Introduction

The convergence of rapid technological advancement and an increasingly digitised financial ecosystem has given rise to nuanced financial crimes that are not only sophisticated in design but also expansive in reach and deeply exploitative of human vulnerability. What was once the domain of elementary fraud has evolved into a complex landscape of impersonation, synthetic content manipulation and organised digital extortion, posing challenges to individuals, institutions and regulators alike.

India’s response to this evolving threat has been multifaceted, encompassing the deployment of technology-oriented countermeasures and a fundamental overhaul of its legislative architecture. The Indian courts have, in recent times, taken a proactive, anchoring role in combating sophisticated financial fraud.

This chapter examines three defining trends in this domain:

• firstly, the innovative misuse of technology in the commission of modern financial crimes and the suite of technology-driven tools established by the government to detect and mitigate such crimes;
• secondly, the evolution of India’s legislative framework to ensure that the legal regime keeps pace with the rapidly shifting realities; and
• thirdly, the progressive role played by courts in dealing with such evolving crimes.

New Financial Crimes and Measures (Technological and Legislative) Put in Place by the Government for Mitigation

While fraud itself is not a novel phenomenon, the tools and methods deployed by criminals to commit such crimes have evolved. What renders these modern methods particularly effective is not technology alone, but its deliberate exploitation of basic human instincts – ie, trust, deference to authority and the aspiration for financial betterment. In effect, criminals prey on optimism and manufacture urgency to bypass rational caution, thus trapping even the well-educated and vigilant.

New types of financial fraud

Set out hereinbelow is a brief overview of modern financial fraud and the modus operandi typically adopted by perpetrators.

Fintech and Unified Payments Interface (UPI) fraud

The widespread adoption of digital payment systems, particularly the UPI in India, has given rise to a distinct category of payment fraud, where fraudsters exploit vulnerabilities inherent in these systems with the objective of causing financial loss to the unsuspecting public. Some common types of fraud under this category are refund fraud, phishing fraud and fraud by impersonation. In most of these cases, fraudsters use fabricated transaction screenshots, advanced technology or malicious mobile applications to misguide people and gain possession of their credentials, personal details, etc, for the sole purpose of initiating unauthorised transactions or siphoning funds from the compromised accounts for their own financial gain.

Digital arrest

This is an increasingly prevalent extortion scheme in which perpetrators impersonate law enforcement officials and make victims believe that their hard-earned money is owed to a particular government authority; under that fear, they are then subjected to coercive acts of extortion. To lend legitimacy, perpetrators transmit doctored arrest warrants and counterfeit documentary evidence.

Investment fraud

This typically commences with a seemingly innocuous invitation where the victim is added to a group chat or messaging platform designed to resemble a channel operated by a reputable financial institution. Accomplices posing as satisfied clients share fabricated testimonials, amplifying the illusion of legitimacy and success. The victim is subsequently directed to download a purpose-built mobile application that mimics a genuine trading platform, complete with simulated/fabricated market data. In the initial stages, modest returns are displayed on the purported investment, reinforcing the belief that the platform is authentic and thus encouraging progressively larger deposits. Once a substantial sum has been deposited, the platform becomes inaccessible, and the perpetrators disappear with the funds, thus causing financial loss to the victims.

Deployment of technology-oriented tools to counter new financial crimes

In response to the rapid advancement of technology-enabled financial crimes, the government of India has established a suite of technology-oriented countermeasures. These initiatives are aimed at detecting, preventing and mitigating such crimes. The primary measures are outlined hereinbelow.

Indian Cybercrime Coordination Centre (I4C)

The I4C, established under the Ministry of Home Affairs (MHA), provides a comprehensive institutional framework that enables law enforcement agencies to address such crimes in a co-ordinated manner. It facilitates real-time information sharing and co-ordinated investigations, enabling effective action against criminal networks, including those engaged in financial frauds. Critically, the I4C is designed to arrest the flow of fraudulent funds by alerting banks and digital wallet providers in real time, thus enabling immediate freezing of compromised accounts. The I4C has launched several key initiatives to combat new financial crimes; the primary ones are detailed hereinbelow.

• Cyber Fraud Mitigation Centre and Citizen Financial Cyber Frauds Reporting & Management System (CFCFRMS): Platforms that unite banks, payment aggregators and state and Union Territory (UT) police for real-time monitoring and co-ordinated action against financial fraud.
• SAMANVAYA Portal: A centralised co-ordination platform for police and law enforcement agencies that is aimed at eliminating jurisdictional and informational silos in investigations into such cases. It focuses on crime mapping, pattern analysis, criminal infrastructure disruption and techno-legal assistance.
• SAHYOG Portal: A platform that connects law enforcement agencies with IT intermediaries to secure the data necessary for investigations.
• Suspect Registry: A centralised database of suspicious accounts and associated identifiers shared across banks to detect fraud, block high-risk onboarding and freeze accounts.
• National Cyber Crime Reporting Portal: This portal enables the public to report all categories of cybercrime, including financial offences. Reported incidents are converted into First Information Reports (FIRs) and actioned by the law enforcement agencies of the concerned state or UT in accordance with extant law.

MuleHunter.AI

The Reserve Bank of India has rolled out MuleHunter.AI, a machine learning-based solution for the detection of mule accounts (ie, bank accounts used by criminals to transfer or launder illegally obtained money). The tool is designed to detect and curb the misuse of such accounts for the diversion and layering of proceeds of crime. MuleHunter.AI is currently operational across 26 banks and is being progressively scaled up.

Evolution of traditional legislative mechanisms to tackle new financial crimes

As the nature and sophistication of financial crime has evolved and become more nuanced, as outlined above, India’s legislative framework has undergone a corresponding change.

