Chapter:-1.Introduction: Frauds in Indian Banking Sector

Frauds in Indian Banking Sector
Chapter:-1.Introduction:
EVOLUTION OF BANKING SYSTEM IN INDIA:
Banking system occupies an important place in a nation’s economy. A

banking institution is indispensable in a modern society. It plays a pivotal
role in economic development of a country and forms the core of the
money market in an advanced country.
Banking industry in India has traversed a long way to assume its present
stature. It has undergone a major structural transformation after the
nationalization of 14 major commercial banks in 1969 and 5 more on 15
April 1980.
Banks are the engines that drive the operations in the financial sector,
which is vital for the economy. With the nationalization of banks in 1969,
they also have emerged as engines for social change. After Independence,
the banks have passed through three stages. They have moved from the
character based lending to ideology based lending to today
competitiveness based lending in the context of India's economic
liberalization policies and the process of linking with the global economy.
A sound banking system should possess three basic characteristics to

protect depositor’s interest and public faith. Theses are
(i) a fraud free culture,

(ii) a time tested Best Practice Code, and
(iii) an in house immediate grievance remedial system. All these
conditions are their missing or extremely weak in India.
1
Section 5(b) of the Banking Regulation Act, 1949 defines banking as

“Banking is the accepting for the purpose of lending or investment,
deposits of money from the purpose of lending or investment, deposits of
money from the public, repayable on demand or otherwise and withdraw
able by cheque, draft, order or otherwise.”
In the present day, Global Scenario Banking System has acquired new
dimensions. Banking did spread in India. Today, the banking system has
entered into competitive markets in areas covering resource mobilization,
human resource development, customer services and credit management
as well.
With the rising banking business, frauds in banks are also increasing and
the fraudsters are becoming more and more sophisticated and ingenious.
In a bid to keep pace with the changing times, the banking sector has
diversified its business manifold. Replacement of the philosophy of class
banking with mass banking in the post-nationalization period has thrown
a lot of challenges to the management on reconciling the social
responsibility with economic viability.
The banking system in our country has been taking care of all segments
of our socio-economic set up. A bank fraud is a deliberate act of omission
or commission by any person carried out in the course of banking
transactions or in the books of accounts, resulting in wrongful gain to any
person for a temporary period or otherwise, with or without any monetary
loss to the bank.
2
Definition of Fraud:
Fraud is defined as “any behavior by which one person intends to gain a

dishonest advantage over another”. In other words , fraud is an act or
omission which is intended to cause wrongful gain to one person and
wrongful loss to the other, either by way of concealment of facts or
otherwise.
Fraud is defined u/s 421 of the Indian Penal Code and u/s 17 of the Indian
Contract Act. Thus essential elements of frauds are:
1.There must be a representation and assertion;

2. It must relate to a fact;
3. It must be with the knowledge that it is false or without belief in
its truth; and
4. It must induce another to act upon the assertion in question or to
do or not to do certain act.
A false representation of a matter of fact — whether by words or by

conduct, by false or misleading allegations, or by concealment of what
should have been disclosed — that deceives and is intended to deceive
another so that the individual will act upon it to her or his legal injury.
In law, the deliberate misrepresentation of fact for the purpose of

depriving someone of a valuable possession or legal right. Any omission
or concealment that is injurious to another or that allows a person to take
unconscionable advantage of another may constitute criminal fraud. The
most common type of fraud is the obtaining of property by giving a check
for which there is insufficient funds in the signer's account. Another is the
3
assumption of someone else's or a fictitious identity with the intent to

deceive. Also important are mail and wire fraud (fraud committed by use
of the postal service or electronic devices, such as telephones or
computers). A tort action based on fraud is sometimes referred to as an
action of deceit.
4
Bank Frauds:
Losses sustained by banks as a result of frauds exceed the losses due to
robbery, dacoit, burglary and theft-all put together. Unauthorized credit
facilities are extended for illegal gratification such as case credit allowed
against pledge of goods, hypothecation of goods against bills or against
book debts. Common modus operandi are, pledging of spurious goods,
inletting the value of goods, hypothecating goods to more than one bank,
fraudulent removal of goods with the knowledge and connivance of in
negligence of bank staff, pledging of goods belonging to a third party.
While the operations of the bank have become increasingly significant,

there is also an occupation hazard. There is a Tamil proverb, which says
that a man who collects honey will always be tempted to lick his fingers.
Banks are all the time dealing with money and the temptation should
therefore is very high. Oscar Wilde said that the thief was an artist and
the policeman was only a critic. There are many people who are
unscrupulous and are able to perpetrate a fraud. We must be able to see
that we devise our systems and procedures in such a way that the scope
for such clever and unscrupulous people is reduced.
Frauds in deposit accounts take place by opening of bogus accounts,

forging signatures of introducers and collecting through such accounts
stolen or forged cheques or bank drafts. Frauds are also committed in the
area of granting overdraft facility in the current accounts of customers. A
large number of frauds have been committed through bank draft, mail
transfers and telegraphic transfers.
An analysis made of cases brings out broadly the under mentioned four
major elements responsible for the commission of frauds in banks.
5
1. Active involvement of the staff-both supervisor and clerical either

independent of external elements or in connivance with outsiders.
2. Failure on the part of the bank staff to follow meticulously laid
down instructions and guidelines.
3. External elements perpetuating frauds on banks by forgeries or
manipulations of cheques, drafts and other instruments.
4. There has been a growing collusion between business, top banks
executives, civil servants and politicians in power to defraud the
banks, by getting the rules bent, regulations flouted and banking
norms thrown to the winds.
6
Chapter:-2 Mechanics of bank frauds:
By Insiders:
1. Wire fraud
Wire transfer networks such as the international interbank fund

transfer system are tempting as targets as a transfer, once made, is
difficult or impossible to reverse. As these networks are used by banks
to settle accounts with each other, rapid or overnight wire transfer of
large amounts of money are commonplace; while banks have put
checks and balances in place, there is the risk that insiders may
attempt to use fraudulent or forged documents which claim to request
a bank depositor's money be wired to another bank, often an offshore
account in some distant foreign country.
2. Rogue traders
A rogue trader is a highly placed insider nominally authorised to

invest sizeable funds on behalf of the bank; this trader secretly makes
progressively more aggressive and risky investments using the bank's
money, when one investment goes bad, the rogue trader engages in
further market speculation in the hope of a quick profit which would
hide or cover the loss.
Unfortunately, when one investment loss is piled onto another, the

costs to the bank can reach into the hundreds of millions of dollars;
there have even been cases in which a bank goes out of business due
to market investment losses.
7
3. Fraudulent loans
One way to remove money from a bank is to take out a loan, a practice
bankers would be more than willing to encourage if they know that the
money will be repaid in full with interest. A fraudulent loan, however,
is one in which the borrower is a business entity controlled by a
dishonest bank officer or an accomplice; the "borrower" then declares
bankruptcy or vanishes and the money is gone. The borrower may
even be a non-existent entity and the loan merely an artifice to conceal
a theft of a large sum of money from the bank.
4. Forged or fraudulent documents:
Forged documents are often used to conceal other thefts; banks tend to
count their money meticulously so every penny must be accounted for.
A document claiming that a sum of money has been borrowed as a
loan, withdrawn by an individual depositor or transferred or invested
can therefore be valuable to a thief who wishes to conceal the minor
detail that the bank's money has in fact been stolen and is now gone.
5. Uninsured deposits
There are a number of cases each year where the bank itself turns out
to be uninsured or not licensed to operate at all. The objective is
usually to solicit for deposits to this uninsured "bank", although some
may also sell stock representing ownership of the "bank". Sometimes
the names appear very official or very similar to those of legitimate
banks. For instance, the "Chase Trust Bank" of Washington D.C.
appeared in 2002 with no licence and no affiliation to its seemingly
apparent namesake; the real Chase Manhattan Bank is based in New
York.
8
There is a very high risk of fraud when dealing with unknown or

uninsured institutions.
The risk is greatest when dealing with offshore or Internet banks (as
this allows selection of countries with lax banking regulations), but
not by any means limited to these institutions.
6. Demand draft fraud
Demand draft fraud is usually done by one or more dishonest bank

employees. They remove few DD leaves or DD books from stock and
write them like a regular DD. Since they are insiders, they know the
coding, punching of a demand draft. These Demand drafts will be
issued payable at distant town/city without debiting an account. Then
it will be cashed at the payable branch. For the paying branch it is just
another DD. This kind of fraud will be discovered only when the head
office does the branch-wise reconciliation, which normally will take 6
months. By that time the money is unrecoverable.
By others:
7. Forgery and altered cheques
Thieves have altered cheques to change the name (in order to deposit
cheques intended for payment to someone else) or the amount on the
face of a cheque (a few strokes of a pen can change Rs.10000 into
Rs.100,000, although such a large figure may raise some eyebrows).
Instead of tampering with a real cheque, some fraudsters will attempt

