Header image alt text


Building a Responsible Cyber Society…Since 1998

After the PNB Fraud in which over Rs  11400 crores are suspected to have been lost came to light, many other frauds are slowly tumbling out the closets of E Banking.

Leaving aside the fact that the lenders of different Banks who lent money to Mr Nirav Modi and Mehul Chokshi failed to check the “End Use” of funds and allowed renewal of LOUs without checking the previous utilization and need for extension, it was also realised that PNB had even allowed the Nirav Modi employees to directly access the SWIFT messaging system of the Bank.

The system of the Bank was so configured that SWIFT system could be accessed from outside the banking network. The operating officials of the Bank gave away passwords of multiple officials  to the Nirav Fraud team.

The system had no control that could detect that the log in was from outside the Bank’s network, multiple passwords were entered from the same computer and the messages did not reflect in the CBS system, nor created vouchers for commission or margin collection.

This was a gross failure of the Bank staff and the information security configuration of the systems.

It is true that any IS control can be defeated if the employees are dishonest. But still, the system design should be such that even if some of the employees are dishonest, the fraud should be detected, if not for the first time, in subsequent times.

Unfortunately the creators of the software in Infosys who sell FINACLE and supply it to a number of Indian Banks, are not aware of the intricacies of Banking transactions and how frauds could be committed. Hence their design is a faulty design and Banks are saddled with this defective product.

Now yet another fraud has come to the open in State Bank of India, Chennai where also it appears that the passwords of the Bank staff has been used by an outsider to divert over Rs 3.2 crores of money (Refer article here) meant for purchase of Cars as an unsecured cash advance which was used for funding a Film production. Here again, the security configurations of the CBS software has failed to recognize that Cars were not purchased, money was not credited to a Car dealer’s account, documents such as RC book etc was not submitted, asset inspection did not take place etc.

In all such cases, it is clear that it is not only the Software that failed, but also the internal audit system.

It is high time that Indian Banks rethink on how their “Internal Auditors” are equipped to conduct audits in the Computerized environment.

If internal audit cannot identify this new generation of Bank frauds where the customer himself is given access to the Bank’s systems to design his own loan sanctions, create approvals of several layers of bank officers and take the money out, then there is no need for such audits.

Where such “Self Loans” are used in the “Kite Flying Mode” and repaid with a roll over loan, it is very difficult for normal audit processes to find out the anomaly. There is definitely a need for Computer Assisted Audit techniques either with in built features of the core banking software or through specialised audit tools.

FINACLE Strengths and Weaknesses

The Banking software like FINACLE which costs a fortune for the Banks should have an inbuilt, non-tamperable audit module that should be effective in preventing such frauds to continue beyond the first couple of occurrences if not the first time.

FINACLE boasts of an Audit module as part of its system but it is clear that it has failed in the context of not only PNB Brady Branch but also SBI Chennai branch and in the many other similar cases that have come to light now.

If the Indian Banking system is in doldrums today, a large part of that responsibility should be boarne by the CBS software suppliers who have supplied defective products to the industry.

RBI has failed to subject the software itself to an audit of IDRBT which is mandatory and hence part of the responsibility for the use of defective software lies on the RBI also.

While checking on the Audit capabilities of FINACLE, I came across an article describing the audit capabilities of FINACLE.

Some key FINACLE menus and their use for an auditor has been described in this article. Some of them are briefly reproduced here.

  1. Account Leger Enquiry (ACLI)
  2. Customer Account Leger Print and Office Account Ledger Print (ACLPCA and ACLPOA)
  3. Audit File Inquiry (AFI)
  4. Average Balance (AVGBAL)
  6. Customer Master Inquiry (CUMI)
  7. Report on Expiring Documentary Credits (DCEXPLST)
  8. Query on Documentary Credit (DCQRY)
  9. Exception Report (EXCPRPT)
  10. Generate Report (GR)
  11. Financial Transaction Inquiry (FTI)
  12. Accounts Due for Review (ACDREV)
  13. Inward/Outware Remittance Maintenance (IRM/ORM)
  14. Outstanding Items Report (MSGOIRP)
  15. NPA Report (NPARPT)
  16. Letter of Acknowledgement of Debt Report (LADRPT)
  17. Loan Overdue Position Inquiry (LAOPI)/Ttemporary OD Report (TODRP)
  18. Print Reports (PR)
  19. Guarantee Issued Liability Register (GILR)
  20. Partywise Overdue Packing Credit (POVDPC)

The above list indicates that there should have been several reports that should have thrown up audit queries in respect of PNB Fraud as well as the SBI Fraud.

