue advantage from, or to injure the
interests of, the company or its shareholders or its creditors or any other person, whether or not there
is any wrongful gain or wrongful loss.

“Wrongful gain” means the gain by unlawful means of property to which the person gaining is not
legally entitled.

“Wrongful loss” means the loss by unlawful means of property to which the person losing is legally
entitled.

Bank Fraud:
'Banking fraud' is a broad term used to signify all types of frauds committed in a banking
system. It may be committed with accounts, negotiable instruments, loans, securities or any
other banking service. Again, it may be pulled off by customer, employee, outsider or by the
bank itself, or by two or more of parties in connivance with each other.

Bank fraud involves deceitful actions to unlawfully acquire money, assets, or property from a bank.
This can include activities like forging cheques, providing false information for loans, or using
unauthorized means to access accounts. Those found guilty of bank fraud may face severe
consequences, including legal penalties such as fines and imprisonment, due to the violation of
banking regulations.

The number of frauds in the banking sector went up to 13,530 in 2022-23 year-on-year, of which 49%
are internet transactions.

Classification of frauds

The RBI’s Master Directions on Frauds – Classification and Reporting by commercial banks and
select FIs (Updated as on July 03, 2017) provides different categories of offences that constitute
fraud, putting specific reliance on the Indian Penal Code, 1860. The classifications are provided
hereunder:

 Misappropriation and criminal breach of trust.

 Fraudulent encashment through forged instruments, manipulation of books of account or
through fictitious accounts, and conversion of property.
 Unauthorised credit facilities extended for reward or for illegal gratification.
 Negligence and cash shortages.
 Cheating and forgery.
 Irregularities in foreign exchange transactions.
 Any other type of fraud not coming under the specific heads as above.

Some common types of banking frauds in India include:

Phishing: Fraudsters use emails, messages, or fake websites to trick individuals into providing
sensitive information, such as login credentials, passwords, and personal details.

ATM Skimming: Criminals install skimming devices on ATMs to capture card information,
including the card number and PIN, when customers use the machine. This information is then used to
make unauthorized transactions.

Card Fraud: This includes unauthorized use of credit or debit cards for online or offline transactions.
It may involve cloning cards, using stolen card details, or exploiting vulnerabilities in the payment
system.

Online Banking Fraud: Criminals may gain unauthorized access to online banking accounts by using
stolen credentials or employing techniques like phishing. Once inside, they can conduct unauthorized
transactions or manipulate account information.

Identity Theft: Fraudsters may steal personal information to impersonate individuals and access their
financial accounts, open new accounts, or take out loans in their name.

Cheque Fraud: This involves tampering with or forging cheques to withdraw money fraudulently
from someone else's account.
Mobile Banking Fraud: As mobile banking becomes more prevalent, fraudsters target mobile users
through phishing messages or malware to compromise mobile banking apps.

Loan Frauds: Individuals or entities may engage in fraudulent activities while applying for loans,
providing false information to financial institutions or using fake documents.

Insider Fraud: Employees within financial institutions may misuse their positions to commit fraud,
such as embezzling funds or providing confidential information to external parties.

RBI Impersonation Scams: Fraudsters may impersonate Reserve Bank of India (RBI) officials or
other authorities, claiming that the victim needs to provide personal information or pay fees to comply
with regulatory requirements.

The undermentioned four major elements responsible for the commission of frauds in
banks.

a) Active involvement of the staff-both supervisory and clerical either independent of

external elements or in connivance with outsiders.

b) Failure on the part of the bank staff to follow meticulously laid down instructions and
guidelines.

c) External elements perpetrating frauds on banks by forgeries or manipulations of cheques,

drafts and other instruments.

d) There has been a growing collusion between businessmen, top bank executives, civil
servants and politicians in power to defraud the banks, by getting the rules bent, regulations
flouted and banking norms thrown to the winds.

