KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

BANK FRAUD
INTRODUCTION

Banks are the engines that drive the operations in the financial sector,
which is vital for the economy. With the nationalization of banks in 1969,
they also have emerged as engines for social change. After independence,
the banks have passed through three stages. They have moved from the
character-based lending to ideology-based lending to today's
competitiveness-based lending in the context of India's economic
liberalization policies and the process of linking with the global economy.

While the operations of the bank have become increasingly

significant, there is also an occupation hazard. There is a Tamil proverb,
which says that a man who collects honey will always be tempted to lick his
fingers. Banks are, all the time dealing with money, a temptation should
therefore be very high. Oscar Wilde said· that the thief was an artist and the
policeman was only a critic. There are many people who are unscrupulous
and are able to perpetrate a fraud. The bank should devise systems and
procedures in such a way that the scope for such clever and unscrupulous
people is reduced.

With the rising banking business, frauds in banks are also increasing
and fraudsters are becoming more and more sophisticated and ingenious. In
a bid to keep pace with the changing times, the banking sector has
diversified its business manifold. Replacement of the philosophy of class
banking with mass banking in the post-nationalization period has thrown a
lot of challenges to the management on reconciling the social responsibility
with economic viability.

Section 5(b) of the Banking Regulation Act, 1949 defines banking.

According to it, banking means the accepting, for the purpose of lending or
investment, of deposits of money from the public, repayable on demand or
otherwise, and withdrawable by cheque, draft, and order or otherwise. But if
the money has fraudulently been drawn from the bank, the later is under
strict obligation to pay the depositor. The bank, therefore, has to ensure, at
all times, that the money of the depositor is not drawn by deceitful means.

(1)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

DEFINITION OF FRAUD

Fraud is defined as 'any behaviour by which one person intends to

gain a dishonest advantage over another.' In other words, fraud is an act or
omission which is intended to cause wrongful gain to one person and
wrongful loss to the other, either by way of concealment of facts or
otherwise.

Section 421 Indian Penal Code defines "fraud" as 'whoever

dishonestly or fraudulently removes, conceals or delivers to any person, or
transfers 'or causes to be transferred to any person, without adequate
consideration, any property, intending thereby to prevent, or knowing it to
be likely that he will thereby prevent, the distribution of that property
according to law among his creditors or the creditors of any other person,
shall be punished with imprisonment of either description for a term which
may extend to two years or with fine or with both."

(2)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

BANK FRAUDS

Losses sustained by banks as a result of frauds exceed the losses due

to robbery, dacoity, burglary and theft-all put together.

Unauthorized credit facilitate are extended for illegal gratification

such as cash credit allowed against pledge of goods, hypothecation of goods
against bills or against book debts. Common modus operandi are, pledging
of spurious goods, inflating the value of goods, hypothecating goods to more
than one bank, fraudulent removal of goods with the knowledge and
connivance of or negligence of bank staff, pledging of goods belonging to a
third party. Goods hypothecated to a bank are found to contain obsolete
stocks packed in between good stocks and cases of shortage in weight are
not uncommon.

Frauds in deposit accounts take place by opening of bogus accounts,

forging signatures of introducers and collecting through such accounts
stolen or forged cheques or bank drafts. Frauds are also committed in the
area of granting overdraft facility in the current accounts of customers. A
large number of frauds have been committed through bank draft, mail
transfers and telegraphic transfers.

An analysis made of cases brings out broadly, the under mentioned

four major elements responsible for the commission of frauds in banks.
First, active involvement of the staff-both supervisory and clerical either
independent of external elements or in connivance with outsiders.

Secondly, failure on the part of the bank staff to follow meticulously laid
down instructions and guidelines.

Thirdly, external elements perpetrating frauds on banks by forgeries or

manipulations of cheques, drafts and other instruments.

Fourthly, there has been a growing collusion between businessmen, top bank
executives, civil servants and politicians in power to defraud the banks, by
getting the rules bent, regulations flouted and banking norms thrown to the
winds.

(3)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

An analysis of frauds committed in the Banks indicates the following

'areas, which are susceptible for commission of frauds.

Frauds-Prevention and Detection

A close study of any fraud in a bank reveals many common basic

features. There may have been negligence or dishonesty at some stage, on
the part of one or more of the bank employees. One of them may have
colluded with the borrower. The bank official may have been putting up
with the borrower's sharp practices for a personal gain. The proper care
which was expected of the staff, as custodians of bank's interests may not
have been taken. The bank's rules and procedures laid down in the Manual
instructions and the circulars may not have been observed or may have been
deliberately ignored. In all such cases, the result would be more or less the
same-a fraud and consequent loss of money and prestige. It should,
however, be conceded that in spite of all the possible safeguards and
precautions that human ingenuity can desire, there may still be a wily
customer who may have the upper hand in the battle of wits and succeed in
cheating a bank.
Bank frauds are the failure of the banker. It does not mean that the
external frauds do not defraud banks. But if the banker is upright and knows
his job, the task of the defrauder will become extremely difficult, if not
possible.

Components of Fraud

There are two important components in any fraud committed by an

employee of a bank, himself or in collusion with a borrower. They are,
firstly, the intention which is subjective; and secondly, the opportunity
which is objective.
Conditions must be created in a bank that the person who intends
perpetrating a fraud does not get the opportunity to commit it.

(4)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Prevention of Frauds
The following are the ways by which frauds can be averted:
1. Recruitment and Selection:
The right type of persons with necessary qualifications and aptitudes
should be recruited. Selection of officers should be carefully made on
the basis of qualifications, experience, performance, efficiency and
reputation. Adequate training to staff at all levels should be provided

2. Private Lives of Staff:

The private lives of staff should be watched, difficult thought it may
be. A member of the staff who is· a habitual borrower or lives beyond
his means can be one who may ultimately let the bank down

3. No Undue Reliance:
No undue reliance should be placed on bank's staff. Explanations
should not be too’ readily accepted. So that vested interests are not
created, agents, clerical staff and officers should be transferred
periodically from branch to branch.

4. Basic Honesty:
No bank official should think of accepting presents and bribes form
the borrowers in the belief that everything is safe and nothing would
go wrong. The financial position and dealings of a borrower who
invites bank officials too often for drinks and dinners or sends them
presents should be closely watched.

5. Routine:
The bank's system, routine and procedures should be meticulously
followed. The manual of instructions and the circulars are the
outcome of wide experience of men and matters, which the head
office has acquired over a long period.

(5)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

6. Supervision and Audit:

The checking of books and registers should be done regularly by the
authorized officer. The godowns should be inspected without notice.
Audit of bank branch is must.

7. Unscrupulous Parties:
The bank should be careful in accepting new customers, particularly
borrowers. The customer, who has been noticed to follow undesirable
practices or is known to have committed a fraud, should be avoided. It
is good for the bank to follow the maxim, "once bitten, twice shy".

8. Danger Signals:
Particular attention must be paid to the accounts wherein the debt
balance usually remains very near the sanctioned limit or the drawing
limit.· When the borrower's cheques start bouncing with reasons like,
"exceeds arrangement" or "effects not cleared, present again" or when
there is a very poor turnover in the account/securities charged, bank
officers have to be Watchful.

9. Vigilance:
Vigilance means alertness or watchfulness. This is a mental state and
applicable to rank and file. Vigilance is an integral part of the
managerial function. The preventive vigilance should ensure that:
 The business is planned and conducted with proper system and
procedures keeping in view corporate vision.
 Transactions are properly authorized and appraised.
 Assets safeguarded and liabilities controlled; minimize the risk
of losses arising out of irregularities, fraud.
 Accountability and records provide complete, accurate and
timely information.