to forge a depositor's signature on a blank cheque or even print their
own cheques drawn on accounts owned by others, non-existent
accounts or even alleged accounts owned by non-existent depositors.
9
The cheque will then be deposited to another bank and the money
withdrawn before the cheque can be returned as invalid or for non-
sufficient funds.
8. Stolen cheques
Some fraudsters obtain access to facilities handling large amounts of

cheques, such as a mailroom or post office or the offices of a tax
authority (receiving many cheques) or a corporate payroll or a social
or veterans' benefit office (issuing many cheques). A few cheques go
missing; accounts are then opened under assumed names and the
cheques (often tampered or altered in some way) deposited so that the
money can then be withdrawn by thieves. Stolen blank chequebooks
are also of value to forgers who then sign as if they were the depositor
9. Accounting fraud
In order to hide serious financial problems, some businesses have been

known to use fraudulent bookkeeping to overstate sales and income,
inflate the worth of the company's assets or state a profit when the
company is operating at a loss. These tampered records are then used
to seek investment in the company's bond or security issues or to make
fraudulent loan applications in a final attempt to obtain more money to
delay the inevitable collapse of an unprofitable or mismanaged firm.
Accounting fraud has also been used to conceal other theft taking
place within a company.
10.Bill discounting fraud
Essentially a confidence trick, a fraudster uses a company at their

disposal to gain confidence with a bank, by appearing as a genuine,
10
profitable customer. To give the illusion of being a desired customer,

the company regularly and repeatedly uses the bank to get payment
from one or more of its customers. These payments are always made,
as the customers in question are part of the fraud, actively paying any
and all bills raised by the bank. After time, after the bank is happy
with the company, the company requests that the bank settles its
balance with the company before billing the customer. Again, business
continues as normal for the fraudulent company, its fraudulent
customers, and the unwitting bank. Only when the outstanding balance
between the bank and the company is sufficiently large, the company
takes the payment from the bank, and the company and its customers
disappear, leaving no-one to pay the bills issued by the bank.
11.Cheque kiting
Cheque kiting exploits a system in which, when a cheque is deposited

to a bank account, the money is made available immediately even
though it is not removed from the account on which the cheque is
drawn until the cheque actually clears.
Deposit Rs.1000 in one bank, write a cheque on that amount and

deposit it to your account in another bank; you now have Rs2000 until
the cheque clears.
In-transit or non-existent cash is briefly recorded in multiple accounts.
A cheque is cashed and, before the bank receives any money by

clearing the cheque, the money is deposited into some other account or
withdrawn by writing more cheques. In many cases, the original
deposited cheque turns out to be a forged cheque.
11
Some perpetrators have swapped checks between various banks on a

daily basis, using each to cover the shortfall for a previous cheque.
What they were actually doing was check kiting; like a kite in the
wind, it flies briefly but eventually has to come back down to the
ground.
12.Payment card fraud:
Credit card fraud is widespread as a means of stealing from banks,

merchants and clients. A credit card is made of three plastic sheet of
polyvinyl chloride. The central sheet of the card is known as the core
stock. These cards are of a particular size and many data are embossed
over it. But credit cards fraud manifest in a number of ways.
They.are:
i),Genuine cards are manipulated
ii) Genuine cards are altered
iii) Counterfeit cards are created
iv) Fraudulent telemarketing is done with credit cards.
v) Genuine cards are obtained on fraudulent applications in the
names/addresses of other persons and used.
It is feared that with the expansion of E-Commerce, M-Commerce and

Internet facilities being available on massive scale the fraudulent fund
freaking via credit cards will increase tremendously.
i) Booster cheques:
A booster cheque is a fraudulent or bad cheque used to make a

payment to a credit card account in order to "bust out" or raise the
amount of available credit on otherwise-legitimate credit cards. The
12
amount of the cheque is credited to the card account by the bank as

soon as the payment is made, even though the cheque has not yet
cleared. Before the bad cheque is discovered, the perpetrator goes on a
spending spree or obtains cash advances until the newly-"raised"
available limit on the card is reached. The original cheque then
bounces, but by then it is already too late.
ii) Stolen payment cards:
Often, the first indication that a victim's wallet has been stolen is a
phone call from a credit card issuer asking if the person has gone on a
spending spree; the simplest form of this theft involves stealing the
card itself and charging a number of high-ticket items to it in the first
few minutes or hours before it is reported as stolen.
A variant of this is to copy just the credit card numbers (instead of

drawing attention by stealing the card itself) in order to use the
numbers in online frauds. The use of a four digit Personal Identity
Number (PIN) instead of a signature helps to prevent this type of
fraud.
iii) Duplication or skimming of card information:
This takes a number of forms, ranging from a dishonest merchant

copying clients' credit card numbers for later misuse (or a thief using
carbon copies from old mechanical card imprint machines to steal the
info) to the use of tampered credit or debit card readers to copy the
magnetic stripe from a payment card while a hidden camera captures
the numbers on the face of the card.
13
Some thieves have surreptitiously added equipment to publicly

accessible automatic teller machines; a fraudulent card stripe reader
would capture the contents of the magnetic stripe while a hidden
camera would sneak a peek at the user's PIN. The fraudulent
equipment would then be removed and the data used to produce
duplicate cards that could then be used to make ATM withdrawals
from the victims' accounts.
13.Empty ATM envelope deposits:
A criminal overdraft can result due to the account holder making a

worthless or misrepresented deposit at an automated teller machine in
order to obtain more cash than present in the account or to prevent a
check from being returned due to non-sufficient funds. The crime
could also be perpetrated against another person's account in an
"account takeover" or with a counterfeit ATM card, or an account
opened in another person's name as part of an identity theft scam. This
scenario may become a thing of the past next decade due to the
emergence of ATM deposit technology that scans currency and checks
without using an envelope.
14. Impersonation:
Impersonation has become an increasing problem; the scam operates

by obtaining information about an individual, then using the
information to apply for identity cards, accounts and credit in that
person's name. Often little more than name, parents' name, date and
place of birth are sufficient to obtain a birth certificate; each document
obtained then is used as identification in order to obtain more identity
documents. Government-issued standard identification numbers such
14
as "social security numbers" “PAN numbers” are also valuable to the

fraudster.
Information may be obtained from insiders (such as dishonest bank or

government employees), by fraudulent offers for employment or
investments (in which the victim is asked for a long list of personal
information) or by sending forged bank or taxation correspondence.
In some cases, a name is needed to impersonate a citizen while

working as an illegal immigrant but often the identity thieves are using
the bogus identity documents in the commission of other crimes or
even to hide from prosecution for past crimes. The use of a stolen
identity for other frauds such as gaining access to bank accounts,
credit cards, loans and fraudulent social benefit or tax refund claims is
not uncommon.
Unsurprisingly, the perpertators of such fraud have been known to

take out loans and disappear with the cash, quite content to see the
wrong persons blamed when the debts go bad or the police come
calling.
15. Fraudulent loan applications
These take a number of forms varying from individuals using false

information to hide a credit history filled with financial problems and
unpaid loans to corporations using accounting fraud to overstate
profits in order to make a risky loan appear to be a sound investment
for the bank.
Some corporations have engaged in over-expansion, using borrowed

money to finance costly mergers and acquisitions and overstating
15
assets, sales or income to appear solvent even after becoming

seriously financially overextended.
16. Prime bank fraud:
The "prime bank" operation which claims to offer an urgent, exclusive

opportunity to cash in on the best-kept secret in the banking industry,
guaranteed deposits in "prime banks", "constitutional banks", "bank
notes and bank-issued debentures from top 500 world banks", "bank
guarantees and standby letters of credit" which generate spectacular
returns at no risk and are "endorsed by the World Bank" or various
national governments and central bankers. However, these official-
sounding phrases and more are the hallmark of the so-called "prime
bank" fraud; they may sound great on paper, but the guaranteed
offshore investment with the vague claims of an easy 100% monthly
return are all fictitious financial instruments intended to defraud
individuals.
17. Phishing and Internet fraud:
Phishing operates by sending forged e-mail, impersonating an online