Now what we need to check is why did the discrepancies were not thrown up by the audits?

The reasons could be many.

  1. First reason could be that no audit was at all conducted. In PNB we are told that RBI did not audit the branch for more than 9 years. It is not clear if the internal audit was also bypassed. If so was there any declaration in the annual reports to the share holders providing the list of branches which were not audited for the last 1/2/3 or more years?
  2. If an audit was conducted, it is possible that the auditors were not aware of all these modules andhow to use them appropriately
  3. Perhaps there was lack of adequate training of  the auditors.
  4. It is also possible that FINACLE comes with some base module that does not include all features and a higher priced module that may include additional modules and the Bank could have not taken the full module for cost considerations.
  5. It is also possible that the FINACLE system itself might not be able to properly analyze the data in the above modules though it may create some printable reports.

Need for Data Analytics in Audit process

Computer Assisted Audit Techniques that are essential for proper auditing of any Computerized data environment requires a capability to

a) Acquire data of different types from across the network available in different platforms and collate it into a common platform for analysis

b) Extract, Classify and Re-classify data into different groups which create new meanings not visible in the direct report

c) Search data across multiple categories and filter them against some specific risk identifying algorithms

d) Use known statistical methods such as Benford law to check on potential frauds

e) Use Forensic audit tools to discover evidence that has been buried by the fraudsters

f) Use “Checking of Controls” as a part of the audit including the Information Security controls such as “Access Control”, “Log Analysis”, “Incident Management System” etc.

It is clear that the current Internal Audit process in Banks is not equipped to conduct an audit outside what reports are submitted by the Branch to the auditor. If the Auditor audits only what the auditee wants him to see, then the value of such audit is low. Perhaps it is what statutory auditors do. But Internal auditors have to go beyond checking the arithmetic accuracy of the transactions and go into an in-depth fraud possibility analysis.

Cost and Training Hurdle

In examining the solutions that the Auditors could use, it was observed that the tools normally considered as reputed “Computer Assisted Audit Tools” or CAATs are prohibitively expensive and require a rigorous training both of which seem to create a hurdle for Banks.

However, it is possible for RBI to equip itself with such tools (ACL, IDEA, ARBUTUS etc) and use it in its audit as a starting point. Other Banks may start using it depending on their size. Obviously the larger Banks donot have any constraint on budget nor ability to train the auditors, But smaller Banks may have a problem.

I therefore suggest that smaller Banks create a “Technology Resource Pool” in a “Centralized Fraud Investigation Center” which should be equipped with such tools and talent and conduct audits of member Banks as a service.

I hope RBI will take such steps to ensure that in future the audit system is strengthened to such an extent that the frauds such as what we are now seeing does not go undetected before it balloons into a huge scam.


(P.S: I have been an ex-Banker and therefore may not be fully aware of the current situation in the Banks about how audits are conducted in the Computerised environment.

But looking at the frauds that are surfacing, it is clear that the system is not working properly and hence some of the observations made above may be true though I may not be able to give evidence of the same. If we want to clean up the Bank system, Bankers need to do a self evaluation of their systems and check if some of the points made here are relevant or not.

I invite comments and suggestions on how to improve Audit systems in Banks in the computerized environment… Naavi)

After the surfacing of the Nirav Modi-Mehul Chokshi scam in PNB, media is on its own interpretation some of which are politically motivated and some are born out of lack of information. According to NDTV and some other media, the loss may be over Rs 20000/- crores. Rahul Gandhi who may think he belongs to the Mahatma Gandhi family but he is still struggling to distinguish if Nirav Modi is the cousin of Narendra Modi. Mr Singhvi is caught in the “Unaccounted Money” allegations. The Alpha files and deep throat are also in the fray making this a great time for TRP oriented media.