(6)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

 Finally, the bank officer’s eyes and ears have to be everywhere.

They cannot afford to be lethargic, complacent or negligent in
the discharge of their duties.

Detection of Frauds

Despite all the care and vigilance, there may still be some frauds, though
their number, periodicity and intensity may be considerably reduced.
Just as vigilance is very important in the prevention of frauds, calm
behaviour and attitude are a must in the detection of a fraud. The officer
should in no circumstances lose his temper and presence of mind when
confronted with difficult situation. The following procedure would be very
helpful if taken into consideration.

1. All relevant data-papers, documents, etc. should be promptly

collected. Original vouchers or other papers forming the basis of the
investigation should be kept under lock and key.
2. All persons in the bank who may know something about the time,
place and modus operandi of the fraud should be examined and their
statements should be recorded.
3. The probable order of events should thereafter be reconstructed by the
officer, in his own mind. The next man, if competent and honest, and
capable of keeping secrets, should be taken into confidence.
4. It is always advisable to keep the central office informed about fraud
and further developments in regard thereto.

(7)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Classification of Frauds and Action Required by Banks

As we are aware that in a bid to keep pace with the changing times,'
the banking sector has diversified its business manifold. This has caused a
dent on the credibility of the system in terms of checks/controls and
supervision. Replacement of the philosophy of class banking with mass
banking in the post nationalisation period has thrown a lot of challenges to
the management on reconciling the social responsibility with economic
viability.

The Reserve Bank of India had set-up a high level committee in 1992
which was headed by Mr. A. Ghosh, the then Dy. Governor Reserve Bank
of India to inquire into various aspects relating to frauds malpractice in
banks. The committee had noticed/observed three major causes for
perpetration of frauds as given here under:
1. Laxity in observance of the laid down system and procedures by
operational and supervising staff.
2. Over confidence reposed in the clients who indulged in breach of
trust.
3. Unscrupulous clients by taking advantages of the laxity in observance
of established, time tested safeguards also committed frauds.
Since, the above three causes are of utmost importance as such the banks
are advised to keep in mind the same while discharging their duties
In order to have uniformity in reporting cases of frauds, RBI considered
the question of classification of bank frauds on the basis of the provisions of
the Indian Penal Code and has classified there as under:

1. Cheating
2. Criminal misappropriation of property
3. Criminal breach of trust

(8)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

4. Forgery
5. Falsification of accounts
6. Theft
7. Extortion
8. Burglary (house breaking)
9. Robbery ad dacoity
10.Criminal conspiracy
11.Bribery and corruption
12.Offences relating to currency notes and bank notes.

1) Cheating

Whoever by deceiving any person, fraudulently or dishonestly

induces the person so deceived to deliver any property to any person,
or to consent that any person shall retain any property, or intentionally
induces the person so deceived to do or omit to do anything which he
would not do or omit if he were not so deceived, and which act or
omission causes or is likely to cause damage or harm to that person in
body, mind, reputation or property, is said to "cheat".
Whoever cheats shall be punished with imprisonment of either
description for a term, which may extend to one year, and shall also
be liable to fine.
When a cheque is dishnoured, the payee feels frustrated and seeks on
immediate remedy at no costs or low costs. Civil suits are a costlier
affair and a time consuming device and thus a complaint under the
provisions of Indian Penal Code comes as a remedy
In Ram Jas v. State of Uttar Pradesh, 23 the Supreme Court has
enumerated the ingredients to constitute the offence under this section
as under:
There should be fraudulent or dishonest inducement of a person by
deceiving him;

(9)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

The person so deceived should be induced to deliver any

property to any person, or to consent that any person shall
retain any property; or

The person so deceived should be intentionally induced to do

or omit to do anything, which he would not do or omit if he
were not so deceived.
In the case covered by item (ii) (b), the act or omission should be one,
which causes or is likely to cause damage or harm to the person
induced in body, mind, reputation or property.

If the cheque is dishnoured, the drawer of the cheque may be

prosecuted under sections 417 and 420 of the Indian Penal Code.
However, it all depends on the circumstances of each case. Every
dishonour of a cheque is not cheating. It must be proved that there
was the intention to cheat.

Remedial Measures
The preventive measures, in respect of the cheating, can be
concentrated on cross-checking regarding identity, genuineness,
verification of particulars, etc. In respect of various instruments as
well as persons involved in encashment or dealing with the property
of the bank.

2) Criminal Misappropriation of Property

Whoever dishonestly misappropriates or converts to his own use any

moveable property, shall be punished with imprisonment of either
description for a term, which may extend to two years, or with fine, or
with both. This offence is non-cognizable.
A finds a cheque payable to bearer. He can form no conjecture as to
the person who has lost the cheque. But the name of the person, who
has drawn the cheque, appears. A knows that this person can direct
him to the person in whose favour the cheque drawn. A appropriates

(10)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

the cheque without attempting to discover the owner. He is guilty of

an offence under this section.
A finds a government promissory note belonging to Z, bearing a
blank endorsement. A knowing that the note belongs to Z, pledges it
with a banker as a security for a loan, intending at a future time to
restore it to Z. A has committed an offence under this section.

Remedial Measures
Criminal misappropriation of property, presuppose the custody or
control of funds or property, so subjected, with that of the person
committing such frauds. Preventive measures, for this class of fraud
should be taken at the level at which the custody or control of the
funds or property of the bank generally vests. Such a measure should
be sufficient, it is extended to these persons who are actually handling
or having actual custody or control of the funds or movable properties
of a bank.

3) Criminal Breach of Trust

Whoever, being in any manner entrusted with property, or with any

dominion over property, dishonestly misappropriates or converts to
his own use that property, or dishonestly uses or disposes of that
property in violation of any direction of law prescribing the mode in
which such trust is to be discharged, or of any legal contract, express
or implied, which he has made touching the discharge of such trust, or
willfully suffers any other person so to do, commits "criminal breach
of trust".

In Anil Saranav v. State of Bihar,26 the Supreme Court has reiterated

that where a partner is entrusted with property under special contract
and he holds that property in a fiduciary capacity, and
misappropriation of that property would amount to criminal breach of
trust.

Remedial Measures

(11)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Criminal misappropriation of property, presuppose the custody or

control of funds or property, so subjected, with that of the person
committing such frauds. Preventive measures, for this class of fraud
should be taken at the level at which the custody or control of the
funds or property of the bank generally vests. Such a measure should
be sufficient it is extended to these persons who are actually handling
or having actual custody or control of the funds or movable properties
of a bank.

4) Forgery

Whoever makes any false document or part of a document with intent

to cause damage or injury, to the public or to any person, or to support
any claim or title, or to cause any person to part with property, or to
enter into any express or implied contract, or with intent to commit
fraud or that fraud may be committed, commits "forgery".

The essential ingredients of forgery are as under:

The making of false document or part of it.
Such making should be with intent.
To cause damage or injury to
Public; or
Any person; or
To support any clam or title; or
To cause any person to part with property; or
To cause any person to enter into express or implied contract; or
To commit fraud or that fraud may be committed.

Remedial Measures

(12)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Both the prevention and detection of frauds through forgery are

important for a bank. Forgery of signatures is the most frequent fraud
in banking business. A banker as per legal obligation is supposed to
know the signature of his customer and in case of any doubt he has to
consult the specimen signatures of his customer, which has already
been taken during the course of opening of account of the customer.
The specimen signatures are always kept in safe custody of the bank.
The bank should take special care when the instrument has been
presented either bearer or order; in case a bank pays forged instrument
he would be liable for the loss to the genuine customer.