bank, auction or payment site; the e-mail directs the user to a forged
web site which is designed to look like the login to the legitimate site
but which claims that the user must update personal info. The
information thus stolen is then used in other frauds, such as theft of
identity or online auction fraud.
Phishing means sending an e-mail that falsely claims to be a particular

enterprise and asking for sensitive financial information. Phishing,
thus, is an attempt to scam the user into surrendering private
information that will then be used by the scammer for his own
16
benefit.Phishing uses 'spoofed' e-mails and fraudulent Web sites that

look very similar to the real ones thus fooling the recipients into
giving out their personal data. Most phishing attacks ask for credit
card numbers, account usernames and passwords. According to
statistics phishers are able to convince up to five per cent of the
recipients who respond to them.
18. Money laundering
Money laundering has been used to describe any scheme by which the
true origin of funds is hidden or concealed.
The operations work in various forms. One variant involved buying

securities (stocks and bonds) for cash; the securities were then placed
for safe deposit in one bank and a claim on those assets used as
collateral for a loan at another bank. The borrower would then default
on the loan. The securities, however, would still be worth their full
amount. The transaction served only to disguise the original source of
the funds.
19. Forged currency notes:
Paper currency is the usual mode of exchange of money at the

personal level, though in business, cheques and drafts are also used
considerably. Bank note has been defined in Section 489A.If forgery
of currency notes could be done successfully then it could on one hand
made the forger millionaire and the other hand destroy the economy of
the nation. A currency note is made out of a special paper with a
coating of plastic laminated on both sides of each note to protect the
ink and the anti forgery device from damage. More over these notes
have security threads, water marks. But these things are not known to
17
the majority of the population. Forged currency notes are in full

circulation and it’s very difficult to catch hold of such forgers as once
such notes are circulated it’s very difficult to track its origin.
20. Computer Frauds:
Computerization has brought advantages of efficiency, speed and

economy in all spheres of life. It is a very powerful tool and provides
opportunities of efficiency and speed to everybody using it. Further,
the vast increase in the memory (whether RAM or storage) and
processing speeds as well as availability of wide range of software,
particularly Internet and web-based applications i.e. connectivity, have
made them pervade all aspects of our lives. This has also brought large
economy of scale particularly in our economic environment and we
are becoming more and more dependent on computers and their
networks for the services such systems deliver.
Frauds committed using computers vary from complex financial

frauds where large amounts are illegally transferred between accounts
by sophisticated hackers, to the simpler frauds where computer is only
a tool that a criminal uses to commit a crime.
It also provides ample opportunities for their misuse particularly for

economic or financial gains. This is as computers networks can also be
used to commit crimes from geographically far places. Such computer
frauds are known by various names such as cyber crimes or e-crimes
and we can describe them as an act involving computer equipment,
software or data that results in an unauthorized financial advantage.
Worldwide frauds in computerized environment cause losses running
into very large sums. Although in India, frauds committed so far have
18
not revealed any extensive manipulation of computer systems, it is no

doubt a potentially high-risk area, which should be addressed carefully
and in timely manner. According to a recent survey, companies in
India have not addressed security issues appropriately.
1) Manipulation:
In an ideal situation, where information systems have all the necessary

controls, which are properly integrated with other manual controls and
maintained, there will generally be no cause of worry. It is however,
not so. Not only, most system controls are not perfect, people also try
to manipulate systems for variety of motives from games playing, ego
peer pressure, and hatred for the organization, emotional
maladjustment, blackmail and economic gains. Such people could be
insiders, outsiders as well as vendors, competitors in fact any one.
Computer frauds gain their criticality as they are easy to commit,

difficult to detect and even harder to prove. The most important type
of such frauds is committing the fraud by manipulation of input,
output or throughput of a computer system.
a) Input Manipulation:
In input manipulation, input data such as deposit amounts in ledgers,

limits in accounts or face value of cheques are changed.
b) Output manipulation:
Output manipulation is achieved by affecting the output of the system,

such as use of stolen or falsified cards in ATM machines.
19
c) Throughput manipulation:
Throughput manipulation could be by rounding off sums credited to

different accounts and siphoning of the rounded digits to another
account. No system is foolproof and fraudulent transfers can occur in
even highly automated and secure funds transfer systems.
2) Unauthorized use:
Other types of such frauds or crimes could be unauthorized access to

computers by hacking into systems or stealing passwords, deliberate
damage caused to computer data or programs, computer forgery
(changing of data or images stored in computers) and un-authorized
reproduction / modification of computer programs.
3) Awareness:
Other important causes of such frauds are lack of employee

awareness, poor implementation of security policies and segregation
of duties, vendor products with weak security controls, outsourced
service providers and hackers (many as young as school students).
Computer frauds in such cases are generally for economic benefit to
the fraudster and corresponding loss to the organization
Other sources of computer crimes are terrorists, organized criminals

and groups hating the organization.
20
Chapter:-3 Frauds- Prevention and Detection:
A close study of any fraud in bank reveals many common basic features.
There may have been negligence or dishonesty at some stage, on part of
one or more of the bank employees. One of them may have colluded with
the borrower. The bank official may have been putting up with the
borrower’s sharp practices for a personal gain. The proper care which was
expected of the staff, as custodians of banks interest may not have been
taken. The bank’s rules and procedures laid down in the Manual
instructions and the circulars may not have been observed or may have
been deliberately ignored.
Components of Fraud:
There are two important components in any fraud committed by an

employee of a bank, himself or in collusion with a burrower. They are,
firstly, the intention which is subjective; and secondly, the opportunity
which is objective. Conditions must be created in the bank that the person
who intends perpetrating a fraud does not get the opportunity to commit
it.
In India, the design, management and regulation of electronically-based

payments system are becoming the focus of policy deliberations. The
imperatives of developing an effective, efficient and speedy payment and
settlement systems are getting sharper with introduction of new
instruments such as credit cards, telebanking, ATMs, retail Electronic
Funds Transfer (EFT) and Electronic Clearing Services (ECS). We are
moving towards smart cards, credit and financial Electronic Data
Interchange (EDI) for straight through processing.
21
We are basically concerned about computer frauds committed by an

unauthorized user (whether insider or outsider) to the computer networks,
which aims at causing economic or financial gains to the user by this act
or an economic or financial loss to the information system (i.e. hardware,
software and data) owner.
Prevention of frauds:
i) Internal Prevention:
It is said that failures are the stepping stone for success. What this means
is that if we are able to analyse why a particular failure by way of a fraud
took place, we can then detect the loopholes in our system which led to
the fraud and take corrective measures or change the system. For instance
the great Harshad Mehta scam took place because among other things, the
public debt office of the Reserve Bank of India was not computerised and
was operating on a manual system. This gave a float of fifteen days,
which gave opportunity for people like Ketan Parekh to perpetrate the
fraud. Even after this scam while in the case of the RBI the defect was
rectified the overall banking system is still manual. Only 5000 out of the
65000 branches of banks are computerised. In today's competitive
market, it is necessary that the banks are able to service their clients
effectively. Therefore strongly urge is that we should have a massive
effort at computerisation of the banks.
22
Execution of Documents:
1. A bank officer must adopt a strict professional approach in the

execution of documents. The ink and the pen used for the
execution must be maintained uniformly.
2. Bank documents should not be typed on a typewriter for
execution. These should be invariably handwritten for execution.
3. The execution should always be done in the presence of the
officer responsible for obtain them,
4. The borrowers should be asked to sign in full signatures in same
style throughout the documents.
5. Unless there is a specific requirement in the document, it should
not be got attested or witnessed as such attestation may change the
character of the instruments and the documents may subject to
stamp duty.
6. The paper on which the bank documents are made should be pilfer
proof. It should be unique and available to the banks only.
7. The printing of the bank documents should have highly artistic
intricate and complex graphics.
8. The documents executed between Banker and Borrowers must be
kept in safe custody,
One issue when a fraud is perpetrated is who should be held responsible.