Negligence in Banking is universal

The Dinesh Dubey revelations may appear sensational to Mr Arnab Goswami but the fact that Bank Boards are manipulated by the politicians is well known. The UPA Government which had mastered the art of making money by exploiting the land, see, air and even the spectrum, could not have missed an opportunity to take money directly from the Bank. Hence if Mr Narendra Modi says that when he took over, NPAs were more than 126000 crores and he could not have publicised it without hurting the industry, it does not come as a surprise to observers like us. From the old Indian Bank fraud to Harshad Mehta Fraud, we have seen enough of frauds in the Banks to believe that if Digital Banking is indiscriminately promoted, fraudsters will make merry.

If Global Bankers have a system where by  SWIFT message from a deputy manager of a Bank can be used to lend Thousands of Crores to one company by several banks, then the problem is that Digital Bankers of the day donot know the Risks inherent in Banks. This includes even the wisemen in RBI who are good paper pushers.

Naavi.org had its own share of “Dooms day predictions” in Banking and there are plenty of articles in the past highlighting a day of this nature when Cyber Frauds or Frauds in the Cyber Banking scenario could be huge enough to wipe out even big Banks.

For a long time we have held that RBI has no control over influential Commercial bank Chairmen. We have stated this in the context of ICICI Bank, State Bank of India, PNB and  Axis bank where we had observed frauds, brought it to the notice of RBI and found no action was taken. We had even demanded that some branch licenses of ICICI Bank and PNB should be suspended as a deterrent. Some of these Chair persons have held influential positions in IBA which has been more powerful than RBI. Hence many security guidelines of RBI are simply ignored by IBA and RBI has done nothing to enforce its authority.

As a result, the negligence and apathy in the Banking industry continues. Security is always subordinated to profits and hence we see weak IT systems and opportunities for frauds increasing by the day.

Yesterday, City Union Bank has also been confronted with the SWIFT fraud in which three fraudulent remittances seem to have been attempted. One of this has been prevented. One more may be retrieved quickly. Other may require some effort. But the fact that CUB faced the same problem which Bank of Bangladesh suffered long ago shows that our Banks donot learn lessons.

There is presently no doubt that officials of PNB were involved in the fraud to favour Nirav Modi-Mehul Chokshi. They might have been pressurized politically at the Chairman level. It is only when Mr K.R.Kamat the former Chairman of PNB is queried about some of these transactions, that the truth may come out.

In this confusion, we should not forget that it is not only PNB that should be hauled up, but each of the Banks which gave funded loans to Nirav Modi-Mehul Chokshi firms based on a SWIFT message from a junior officer without following the 90 day RBI norm or examining the end-use of funds and feasibility of the operations.

As Mr Dinesh Dubey’s statements indicate, there was political conspiracy where by multiple Bank Chiarmen were made to provide funded loans against the PNB’s LOUs. Hence all these Banks are part of the conspiracy to siphon off Rs 11000 crores or whatever amount we finally end up with as the loss in the funded accounts. It is for this reason that RBI should not force PNB to take all the liability and leave out the other Banks from the conspiracy. If this is forced, it would mean that RBI itself would be guilty of abetting the fraud.

The other independent Directors who were complicit with these frauds should also be questioned in each of these Banks.

The contribution of Finacle sofware

Another neglected aspect is the Company that is responsible for the Core Banking Software used in Indian Banking system which happens to be our beloved Infosys. The system is FINACLE. After the few PNB phishing frauds that I had come across, I have raised my voice against FINACLE not being Cyber Law Compliant. Now this PNB fraud indicates some of the systemic weaknesses in the Finacle software.

I am sure that my friends in Infosys will immediately object to my drawing their name into this controversy. When I objected to Finacle Marketing chief hailing it as a platform for Bitcoin usage, I had many of my friends displeased. But the reason why Infosys should find itself reviewing its own contributory role in this Banking fraud is because it appears that the software is not built by design to prevent such frauds.