LEGAL REGIME TO CONTROL BANKING FRAUD

In India, the legal regime to control bank frauds involves various laws, regulations, and oversight
mechanisms. Some key laws, along with their relevant sections, that play a crucial role in controlling
bank frauds in India are as follows:

INDIAN PENAL CODE, 1860

Despite the Indian Penal Code, 1860’s lack of an explicit definition for “fraud,” the sections for
cheating (Sections 415 to 420), concealment (Sections 421 to 424), forgery (Sections 463 to 477A),
counterfeiting (Sections 489A to 489E), misappropriation (Sections 403 to 404), and breach of trust
(Sections 405 to 409), could be applied while dealing with banking frauds.

Cheating

Section 419 of the Indian Penal Code, 1860 provides an imprisonment of either description for a term
which may extend to three years, or with fine, or with both, as the deterrent for the offence of
cheating.Offence of cheating is cognizable and non bailable.

Concealment

Stealing or concealing assets to prevent distribution to creditors is punished by imprisonment for up to

two years, a fine, or both, according to Section 421 of the Indian Penal Code, 1860.

Forgery
Section 465 of the Indian Penal Code, 1860 provides an imprisonment of either description for a term
which may extend to two years, or with fine, or with both, for the offence of forgery.

Counterfeiting

Counterfeiting of bank notes or currency notes under Section 489 A of the Indian Penal Code, 1860,
can cost the offender with an imprisonment for life, or with imprisonment of either description for a
term which may extend to ten years, and shall also be liable to fine.

Misappropriation

Section 403 of the Code of 1860 lays down provision for dishonest misappropriation of any movable
property which shall be punished with imprisonment of either description for a term which may
extend to two years, or with fine, or with both.

Breach of trust

Section 406 of the Indian Penal Code, 1860 provides punishment for criminal breach of trust which
ranges from an imprisonment of either description for a term which may extend to three years, or with
fine, or with both.

Prevention of Money Laundering Act, 2002 (PMLA):

The Prevention of Money Laundering Act is a significant legislation aimed at preventing money
laundering and related offenses. Money laundering often forms the basis of many bank frauds. Section
3 of the PMLA defines money laundering offenses, and Section 12 mandates reporting of suspicious
transactions to the Financial Intelligence Unit (FIU). Section 4 empowers investigative agencies to
seize and confiscate proceeds of crime.

Banking Regulation Act, 1949:

The Banking Regulation Act provides the legal framework for the functioning and regulation of banks
in India. Section 35A empowers the Reserve Bank of India (RBI) to inspect and supervise banks. This
oversight helps in identifying irregularities and fraudulent activities within banks, allowing for timely
intervention.

Securities and Exchange Board of India (SEBI) Act, 1992:

While SEBI primarily regulates securities markets, it indirectly contributes to controlling bank frauds
that may involve the stock market. Section 11B of the SEBI Act empowers SEBI to investigate and
take action against market-related offenses.

The Information Technology Act, 2000

With the increasing role of technology in banking, preventing cyber frauds has become crucial. The
Information Technology Act, 2000, and its amendments empower authorities to deal with
cybercrimes, including those targeting banks and financial institutions. Specific provisions related to
unauthorized access, data breaches, and cybercrimes empower law enforcement agencies to combat
fraud in the digital space. Section 43 of the said Act provides for hefty damages up to rupees ten lakhs
payable by the offender to the person affected. Furthermore, the aforementioned Act makes tampering
of computer source documents and hacking computer systems punishable by up to three years
imprisonment.
The Companies Act, 2013:

The Companies Act, 2013, imposes obligations on companies, including financial institutions, to
maintain proper books of accounts and internal financial controls. It empowers regulatory bodies like
the Serious Fraud Investigation Office (SFIO) to investigate financial irregularities and fraudulent
activities in companies.

Fraud is punishable under Section 447 of the Companies Act of 2013. About 20 sections of the Act
are dedicated to exposing frauds committed by an organisation’s/directors, entity’s auditors, key
managerial staff, and/or corporate officers. If a person is found guilty of fraud under Section 447, he
may be sentenced to jail for a period ranging from six months to ten years.

RBI Guidelines and Circulars: The RBI issues guidelines and circulars to banks on various aspects,
including fraud risk management, cybersecurity, and reporting mechanisms to enhance the resilience
of the banking system.

Central Bureau of Investigation (CBI): The CBI is a premier investigative agency that handles
complex and high-profile cases, including major bank frauds.

