The urgency to end this menace that is unleashed in the course of cracking down on cybercrimes was put across by payment companies, aggregators, gateways and other stakeholders in the fintech world to the finance ministry, central law enforcement agencies (LEAs), and senior state police officials at a meeting on Tuesday, two persons who attended the deliberations told ET.
As a fraudster moves money at a blinding pace through a maze of accounts, many unsuspecting entities and businesses which receive funds from the swindler as part of normal transactions, like collection of dues and sale of goods, find their accounts blocked by banks till the money is salvaged. Clueless that the money they have received was a ‘proceed of crime’, they pay the price for having unknowingly dealt with a scammer. Instead of marking a lien on the amount that has been robbed, the entire fund in an account is frozen.
“Recently, the pool account of a corporate business correspondent (or BC which serves customers in underbanked areas) was frozen. This has happened to many others. In fact, there have been strong observations by the court on this. For instance, the entire ₹50 crore in the bank account of a BC or a retailer would be frozen even though it may have received just a few thousand from a fraudster who has hacked someone else’s account and used the money to buy something or make a payment,” said a senior person in the payment industry.
Indeed, in a ruling last year, the Kerala High Court had observed that “…even when the sums in question may have found credit in the accounts of the petitioners (who found their bank accounts frozen) unless the investigation eventually reveals that they were complicit in the cyber-crime, or had received the same being aware of it, they could never be construed to be accused”.Lifting the freeze or convincing the police is not always easy. “It can be a hassle as one may have to deal with police departments in different states. I4C is aware of this and we believe they may be working on some advisory with banks. But beyond a point, the home ministry can’t do anything. It’s the states which must jointly decide and direct their police,” said another person.I4C or Indian Cyber Crime Coordination Centre is an initiative by the ministry of home affairs which focuses on tackling issues related to cybercrime and improving coordination between various LEAs and institutions like banks.
The focus of the LEAs is clearly to recover the money that is stolen and they believe freezing the accounts is necessary to track the money. They are not particularly concerned with the problems faced by others in the chain who find their accounts frozen. “LEAs say the sharing of information should be automated for quicker action. A customer complains to the cyber cell, the cops reach out to a bank which shares over email the IP and account details of the person who moved the money. By then, the money may have been moved to five other accounts or wallets or withdrawn,” according to a person who attended Tuesday’s session.
Banks are aware of the travails of account freeze.
A daft standard operating procedure prepared by the banking industry body notes: “Sometimes LEAs instruct banks to mark total/debit freeze in a Payment Aggregator’s accounts which are Nodal/Fiduciary/Aggregator/ that handle accounts where all payments even by third parties are grouped and routed through such accounts. However, the instruction for the freeze is based on transactions related to a particular party/amount even for smaller amounts. Marking a freeze on such an account stops the entire operations in the aggregator’s accounts causing operational inconvenience to the other customers of the aggregator.”
Sensing the perils of such a procedure followed by LEAs, the high court had tersely observed that retailers and small businessmen who trusted the UPI regime (the real-time payment system) for its convenience and safety have been rudely shaken. “Certain specific safeguards will have to be now infused into the process, lest the people lose their faith in the UPI system itself,” the court had said.