5) Falsitlcation of Accounts

Whoever, being a clerk, officer or servant, or employed or acting in

the capacity of a clerk, officer or servant, willfully, and with intent to
defraud, destroys, alters, mutilates or falsifies any book, paper,
writing valuable security or account which belongs to or is in the
possession of his employer or has been received by him for or on
behalf of his employer or willfully and with intent to defraud, makes
or abets the making of any false entry in, or omits or alters or abets
the omission or alteration of any material particular from or in, any
such book, paper, writing, valuable security or account, shall be
punished with imprisonment of either description for a term which
may extend to seven years, or with fine, or with both.

Explanations
It shall be sufficient in any charge under this section to allege a
general intent to defraud without naming any particular person
intended to be defrauded or specifying any particular sum of money
intended to be the subject of the fraud, or any particular day on which
the offence was committed.
This section refers to acts relating to book-keeping or written
accounts. It makes the falsification of books and accounts punishable
even though there is no evidence to prove misappropriation of any
specific sum on any particular occasion.

(13)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Ingredients
This section requires that:

The person coming within its purview must be a clerk, an officer, or a

servant, or acting in the capacity of a clerk, an officer, or a servant.
He must willfully and with intent to defraud-
Destroy, alter, mutilate, or falsify, any book, paper, writing, valuable
security, or account which-
Belongs td or is in the possession of his employer; or
Has been received by him for or on behalf of his employer;
Make or abet the making of any false entry in or omit or alter or abet
the omission or alteration of any material particular from or in any
such book, paper, writing, valuable security or account.
The offence of falsification of accounts read with cheating becomes a
cognizable offence.

Remedial Measures
The preventive measures, for falsification of accounts should give
more importance on the persons responsible for the maintenance of
books and accounts and encashment of instruments. Inventory of the
movable properties can also be a place of importance for this purpose,
frequent internal audit system, crosschecking regarding identity,
verification of particulars, etc. are useful.

6) Theft

Whoever, intending to take dishonestly any movable property out of

the possession of any person without that person's consent, moves that
property in order to such taking, is said to commit "theft". Theft in
dwelling house is punishable under Section 380, IPC. Theft of
property, in the possession of his master or employer, by a clerk or

(14)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

servant is punishable under Section 381, IPC. Theft after preparation

made for causing death, hurt or restraint in order to the committing of
theft is punishable under Section 382, IPC. These are all cognizable
offences.
Common forms of thefts committed in bank are theft of cash,
traveler’s cheques, draft, mail transfer and telegraphic transfer forms
from strong rooms or currency chests, cash counters, lockers and safe
deposit vaults, etc. Criminal law has taken particular care to protect
the possession of movables rather than of immovables. In the case of
immovables the disputes relating to ownership etc. are left to the civil
law.
Criminal law interferes only when the disputes relating to immovable
items of property are likely to lead to breach of the peace and to
prevent insult, annoyance and intimidation to the person in
possession. Thus, in the

case of movable property the list of the offence is the deprivation of

possession or attempt at such deprivation is not sufficient to constitute
an offence. Section 441 of the Indian Penal Code deals with the
offence of trespass on land, which is unlawful interference with the
possession of it.
The essential ingredients of the offence of theft are as under:
Dishonest intention to take property.
The property must be movable.
It should be taken out of the possession of another person.
It should be taken without the consent of that person.
There must be mere removal of the property in order to accomplish
the taking of it.

The above stated ingredients have been explained by the Supreme

Court in K.N. Mehra v. State of Rajasthan. As observed by Subba
Rao, 'To commit theft one need not take movable property
permanently out of the possession of another with the intention not to
return it to him. It would satisfy the definition if he took any movable

(15)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

property out of the possession of another person though he intended to

return it later on'.
A creditor who took movable property out of his debtor's possession,
without his consent, with the intention of coercing him to pay his
debt, committed the offence of theft.

Remedial Measures
Encashment of stolen travellers' cheques can be prevented if the bank
clearly specifies the age, sex and two visible identification marks on
the body of the person purchasing traveller's cheques on back-of the
cheque leaf. This will help the paying bank to easily identify the
cheque-holder. Theft from lockers and safe deposit vaults are not easy
to commit because the master-key remains with the banker and the
individual key of the locker is handed over to the customer with due
acknowledgement. No one can singly open the locker. It has been
found generally that cashier leaves cash unlocked and proper care is
not exercised while handling cash. To avoid such incident effective
supervision is required at each bank level.

8) Extortion

Whoever, intentionally puts any person in fear of any injury to that

person, or to any other, and thereby dishonestly induces the person so
put in fear to deliver to any person any property or valuable security,
or anything signed or sealed which may be converted into valuable
security commits "extortion". The offence is cognizable.

Burglary (House Breaking)

"House Breaking" which is commonly known as burglary. It may be

roughly classified under five main heads, namely, (i) by manhole
through a wall; (ii) by manhole through a roof; (iii) by drilling a small
hole through the wall close to the fastening of the door and window;

(16)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

(iv) by breaking open iron grill provided to windows and skylight

openings; and (v) by various kinds of lock breaking. In banks, strong
rooms, currency chests, lockers and safe deposit vaults are vulnerable
to burglary unless adequate security arrangements are provided
particularly after sunset and before sunrise when burglary is
successfully committed. The offence is cognizable.

9) Robbery and Dacoity

In all robbery there is either theft or extortion. Theft is "robbery" if, in

order to the committing of the theft, or in committing the theft, or in
carrying away or attempting to carry away property obtained by the
theft, the offender, for that end .voluntarily causes or attempts to
cause to any person death or hurt or wrongful restraint, or fear of
instant death or of instant hurt, or of instant wrongful restraint.
Extortion is "robbery" if the offender, at the time of committing the
extortion, is in the presence of the person put in fear, and commits the
extortion by putting that person in fear of instant death, of instant
hurt, or of instant wrongful restraint to that person or to some other
person, and, by so

putting in fear, induces the person so put in fear then and there to
deliver up the thing extorted.
When five or more persons conjointly commit or attempt to commit a
robbery, or where the whole number of persons conjointly committing
or attempting to commit a robbery, and persons present and aiding
such commission or attempt, amount to five or more, every person so
committing, attempting or aiding is said to commit "dacoity".
Attempt to commit robbery is punishable under Section 393, IPC and
attempt to commit robbery or dacoity armed with deadly weapon is
punishable under Section 398, IPC; Section 394, IPC (voluntarily'
causing hurt in committing robbery); " Section 396, IPC (dacoity with
death); and Section 397, IPC (robbery or dacoity with attempt to
cause death or grievous hurt) provide enhanced punishment.

(17)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Punishment is also provided for making preparation to commit

dacoity (Section 399, IPC);" for belonging to a gang of dacoits
(Section 400, IPC); for belonging to a gang of thieves (Section 401,
IPC and for assembling to commit dacoity). All the offences under
robbery and dacoity are cognizable.33 Burglary, robbery and dacoity,
snatching cash from the counter are external crimes in banks. The
vulnerability of the banks varies on the three different types of
occasions, namely:
When the bank is totally closed,
When the bank i~ opened to the public for normal business
transactions, and
The twilight hours when the bank strong room is opened before the
commencement of the banking hours and again at the end of the
banking hours, to take out cash and to put it back.

