Indian Banking sector witnesses cyber fraud amounting to US$13.7 million

After the demonetization, digital transactions have been enforced onto people everywhere. The base extension for the fraud transaction was evolved with a mouse click, increasing the scope of liabilities. The latest threat to come to light is the presence of fake banking apps on the Google Play store that may have compromised the data of nearly 160,000 people, Global IT security company Sophos Labs said on Oct. 22. The bogus apps of several Indian lenders made their way to the Google Play store in the last few months.

These fraudulent apps have been primarily targeting the users of major seven banks - State Bank of India (SBI), ICICI Bank, Indian Overseas Bank, Axis Bank, Bank of Baroda, Yes Bank, and Citibank. Some of these apps also had a generic interface, serving customers from multiple banks. This may have compromised data from customers of 25 other banks, as claimed by some security experts.

According to RBI (Reserve Bank of India), India’s banking sector lost a whopping Rs 41,167.7 crore (US$5.9 billion) in the financial year 2017-18 due to increasing banking frauds. That’s a massive 72% YoY increase. What is more surprising is, there is a four-fold increase in banking frauds since 2013-14 when Rs 10,171 crore worth banking frauds were committed by fraudsters. 

The financial year 2017-18 was big in terms of the increasing cyber frauds incidents in the banking sector of India. According to the RBI, a total of 5,917 bank frauds were reported in 2017-18 and surprisingly, nearly one-third of these were cyber frauds. The number of cyber fraud cases reported by the Reserve Bank of India in 2017-18 was 2,059, which amounted to a sum total of Rs 109.6 crore (US$13.7 million). This exhibits a huge increase in their numbers from the year 2016-17, where only 1,372 cases were reported, amounting to Rs. 42.3 crore (US$6 million).

It is important to note that about 80% of all recorded banking frauds in 2017-18 were large-value frauds, involving Rs 50 crore or more. As many as 93% of all fraud cases worth over Rs 1 lakh took place in public sector banks, while private sector banks accounted for just 6%.

This considerable increase in bank fraud has significantly contributed to the mushrooming of bad loans, which loomed around the Rs 10,39,700 crore mark as of March 2018.

RBI, however, reported that this sharp increase in terms of amount is largely due to large-value banking fraud cases in the jewellery sector – referring to the case involving the fugitive businessmen, Nirav Modi and Mehul Choksi. The over Rs 13,000 crore Punjab National Bank (PNB) case has made a significant dent in the banking fraud data this year.

Operational risk management, according to the central bank, has been seriously challenged this year due to increased bank fraud, with over “90% of them located in the credit portfolio of banks,” reported by a daily news.

The central bank reported that the modus operandi of large-value frauds involves “opening current accounts outside the banking consortium without no-objection certificates from lenders, division of funds by borrowers through various means,  including through associated/shell companies, lapses in credit underwriting standards, deficient and fraudulent services or certification by third-parties and the banking sectors failure to identify early warning signs.”

In February 2018, The Indian Banks Association (IBA) was instructed by the RBI to install enhanced IT-enabled, user-friendly, web-based Third Party Evaluation (TPE) reporting and establish an infrastructure with comprehensive data security and control measures.

The Reserve Bank of India doesn’t seem to take this issue of cyber frauds lightly anymore. It plans to act on reducing the cyber fraud occurrences by setting up a tracking and compliance portal system. Moreover, this portal system will be used to address problems from all registered financial institutions, ranging from Banks and NBFC’s to Prepaid Payment Instruments and mobile banking interfaces as directed under the Internal Ombudsman Scheme of 2018. In addition to that, it is going to add a sense of security to the digital transactions, thus promoting it.