Software developers may conveniently say that it is for the software user to provide specifications and the developer will provide a solution as desired. If the solution facilitates frauds, it should not be the responsibility of the software developer.

They may say that “Releasing a Software with Bugs is their right” and what conventional Bankers like the undersigned may dub as “Fraud friendly specifications”, is the responsibility of the Bank using their software.

I am aware that in the past developers of the Accounting software “Tally”  telling me that some security features in the software was deliberately removed in subsequent versions because the users wanted “Flexibility” in the accounting. The flexibility wanted by the users was the ability to manipulate accounts so that false accounts can be created without the log system capturing the manipulations. This facilitated a fraud in an Exporter’s firm in Chennai in whose investigation, I had participated. Tally succumbed to this marketing pressure and fell into the practice of “Customization for Customer Convenience”.

It is possible that Infosys might be in the same situation where for commercial reasons, they have to configure FINACLE to facilitate convenience even though it makes it easy for fraudsters to misuse the system.

Today everybody is asking why The PNB’s SWIFT messaging system works outside CBS.

If certain messages sent out of SWIFT creates liabilities (contingent or otherwise) for PNB, and has to generate a corresponding “Margin Money Demand” and “Guarantee Commission Credit”, then FINACLE should have ensured that the messages are generated only from within FINACLE only.

If PNB officials did not want it this way, Infosys should have documented the request with the reasons. If Infosys developers were aware of “Banking” in depth, they would have immediately sensed that the request is made only to keep a “Backdoor for fraud” that can be exploited.

Infosys failed to show the commitment to prevent a “Fraud Friendly Configuration” to prevail which could hurt the society.

I would be happy to receive a clarification from the FINACLE team if my conjecture is wrong. I would expect Mr Nandan Nilekani to order a review of the security features of Finacle without restricting the definition of security to only the CIA principle of technical security but extending it to “Security of the underlying business which the software supports”, which is the “Total Information Assurance” principle.

Role of Auditors

We can now shift our attention to the auditors and Information Security department of PNB. Should they not have seen the “Vulnerability” in the CBS system and flagged it as a risk?.

Probably these are auditors did not understand how the IT system of Financle could be misused. Even if they were not IS experts and had to believed the management statements, the nature of financial transactions, the 365 day window provided for the LOUs, the frequent roll overs etc should have given them the clue.

Internal auditors who should be Techno Banking specialists also failed to note the suspicious patterns.

I am sure that SWIFT messages are separately audited and at least it should have been reconciled with margin money and guarantee commission account which the auditors ignored.

The Board which should provide an annual declaration under clause 49 of the listing requirements in the annual report stating that there are “Adequate Controls and the correct financial statements are reflected” have made false statement for which the entire board of directors are responsible.

The same questions of internal controls of auditing failures applies in each of the other Banks who are today claiming that they trusted the LOU of PNB and blindly paid out money in thousands of crores to beneficiaries. We are not fools to accept this argument.

I consider that the issue of loans by all these Banks under circumstances where the business feasibility was doubtful and known norms flouted, is a prima-facie evidence of the involvement of employees/Directors/CMDs in all these Banks (6 or 32?) in a great Banking fraud conspiracy.

CBI must enquire all these employees starting with Allahabad Bank Board members on whom specific information is now available.

Demoralization Effect

As an ex-banker, I am aware that this fraud which cuts across many Banks will have a demoralizing impact on the employees when CBI extends it’s net wide. We have seen this happen after the Indian Bank fraud surfaced two decades ago.

It is for this reason that Media should stop creating panic and putting pressure on BJP Government. Instead, they should try to instill confidence in the public that what the Government is trying to do is a very sensitive operation and has to be done discretely.

While the anti national forces which includes the present version of the Congress party would like to create more confusion with its demand for JPC so that the thieves can themselves be the judges, Government of India should resolutely move towards cleaning up the mess. Less they talk, better it is.

Only one word of comfort from Mr Arun Jaitely or Narendra Modi that proper action would be taken should suffice. All the spokes persons should stop talking on this scam even if they are tempted to do so because of the utterances of the opposition. The “Professional Panelists” like Sumant Sriram et.al, should be kept out of the channels for some time so that a sense of responsible reporting returns to the media rather than shouting for political gains.