10) Criminal Conspiracy

Conspiracy is a substantive offence and has nothing to do with

abetment. Criminal conspiracy is somewhat wider in amplitude than
abetment by conspiracy. The very fact of the conspiracy constitutes
the

offence and it is immaterial whether anything has been done in

pursuance of the unlawful agreement. The ingredients of the offence
are:

That there should be an agreement between the persons who are

alleged to conspire, and
That the agreement should be
For doing of an illegal act, or
For doing by illegal means an act which may not itself by illegal.

(18)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

In the case of State of Andhra Pradesh v. IBS Prasad Rao and Others
the accused, who were clerks in a Cooperative Central Bank were all
convicted of the offences of cheating under Section 420 read along
with Section 120A. All the four accused had conspired together to
defraud the bank by making false demand drafts and receipt vouchers.

11) Fraudulent loans

One way to remove money from a bank is to take out a loan, a

practice bankers would be more than willing to encourage if they
know that the money will be repaid in full with interest. A fraudulent
loan, however, is one in which the borrower is a business entity
controlled by a dishonest bank officer or an accomplice; the
"borrower" then declares bankruptcy or vanishes and the money is
gone. The borrower may even be a non-existent entity and the loan
merely an artifice to conceal a theft of a large sum of money from the
bank.

12) Stolen cheques

Some fraudsters obtain access to facilities handling large amounts of

cheques, such as a mailroom or post office or the offices of a tax
authority (receiving many cheques) or a corporate payroll or a social
or veterans' benefit office (issuing many cheques). A few cheques go
missing; accounts are then opened under assumed names and the
cheques (often tampered or altered in some way) deposited so that the
money can then be withdrawn by

thieves. Stolen blank chequebooks are also of value to forgers who

then sign as if they were the depositor.

13) Bill discounting fraud

(19)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Essentially a confidence trick, a fraudster uses a company at their

disposal to gain confidence with a bank, by appearing as a genuine,
profitable customer. To give the illusion of being a desired customer,
the company regularly and repeatedly uses the bank to get payment
from one or more of its customers. These payments are always made,
as the customers in question are part of the fraud, actively paying any
and all bills raised by the bank. After time, after the bank is happy
with the company, the company requests that the bank settles its
balance with the company before billing the customer. Again,
business continues as normal for the fraudulent company, its
fraudulent customers, and the unwitting bank. Only when the
outstanding balance between the bank and the company is sufficiently
large, the company takes the payment from the bank, and the
company and its customers disappear, leaving no-one to pay the bills
issued by the bank.

14) Duplication or skimming of card information

This takes a number of forms, ranging from a dishonest merchant

copying clients' credit card numbers for later misuse (or a thief using
carbon copies from old mechanical card imprint machines to steal the
info) to the use of tampered credit or debit card readers to copy the
magnetic stripe from a payment card while a hidden camera captures
the numbers on the face of the card.
Some thieves have surreptitiously added equipment to publicly
accessible automatic teller machines; a fraudulent card stripe reader
would capture the contents of the magnetic stripe while a hidden
camera would sneak a peek at the user's PIN. The fraudulent
equipment would then be removed and the data used to produce
duplicate cards that could then be used to make ATM withdrawals
from the victims' accounts.

15) Wire fraud

Wire transfer networks such as the international SWIFT interbank

fund transfer system are tempting as targets as a transfer, once made,
is difficult or impossible to reverse. As these networks are used by

(20)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

banks to settle accounts with each other, rapid or overnight wire

transfer of large amounts of money are commonplace; while banks
have put checks and balances in
place, there is the risk that insiders may attempt to use fraudulent or
forged documents which claim to request a bank depositor's money be
wired to another bank, often an offshore account in some distant
foreign country

16)Forged or fraudulent documents

Forged documents are often used to conceal other thefts; banks tend
to count their money meticulously so every penny must be accounted
for. A document claiming that a sum of money has been borrowed as
a loan, withdrawn by an individual depositor or transferred or
invested can therefore be valuable to a thief who wishes to conceal
the minor detail that the bank's money has in fact been stolen and is
now gone.

17) Uninsured deposits

There are a number of cases each year where the bank itself turns out
to be uninsured or not licensed to operate at all. The objective is
usually to solicit for deposits to this uninsured "bank", although some
may also sell stock representing ownership of the "bank". Sometimes
the names appear very official or very similar to those of legitimate
banks. For instance, the "Chase Trust Bank" of Washington DC
appeared in 2002 with no licence and no affiliation to its seemingly
apparent namesake; the real Chase Manhattan Bank is based in New
York.

The risk is greatest when dealing with offshore or Internet banks (as
this allows selection of countries with lax banking regulations), but
not by any means limited to these institutions. There is an annual list
of unlicensed banks on the US Treasury Department site which
currently is fifteen pages in length.

18) Demand draft fraud

(21)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

This fraud is usually done by one or more dishonest bank employees.

They remove few DD leaves or DD books from stock and write them
like a regular DD. Since they are insiders they know the coding,
punching of a demand draft. These Demand drafts will be issued
payable at distant town/city without debiting an account. Then it will
be cashed at the payable branch. For the paying branch it is just
another DD.

19) PHONE FRAUDS

Whether in the form of the consumer attempting to defraud the

telephone company, the telephone company attempting to defraud the
consumer, or a third party attempting to defraud either of them, fraud
has been a part of the telephone system almost from the beginning.
A carrier's bottom line is significantly impacted by billing fraud.

20) Automatic Teller Machine (ATM) Fraud

To use an ATM has always required the use of a PIN. There have
been many very sophisticated methods devised to obtain this
information plus the information on the magnetic strip, including
dummy ATMs. The universal introduction of Chip and PIN means
there will be far more opportunity for PINs to be compromised as
PINs will need to be entered in relatively insecure locations (for
example, at supermarket counters). The major banks in the UK are
seriously concerned that ATM fraud will increase as a result of PINs
being compromised at point of sale.
In general the chip prevents counterfeit fraud. However, ATMs can
still be vulnerable as the chip can effectively be disabled. The
magnetic stripe contains a service code which tells the ATM what
type of card it is. For instance, 101 identifies it is magnetic stripe,
whilst 201 means it is a chip card. Also, on the chip there is a similar
flag which tells the ATM whether it should read from the magnetic
stripe or the chip. Further, if the chip malfunctions for some reason
then many ATMs will default to using the magnetic stripe. Any fraud
detection system must detect the status of the card to determine if

(22)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

there has been a failure of the chip. Many ATM used overseas
continue to use the magnetic strip.

E-Fraud
What is E-Fraud?
E-Fraud is an umbrella term that covers numerous activities across the
Internet the common intent of which is to make money or obtain services
using illegally or fraudulently obtained information. eFraud has a
tremendous impact on the Internet Economy, both in terms of actual dollars
stolen from accounts as well as lost revenue due to overall decreased
confidence in eCommerce or eBanking and the damage done to the
reputations of Brands being marked.

Before going on to describe some of the common manifestations of eFraud,

some mention should be made of its non-technical underpinnings, whose
influence can be discerned throughout.

1) Social Engineering
Whether used by efraudsters, normal scam artists or more reputable
members of society such as overly-aggressive car salesmen or itinerant
sellers of magazine subscriptions, Social Engineering encompasses a
number of techniques intended to manipulate the “victim” into revealing or
doing more than they otherwise would if the “victim” had the opportunity of
thinking about what they are doing. The social engineer will frequently
attempt to pressure the victim into acting immediately (e.g. “Your Account
will be closed in 24 hours if you don’t click on the link below to update your
Account info” or “I just had two other couples looking at this car earlier this

(23)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

morning!”) or entice the victim to act instinctively, playing on the ‘kindness

of strangers’ (”If someone does not help me move my murdered husband’s
money out of the country soon, the corrupt officials will pocket it all and
leave my kids with nothing” or “Don’t you want to help me earn my way
through college?”).