For instance in the case of the borrower-based accounts, there is the
person who posts the accounts, there is the person who passes the
instrument and, there is a third person who makes the payment. It has
been suggested that there must be a method of isolating the person who
makes the payment from the people who make the posting or pass the
order. The relative responsibility of the three will have to be fixed. This is
an issue that has been raised before me by one of the Chairman of the
23
banks. Perhaps in a programme like this we will be able to go into such

issues and evolve guidelines about what should be done so that while the
innocent is not punished, the guilty are not spared.
Another issue, which is of importance to the Indian economy. This is the

reported fear of many officers, especially in the middle levels in the
banks, to take decisions regarding dispersal of funds. As a result, there is
always a tendency to push the case upwards and the whole banking
system is operating in a sub-optimal manner. We must be able to find a
solution to this. In fact, the whole vigilance function can become an
effective function for economic growth if we are able to create an
environment in which the honest are encouraged to take the decision and
the dishonest are punished quickly.
Bank frauds are the failure of the banker. It does not mean that the
external frauds do not defraud banks. But if the banker is upright and
knows his job, the task of defrauder will become extremely difficult, if
not possible.
ii) External Prevention:
In the banking and financial sectors, the introduction of electronic

technology for transactions, settlement of accounts, book–keeping and all
other related functions is now an imperative. Increasingly, whether we
like it or not, all banking transactions are going to be electronic. The
thrust is on commercially important centers, which account for 65 percent
of banking business in terms of value. There are now a large number of
fully computerized branches across the country.
24
a) Appropriate controls:
The first steps in prevention of frauds in computerized systems involve

setting up of proper access controls both physical and logical. The
physical protection of Information System assets means physical control
of access to computer and network systems and the devices to which they
are connected. Access to these systems could be controlled by security
guards, installation of code locks, smart card driven door opening devices
or modern biometric devices (which control the access on the basis of
certain individual characteristics such as finger-prints, eyes retina image
etc., which cannot be changed or falsified).
However, in a computerized environment, logical access controls (i.e.

controls to operating systems, data-base systems as well as application
systems) play more important role. Adequate controls over system
software and data is done by keeping a strict control over functional
division of labor between all classes of employees, keeping in mind the
principle of least privilege and that maker and checker. A clear
segmentation of access to system engineers, programmers and
administrators is also done depending on their work responsibility.
Information System Auditors / Security Management must exercise a
great deal of creativity in identifying ways in which unauthorized users
could gain access.
Hence, the first step in prevention of computer frauds is setting up of the

appropriate controls.
25
b) Proper Implementation;
Second step in prevention of frauds would be to ensure that the users

properly implement the control systems. Control measures could be either
software driven like passwords or system driven like exception reports
and transaction authorization processes. In this connection, it may be
noted that access controls are a system in themselves and existence of
such controls means existence and maintenance of such control systems.
In the case of passwords, as access control measures. It may be noted that

merely having passwords is not sufficient. It should also be ensured that
password have been prescribed to have certain minimum characters, are
stored in encrypted files, there is a forced change of passwords at the time
of first login as well as after a specified period. These features however
depend on the security policy of the organization.
Systems are also designed to keep a chronological record of the events

occurring in the system (i.e. commands executed by the users, actions on
files, messages displayed by the system, resources consumption by the
users, transaction entry and security violations) in the form of audit trails.
These can be built in operating systems, database management systems as
well as application software. A regular analysis of audit trails as control
measure helps in containing any future loss through fraud.
However, although having good controls and maintaining them is a major

step in prevention of frauds it is still not sufficient to prevent them. Even
with the best of systems and their maintenance, all the possibilities of
their misuse can neither be predicted nor tested. Even when the best of
the access controls tools are used and monitored, when data flows from
within the network through data communication lines or from one
26
network to another or through Internet, protection of the data becomes an

important tool for prevention of frauds. For this, one can either depend on
simple processes like check sum or hash totals built in the software or
may require using encryption technology or cryptography. The
complexity and cost of implementation of these methods varies a lot and
is, hence, decided by the risk element.
Examples:
1) When data relating to inter-branch reconciliation flows through

network simple processes like check sum or hash totals may suffice.
However, in the case of INFINET used for Real Time Gross Settlement,
which uses dial-up connections, leased lines as well as VSAT technology
for access, use of Public Key Infrastructure (PKI) with a larger key-size is
necessitated.
2) Firewalls for computer networks are another important tool in

prevention of frauds when access is allowed across networks or Internet.
They are used to enforce an access control policy across the networks.
They allow only authorized traffic to pass and prevent unauthorized
access. They also protect sensitive data and provide audit or logging
information. As such they provide a focal point for monitoring and log
access to the network and thus limit exposure of network services.
3) Present technology also makes us available what is called as Intruder

Detection Systems (IDS). IDS are systems build up to detect intruders
entering the network. It is the process of identifying and responding to
malicious activity targeted at computing and networking resources and is
an important component of defensive measures protecting computer
system and networks from abuses. There are different kinds of IDS:
27
i) Network Intrusion Detection Systems (NIDS) monitor packets on the

network and attempt to discover if a hacker is trying to break into a
system. ii) System Integrity Verifiers (SIV) monitors system files to
detect when an intruder changes them and send alert.
iii) Log File Monitor (LFM) monitors log files generated by network and
look for patterns in the log files that suggest an intruder is attacking. Once
the hacker gets into the network it triggers an alarm at the same time.
As firewall acts like a fence around the network, it cannot on its own
detect somebody trying to break in. It restricts access at the designated
points. IDS, on the other hand, are intended to recognize attacks against
the network that firewall are unable to see. 80% of all the financial losses
are due to hacking that come from inside the network. Firewall cannot see
anything happening inside the network. Firewall checks for traffic which
passes between internal network and the Internet. Adding IDS will
double-check miss-configured firewalls; catch attempts that fail; catch
insider hacking; record electronic evidence.
28
Detection of Frauds:
i) Internal detection:
Despite all care and vigilance there may still be some frauds, though their
number, periodicity and intensity may be considerably reduced. The
following procedure would be very helpful if taken into consideration:
1. All relevant data-papers, documents etc. Should be promptly

collected. Original vouchers or other papers forming the basis of
the investigation should be kept under lock and key.
2. All persons in the bank who may be knowing something about the
time, place a modus operandi of the fraud should be examined and
their statements should be recorded.
3. The probable order of events should thereafter be reconstructed by
the officer, in his own mind.
4. It is advisable to keep the central office informed about the fraud
and further developments in regard thereto.
One method of detection will be only by regular checks and this is where
apparently there is slackness today. Ultimately we must be able to create
in our banks an atmosphere of trust on the one side and transparency on
the other so that frauds if they occur are immediately detected, checked
and penalized.
Apart from the systems and procedures, ultimately the whole issue boils
down to the values we have. Today we are highly tolerant of corruption.
We also have in our Hindu philosophy the two basic principles, which
seem to indirectly encourage corruption. These are extreme tolerance and
the prayaschitta principle. As a result many people who commit frauds
can literally get away freely. Our systems are really to be blamed. As it is
29
seen, if we make a quick analysis of 100 people in any given

organisation, 10% may be honest and 10% dishonest whatever we do.
80% depend on the systems we have.
And our systems encourage corruption due to the following factors:
 Scarcity of goods and services

 Lack of transparency
 Delay and red tape
 Cushions of safety that have been built for the corrupt on the
healthy principle that everybody is innocent till proved guilty. We
have got voluminous vigilance manuals and the corrupt can find
always some method of escaping punishment by exploiting some
loophole or other. This must be checked.
Do not know to what extent the bank frauds can be attributed to the
people in our own banking system that, because of loyalty of the
profession or organisation, tends to protect the corrupt. Such people may
be doing a disservice to the nation. We should therefore be able to evolve
ultimately systems which tackle the corruption promoting factors
mentioned above so that the punishment of the corrupt becomes a
perceived reality and acts as a check for people who have a tendency to
commit frauds. After all that is the way for prevention and detection of
frauds.
30
ii) External detection:
Despite all such measures, as technology is taking rapid strides (for

fraudsters as well as organizations), system security administrators are
discovering that they have to constantly improve upon the technological
tools. However, security can only reduce the possibility of fraud and not
totally rule it out. In a computerized environment, the perpetrators of
fraud also expect their crime to be near impossible to detect among the
thousands or millions of transactions processed by the organization.
Hence to reduce the losses, timely detection of the frauds plays an
important role.
Bank computer crimes have a typical feature, the evidence relating to

crime is intangible. The evidences can be easily erased, tampered or
secreted. More over it is not easily detectable. More over the evidence
connecting the criminal with the crime is often not available. Computer
crimes are different from the usual crimes mainly because of the mode of
investigation. There are no eyewitness, no usual evidentiary clues and no
documentary evidences.
It is difficult to investigate for the following reasons:

