In an interesting fraud a Mumbai based cooperative bank found that Rs 1.05 crores was fraudulently transferred out of its account with another public sector bank by fraudulent RTGS transfers. TOI report
The amount has been transferred to 12 different accounts and withdrawn as it happens in all phishing cases.
The incident highlights the security vulnerabilities in the banking system and possible insider involvement besides KYC failures.
I would like to highlight here a suggestion I had made to RBI regarding imposing fines on the erring collecting bankers who failed in their KYC to generate funds for a “E banking Security Guarantee Scheme” by which the victims can be immediately compensated.
In the instant case since the transfers have been through RTGS the average amount transferred per account is close to 10 lakhs.
The incident also highlights how the higher “per transaction limit” increases the risk. It is for this reason I have been advocating that in the case of individuals, per transaction and per day limit of transfer should be kept low to reduce the risk of such frauds though in the instant case since the victim is a Bank, no such limit could have been chosen.
So far we have been fighting the case of individuals vs banks and there have been an unholy alliance between bankers to bully the victim customers into submission and absorb the losses. Judicial authorities such as “Adjudicating Officers in Karnataka, “Cyber Appellate Tribunal” have failed to protect the interests of the people. DIT has failed to keep the cyber judicial system in operating condition and preventing victims from getting any relief.
It would be interesting to see how RBI reacts to this incident where one bank’s interest is pitted against other banks. The action taken in this case would be a good precedent to other cases.