Other common ploys of the Social Engineer include the incorporation of

information previously obtained to lend their effort more legitimacy; or to

present their approach so as to appear to be providing the victim with some

valuable assistance.

While some examples of this may amuse us, the core techniques can be used
to devastating effect in the hands of a good Social Engineer and while there
will always be a technical element to contend with in regards to eFraud, the
human element cannot be underestimated or easily dismissed.

2) Phishing

Otherwise known as “carding” or “brand spoofing”, phishing refers to the

use of (usually) emails presented in such a way as to seem official
communications of a banking, service or retail organization, prompting the
victim to "confirm" some of their confidential data. Information targeted
frequently includes login details, credit card or banking account details, Date
of Birth and Social Security Number. Typically, the pretext of the
communication is some sort of security measure being implemented or
response to some possibly fraudulent use of the account, the scam being
supported by the inclusion of official looking images and presented with
some sense of urgency. The mechanism used to garner the target details can
differ but frequently make use of an obfuscated link in the email apparently
leading to the official site but in actuality leading to a hacked server that the
perpetrator(s) of the scam uploaded web pages, images and scripts to. The
gathered data is then either stored to a hidden area on the same server, or to
a different hacked server or sent to a throw-away email account that the
hacker will monitor for the duration of the scam.

(24)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

3) Pharming

Somewhat of a trendy term for a type of phishing. Intended to describe a

more elaborate form of phishing, involving more technical expertise to
accomplish; in actuality it is just part of the broad spectrum of phishing.

4) Advanced Fee Fraud

Represented in large part by Nigerian or 419 Scams, these are typically

represented by emails purporting to be from someone having large funds
available overseas that, if not moved out of country soon, would be lost. The
fraudster pleads with the victim for their help in moving these funds to the
victim’s country, in return for which the fraudster generously gives a portion
of the funds. However, having once baited the victim's interest, the victim
needs to outlay some funds of his or her own in order to initiate the process.
The descriptive details in the email play on the pity and kindness (not
excluding a little bit of greed) on the part of the victim to further the scam.

5) Identity Theft

Identity Theft refers to the unauthorized use of falsely obtained personal

information. This info is frequently used for things such as credit card
applications, picture ID card applications, domain registrations, etc. The
idea being that any use or misuse of those services would be traced back to
the Identity Theft victim, thus embroiling them in having to disassociate
themselves from the activities of their personal nemesis.

(25)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

6) Credit Card Fraud

Whether obtained via phishing or key logging trojans, credit card

information is actively traded publically in Web forums and IRC Channels
or via more discreet means such as private Instant Messenging networks or
emails. This info is then used to purchase goods or services, using various
techniques to make it difficult to trace the recipient. The transactions are
done on sites (termed as 'cardable') that do not restrict shipment of goods to
the same address or region as the billing address of the card owner.

(26)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

7) Mail Fraud
Mail fraud refers to any scheme which attempts to unlawfully obtain money
or valuables in which the postal system is used at any point in the
commission of a criminal offence. Mail fraud is a legal concept in the
United States Code which can provide for increased penalty of any
criminally fraudulent activity if it is determined that the activity involved
used the United States Postal Service. As in the case of wire fraud, this
statute is often used as a basis for a separate federal prosecution of what
would otherwise have been only a violation of a state law. The concept is
irrelevant in countries with non-federal legal systems: the activities listed
below are likely to be crimes, but the fact that they are carried out by mail
makes no difference to which authority may prosecute or the penalties
which may be imposed

8) Internet Fraud and Online Auction Fraud

Internet fraud or wire fraud schemes may also qualify as mail fraud if the
mails are being used at any point in the scheme, including a request that a
money order be sent to pay for non-existent or undelivered auction
merchandise. Many of these schemes are merely variants on the fraudulent
mail-order scams in which the merchandise is never delivered as described
or delivered at all.

(27)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

SECURITY REGIME IN BANKING SYSTEM

INTRODUCTION

Security implies sense of safety and of freedom from danger or

anxiety. When a banker takes a collateral security, say in the form of gold or
a title deed, against the money lent by him, he has a sense of safety and of
freedom from anxiety about the possible non-repayment of the loan by the
borrower. In a broader perspective, when a nation maintains a well-equipped
and well-trained military force, the citizens have a sense of safety and of
freedom from anxiety against possible aggression by other nations. All
measures adopted to bring about the sense of safety are collectively called
'Security Measures'.

MEANING OF SECURITY

This aspect of information cannot be over emphasized especially

when it comes to the banking industry. While confidentiality and privacy are
our credo, there remains a dire necessity to address security issues through
policies, procedure, practices and technology.

Security policies that outline the approach of the organization are

vital. These should be communicated to all strata of the organization through
appropriate means. Before enacting new policies in personal data handling
procedures, the staff managers concerned should analyze current practices.
To facilitate the explanation of their roles, information management
guidelines should be drawn out by the organization.

Security procedure should be stated explicitly and agreed upon by

each user in the specific environment. These procedures need to be clearly
defined by the organization with respect to each information segment
involved. Security practices should be adhered to strictly and need to be
reviewed and supervised periodically. Such practices ensure information
security and enhance availability.

(28)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Bank Security is essentially a defence-a defence against unforeseen attacks

by thieves, dacoits and burglars. The deterioration of law and order situation
in the country manifests upon the bankers in the following forms:

1. Theft,
2. Armed robbery / dacoity,
3. Burglary, and
4. Riots and violent activities during civil disturbances, causing damage
to moveable and immoveable properties of banks.

The meanings of these terminologies have not been understood correctly by

the banking industry. Theft, robbery and dacoity have in fact been defined in
the Indian Penal Code.
But here, without going into the legal tangle, let us understand the correct
meaning and concept of these terms.

1. Theft:
Theft is an act of stealing a moveable property that belongs to
another person. Theft is never overt; it is always covert. In other
words, a theft is always performed when the true owner or custodian
of the stolen property is not aware of the act of stealing, though the
true owner or custodian may be present on the scene.
2. Robbery:
Robbery is always performed when the owner or custodian is present.
Robbery involves extortion under threat. It also involves violence.
3. Dacoity:
There is no difference between robbery and dacoity. The difference
pertains only to the number of culprits involved. When there are four
criminals or less in the incident, it is a robbery; when there are five or
more persons involved, it is termed dacoity. There is another
terminology 'Hold-up', which you might have come across. Hold-up is
a colloquial name for robbery / dacoity.

(29)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

4. Burglary:
Burglary is house-breaking at night or on days when the premises are
locked and there is no occupant inside. Burglary involves making
unauthorized entry.
5. Riots and Civil Disturbances:
Riots and civil disturbances are necessarily criminal activities. They
spontaneous reactions to events. Criminal elements may make use of
these opportunities to loot a bank. Besides, violent mobs can damage
the property of banks fit of anger.

The damage caused or loss incurred due to these wanton activities and
crimes have far-reaching repercussions on the nation as a whole and
banking industry in particular, which calls for appropriate security
measures at branches.
Bank dacoities and robberies are threatening the credibility of the
whole banking industry which compelled the Government of India to
review the security measures. The Government of India decided to
provide security cover to branches depending on the degree of
vulnerability. The following are the factors which determine
vulnerability.