•Hi-tech crime
The information technology is changing very fast. The normal

investigator does not have the proper background and knowledge .special
investigators have to be created to carry out the investigations. the FBI of
USA have a cell, even in latest scenario there has been cells operating in
the Maharashtra police department to counter cyber crimes.C.B.I also
have been asked to create special team for fighting cyber crimes.
31
•International crime:
A computer crime may be committed in one country and the result can be
in another country. There has been lot of jurisdictional problem a though
the Interpol does help but it too has certain limitations. The different
treaties and conventions have created obstructions in relation to tracking
of cyber criminals hiding or operation in other nations
•No-scene crime:
The computer satellite computer link can be placed or located any where.
The usual crime scene is the cyber space. The terminal may be anywhere
and the criminal need not indicate the place. The only evidence a criminal
leaves behind is the loss to the crime.
•Faceless crime:
The major advantage criminal has in instituting a computer crime is that

there is no personal exposure, no written documents, no signatures, no
fingerprints or voice recognition. The criminal is truly and in strict sense
faceless.
There are certain spy software’s which is utilized to find out passwords
and other vital entry information to a computer system. The entry is
gained through a spam or bulk mail.
The existing enacted laws of India are not at all adequate to counter cyber
crimes. The Indian Penal code, evidence act, and criminal procedure code
has no clue about computers when they were codified. It is highly
required to frame and enact laws which would deal with those subjects
which are new to the country specially cyber law; Intellectual property
right etc.
32
The Reserve Bank of India has come up with different proposals to make
the way easier, they have enacted electronic fund transfer act and
regulations, have amended, The Reserve Bank of India Act, Bankers
Book Evidence Act etc., experience of India in relation to information
and technology is limited and is in a very immature state. It is very much
imperative that the state should seek the help of the experienced and
developed nations.
As the success of the fraudster depends on how fast their crime is

detected among very large number of transactions processed by the
organization, auditors and fraud investigators find that computers are
their best tools for detection of fraud. Powerful, interactive software that
quickly sifts through mountains of electronic data enables auditors to
effectively detect and prevent fraud throughout an organization. The
benefit is speed.
One such tool is the General Audit Software (like ACL - Audit Command
Language and IDEA - Interactive Data Extraction & Analysis). Such
tools can quickly compare and analyze data to identify patterns and trends
that often reveal fraudulent activity.
For effectively detecting and preventing fraud, one must be able to

recognize fraud and its symptoms. Auditors have been trained to look for
anomalies and a data analysis tool can highlight anomalies quickly.
However, while gathering evidence for fraud, one will have to be little
creative and examine closely any indication of fraud, however, small. In
other words, to uncover a fraud, one must think like a thief and not as an
auditor.
33
In fact, as such crimes can be committed by comparatively with much

less investment and gains to fraudsters may be beyond geographic
boundaries. Another way to use such software for prevention of fraud
could be identifying organizations risks and exposures and assembling
fraud profiles for targeted audits.
One should not forget that, in a computerized environment, frauds

increase, as fraudsters believe their action near impossible to detect, if
detected near impossible to prove, if proved nearly impossible to convict
and if convicted, amounts nearly impossible to recover. The problem is
compounded in networked banks operating in different nations with
different laws. Despite this, it has been observed that frauds perpetrated
from across the globe have been detected and amounts recovered by
proper combination of technology and sleuthing skills. Hence, while
security administrators continually watch incidences and plug the holes,
fraud investigators improve their skills and actively liaise with authorities
to improve the legal framework.
34
Chapter:-4 Relevant Measures to tackle Bank Frauds in

India:
All the major operational areas in banking represent a good opportunity

for fraudsters with growing incidence being reported under deposit, loan
and inter-branch accounting transactions, including remittances.
Broad analyses of various frauds that have taken place throw up the
following high-risk areas in committing frauds:
 Misappropriation of cash by fudging accounts.

 Unauthorized withdrawal or transfers of funds, mostly from long
dormant accounts.
 Opening of fictitious accounts to misappropriate funds from illegal
activities i.e. Laundering through the fictitious accounts
 Use of interbank clearing for accommodation, kite-flying and
misappropriation.
 Cheating in foreign exchange transactions by flouting exchange
control provisions.
 Withdrawal from deposit accounts through forged documents.
The most effective defence banks could have against fraud is to

strengthen their operational practices, procedures, controls and review
systems so that all fraud-prone areas are fully sanitized against internal or
external breaches. However, the huge expansion in banking transactions
consequent to the transition of banks to mass banking and the large scale
computerization have played a major role in the perpetration of the
frauds. Hence mere reliance on the internal controls is of no use. The ten
35
fold “INDIA FORENSIC” approach to tackle the bank fraud will

definitely play a crucial role in coming days.
Following is the procedure to tackle frauds in banks:
1) Expect fraud:
Nowhere in the world the fraud can be avoided hence the banks can be
no exceptions. It is a human tendency of taking the risk to commit the
frauds if he finds suitable opportunities. So it is wise to expect the
occurrence of the fraud. If the fraud is expected, efforts can be
concentrated on the areas, which are fraud prone. Fraud is the game of
two. The rule makers and rule breakers. Whoever is strong in the
anticipation of the situations wins the game of frauds. Fraud is a
phenomenon, which cannot be eliminated, but it needs to be managed.
2) Develop a fraud policy:
The policy should be written and distributed to all employees,

Borrowers and depositors. This gives a moral tension to the potential
Fraudster. Maintain a zero tolerance for violations. The Indian bank
needs to roar against the action that is taken against the Fraudsters.
The media publicity against the fraudsters at all the levels is necessary.
The announcement by US president George W. Bush that the
“Corporate crooks will not be spared” gave the deep impact to the
Corporate America. In India also we need to consider it as a sever
problem and need to fight against it.
3) Assess Risk:
Look at the ways fraud can happen in the organization. It is very

important to study the trend and the style of frauds in the bank. Some
36
of the big nationalized banks maintain the databases of the fraud cases
reported in their banks. But the databases are dumb. They yield
nothing unless they are analyzed effectively. Establish regular fraud-
detection procedures. It could be in the form of internal audit or it
could also be in the form of inspections. These procedures alone
discourage employees from committing fraud. In addition to this the
Institute of Chartered Accountants of India has issued an “Accounting
and Assurance standard on internal controls which is a real guideline
to test internal controls. Controls break down because people affect
them, and because circumstances change.
4) Segregate duties in critical areas:
It is the absolutely basic principle of auditing a single person should

not have the control of the books of accounts and the physical asset.
Because this is the scenario which tempts the employee to commit the
fraud. Hence it becomes essential to see that no one employee should
be able to initiate and complete a critical transaction without involving
someone else.
Most of the banks in India have the well-defined authorization

procedures. The allocation of the sanctioning limits is also observed in
most of the cases. But still the bankers violate the authorities very
easily. They just need to collude with the outside parties. However the
detection of the collusions is possible in most of the cases if the higher
authorities are willing to dig the frauds.
37
5) Maintain the tone of Ethics at the top:
The subordinates have the tendency to follow their superiors. When

the signals are passed on to the middle management about the
unethical behavior of the top management the fear of punishment gets
reduced and the tendency of following the superior dominates. Fear
vanishes when the tendency of “If I have to die I’ll take along the
superior and die” tendency rises.
6) Review and enforce password security:
The incidences of hacking and the Phishing have troubled the Indian
Private Sector banks to a great extent. In addition to this most of the
Indian banks are running behind the ATM and credit cards to compete
with each other but have conveniently forgone the fact that ATM
cards and the credit cards are the best tools available in the hands of
the fraudsters. Inappropriate system access makes it possible to steal
large amounts of money very quickly and, in many cases, without
detection. Hence the review and the enforcement of the security policy
are going to be a crucial.
7) Conduct pre-employment screening:
Since the raw material of the Banks is cash the banker needs to be
more alert than any other employer before they recruit. Only testing
the aptitude of a person is not of any use. Know whom you are hiring.
More than 20 percent of resumes contain false statements. Most
employers will only confirm dates of employment. Some times post
38
employment condition might create the greed in the minds of

employee, hence at least the bankers should test check the characters
of their subordinates by creating real life scenarios such as offering the
bribes by calling on some dummy borrower.
8) Screen and monitor Borrowers:
Bad borrowers cause the biggest losses to the banks. What are they?
Who they represent themselves to be? Look at their ownership, clients,
references, and litigation history. In many cases the potential
fraudsters have history of defaulting in some other bank or Financial
Institution.
Though this is not the foolproof solution to the disease of the frauds to
some extent it helps to combat the frauds.
39
Chapter:-5 SECURITY IN BANKING SYSTEM:
Security implies sense of safety and of freedom from danger or anxiety.