In the process,  we need to root out corruption in Banking and ensure that the future of Banking is saved. Let more heads roll and more bodies go behind the bars. It will be in good cause.

Indian Banking system has many honest individuals who can raise to meet the challenge, fill the void even if 25% of the top management in Banks are removed and manage the turmoil. All the independent directors of the 6-32 Banks who were complicit in the conspiracy should be removed forthwith and brought into the enquiry process.

This will have its share of demoralization in the industry. But it will spur the honest Bankers in the next level to work more honestly than before and restore the Banks back to health.

This is like the Kargil fight. We might have lost the battle but let us fight to win the War. Just as in the demonetization days, the public supported Mr Narendra Modi, they will support him even now.

Let’s therefore tighten our seat belts and let Mr Narendra Modi shake up the Banking system.

May be the above ad from PNB on its home page is meaningful in the current context.

P.S: It is now reported that Level 5 password for SWIFT which only AGMs could use was shared by Mr Shetty who was a deputy manager with the officials of Nirav Modi so that they could issue their own LOUs.

This means that the password was first shared by the AGM with Mr Shetty and the system was not configured to link the hardware ID from which the SWIFT could be accessed. Normally the adaptive authentication system should prevent logging in to SWIFT except from a designated computer. The IT Manager, the IS manager, the AGM himself all deserve to be put to jail for giving away the key to the strong room to the fraudster.

If the software had been designed with this possible use case in picture, such logging in would not have been allowed even if the fraudsters had come to Mr Shetty’s cabin and operated his computer since the AGM’s password should have been linked to his computer.

It also means that there was no digital signature or biometric authentication either to the SWIFT application or to the computers authorized to access SWIFT application. (Refer India Today article)




RBI is making a mistake in the PNB fraud case

Posted by Vijayashankar Na on February 15, 2018
Posted in Cyber Law  | Tagged With: , , , | 1 Comment

As expected, media is crying as if Rs 11500 crores have been lost by PNB. Congress as expected is talking as if it is not Nirav Modi who is in question but Mr Narendra Modi himself. Both may be excused for their ignorance and need for TRP.

However, I am surprised that RBI has come out with a statement which is in my opinion legally incorrect.

Normally when letters of guarantee are issued, they are issued on stamped papers and with an understanding that the beneficiary will be “Paid without demur”. RBI is therefore saying that PNB should pay all the liabilities without contesting.

However , PNB Chairman has rightly stated  in his press conference that the bank would repay only bonafide claims.

I fully agree with the contention of PNB that they should not make payment blindly to anybody who makes a claim as beneficiary of the guarantee. They should challenge the claim since there is a “Notice of Defective Title” to the beneficiary and PNB is bound to exercise caution.

In this case, the lenders are supposed to have financed some valid business proposition with the letter of comfort as a collateral security. No Bank is supposed to treat a letter of guarantee as just an endorsement of a cheque and make payment just like that. If after this the venture fails for some reason and the cause of action for which the letter of guarantee was issued arises, then only the guarantee can be invoked and the issuing Bank is obliged to pay.

If the beneficiary is Nirav Modi’s own firm or there are other reasons for which the transaction for which the lender disbursed money was not justifiable for business purposes, then the transaction is prima facie suspect and the beneficiary himself can be considered as an accomplice to defraud PNB.

The forged letter of undertaking should be considered as a “Nullity” and not an “Authorized instrument that can create liability”.

If PNB can prove that the beneficiary had reasons to believe that the transaction is suspicious, then PNB would not be liable to pay.

Share holders of PNB should therefore object to RBI’s instructions which is meant to protect the other Banks which actually had a direct contractual relationship with Nirav Modi’s beneficiaries while PNB itself is a victim of the fraud committed by its own officers.

We can accuse PNB of negligence but it is for another day and for another argument . It does not give license to other banks to accommodate Nirav Modi beyond his genuine business requirements and claim protection under the guarantee. The Guarantee would be valid if the beneficiary had taken the decision to lend as if there was no collateral in the form of the guarantee.