Cash Holding Limit:

Cash holding is the single most important factor to determine the
vulnerability of branch. On the basis of cash holding the branches have been
classified as follows:
 Currency Chest Branches:
These are the branches having currency chests with them. Currency
chests are guarded by police armed guards round the clock.
 High Risk Branches:
These are the branches, whose authorized cash holding limit is Rs. 20
lakhs and above. All such branches should be guarded by two armed
guards.

(30)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

 Normal Risk Branches:

Those branches, whose authorized cash holding limit is Rs.I0 lakhs
and above but less than Rs. 20 lakhs come under this category. All
such branches should be guarded by one armed guard.
 Low Risk Branches:
These are branches, whose authorized cash holding limit is less than
Rs.I0 lakhs. All such branches need not be guarded by armed guards.
Nevertheless, banks can still declare a branch vulnerable considering
the other factors like law and order situation

Prevention of Frauds in a Computerised Environment

While developments in the area of Information Technology have resulted in
benefits such as Anywhere / Anytime banking, a disturbing factor has been
the rising incidence of perpetration of computer frauds. As computer crime
can be perpetrated from remote locations, computer criminals are afforded
the required anonymity. The banking industry haste guard itself against such
attacks, particularly since a large number of transactions are being put
through the Internet. As banks will be major players in E Commerce and
internet banking transactions will be regularly put through, suitable
precautions will have to be taken. In this write-up, we discuss the safeguards
that banks must take so that they do not unwittingly fall prey to computer
crime and fraud.

Research has shown time and again that computer frauds occur mainly due
to weaknesses in internal control systems that facilitate unauthorized /
manipulated inputs by extending due dates on loans, changing names and
addresses of clients, etc. In a computerized environment, software attacks by
computer criminals through Trojan Horses, Viruses, Worms, Salamis and
Logic Bombs, etc. can paralyze installations or destroy systems.
Maintenance of security in a computerized environment is therefore a major
concern and challenge for bankers today.

(31)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

The key aspects of electronic information-related security are:

• Confidentiality (making information available only to authorized

users)
• Integrity (information received appearing exactly as that sent or
stored)
• Availability (information stored / transmitted over communication
networks being available whenever required, to the extent desired,
within specified time limits)
• Authenticity (implementing systems for establishing the bonafides of
parties in an electronic transaction), and,
• Non-Repudiability (ensuring that the parties cannot deny authorising
a transaction or sending / receiving messages over the Internet).

In today’s world, two important tools are available for enhancing computer-
related security. These are: Digital Signatures and Cryptography. When an
electronic message is digitally signed, there is a coding (encryption) and
decoding (decryption) process that enables the positive identification of the
author of an electronic message(the writer of the message) and verification
of the integrity of the message(whether the message has undergone any
tampering during transmission).

Cryptography is a technique for coding messages in such a way that they

cannot be read by any individual other than the intended recipient. In public
key cryptography, two keys aroused, a public key and a private key, for
encryption and decryption of the message.

There are five important computer controls that must be in place at banks, so
that the incidence of frauds in computerized environment can be checked.
These five key controls are:

1. Management Controls (drafting a sound Security Policy, Business

Continuity Planning etc.)
2. Organizational Controls (segregation of duties between programmers,
operators, etc.)

(32)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

3. Operational Controls (checking physical access to computer

resources, etc.)
4. Environmental Controls (control of Air-conditioning, humidity, etc.),
and,
5. Application Controls (controls built into applications for checking
security lapses). Such computer controls help in keeping computer
fraudsters at bay.

Audit has an important role to play in strengthening computer security in

banks

By way of summary it can be said that banks operating in a computer

environment in India can protect themselves against computer frauds by
implementing controls, appreciating the role of auditing strengthening
computer-related security and by understanding the legal recourse available
to them under the Information Technology Act, 2000.

Avoid E-Fraud

Although e-fraud is not commonplace (only about 0.03% of all

business to consumer transactions), it does happen. Anytime you make an
online purchase or sale you should be wary. Although impossible to
eliminate, with the proper care you can ensure you are never the victim of
online fraud. For anyone who has ever been a victim of e-fraud the problems
with compensation can be endless due to the properties of the Internet.
When online, you may never know exactly whom you are dealing with. It
may be someone who lives on the other side of the world. Resolving
problems with someone you do not know can be more complicated in long-
distance or cross-border transactions. Tracking people down is very
difficult, as individuals who commit online fraud can disappear without a
trace. Websites can be created, used to commit fraud, and disappear in a
matter of days. The almost complete anonymity of the Internet allows for
many fraudsters to avoid being caught.

(33)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

TIPS ON HOW TO AVOID E-FRAUD

The Internet is no different from the real world in that as long as you
are careful you can avoid problems. You would never buy a product from a
stranger who telephoned you offering something for sale and asking for your
credit card number. So why would you buy something from a website you
know nothing about?

The best advice for avoiding e-fraud is very simple: be careful.

Avoiding e-fraud is not difficult, it just requires due diligence.

• When dealing with a company, before you make a purchase, be sure that
they are someone you know and trust. Conduct research about the
company to find out their track record and where they are physically
located. Knowing as much as possible about the company will allow for a
faster resolution if there are any problems.

• Make sure you completely understand the offer. Read all the information
about the products or services the company is offering. Ask for more
information if you do not feel there is enough provided. Legitimate
companies will have no problem sending you more Information. If a
company refuses or does not respond to your Enquiries do not take the
risk of dealing with them.

• Never judge a website by its appearance. Anyone can create a flashy

website. Just because it looks professional does not mean it is run by a
professional!

• Never give out financial or other personal information such as bank

account or credit card numbers unless you are sure that the company is
legitimate and the information in necessary for the transaction.

• Credit Card payment is safest because you can dispute the charges if the
goods are misrepresented or never arrive.

(34)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

FRAUDS IN TECHNOLOGICAL ENVIRONMENT

The history of computer crime is as old as the computer itself. Any

new technology or development can be used for both constructive as well as
destructive purposes. The same is true with computer and information
technology. When most of the people are using computers for constructive,
ethical and legal purposes, there are some who are using these for
destructive, unethical or illegal purposes.

Broadly speaking, if a fraud is committed, with the help of a

computer, it can be called "Computer Crime". Computer crime can be of any
shape, type, colour or contour. Several attempts have been made to define
computer crime by various experts, based on the circumstances. Although,
there is no international consensus on the concept of computer crime, the
following definitions are worth considering.

 A group of experts that met within the framework of the

Organization of Economic Cooperation and Development (OECD),
adopted the following as a working definition- “Computer abuse is
considered as any illegal, unethical or unauthorized behaviour relating
to automatic processing and the transmission of data."
 One expert has defined computer crime as: "Any illegal action
in· which a computer is a tool or object of the crime, in other words,
any crime, the means and purpose of which is to influence the function
of a computer."
 Another definition of computer abuse is: "Any incident
associated with computer technology in which the victim suffered or
could have' suffered loss, and the perpetrator, by intention, made or
could have made a gain."
 "Acts committed by someone with or without using computer,
to make the computer and/or Network to behave in an undesired
manner."
 "If due to some person's act, the computer doesn't perform the
functions for which it is being installed and causes the loss of money,
goodwill or mental peace, then this act can be termed as computer
crime."