When a banker takes a collateral security, say in the form of gold or a title
deed, against the money lent by him, he has a sense of safety and of
freedom from anxiety about the possible non-payment of the loan by the
borrower. These should be communicated to all strata of the organization
through appropriate means. Before staff managers should analyze current
practices. Security procedure should be stated explicitly and agreed upon
by each user in the specific environment. Such practices ensure
information security and enhance availability. Bank security is essentially
a defense against unforced attacks by thieves, dacoits and burglars.
PHYSICAL SECURITY MEASURES-CONCEPT:
A large part of banks security depends on social security measures.

Physical security measures can be defined as those specific and special
protective or defensive measures adopted to deter, detect, delay, defend
and defeat or to perform any one or more of these functions against
culpable acts, both covert and acclamations natural events. The protective
or defensive, measures adopted involve construction, installation and
deployment of structures, equipment and persons respectively.
The following are few guidelines to check malpractices:
1. To rotate the cash work within the staff.

2. One person should not continue on the same seat for more than two
months.
40
3. Daybook should not be written by the Cashier where another

person is available to the job.
4. No cash withdrawal should be allowed within passbook in case of
withdrawal by pay order.
5. The branch manager should ensure that all staff members have
recorder their presence in the attendance registrar, before starting
work.
CHANGES IN LEGISLATIONS AFTER ELECTRONIC

TRANSACTIONS:
1. Section 91 of IPC shall be amended to include electronic

documents also.
2. Section 92 of Indian Evidence Act, 1872 shall be amended to
include commuter based communications.
3. Section 93 of Bankers Book Evidence Act, 1891 has been
amended to give legal sanctity for books of account maintained in
the electronic form by the banks.
4. Section 94 of the Reserve Bank of India Act, 1939 shall be
amended to facilitate electronic fund transfers between the
financial institutions and the banks. A new clause has been inserted
in Section 58(2).
41
Customer guidelines to avoid Fraud:
The customer should keep in mind the following guidelines to prevent

themselves from any frauds.
 Never give your account number to people you do not know,

especially on telephone.
 Never give out financial or other personal information such as bank
account or credit card numbers unless you are sure that the
company is legitimate and the information is necessary for the
transaction.
 Never judge a website by its appearance. Anyone can create a
flashy website. Just because it looks professional does not mean it
is run by a professional.
 Do not write your credit card number on the cheque.
 Don’t leave blank spaces on the payee and amount lines.
 Keep changing your e-mail password frequently because it can be
hacked.
 Limit the amount of personal information on your cheque. For e.g.
driver’s license, telephone numbers. A criminal can use this
information by applying for credit card or loan, opening a new
account.
 Don’t send any personal information to any e-mail ID this can lead
phising.
Thus above are some the measures that the customer should undertake
to avoid any type of bank frauds.
42
Chapter:-6 Bank Frauds Statistics in India:
Year Loss in Fraud Cases

Rs.Crores
2002 399.53 Cr. 1744
2003 653.5 Cr 2207
2004 600.16 Cr. 2663
A survey On Frauds:
Highlights of the first annual survey published by India forensic Research

Foundation. This study was carried out in the period of August'2006 and
February'2007. This is the first independent and privately funded study
carried out in India on the banking sector frauds.400 participants
contributed their valuable views on this subject.
 Total fraud loss to Indian Banks in year 2005- 06 was Rs. 1381
crores according to the report published by Reserve Bank of
India.
 Existence of the internal controls is still the methodology in

India to catch the frauds.
 Collusion of the borrowers and the employees is the biggest

cause of the bank frauds.
43
 At least Rs.690 crores worth of frauds are known to the banks

but are not reported to various authorities for reasons like
unclear definition of word frauds, damage to the bank’s image
etc.
 Technology related frauds like (ATM Card, Debit card, Credit

card) are expected to be going un-exposed on the vast
proportion.
 Estimated minimum loss to the banking industry because of the

unknown frauds could be more than Rs.828 crores.
 Total impact of frauds on banking revenues = 1.7% of the total

consolidated revenues of the banks are lost to frauds.
 Money laundering is considered to be the risk of frauds in

future.
 Educating the bank employees is the most effective way to

prevent the bank frauds.
44
Case Studies
1) Supposed ATM Fraud
Saturday, August 13, 2005
I did some snooping around the internet and found that even though this
kind of ATM fraud those occur there has been no indication that this is
prevailant in India or Pune for a matter of fact
Therefore the letter was either a warning from ICICI Bank to it's
customers or an attempt by someone to spread rumours or create a
popular email forward. Since no such warning is listed on the ICICI Bank
website I would think it's the latter.
A team of organized criminals are installing equipment on legitimate

bank ATM's in at least 2 regions to steal both the ATM card number and
the PIN. The team sits nearby in a car receiving the information
transmitted wirelessly over weekends and evenings from equipment they
install on the front of the ATM.
If you see an attachment, do not use the ATM and report it, immediately
to the bank using the 800 number or phone on the front of the ATM.
The equipment used to capture your ATM card number and PIN are
cleverly disguised to look like normal ATM equipment. A "skimmer" is
mounted to the front of the normal ATM card slot that reads the ATM
card number and transmits it to the criminals sitting in a nearby car.
The thieves copy the cards and use the PIN numbers to withdraw
thousands from many accounts in a very short time directly from the bank
45
ATM.
Equipment being installed on front of existing bank card slot.
The equipment as it appears installed over the normal ATM bank slot.
46
At the same time, a wireless camera is disguised to look like a leaflet

holder and is mounted in a position to view ATM PIN entries.
Suprisingly this happens only in Pune for some reason. Pune India's high
tech crime capital.
47
 WEDNESDAY, DECEMBER 26, 2007,

SOURCE TIMES OF INDIA
Card crooks tap into data wires:

First, it was skimmers. Now, credit card crooks in Kolkata may be getting
more tech savvy, using wire-tapping gadgets to cash in on unsuspecting
card users.
It's a new cause of worry for city police and CID. Wire-tapping is a
complicated scheme and much more difficult to track down. It's a
technical maze that involves telephone wires, receiving-terminals and a
cable line parallel with telephone cables to copy the card details when it
is swiped for a transaction.
The first time that the city police got an inkling of fake credit card rackets
in Kolkata was when three Bangladeshis were arrested for using a card
whose owner was in Singapore.
Wire-tapping is the most likely method, they now say. Though they have
not identified a racket as yet, cyber sleuths are sure the card racketeers are
running a hi-tech operation in the city. Their suspicions were
strengthened when a private bank recently held a workshop for CID to
discuss fraud techniques.
"We haven't got any case where wire-tapping was used to dupe somebody
but we are sure the racketeers are out there. We are trying to find the right
technique to detect such crimes and also adopting safe-guard measures,"
said a senior CID officer.
Wiretapping works in three phases. The first phase involves tapping into
the wires of the main server to capture card data as it is processed for a
48
legitimate transaction. The next step is to transfer the encoded data to

another server, at the fraudster's end, where it is decoded. In the last
phase, the data is used to produce counterfeit cards. The technology is
definitely more complicated than a skimmer - a gadget which copies the
details of a card from a measured distance. In advanced countries,
encrypted cables are installed to prevent telephone wire tapping but
awareness is low in India.
"The cable linking the electronic data capturing machine (EDC) and the
distribution point box is a very sensitive area which is targeted by the
racketeers. When the card is swiped on the EDC, the machine records the
financial data in the card's magnetic strip and feeds it to the DP box, from
where it moves to the main server of the telephone service provider and is
finally transferred to the servers of banks where the transaction is
recorded. The hackers target the area between the EDC and the DP box,
tap into the wires, steal data and send it to another server," said an anti-
fraud officer of a private bank.
Police officers say it is difficult to trace such rackets. "For the first phase,
the fraudsters need only a map of the telephone wiring, a receiving
terminal and cables matching the ones used by the telephone service
provider. These are not very difficult to manage and anybody who has a
flair for technology can use it to store the data. High-end technology
comes in the next level," said an officer.
Police suspect card fraudsters in Kolkata could be using the technology to

copy the data and send it to other cities in India and abroad. They have a
good reason to suspect this. In the last one year, such units have been
busted in Delhi, Jaipur and Hyderabad. "We heard about it and are
49
looking for effective measures to prevent wire-tapping," said Jawed