Further PNB should immediately revoke its guarantee and if there is any claim by any beneficiary, the beneficiaries may be asked to raise their claims with full particulars of how the lending decision was taken. It can then evaluate genuineness of the claims and decide the course of action.

At this point of time we donot have the actual text of the document and hence we donot know whether it was transferable and could be discounted with secondary lenders or whether any transfer was required to be registered with the PNB, whether there was a time limit for validity and the claim, etc.

I suppose the press will get these details shortly but RBI should let PNB handle its liability without jumping in to protect other Banks like Allahabad Bank or State Bank of India.

If the liability gets divided with 30 Banks it may be fine. No single Bank will take a big hit. In future RBI should insist that the beneficiary should register his claim within a reasonable time after the guarantee letter is submitted to him and that would avoid situations like this.

The Swift system should provide for digital signature of such transactions and the digital signing should be registered automatically in the Core Banking System so that frauds like this cannot happen. Finacle as a CBS software should integrate the Swift messages with the CBS so that every SWIFT message is generated from within the Finacle system and duly recorded for audit at the Central office level

Since it is stated that more than Rs 6500 cores worth assets have already been confiscated, and the lenders will have additional securities available to them, a substantial part of the actual losses may be fully recovered.

Hence neither RBI nor the media need to sensationalize this scam. The officials however need to be punished for the fraud.


PNB Fraud of Rs 11500 crores was waiting to happen.

Posted by Vijayashankar Na on February 15, 2018
Posted in Cyber Law  | Tagged With: , , | 3 Comments

The Rs 11500 crore fraud in India in Punjab National Bank (PNB) was a fraud which was waiting to happen due to the negligence of the Bank and the software developers supporting the Banking operations.

It appears that those who developed the Core Banking software for the Bank had no understanding of the nature of controls that were required to prevent misuse of “Non Funded Lending”.  If money goes out of a lending transaction, it might be captured by the system. But when only a “Letter” goes out “Undertaking a liability to pay contingent to an event of default by a customer”, it may not get into the books until the liability fructifies.

If the liability does not fructify and the letter is issued for a period which lapses, no problem arises to the Bank except for the opportunity loss of a “Commission”.

Such activities lend itself to “Kite flying” frauds which is what has happened in this case. In the past the Harshad Mehta Scam.was in similar mould. Even the Satyam Computer fraud was also of the same nature. In all these cases, certain false papers were floated around on the basis of which another third party lent funds. When such kite flying frauds miss a repayment cycle, it would snow ball into a major scam with a casacading effect.

It is ironic that the name of the fraudster is Nirav Modi and the Congress would be happy to use the occasion to place the blame on Mr Narendra Modi as if Rs 11500 crores has gone to his pockets. Mr Rahul Gandhi who is an expert at spreading falsehood will soon start speaking about this fraud in the Karnataka elections. It would not help if Mr Nirav Modi has left the country and is absconding.

Compared to Mr Vijay Mallya’s case which appeared to be caused out of a business  failure of the companies of Mr Mallya, this fraud is of a more criminal nature since it involves “Forgery” of a document in the name of PNB.  Hence the kind of protection Mr Mallya may get from international legal processes for not forcing his return to India may not hold for Mr Nirav Modi. Once he is located, he can be quickly arrested in the foreign soil with the help of Interpol and brought back to India.

It is critical for such speedy action to categorize this scam as a result of a “Forgery”. The forgery is because a false unauthorized letter of undertaking has been issued by some of the officials of PNB. Since these letters were issued without proper authorization, they have no legal validity.

Whether the beneficiary of the letter can go behind the unauthorized letter and claim the money from PNB has to be evaluated from the terms of the letter. If the liability arises any time after the public notice of the fraud has been received, then the beneficiary cannot make any claim on PNB.

For the contingent liabilities to fructify, the cause of action should be before the date of publication of the fraud and and the demand should be immediately thereafter.

Whiles frauds using “Contingent Obligations” issued in the name of a Bank or another organization are not new, in this particular case, one can identify the failure of the internal controls of PNB in not properly recording the message sent out of SWIFT undertaking a liability as part of the Bank’s contingent liabilities in the balance sheet.