Indian Cyber Crime Coordination Centre

It is a collaborative initiative between law enforcement agencies from various countries to
combat cybercrime, launched in 2018 by the Ministry of Home Affairs.

 The primary objective of the I4C is to provide a platform for law enforcement
agencies to coordinate and share information on cybercrime investigations, cyber
threat intelligence, and best practices for cybercrime prevention and investigation.
 The IC4 aims to establish a secure communication channel for sharing information
among member countries to facilitate effective coordination and response to
cybercrime incidents.
 Dedicating helpline number for reporting of fraud

Bank Fraud Prevention Measures:

In addition to the legal framework, there are several preventive measures and best practices
that banks and financial institutions adopt to minimize the risk of fraud:
1. KYC (Know Your Customer) Norms: Stringent KYC norms ensure that banks have
accurate information about their customers. This helps in verifying the identity of
individuals and detecting any potential fraudulent activities.
2. Anti-Money Laundering (AML) Compliance: Banks adhere to AML guidelines to
prevent money laundering activities. Regular monitoring of transactions and reporting
suspicious activities to authorities are integral parts of AML compliance.
3. Fraud Analytics and Technology: The use of advanced analytics and technology,
including artificial intelligence and machine learning, enables banks to identify
patterns and anomalies that may indicate fraudulent activities.
4. Cybersecurity Measures: As cyber threats become more sophisticated, banks invest
in robust cybersecurity infrastructure to protect against data breaches, hacking, and
other cybercrimes. Regular audits and vulnerability assessments are conducted to
strengthen defenses.
 5. Employee Training and Awareness: Training programs for bank employees on
recognizing and reporting unusual activities contribute to early detection. Creating a
culture of awareness and ethicalconduct within the organization is crucial.
6. Customer Education: Educating customers about safe banking practices,
recognizing phishing attempts, and reporting suspicious activities enhances the overall
security of the banking ecosystem.
Effective implementation and enforcement of these legal provisions, along with continuous
monitoring and collaboration among regulatory bodies, law enforcement agencies, and
financial institutions, are essential for controlling and preventing bank frauds in India.
Collaboration between public and private entities, international cooperation, and public
awareness are critical components of an effective anti-fraud ecosystem.

RECENT TRENDS IN FRAUDS

Banking fraud affects all of us, from individual consumers to large corporations. As technology
continues to evolve and become more integrated into our daily lives, so do the methods used by
fraudsters. As such, banks and consumers must stay aware of the current fraud trends to better protect
themselves.

ATM Fraud:
An ATM (Automated Teller Machine) is an electronic machine used for financial
transactions. As the term implies, it is an ‘automated’ banking platform that does not require
any banking representative/teller or a human cashier. These machines continue to be a target
for fraudsters. ATM frauds include the following:

Card Skimming: It is a type of theft where the thief makes use of a device, known as a
skimmer and steals the information of a credit card . Criminals use skimming devices to capture
information from the magnetic stripe of debit or credit cards when they are inserted into ATMs. This
information is then used to create counterfeit cards.

Card Trapping: Fraudsters install devices on ATMs that trap the user's card. The criminal retrieves
the trapped card later or uses it to make unauthorized transactions.

Cash Trapping: Criminals place devices or use foreign objects to prevent cash from being dispensed
properly. The victim leaves, thinking the transaction failed, while the criminal retrieves the trapped
cash later.

PIN Theft: Hidden cameras or devices capture the user's PIN as they enter it. This information,
combined with card details, allows criminals to access the victim's account.

Fake ATMs: Criminals set up fake ATMs to collect card information and PINs. These machines may
look authentic but are designed solely for fraudulent purposes.

Prevention
1. Select ATMs that are well-lit and have surveillance cameras. Avoid vandalized or
abandoned ATMs and terminals.
2. Inspect a machine before utilizing it, paying special attention to the presence of peripheral
equipment. Pull out the card reader to ensure there are no other gadgets.
3. Cover the keyboard when entering the PIN-code, regardless of the wait beside the ATM.
4. Do not engage anyone who appears suspicious near the machine. Contact the police if the
person's behavior has given you concern.
5. After taking money from an ATM, remove the card, cash, and receipt as quickly and
discreetly as possible.