Shamim, deputy commissioner, detective department. Kolkata Police
could also take tips from south-east Asian countries like Thailand and
Philippines, where such rackets are active and where law enforcement
agencies have more experience in handling such crimes.
PNB Official involved in Bank Fraud of Rs. 2 Lakh
July 14, 2008
The cases of credit card frauds do not seem to end. Following the recent
case of an ING Vysya Bank employee, in partnership with others, duping
the bank of crores, a case has been registered against a Punjab National
Bank (PNB) in Chandigarh. Baldev Singh, who works as a cashier-cum-
computer operator in the Kurali branch of PNB, has been remanded to
police custody because of duping the bank to an amount of Rs 2 lakh.
According to the investigating officer, Ravindar Pal Singh, the accused
had first defrauded the bank of Rs 1.87 lakh; however, after he was
caught, he duped 2 more customers to the tune of Rs 1.1 lakh to clear the
bank’s liability.
The case had come to the Kurali police when the head of PNB,
Chandigarh Circle, had lodged a complaint against Baldev on March 10.
That day the bank had given Rs 8 lakh in cash to Baldev Singh to
disburse payments as cashier-cum-computer operator. However, he had
disbursed Rs 6, 12,700 but failed to deposit back the remaining amount of
Rs 1, 87,300.
50
After the bank authorities had initiated an enquiry against the accused, he
committed to the crime and agreed to pay back the defrauded cash.
However, on March 15, he once again siphoned off Rs 1, 00,500 from the
account of a customer, Balveer Singh. Further enquiry also revealed that
he had duped another customer, Beant Singh, of Rs 10,000 as he
withdrew Rs 15,000 from Beant’s account when the latter had come to
withdraw Rs 5,000.
UTI Bank: Phishing Fraud :
Recent fraudulent transactions through phishing resulted in loss of

over Rs 20 lakh for a customers.
Friday, June 08, 2007
The Economic Offences Wing, Crime Branch, Delhi Police, received a

complaint from the vice president, Operations, UTI Bank that many
customers of various UTI banks in Delhi, Vishakapatnam, Thane, Nasik,
and Ahmedabad received emails claiming to have originated from the
bank.
These emails included a hyperlink within the email itself, and a click on
the link took the recipients to a Web page, which was identical to UTI's
Web page. Some unsuspecting recipients responded to these mails, and
gave their login information and passwords. Later on, through Internet
banking, a large number of fraudulent transactions took place. These
transactions resulted in loss of over Rs 20 lakh for customers with bank
accounts in Delhi, Vishakapatnam, Thane, Nasik, and Ahmedabad.
51
An analysis on those phishing mails revealed that they had originated

from somewhere in Lagos, Nigeria. The UTI phishing site had lifted the
UTI logo as well as the Iconnect symbol from the original UTI site in
order to make the fake site look real. The fake site provided a 'click here'
option, which in turn took victims to a fake customer verification site
based in Austria. IP addresses of the fraudulent transactions indicated
transactions had been made from Nigeria, Atlanta and California.
Investigations:
Upon a complaint of the vice president, UTI Bank, a case registered and
taken up for investigation by a special team. Investigations revealed that
Sanjit Chowdhary, Account No 111010100023959 with UTI Bank,
Noida, had received a disputed credit entry totaling Rs 1.3 lakh through
Internet banking from the account of Lakshmi Narayan Sarkar of
Kolkata, who has an account at UTI Bank, Salt Lake, Kolkota, and from
the account of Makaran H Pundalik, who has an account with the
Standard Chartered Bank, Delhi.
It was further revealed that the misappropriated funds had been

transferred in the account of accused Sanjit Chowdhary. The police team
laid a trap at UTI Bank in Noida and the accused Sanjit Chowdhary, who
came to the branch to make enquiries regarding the inactive status of his
account, was arrested on December 7, 2006.On being interrogated, the
accused disclosed that he had received money in his bank account
consequent to phishing mails sent to various customers of UTI Bank.
Various transaction slips pertaining to the UTI Bank and ICICI Bank
52
were recovered from his possession. A scrutiny of these slips revealed

that Sanjit Chowdhary had withdrawn funds and deposited the same in
accounts of his other associates, who had accounts in UTI and ICICI
Bank at Mumbai and Trichy.
Till December 2006, a total of twenty complainants had registered their

complaints. All the six beneficiary accounts are in Delhi for these twenty
complainants. Further, ten complaints had been received by UTI branches
in Vishakapatnam, Ahmedabad, Nasik, and Thane, where the beneficiary
accounts are being maintained. An analysis of the accounts of the four
arrested Nigerian nationals revealed that financial transactions worth over
Rs 1 crore took place in an eight-month period.
.Survey Report
Findings:
According the survey conducted by me most of the customers know
about bank frauds. They have a computational idea of frauds taking place
in banks.
There are very few, those are not aware of bank frauds.
53
The survey also revealed the types of bank frauds that the customers
know about. The survey included ATM Fraud, Credit card fraud and
Online fraud.
The following is the graph revealed:
18-30yrs of age
30-60yrs of age
60yrs & above
Due to computerization banks facilities have increased. There has been

increase in frauds also. The following Graph shows the survey on frauds
increased or decreased due to computerization.
18-30yrs ofage
30-60yrs of age
60yrs & above
Following survey shows the number of customers those have experienced

the frauds in banks either through banks or by others.
54
Yes No
The suggestions that the survey reveal is that there must be some strict
actions take against the fraudsters. Banks should provide the necessary
information regarding the frauds that the customers can come across.
Awareness among the customers regarding frauds is must.
55
1) What are the major types of frauds conducted?

Phising, Forgery altered cheques, fraudulent loans application.
2) What are the general preventive measures taken?

There is a department which looks after fraud and their prevention
i.e. Risk Content Unit (RCU). They go through the fraud conducted and
take necessary steps. Know Your Customer (KYC) is an important tool to
prevent frauds in banks.
3) Do you think that computerization have increased frauds? Why?

No. Because due to computers there has been increase in work. A
work which would take 3hrs is done in 11/2hrs, thus providing better
service. More over out of entire customers 2% conduct frauds. Because of
this 2%, we can’t avoid providing better services to 98% customers.
4) Effect of fraud on banks?
The customers are affected. The banks reputation is shattered.
Many customers try to avoid the bank branch. Negative views are spread
to the customers.
1) What are types of frauds you have come across?

Property mortgaging in different bank with the help of duplicate
document, Money laundering, credit card fraud, Debit card fraud, DD
fraud Bill discounting fraud.
2) What are the measures taken against frauds?

i) Core Banking Solutions (EXEL report) to find out fraud.
ii) Know the Introducer while opening the account
56
iii) Account should not be opened those coming with DD,

Cheques.
iv) Internal Checking’s
3) What are the steps taken after the fraud is detected?

Several steps are taken:
In case of Accounts fraud higher authority is reported.
In case of cash authority is consulted and if necessary FIR is registered.
4) How a customer can be made aware the frauds they can come
across?
Customers are asset to the banking company. They can be made
aware through E-mails, Advertisements, Posters, etc.
`5) Which frauds are more conducted Internal or by others?

Most of the frauds conducted are by others. Whereas, internal fraud
can be controlled through strict supervision, daily check of the
documents, etc. External frauds are threat to the public as well as banks.
57
Chapter:- 7 SURVEY FORM

SHRI CHINAI COLLEGE OF COMMERCE AND ECONOMIC
NAME: - AGE:-
CONTACT NO: -
Survey for Project on Frauds in Indian Banking Sector
1) Do you know about Bank Frauds?
Yes No
2) Are you aware of any of the following type of fraud?
ATM fraud Credit Card Fraud Online Bank Fraud
All of the above None of the above
3) Do you think Frauds have increased due to online technology?
Yes No
4) If Yes/ No Why?
58
5) Have you come across any bank frauds?
Yes No
6) If yes, which fraud and through which bank?
Suggestions if any:-
Project Guide:-
Vinod Nayak By:
Signature- ___________ s. vishal
Lakhani
TyBBI
Roll no
59
 PROTECT YOUR ACCOUNT:
IF you are using Internet Banking or any other online account, please
read below on how to protect your account.
 Never respond to e-mails that request personal information.
 Keep your password top secret and change them often.
 Make your password difficult to crack.
 Never use cyber café to asses your online accounts.
 Keep your computer secure.
 Check the website you’re visiting is secure.
 Validate SSL certificate.
60
Chapter:-8 Abhyudaya Co-operative Bank Ltd
Is an urban multi-state Cooperative banking institution based in

Maharashtra, India and operating as a co-operative bank since 1965.[2]
Contents
 1 History
 2 Branches
 3 Acquisitions
 4 See also
 5 References
 6 External links
History
In the year 1964 several social workers and activists came together and
formed Abhyudaya Co-operative Credit Society Ltd with a relatively
small share capital of ₹5,000 (US$74).
Within a short period of time Abhyudaya Co-op, Credit Society got
converted into an Urban Co-operative bank.[3]
In June 1965 Abhyudaya Co-operative Bank Ltd was finally established
as a full-fledged co-operative Bank.[3]
It was conferred with Scheduled bank status by the Reserve Bank of India
in the year 1988.[3]
On 11 January 2007 the Bank was registered as a multi-state co-operative
bank by the Central Registrar, New Delhi.[2]
Branches
61
It has branches in Metropolitan Mumbai, Navi Mumbai, Pune, Thane,