(35)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

 An individual's attempt, fraudulently or otherwise:

 To prevent the computer to perform its duties as designed, or
 To slowdown its operations, or
 To corrupt the data or software, or
 To copy the data or software without authority are computer
crimes.
In the new technological environment the computers can be used for
committing various crimes through fraudulent means in the banking sector.
These may include data related frauds and software-related frauds. The
banks have developed services technical devices to check and control these
frauds and other related crimes.

Check Fraud Tips for the Consumer

Fraud professionals have become increasingly skilled and sophisticated,
thanks to advances in readily available technology such as personal
computers, scanners and color photocopiers. Criminals today can defraud
you and your financial institution quite easily with a blank check taken from
your check book, a canceled check found in your garbage, or a check you
mailed to pay a bill. Therefore, it is important to follow a common-sense,
logical approach with the way you use and store your checks.

1) Make sure your checks are endorsed by your financial institution and
incorporate security features that help combat counterfeiting and
alteration.

2) Store your checks, deposit slips, bank statements and canceled checks
in a secure and locked location. Never leave your checkbook in your
vehicle or in the open.

3) Reconcile your bank statement within 30 days of receipt in order to

detect any irregularities. Otherwise, you may become liable for any
losses due to check fraud.

(36)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

4) Never give your account number to people you do not know,

especially over the telephone. Be particularly aware of unsolicited phone
sales. Fraud artists can use your account without your authorization and
you may end up being responsible.

6) Unless needed for tax purpose, destroy old canceled checks, account
statements, deposit tickets, ATM receipts (they also frequently have your
account number and worse yet, your account balance). The personal
information on it may help someone impersonate you and take money
from your account.

7) When you receive your check order, make sure all of the checks are
there, and that none are missing. Report missing checks to your bank at
once. Should you fail to receive your order by mail, alert your bank.
Checks could have been stolen from mail box or lost in transient.

8) If your home is burglarized, check your supply of checks to determine

if any have been stolen. Look closely, because thieves will sometimes
take only one or two checks from the middle or back of the book. The
longer it takes to detect any of your checks have been taken, the more
time the criminal has to use them successfully.

9) If someone pays you with a cashier's check, have them accompany

you to the bank to cash it. If at all possible, only accept a check during
normal business hours so you can verify whether it is legitimate. Make
sure you obtain identification information from the individual

10) Do not mail bills from your mailbox at night. It is a favorite location
from which a criminal can gain possession of your check with the intent
to defraud you. Criminals will remove a check from your mailbox and
either endorse it using bogus identification, photocopy and cash it
repeatedly, scan and alter the check, or chemically alter it. The Post
Office is the best location from which to send your bill payment.

11) Limit the amount of personal information on your check. For

example, do not include your Social Security, driver's license or
telephone numbers on your check. A criminal can use this information to
literally steal your identity by applying for a credit card or loan in your
name, or even open a new checking account.

(37)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

12) Don't leave blank spaces on the payee and amount lines.

13) The type of pen you use makes a difference. Most ballpoint and
marker inks are dye based, meaning that the pigments are dissolved in
the

ink. But, based on ink security studies, gel pens, like the Uniball 207 uses
gel ink that contains tiny particles of color that are trapped into the paper,
making check washing a lot more difficult.

14) Don't write your credit card number on the check.

15) Use your own pre-printed deposit slips, and make sure the account
number on your slip is correct. Thieves occasionally alter deposit slips in
the hope you won't notice and the money goes into their account.

16) Don't make a check payable to cash. If lost or stolen, the check can
be cashed by anyone.

17) Never endorse a check until you are ready to cash or deposit it. The
information can be altered if it is lost or stolen.

(38)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

CASE STUDY

ICICI Bank Phishing

Did you know that e-mails, long considered the most

convenient form of communication, can actually spring some
nasty surprises for you? Recently, a few ICICI Bank customers
in Mumbai, to their utter dismay, discovered that e-mails can be
extremely hazardous, if not to their health, at least to their
security. These ICICI Bank customers received an e-mail from
someone who posed as an official of the bank and asked for
sensitive information like the account holder's Internet login
name and password and directed them to a Web page that
resembled the bank's official site. When some customers wrote in
to find out what the e-mail was about, the bank officials
registered a complaint with the police.

What happened in the case of the e-mail scam involving ICICI

Bank?

A few customers of ICICI Bank received an e-mail asking for

their Internet login name and password to their account. The e-
mail seemed so genuine that some users even clicked on the URL
given in the mail to a Web page that very closely resembled the
official site. The scam was finally discovered when an assistant
manager of ICICI Bank's information security cell received e-
mails forwarded by the bank's customers seeking to crosscheck
the validity of the e-mails with the bank. Such a scam is known
as 'phishing.'

What does phishing mean?

(39)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Phishing means sending an e-mail that falsely claims to be a

particular enterprise and asking for sensitive financial
information. Phishing, thus, is an attempt to scam the user into

surrendering private information that will then be used by the

scammer for his own benefit Phishing uses 'spoofed' e-mails and
fraudulent Web sites that look very similar to the real ones thus
fooling the recipients into giving out their personal data. Most
phishing attacks ask for credit card numbers, account usernames
and passwords. According to statistics phishers are able to
convince up to five per cent of the recipients who respond to
them.

How can you make out if an e-mail is genuine or not?

There are ways to 'spoof' an e-mail so that it appears to come

from someone other than the person who is actually sending it.
E-mail spoofing is a popular way of scamming online. An e-mail
can be spoofed by tweaking the settings of e-mail clients like
Outlook Express, Netscape Messenger and Eudora. However,
finding out whether an e-mail is genuine or not is not very
difficult. Every e-mail message contains headers that have the
following information:

Origin: which shows information about the machine that, sent it,
Relay: which shows the sender machine relaying it to another &
Final destination: which shows the machine that, receives it, the
IP address and the domain name?

That sounds a little complicated. Is there any easier way?

Not really. But following these three guidelines can help protect
you.

1) A legitimate financial institution will never ask for details of

your account via an e-mail. A corollary to this rule is that never

(40)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

e-mail financial information over the Internet. E-mail is not a

secure method for transmitting this kind of information.

2) If you initiate a transaction and want to provide your personal

or financial information through an organisation's Web site, look

for indicators that the site is secure, like a lock icon on the
browser's status bar or a URL for a Web site that begins 'https:'
(the 's' stands for 'secure').

3) Unfortunately no indicator is foolproof, so always call your

local bank and ask for verification before responding to any form
of electronic correspondence that claims to come from the bank.

What are the other popular e-mail scams?

The Nigerian scam is another very popular e-mail related scam

that has found a few victims in India.
The scam itself is simple. An e-mail, which claims to be written
by a prominent official from an African country asks the
recipient to help them release millions in the bank and offers
them a share of the bounty.
Once the recipient responds he is asked to visit the (African)
country and meet with officials to collect the money. But once
there, instead of getting money, he is forced to cough up a
considerable sum.
This scam is known as the 'Advance Fee Fraud' or '419 Fraud,'
after the section of the Nigerian Penal Code that specifically
prohibits this con.

(41)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Micro World - ICICI Bank Phishing Scam Targets

Customers in India - 06 July 2006

Phishing is a relatively new phenomenon in India, though United

States, South America and Europe have been reeling under its
impact for years now. The new scam mail targeting the rather
soft Indian customer, who's naive in terms of awareness on such
activities, goes ahead and tries a contemporary trend in
international online fraud. It tells users that a popular bank is
updating their online security mechanism, so the user should
key-in his banking information in the website that the fake email
leads them to!

Security Analysts at Micro World Technologies warn that a

Phishing mail in the name of one of India's leading Banks, ICICI,
has been found to be spammed to targeted user groups for the
last couple of weeks, aiming to steal sensitive financial
information.