Net Banking Fraud or Internet Banking Fraud

The increasing reliance on online banking has opened new avenues for fraudsters, as follows:

Phishing: Fraudsters send fake emails or messages, posing as legitimate banks, to trick users into
providing sensitive information such as usernames, passwords, or one-time passwords (OTPs).

Man-in-the-Middle Attacks: Cybercriminals intercept communication between the user and the
bank, allowing them to eavesdrop on sensitive information or manipulate transactions.

Malware Attacks: Users may unknowingly download malicious software that can capture login
credentials or compromise the security of online banking transactions.

Social Engineering: Criminals use psychological manipulation to trick individuals into revealing
confidential information, often posing as bank representatives or other trustworthy entities.

Unauthorized Access: Weak passwords or inadequate security measures may lead to unauthorized
access to a user's online banking account, allowing fraudsters to make transactions without the
account holder's knowledge.

To prevent net banking frauds, individuals should:

 Regularly monitor account statements.

 Use strong and unique passwords.
 Enable two-factor authentication.
 Keep card and PIN details confidential.
 Be cautious of phishing attempts.
 Update and use security software on devices.
 One should avoid conducting online banking transactions on public WiFi networks, as
these networks may not be secure and can be easily intercepted by hackers

Smart cards Fraud

A smart card is a physical card that has an embedded integrated chip that acts as a security
token. Smart cards were designed to reduce credit card fraud. However, fraudsters have
adapted to these advancements.
Here are common scenarios associated with smart card fraud:

Card Skimming: Criminals use skimming devices to capture data from the chip embedded in a smart
card. This stolen information can be used to create counterfeit smart cards.

Lost or Stolen Cards: If a smart card is lost or stolen, an unauthorized person may use it for
transactions if they also know the Personal Identification Number (PIN) associated with the card.

Card Not Present (CNP) Fraud: While smart cards provide enhanced security for in-person
transactions, they may still be susceptible to fraud in online or phone transactions where the physical
card is not required.
Malware Attacks: Criminals may use malware to compromise the security of the smart card or the
device used for transactions, allowing them to gain unauthorized access or manipulate data.

Forgery: Criminals may attempt to create fake smart cards by tampering with the physical
characteristics of the card or attempting to replicate the embedded chip.

Insider Threats: Employees with access to smart card issuance systems may be involved in
fraudulent activities, such as creating unauthorized cards or sharing sensitive information.

PREVENTION

 Secure PINs: Always keep PINs confidential and do not share them with anyone.
 Report Loss or Theft: Report lost or stolen smart cards immediately to the issuer to block
unauthorized use.
 Enable Transaction Notifications: Set up alerts for transactions to be notified of any suspicious
activity.
 Use Secure Devices: Ensure that the devices used for smart card transactions are secure and free
from malware.
 Regularly Monitor Statements: Review smart card statements for any unauthorized
transactions.

Issuers of smart cards employ security features such as encryption, authentication protocols, and fraud
detection systems to safeguard against fraudulent activities. Ongoing technological advancements aim
to enhance the security of smart cards and mitigate the risks associated with fraud. Additionally, user
awareness and adherence to security best practices play a crucial role in preventing and minimizing
smart card fraud.

Credit cards Frauds

Credit card fraud continues to be a major concern, with criminals exploiting various tactics to
compromise cardholder information. Credit card fraud involves unauthorized and deceptive
activities aimed at exploiting vulnerabilities in credit card systems. Here are common
scenarios associated with credit card fraud:

Card Skimming: Criminals use skimming devices to capture data from the magnetic stripe of credit
cards when they are used at ATMs or point-of-sale terminals. This stolen information can be used to
create counterfeit cards.

Phishing: Fraudsters use emails, messages, or fake websites to trick credit cardholders into providing
sensitive information, such as card numbers, expiration dates, and security codes.

Lost or Stolen Cards: If a credit card is lost or stolen, unauthorized individuals may use it for
transactions until the cardholder reports the loss to the issuer.

Identity Theft: Criminals may steal personal information to apply for credit cards in someone else's
name. Once approved, they can use the fraudulently obtained cards for unauthorized transactions.