Raigad, Nagpur, Nashik, Nanded, Kankavali and Aurangabad in
Maharashtra State, Vadodara and Ahmedabad in Gujarat State, Udupi and
Mangalore in Karnataka State.
The area of operation of the bank is confined to 3 States
 Maharashtra
 Gujarat
 Karnataka.
The Bank further proposes to extend its area of operation to other

States.[3]
Abhyudaya Co-operative Bank Ltd has 111 computerized branches in

India. [4]
62
CHhapter:- 9 REVIEW OF LITERATURE
In this chapter a review of relevant literature, particularly that relating to

performance analysis of banks in India, risk management in banks and
allied areas is attempted. This is followed by research gap, what remains
to be done to bridge the gap between the available literature and what is
really required at present to address the relevant research problem.
2.1.Major Studies on Banking in India and Their Findings: an Overview
Aggarwal, (1979)1, has conducted a study on nationalised banks with

special reference to their social obligations. The main recommendations
of the study were: (i) providing more branch office to the public
particularly in the semi-urban and rural areas and in the lead districts, (ii)
providing greater credit facilities to the public as well as to the priority
and neglected sectors, (iii) helping generation and maintenance of
employment opportunities in the country, (iv) financing the government
securities and (v) popularizing the bill form of credit.
Amandeep, (1983)2, studies various factors which effect the profitability

of commercial banks with the help of multiple regression analysis. She
has tried to determine the share of each factor which determines the
profitability of commercial banks. The trend analysis, ratio analysis,
multiple regression analysis was effectively used to know the profitability
of commercial banks
Adhivarahan, (2001)6, in his research article has attempted to study the

provisions of ‘Information Technology Act 2000 and its implications on
the functioning of banks. The study has pointed out that the number of
63
incidents of e-fraud and on-line breaches is the highest in India. As such,

instances of cyber crimes in banking sector have to be treated with utmost
care. For this purpose, it has been suggested that a statutory body similar
to ‘Internet Fraud Center’ in the United States has to be formed in India.
Birla Institute of Scientific Research (1981)7, has conducted a study to

evaluate the performance of nationalized banks in comparison with that
of banks in private sector. The emphasis has been on the objectives of
nationalization and their achievements, relative performance of private
sector banks and nationalized banks since 1969 and the effect of
nationalization on rest of the banking sector. The study has revealed that
the growth and development in banking after nationalization has been not
just because of transfer of ownership. Rather, it has been because of
various incentives and punitive measures that were implemented with
more vigilance and care after 1969 by the Government and the RBI to
make banks fulfill their social responsibilities. Similarly in the same
spheres even better results have been achieved by non-nationalized banks.
The performance of private sector banks in the post-nationalization era
has been noteworthy, especially because of the odds that they faced in
securing the growth of the business. The achievement of significantly
high growth in deposits, advances, and branches etc. has clearly shown
the high quality of entrepreneurship and management of these banks.
64
 BIBLOGRAPHY
 www.google.co.in
 www.yahoo.com
 www.fraudsinindianbankingsector.com
 "FINANCIAL RESULTS". Abhyudaya Bank. Retrieved 2013-09-
11.
 "Abhyudaya banks on technology". thehindubusinessline.
Retrieved 2012-10-11.
 "Success Story of Abhyudaya Bank". Abhyudaya Bank. Retrieved
2012-10-11.
 "Find IFSC Code of Abhyudaya Bank". allifsccode.com. Retrieved
2015-06-19.
 "Abhyudaya Bank takes over Citizens Co-op". economictimess.
 "Another Gujarat bank now has Maharashtra ownership".
indianexpress. Retrieved 2012-10-11.
 "Abhyudaya Co-op to acquire A`bad bank". Business Standarad.
 "Abhyudaya Co-op to acquire three banks". financialexpress.
65
 Conclusion:
The Indian Banking Industry has undergone tremendous growth since

nationalization of 14 banks in the year 1969. There has an almost eight
times increase in the bank branches from about 8000 during 1969 to mote
than 60,000 belonging to 289 commercial banks, of which 66 banks are in
private sector.
However, with the spread of banking and banks, frauds have been on a
constant increase. It could be a natural corollary to increase in the number
of customers who are using banks these days. In the year 2000 alone we
have lost Rs 673 crores in as many as 3,072 number of fraud cases. These
are only reported figures. There were nearly 65,800 bank branches of a
total of 295 commercial banks in India as on June 30, 2001 reporting a
total of nearly 3,072 bank fraud cases.
The most important feature of Bank frauds is that ordinarily they do not
involve an individual direct victim. They are punishable because they
harm the whole society. It is clear that money involved in Bank belongs
to public.
There must be certain preventive and curative measures to control frauds.

The higher authority of bank must follow strict rules against such
fraudsters. The various new technologies must be adapted by the bank to
overcome such frauds.
Thus, a fraud is the game of two, the rule makers and the rule breakers.
Fraud is a phenomenon that cannot be eliminated but can be managed.
66
67

Chapter:-1.Introduction: Frauds in Indian Banking Sector

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Chapter:-1.Introduction: Frauds in Indian Banking Sector

Caricato da

Copyright:

Formati disponibili

Frauds in Indian Banking Sector

EVOLUTION OF BANKING SYSTEM IN INDIA:

Banking system occupies an important place in a nation’s economy. A

A sound banking system should possess three basic characteristics to

(i) a fraud free culture,

Section 5(b) of the Banking Regulation Act, 1949 defines banking as

Fraud is defined as “any behavior by which one person intends to gain a

1.There must be a representation and assertion;

A false representation of a matter of fact — whether by words or by

In law, the deliberate misrepresentation of fact for the purpose of

assumption of someone else's or a fictitious identity with the intent to

While the operations of the bank have become increasingly significant,

Frauds in deposit accounts take place by opening of bogus accounts,

1. Active involvement of the staff-both supervisor and clerical either

Chapter:-2 Mechanics of bank frauds:

Wire transfer networks such as the international interbank fund

A rogue trader is a highly placed insider nominally authorised to

Unfortunately, when one investment loss is piled onto another, the

4. Forged or fraudulent documents:

There is a very high risk of fraud when dealing with unknown or

6. Demand draft fraud

Demand draft fraud is usually done by one or more dishonest bank

7. Forgery and altered cheques

Instead of tampering with a real cheque, some fraudsters will attempt

Some fraudsters obtain access to facilities handling large amounts of

In order to hide serious financial problems, some businesses have been

10.Bill discounting fraud

Essentially a confidence trick, a fraudster uses a company at their

profitable customer. To give the illusion of being a desired customer,

Cheque kiting exploits a system in which, when a cheque is deposited

Deposit Rs.1000 in one bank, write a cheque on that amount and

In-transit or non-existent cash is briefly recorded in multiple accounts.

A cheque is cashed and, before the bank receives any money by

Some perpetrators have swapped checks between various banks on a

12.Payment card fraud:

Credit card fraud is widespread as a means of stealing from banks,

It is feared that with the expansion of E-Commerce, M-Commerce and

A booster cheque is a fraudulent or bad cheque used to make a

amount of the cheque is credited to the card account by the bank as

ii) Stolen payment cards:

A variant of this is to copy just the credit card numbers (instead of

iii) Duplication or skimming of card information:

This takes a number of forms, ranging from a dishonest merchant

Some thieves have surreptitiously added equipment to publicly

13.Empty ATM envelope deposits:

A criminal overdraft can result due to the account holder making a

Impersonation has become an increasing problem; the scam operates

as "social security numbers" “PAN numbers” are also valuable to the

Information may be obtained from insiders (such as dishonest bank or

In some cases, a name is needed to impersonate a citizen while

Unsurprisingly, the perpertators of such fraud have been known to

15. Fraudulent loan applications

These take a number of forms varying from individuals using false

Some corporations have engaged in over-expansion, using borrowed

assets, sales or income to appear solvent even after becoming

16. Prime bank fraud:

The "prime bank" operation which claims to offer an urgent, exclusive

17. Phishing and Internet fraud:

Phishing operates by sending forged e-mail, impersonating an online

Phishing means sending an e-mail that falsely claims to be a particular

benefit.Phishing uses 'spoofed' e-mails and fraudulent Web sites that

18. Money laundering