Banks have been asked to formulate an action plan/SoPs for the return of funds to the victims of financial fraud, said Vivek Joshi, secretary of the Department of Financial Services.
In a review meeting on improving cybersecurity and deterring financial fraud in the banking ecosystem, Joshi chaired a stakeholder meet with 12 organisations in New Delhi on Friday.
The meeting addressed the lack of standard operating procedure for recovering defrauded money and returning it to the victim.
When a fraud takes place and the money has been traced from an account in Bank 1 to Bank 2, and the fraud has been established, there is currently no SOP for the return of money to the victim, he explained.
The meeting also took stock on a previous suggestion to nominate nodal officers for every zone to oversee cybercrime and action, and serve as a point person with the Indian Cyber Crime Co-ordination Center, or I4C.
Progress has been seen at the national level for the appointment of nodal officer for I4C coordination, though work at the state level is ongoing and banks are yet to notify the RBI, Joshi said.
The department also urged banks to phase out the use of the regular 10-digit numbers and use specific number, series such as ‘140xxx’, as prescribed by the Telecom Regulatory Authority of India for commercial or promotional activities.
“We are also standardising the sharing of information by banks or financial institutions. For instance, if a bank is sharing information, it has to be in a particular format,” he said, before adding that this will be then shared with law enforcement agencies to support subsequent action and analysis.
Discussions were also held on onboarding banks and financial institutions to the Citizen Financial Cyber Fraud Reporting and Management System platform through API integration, according to a release on the matter.
The department is looking to integrate the CFCFRMS platform with the National Cybercrime Reporting Portal to centralise efforts and support collaboration between police, banks, and financial institutions, Joshi said.
In November 2023, a similar meeting was held where increasing incidents of online financial fraud was discussed and it reviewed the readiness of bankers to tackle cybersecurity challenges.
Since the last meeting, it was noted that the Department of Telecom has developed an AI/ML-based engine, called Astra, to detect mobile connections taken on fake or forged documents.
“About 1.40 lakh mobile handsets, either linked to the disconnected mobile connections or misused in cybercrime/financial frauds, have been blocked,” the department’s release said.
“Till date, more than 500 arrests have been made, around 3.08 lakh SIMs blocked, around 50,000 IMEIs blocked, 592 fake links/APK and 2,194 URLs blocked since April 2023,” it said.
“…we discussed on blocking the handset linked to a number. If SIM is being blocked, it can be replaced easily… So, we are stressing on blocking IMEI number,” Joshi said.