It is also supposed that no “Digital Signature” was used in the process of signing the letter of undertaking and it was an “Un-digitally signed” letter from the Bank sent out of a system where authentication was based only on password.

This is the failure of the design of the Banking software developed by large companies such as Infosys and used by all major Banks in India and abroad. The software developers only focus on functional aspects of the software and unless there is a domain specialist to assist the developer in understanding the fraud risks, they end up developing software which is not properly designed. The CBS used by PNB is one such software that appears to have not been developed by a proper Techno Banking professional team.

Unless Banks in India and the software companies providing CBS software donot understand the Fraud prevention requirements to be built into the software, we will continue to see more of such frauds not only in the Banking domain but also in other fields.

I recall one of the early software architecture suggestions given by the undersigned to a broking firm where I had suggested control in the form of using accounting principles to track the risks of trading from the placing of the orders to the realization of money from the client etc.  Though it was not implemented, it appears that the PNB fraud would have been caught by such a design.

For the records however, we need to remember that

a) not all of Rs 11500 crores will become a loss to PNB. PNB has to immediately send notices to recall all such undertakings and freeze their operations. They should give notices that these are forged letters not binding on the Bank. If there is any leal fall out arising out of this in international Courts, it should be faced.

b) This is a case of forgery and not a case of business failure like that of Mr Mallya and hence extradition from whichever country Mr Nirav Modi is in is not going to be tough.

c) PNB and other banks should review their software systems to ensure that they capture all contingent liabilities for which there could be a simple solution.

d) RBI should recognize that the failure of PNB and the CBS ( Finacle) as part of their supervision failure.

e) Media should not create false propaganda and fear mongering that Rs 11000 crores might have been siphoned off. Most of these may be in the form of loans against assets and if they are recovered, most of the losses can be recouped.

f) Congress will keep shouting and this should be ignored.

g) The Government should not lose time in taking swift action across the globe and confiscate as may properties of Mr Nirav Modi as possible even before full legal process is initiated.

h) Courts and Anti-National Lawyers should be prevented from placing hurdles in the recovery of money which is of paramount importance now.

If proper action is taken the adverse impact of the fraud can be managed. At the same time proper corrective measures must be initiated for the future. “FINACLE” as a product appears to require a complete overhaul and hopefully the software companies involved must act immediately.


The fact that Technologists have scant regard for law is well known. The developments in the Bitcoin scenario is an indication.

Despite Bitcoin is the established “Currency for the Criminals” and “Black Money Hoarding Tool”, technologists say “So What?… I will do what I want.. Let Modi catch me if he can”. Some will say it is “Innovation for Disruption”.

RBI does not have the courage to do what it knows is good for the society…that is banning private Crypto Currencies like Bitcoins like we ban drugs and arms trading.

One of the ways by which Crypto Currency is trying to establish itself is by making Block Chain technology creep into Banking transactions and gain a level of respect that will latch onto Bitcoin as well in due course.

Few in the public will realize that Block chain is a technology and Bitcoin is a product and Blockchain may be acceptable but Bitcoin is not. Bitcoin will be promoted on the adoption of Block chain as a technology under the pretext “Block Chain is adopted by Banks and hence Bitcoin is also likely to be adopted by them soon”… The myth will be corroborated by the news about the price of Bitcoins soaring.

We need to therefore to ensure that Block chain technology does not have an unfettered entry into the system. If Bitcoin has to be blocked, Block Chain’s limitations need to be exposed.

Now we have the dangerous tendency creeping into the Banking system where “Block Chain Technology” is being implemented for different transaction recording. ICICI Bank has reportedly made transfers of Bitcoins from Gulf though the legality of Bitcoin is itself not settled. As long as Bitcoin is being treated as a currency, it is illegal and any Bank indulging in activities related to Bitcoin is violating the RBI Act.

Today, it is reported that InfosysFinacle  has launched a new product “Finacle Trade Connect” incorporating the blockchain based trade finance solution for banks.