Card Not Present (CNP) Fraud: Criminals make unauthorized online or phone transactions using
stolen credit card information without the need for the physical card.

Account Takeover: Cybercriminals gain access to a person's credit card account through phishing or
hacking, allowing them to make unauthorized changes or transactions.

Fake Card Generation: Criminals may use stolen credit card information to create fake physical
cards or use the details for online purchases.
To protect against credit card fraud:

Regularly Monitor Statements: Review credit card statements for any unauthorized transactions.

Enable Transaction Notifications: Set up alerts for transactions exceeding a certain amount or for
any card-not-present transactions.

Keep Cards Secure: Protect cards from loss or theft, and report any incidents promptly.

Use Two-Factor Authentication: Enable two-factor authentication for online transactions when
available.

Check Credit Reports: Regularly check credit reports for any suspicious activity or accounts opened
without your knowledge.

As financial transactions become increasingly digital, the threat landscape for fraud continues
to evolve. Financial institutions must remain vigilant and adopt proactive measures to
safeguard customer information and financial assets. This includes investing in advanced
technologies, educating users about security best practices, and collaborating with industry
stakeholders to stay ahead of emerging threats. By staying informed and implementing robust
security measures, the financial industry can mitigate the risks associated with fraud and
ensure a secure financial ecosystem for all stakeholders.
WHO IS AN OBMUDSMAN

An ombudsman is a government official or office established to handle complaints and

disputes made by ordinary citizens against public organizations, institutions, or government
agencies. The term “ombudsman” originated in Sweden and refers to an officer appointed by
the legislature to address complaints related to services or administrative authorities.
In India, the concept of the ombudsman has been adopted to provide a mechanism for
resolving grievances in various sectors.
Role of Banking Ombudsman

The Banking Ombudsman plays a crucial role in safeguarding the interests of bank customers
and promoting transparency and accountability in the banking sector. Here are some key
responsibilities of the Banking Ombudsman:
1. Resolving Complaints: The Banking Ombudsman is responsible for resolving
complaints and grievances filed by bank customers. These complaints can be related
to various issues such as non-payment or delay in payment of cheques, non-
observance of fair practices code, and unauthorized electronic transactions, among
others.
2. Mediation and Conciliation: The Ombudsman acts as a mediator between the bank
and the customer, facilitating a fair and amicable resolution. They encourage both
parties to reach a mutually acceptable settlement through conciliation.
3. Investigation: In cases where mediation fails or the complaint requires further
investigation, the Banking Ombudsman has the authority to conduct a detailed
investigation into the matter. This includes gathering evidence, examining relevant
documents, and seeking clarification from the bank.
4. Providing Redressal: Once the investigation is complete, the Ombudsman has the
power to pass an appropriate order directing the bank to take specific actions for
redressal. This may include compensating the customer for any loss suffered,
rectifying errors, or providing an explanation for any deficiency in service.
5. Creating Awareness: The Banking Ombudsman also plays a vital role in creating
awareness among customers about their rights and responsibilities. They conduct
awareness campaigns, disseminate information, and educate customers about the
banking ombudsman scheme.
6. Independence and Impartiality:The banking ombudsman operates independently
from the banks and other financial institutions. This independence ensures
impartiality and fairness in the resolution of disputes.
7. Policy Advocacy: Banking ombudsmen may provide feedback to regulatory
authorities and financial institutions on systemic issues that contribute to customer
complaints. This feedback can lead to improvements in banking policies and
practices.
8. Monitoring Trends: Ombudsman monitor trends and patterns in customer
complaints to identify common issues or emerging problems within the banking
sector. This information can be valuable for both regulators and financial institutions
in improving their services.
9. Confidentiality: Ombudsmen handle customer complaints with utmost
confidentiality. This ensures that sensitive information is protected during the
resolution process.
10. Annual Reports: Ombudsmen typically submit annual reports to regulatory
authorities summarizing their activities, the types of complaints received, and the
outcomes of their interventions. These reports contribute to the transparency of the
banking sector.
11. Accessibility: Ombudsmen ensure that their services are accessible to the public. This
may involve maintaining multiple offices, providing information in local languages,
and utilizing various communication channels to reach a diverse customer base.