The mail reads that the ICICI bank is upgrading to a new SSL
Server to insulate customers against online Identity Theft and
other criminal activities. Users are told to confirm their personal
banking information following the link given in the mail. It also
warns that if the user does not complete the form, the online
bank account will be suspended till further notification. Once the
user clicks on the link, he is taken to a bogus website that looks
identical to the original one, where he is made to part with his
account number, password and PIN number.

Phishing is the cyber form of Identity Theft using fake spam

emails and fake websites of reputed financial organizations. You
receive an email that seems to be coming from a reputed bank,
Credit Card firm, Auction website or any other financial

(42)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

institution. The message tries one of the several tricks to induce

you to click on a link provided in the mail and gets you to reveal
your personal information. This stolen information is used for
sophisticated Online Robbery, Identity Theft and other Internet
related crimes.

The Anti-Phishing Working Group, an industry consortium

formed to fight this mode of crime, says in its study that the
attacks in recent months were double that of what were reported
in the same months last year. With e-commerce growing rapidly,
Phishing attempts may grow multifold this year, faking more
brands and institutions to loot more victims around the globe.

Every single psychological ploy, right from shocking, luring,

scaring and threatening directly have been used by scam artists
as ways of mass "Social Engineering" to get the potential victims
to fall in line. There were mails that posed as regular account
verification from the banks, the ones that offered users free
tickets and coupons for filling in a survey, the types that told
users that their account is compromised by identity thieves and
more recently, security warnings, like the ones witnessed in the
ICICI bank scam.

(43)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Globalize Fraud Not Global Trust

Global Trust Bank was established in 1994 by Ramesh Gilli, a

high profile public sector banker fancied himself as being among
the top and most innovative banker In the country.

Gelli was the chairman & Managing Director of Vysya bank

at the time when the government chooses to permit the entry.
Once Global Trust Bank was created there was stopping for Gelli
& his associates.

The search for high returns soon took the bank to the stock
market, where its involvement in the speculative activities
associated with the Ketan Parekh scam and its high exposure
soon resulted in substantial losses.

This led to the exit of Ramesh Gelli in 2001, but matters

did not improve under the new management. The which was
under the instruction to clean up its balance sheets by inducting
new capital and reforming its practices reported a net profit of
Rs 40 crore and a positive networth of Rs 400 crore at the end of
the financial year in March 2002.

(44)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

Manipulated Figures

However the Reserve Bank of India (RBI) soon discovered that

even the certified auditors of the bank had allowed a set of
manipulated numbers to be reported and that actually the bank’s
networth was negative.

A year later Global Trust Bank reported an overall loss,

but also substantial reduction in Non Performing Assets (NPA),
significant provisioning against loss, making assets & operating
profit. The Reserve Bank of India (RBI) welcomed these
developments, suggesting that under a new management the bank
was on the mend.

But soon the RBI discovered that the net worth of the bank
was turning worse and that it had no capital to sustain its
operations. Circumstances had insured, despite the forbearance
of the RBI in the hope of a solution, that unless substantial new
capital was infused into the bank, there was no hope of revival.

Conclusion

The scramble for mergers in the banking sectors gives rise to

many questions. Can mergers alone take care of the banking ills?
Are these the only recipe for survival in globalize and
competitive environment? And do size based merger strategies

(45)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

make good sense in a developing economy like India? These

questions need to be addressed to evolve a framework of strategy
for competition based environment & on organizations resources
& capabilities.

Some banking experts believe that a merger with a right

bank can help a bank to increase its networth & hence its capital
adequacy. In the case of private sector banks, where the
promoters are required compulsorily to dilute their stake to the
stipulated 40%, the deadline for which is March 2001, mergers
can be useful to take care of the mandatory requirement. This
apart, mergers would also expand the business opportunities for
both the banks.

There is no doubt that the bank in India need to be

sensitive to the fast changing economic environment, to achieve
this, focus must be on ensuring that the funds mobilized by
banks generate adequate returns in the excess of the cost of
capital. Also, they should on an on going basis, endeavor to
invest in technology that increases their reach & enhances
customer satisfaction.

Mergers & Acquisitions (M & A) can help banks

restructure in a way that gives them superior organizational
capabilities, resulting in a sustainable competitive environment.

(46)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

COOP. BANK SCAMS: EFFECTIVE GOVERNANCE

STRUCTURE CRUCIAL

A SURGE OF DEPOSITORS INSIDE A COOPERATIVE

BANK IN SECUNDERABAD IN THE WAKE OF REPORTS
SUGGESTING THAT THE BANK HAS GONE TO SEED. —
AP

WITH THE surfacing of the co-operative banks scam, once again

the financial sector and its markets fell victim to the regulator's
failure to check malpractices within the system. The new scam
involving the co-operative sector points to a crying need to have
a speedier and better coordinated process for dealing with
financial frauds as well as an effective governance structure and
settlement system for efficient functioning of financial
institutions.

(47)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

The present crisis is virtually a replica of the 1992-securities

scam that involved Harshad Mehta. While Mehta used banker's
receipts to have an easy access to huge funds, this time, Home
Trade Ltd., a broking firm, used government securities (G-Secs)
to avail itself of money. The Nagpur District Central Co-
operative Bank gave Rs.124 crores to Home Trade on the
assurance that the broking firm would deliver G-Secs worth the
same amount to the bank within 30 days. But these securities
were never delivered. An analysis reveals that the scams more or
less followed the same pattern — The Ketan Parekh —
Madhavpura Mercantile Co-operative Bank (MMCB) scam
occurred in 2001 and is also an instance of diversion of funds
from the banking sector to the stock market, like the 1992
securities scam.

In 1994, close on the heels of the 1992-securities scam, the

Reserve Bank of India put in place a delivery versus payment
(DVP) system under the Public Debt Office (PDO) of the central
bank. This is linked to Subsidiary General Ledger (SGL)
accounts in banks. At the end of the day the buyer or seller will
have to fill the SGL form and deliver it to the RBI. Now with the
inception of Clearing Corporation of India Ltd. (CCIL), the SGL
form filling procedure no longer exists.

However, co-operative banks are out of the purview of the DVP

system. The RBI could have brought in co-operative banks under
the ambit of DVP system when the MMCB scam broke-out. Last
Monday all RBII-regulated entities have been asked to hold G-
Sec in demat form. But the RBI waited for a scam to surface in
order to initiated fire-fighting measures. Further, under no
circumstances can the RBI allow a broker to act as a principal (a
broker can only act as an intermediary between principals and
cannot assume the role of a principal). In this case, Home Trade
acted as a principal. Another issue is that many co-operative
banks are not having Treasury divisions, which trade in
securities. How the RBI allowed any bank without a Treasury
division to operate in a debt market is a question that can be
raised. In the case of co-operative banks, all the decisions of
investment in securities are taken by the boards of directors

(48)
KES COLLEGE OF ARTS & COMMERCE FRAUD IN BANK

which are elected rather than a full fledged Treasury that would
otherwise be run by professionals.

The role of Primary Dealers (PDs) is also in focus at this point

of time. PDs are interested only in large dealings rather than
small deals of co-operatives. Moreover, PDs are interested in
running a book to make proprietary trading profits rather than
disseminating debt to and developing the non-wholesale debt
market for which they were set up. A banking source told The
Hindu, that a large co-operative body has already approached the
RBI to act as a PD for the co-operative sector. This could help
the co-operative sector get professional help in the dealing of
securities in the debt market.

(49)