Mr Sanat Rao, Chief Business Officer speaking at the time of launch has stated ” the new solution will provide higher automation, increase transparency and enable real-time availability of data”.

Significantly, he has also said

“The framework is ledger agnostic and is capable of working with most industry leading blockchain platforms such as Bitcoin, Hyperledger, Ethereum and Corda”.

This is therefore to be construed as a promotion of Bitcoin, Ethereum and other “Criminal Currency” and Infosys will today join the ranks of terror sponsor organizations like People Front of India (PFI) in radicalizing the Indian Monetary system.

It is unfortunate that the business case made out by Infosys Finacle is to provide a platform for use of Bitcoins and other private Crypto Currencies which are an alternative to holding of Black money.

This is a direct affront to Mr Modi’s fight against corruption and fight against Black money and today Infosys Board including Mr Narayana Murthy and Nandan Nilekani has to explain the statement of Mr Sanat Rao.

I also state yet again, Mr Urjit Patel the Governor of RBI is allowing these developments because he has chosen to remain silent without showing the guts to oppose Bitcoin. I have no expectation from Mr Arun Jaitely and the Finance Ministry because I feel that they are actually in support of Bitcoins and are only held back by RBI’s opposition and possible Supreme Court intervention.

Where does Mr Modi and Amit Shah stand on this? As of now it is not clear. Though I have sent many communications to the PMO, Mr Modi and the PMO has chosen to remain silent because they donot want to go against Mr Arun Jaitely’s advise. I presume that Mr jaitely is still reeling under the pressure of managing the fall outs of demonetization and GST and is unable to take any other hard decisions and will be happy to procrastinate and keep “Observing” how Bitcoin creeps into our economy.

We Indians did the same mistake of allowing terrorism creep into Kashmir and today Kashmir is a problem that has become too difficult to handle politically. Same way Bitcoin if not killed today will eat into Indian Economy and devour our system.

While the politicians wait for the Gujarat elections to be over, I would like to ask some questions to RBI and IDRBT.

  1. Finacle Trade Connect is meant to be a product to be used in the Banking system. Is it not necessary for IDRBT to clear the software? Has it been done?
  2. Block chain is a technology of ledger keeping where there is no central authority for authenticating any transaction. It is a peer to peer authentication. Our Banking system involves a Banker-Customer contractual relationship. If I as a customer of a Bank propose a transaction to the Bank how can some Tom Dick and Harry operating a block chain node approve my transaction? Is it not a power of attorney holder of the Bank alone who has the right to approve my transaction?
  3. Why should every block chain node at all be aware of my transaction even if it is encrypted?
  4. How does Banking law permit disclosure of my confidential transaction to be published on the block chain?
  5. Who will take the liability if the approval is defective?
  6. What if the block chain forks?
  7. Since Block chain is a public chain, is it not amenable for DDOS attacks and malware injection?.. Who will be responsible for such malware attacks?
  8. Is the statement of Finacle indicative that IDRBT has approved Bitcoin as a technology and Banks are preparing for use of Bitcoins in their transactions?
  9. Since Infosys is the organization behind GST which had many technical glitches thanks to their inefficiency, will Infosys also push the Block Chain technology to GST as well?
  10. Dear Mr Modi, are you aware of the implications of remaining silent on Bitcoin introduction into our economy?. I donot see any difference between this and the poisoning of the Indian minds by organizations like Zakir Naik and PFI. Why are you shying away from taking control of this Black money alternative called Bitcoin?

I look forward to agencies like RBI and Finance Ministry to respond to these questions. Honest India wants to know if Corruption has grown so big that even Mr Modi has to bow his head before Bitcoin?


P.S: As an honest Citizen of India, Naavi has done enough to highlight the dangers of Bitcoins and why it needs to be banned in India. If the Government, RBI and informed members of Public still wants to embrace Bitcoins it is their choice.

However, if the Indian economy collapses, then even people like us will have to suffer. But if this is the future of India we have to suffer and the concept of Achche Din, perhaps Naavi has to also accept defeat that Corruption in India is the king and Bitcoin which is the most effective tool of corruption cannot be defeated…. 

Hope this is the last article on Bitcoin that I need to write…