February 11, 2010
A United Nations officer issued a cheque on his
nationalized bank account. The cheque bounced
despite his having deposited a big sum a few days
back. He complained to the bank only to be told
that Rs 75,000 was withdrawn in a number of transactions
in Romania, a country he has never visited.
The police suspect that the account was hacked on
internet. This is not the lone case of fraudulent
activity in an Indian bank. Bank fraud is a big
business in today's world. With more educational
qualifications, banking is becoming impersonal
and an increase in banking sector has given rise
to this white collar crime. In many cases,
the involvement of bank officials, as deliberate
colluders, is also suspected.
With the introduction of internet universal banking,
the number of bank frauds has more than doubled in five years.
There were 10,450 cases of such cases in 2004-05, which
rose to 13,914 in 2005-06 and 23, 914 in 2008-09.
The figures are as per cases recorded with the Central
Bureau of Investigation. It is assumed that there are
many more cases, which are settled at the banks' end
and no complaints are lodged officially.
The frauds have cost the depositors Rs 779 crore in 2004-05.
It almost doubled to Rs 1381 crore the next year.
In 2008-09, the figure rose to Rs 1883 crore.
The figures given - Rs 4,043 crore in these deals -
are again not conclusive. The actual figure may be
much more. Both bank and forensic officials are baffled
at this massive level of fraud. In 2004-05, there were
96 cases in which over Rs 1 crore was swindled away in
each transaction. This rose to 212 in 2008-09.
Apparently no depositor is safe. Chances of swindling
increase seemingly with the size of the bank.
A multi-crore fake cheques scam estimated to the
tune of Rs 52 crore was exposed in the Kanpur main
branch of the State Bank of India last August.
Seven bank officials, including one assistant general
manager and two chief managers were suspended.
The bank's audit team found that the fraud involved
clearing of fake cheques in the bank account of an
influential petrol pump owner. He is believed to
have fled the country. This is stated to be the
biggest fraud in the Kanpur-Lucknow region.
This banking fraud is basically classified as
fraud by insider and fraud by others.
It involves a highly placed insider nominally
authorized to invest sizeable funds on behalf
of the bank; as it happened in the Kanpur case.
This person secretly makes aggressive and risky
investments using the bank's money and when one
investment goes bad, he engages in further market
speculation in the hope of a quick profit, which
would hide or cover the loss. Many such transactions
found their way even to the stock market though
investments in other speculative activities are
also not uncommon.
Unfortunately, when one investment loss is
piled onto another, the costs to the bank can
reach into hundreds of crore of rupees.
Remember, many of the US and western banks went
out of business for such activities in 2008.
The banking fraud is classified as fraudulent
loans, wire frauds, forged or fraudulent documents,
uninsured deposits, theft of identity, demand draft
frauds, forgery and altered cheques, accounting fraud,
bill discounting fraud, credit card fraud, fraudulent
loan applications, phishing and internet frauds.
While some of these existed in one or the other
form even earlier, the magnitude was far less.
New technology has added to the woes of the
investigators as it not only involved complex
accounting processes but also complicated
technology and software applications.
A computer crime may be committed in one country
and its result can be found in another country.
There has been a lot of jurisdictional problem
and though the Interpol helps, it too has its limitations.
Different treaties and conventions have created obstructions
in relation to tracking of cyber criminals hiding or operating
in other nations.
It is described as a no-scene crime.
The usual crime scene is the cyber space.
The terminal may be anywhere and the criminal
need not indicate the place. The only evidence
a criminal leaves behind is the loss to the bank.
The major advantage the criminal has in instituting
a computer crime is that there is no personal exposure,
no written documents, no signatures, no fingerprints or
voice recognition. The criminal is truly and in the
strict sense faceless.
There are certain spy softwares which are
utilized to find out passwords and other vital
entry information to a computer system.
The entry is gained through a spam or bulk mail.
This is called phishing. A number of programmes
called "Trojan horse" programmes have also been
used to snoop on the internet users while online,
capturing keystrokes or confidential data.
The information thus stolen is then used in other frauds,
such as theft of identity or online fraud. Though using debit
and ATM card is stated to be safe by banks, technological
experts say that pin numbers and other details can easily be
cloned or pilfered and misused as one feeds the machine.
The experts also advice not to put credit card ATM details
ever on the internet for any kind of transactions.
The information travels to a chain of computers and
could be intercepted at any point.
International internet transactions are always
fraught with risk. The CBI and banks are now putting
their heads together to create a firewall and improve
the forensic techniques. However, the nature of
transaction that has to allow access to the accounts
of the banks pose a daunting challenge. Some elements
have suggested closing the direct internet transactions
at least at international level. It is a matter of probe
whether terrorist groups are part of cyber crime or not.
The existing Indian laws are not at all adequate to counter
cyber crimes. The Indian Penal Code, Evidence Act,
and Criminal Procedure Code have no clue about computers
when they were codified. The IT Act is there but it is
inadequate. Banks are clueless at stopping this crime.
The alternate is to utilize the banking services in the
conventional paper method till a foolproof system evolves.
Shivaji Sarkar.
No comments:
Post a Comment