I recall the earlier article on this issue published on December 6, 2024
The digital arrest scam has now caught the attention of the Supreme Court (Refer the status of the case here:) which has taken Suo Moto cognizance of the issue and initiated an enquiry. It has directed CBI to investigate and has also appointed a senior advocate Ms Nappinai as Amicus Curiae to submit a report. Others are requested to submit their views to the Amicus Curieae. (P.S: contact information available in the order)
Naavi has been consistently advocating that the intermediary Banks who facilitate such crimes. In the case of S.Umashankar Vs ICICI Bank, Naavi who argued for the victim under a POA, was able to get orders from the Adjudicator of Tamil Nadu, TDSAT and also the Madras High Court that the liability of the phishing loss had to be borne by ICICI Bank for various reasons including maintenance of the mule account and lack of due diligence.
During the course of the 14 year long fight after the Adjudicator’s decision, Naavi had requested the DGP of Tamil Nadu to take up criminal prosecution against ICICI Bank which they failed to do. After the TDSAT decision, Naavi had visited ICICI Bank headquarters in Mumbai and requested the legal head to settle the matter without going for further appeal. But the Bank refused. Finally the Bank relented after Madras High Court also upheld the earlier decisions that ICICI Bank as an intermediary was liable under Section 85 of ITA 2000 read with Section 43 (at that time section43A was not available).
The TDSAT had even made an observation that under Section 43(g) of the ITA 2000, the negligence of the Bank could be considered as “Assistance” for contravention. Earlier the adjudicator had also held that “Not using Digital Signature in Bank-Customer email communication” was a material negligence causing the phishing.
Subsequently there have been a few decisions in which Intermediary banks and Mobile service providers have been held liable for some Bank frauds involving negligence of the intermediaries.
The SC in the current case on digital arrest has also flagged the role of Bankers who seem to have around 8.5 lakh mule accounts.
During my discussions with ICICI Bank in the Umashankar case, the Bank official had confided that they cannot agree to settle the case since they had more than 40000/- such cases at that time and it would create a bad precedent if they settle the case in one instance. I am therefore not surprised with the 8.5 lakh mule accounts which are all accounts that are part of the fraud.
It is clear that no monetary fraud whether it is phishing or digital arrest or UPI can succeed except with the collusion of one Banker for the fraudster. Under ITA 2000, they must be considered as intermediaries and made to take the entire liability without demur. Even when a remedy is available to the Bank in the form of Cyber Fraud insurance they prefer to litigate since the capability of the customer to fight the long legal battle is low and the premium for the next year may go up if some claims are settled.
In the Umashankar case we had made the Chairman of ICICI Bank, Bank managers of two Banks and the CISO a parties responsible for negligence. But the Courts as well as the Police did not take proper cognizance of their role as conspirators by negligence.
Now in the Digital Arrest case the losses have been astronomical and has rightly attracted the attention of the Supreme Court. We need to bring a final solution to prevent the Bankers and the RBI creating a fertile ground for cheating without assuming responsibility.
In the Uma Shankar case, I had visited RBI head office to request that the license of the branch which colluded in the fraud should be cancelled. Unfortunately the RBI officials did not consider the request.
Even now RBI is not concerned on the frauds and we have pointed out that opening digital banking account for Minors is another new door opened for frauds.
I had suggested that these Digital arrest scams happen because the victims are subjected to a kind of Cyber hypnosis induced by fear and hence are not liable for the loss even if they had themselves handed over the money. It is like the case of armed dacoity where a victim does things at the behest of the robber for fear of life. Law recognizes that such acts are void ab-initio and hence the fraudulent transactions are to be reversed.
In the recent days a few instances of alert Bankers preventing the frauds by properly advising the customers have come to the fore indicating that if only Bankers were vigilant they could have prevented most of these digital arrest frauds.
Currently Police are not handling things properly and are actually harming more innocent persons through the wrongful freezing of accounts creating one more problem.
I wish the Supreme Court takes a holistic view of the case and initiates the following procedure.
- In all cases where the police cannot establish a fraudulent link between the victim and the beneficiary of the fraud, he must be presumed innocent
- In all cases of presumed innocence of the victim, the Bank from which payment has been made to the fraudster should be considered as primarily liable.
- The Bank from which customer has lost money must demonstrate its own vigilance and ensure stop payment of the distribution at the destination banks as soon as it becomes aware of the complaint.
- RBI should ensure that in both UPI, Internet Banking transfers, the right to stop payment prevails to the last second before which the payment is made at the destination.
- Whenever the victim’s Bank fails to act on the complaint stating that an FIR is required etc., the Bank must be held jointly and severally liable for the loss.
- Whenever any fraudulent telephone account is involved as in the case of all Digital Arrest scams, the Mobile Service Provider must be held accountable for having issued SIM cards to the fraudsters without proper verification.
I hope this petition would lead to some lasting improvements in the Digital Banking Systems.
Naavi