Traditional statutes such as the Indian Penal Code, 1860, which were conceived in a pre-digital era, had often proved inadequate in addressing sophisticated financial crimes involving cyber tools, layered transactions and cross-border networks. The legal response was historically reactive, with amendments and new regulations having been introduced only after novel forms of misconduct had already taken root.

However, this dynamic has recently undergone change with the introduction of modernised criminal legislation, strengthened enforcement mechanisms and a growing emphasis on digital evidence, signalling a move towards a more proactive and adaptive legal regime. Some of the key initiatives are outlined hereunder.

I) Modernisation of the traditional criminal law framework

The Bharatiya Nyaya Sanhita, 2023 (BNS) represents a significant recalibration of the manner in which India addresses financial crime. The BNS provides clear definitions that are meant to protect against modern financial crimes. For the first time, the BNS explicitly recognises “organised crime” and introduces a broad-based and comprehensive definition of “economic offences”, which encompasses large-scale financial frauds, mass-marketing frauds and schemes intended to defraud the public, banks or financial institutions.

The law now specifically addresses hawala transactions and schemes targeting banks and the public, demonstrating that lawmakers are not only cognisant of these threats but have taken steps to tackle the menace of large-scale, organised financial crime.

Notably, the BNS not only distinguishes between organised crime and isolated financial offences but also prescribes materially harsher punishments for the former – ranging from five years’ imprisonment to life imprisonment, with an additional fine of up to INR5 lakhs.

Even cheating by way of personation, a method directly relevant to fraud by impersonation and digital arrest, as detailed above, now attracts imprisonment of up to five years, which may also include a fine.

The punishments for impersonating a public servant and extortion, which are of relevance in cases of digital arrest and forgery, have been made stricter, and both the minimum and maximum sentences have been increased.

The definition of “economic offence” under the BNS is deliberately expansive, encompassing mass-marketing fraud and schemes to defraud multiple persons, banks and other financial institutions. The intention is to ensure that prosecution is not confined to the traditional cheating and breach-of-trust framework but extends to account for scale, organisation and systemic harm, thus reflecting the reality of modern digital fraud, cross-border syndicates and multi-victim schemes.

The BNS also acknowledges the international dimension of modern-day financial crimes by recognising the concept of extraterritoriality, and it also gives impetus to trials in absentia, with the purpose and intent of expediting the prosecution of economic offenders who seek to escape justice by fleeing the territory of India.

II) Digital evidence and procedural reform

Complementing the BNS, the Bharatiya Nagarik Suraksha Sanhita, 2023 (BNSS) and the Bharatiya Sakshya Adhiniyam, 2023 (BSA) have been updated for the digital era. The BSA, in particular, has expanded the definition of documents to include electronic and digital records, encompassing online communications across personal devices. This definition is deliberately wide and covers emails, messages, server logs, user files such as photographs and call recordings, and communication devices including mobile phones, laptops and any other electronic device that may be specified by the government at a later stage.

This broad classification represents a shift in how courts will consider evidence in cases arising out of new types of crimes, where there is likely to be extensive deployment of digital devices and means that directly linked to fake applications, phishing and fabricated documentary evidence (which characterise the crimes outlined above).

The BNS, BNSS and BSA are designed to enable the Indian legal system to address the complex realities of modern-day financial crimes by filling gaps under the erstwhile laws, while also providing courts with the tools to ensure consistent prosecution of economic offences.

III) Recognition of synthetically generated information (SGI)

The growing capacity of technology to generate synthetic content, including fabricated audio, deepfake videos and manipulated images of persons or events that may never have occurred/existed has introduced a distinct dimension to financial crime. Criminals deploy such SGI to impersonate public officials, fabricate documentary evidence in digital arrest schemes, and create false scenarios designed to instil fear and extort money.

Recognising the severity of this threat, India has introduced the IT (Intermediary Guidelines and Digital Media Ethics Code) Amendment Rules, 2026, which define SGI, regulate user awareness, and impose stricter intermediary due diligence and compliance obligations.

Under these Rules, intermediaries that enable relevant modules are obligated to inform users of the implications of hosting unlawful SGI, including liability to immediately disable access, remove contravening information, suspend or terminate user accounts, disclose the identity of the violator and initiate criminal action under extant criminal statutes.

IV) The Information Technology Act, 2000 (the “IT Act”)

The IT Act remains a key instrument in addressing new financial crimes that exploit digital devices and computer resources.

By criminalising offences like unauthorised access, data theft and identity fraud, to name a few, the IT Act allows enforcement agencies to tackle cyber-enabled financial misconduct that traditional penal statutes were not designed to address.

Its provisions relating to electronic records, digital signatures, and intermediary liability have strengthened both evidentiary and regulatory frameworks, enabling more effective investigation and prosecution of technology-driven financial crimes. Penalties under the IT Act range from monetary fines to imprisonment, depending on the severity of the offence.

As financial crimes have grown in both complexity and technological sophistication, the provisions of the IT Act are being invoked with increasing frequency by law enforcement agencies to facilitate investigations, secure electronic evidence and prosecute offenders/perpetrators, thereby reinforcing the broader legislative shift towards a legal regime that is equipped to confront the realities of modern financial crimes.

V) The Prevention of Money Laundering Act, 2002 (PLMA)

The PMLA provides a comprehensive legal framework for the identification, investigation and prosecution of offences involving proceeds of crime.

Enacted with the objective of combating financial crime through the penalisation of money laundering, the PMLA empowers the Directorate of Enforcement (ED) (ie, the dedicated law enforcement agency constituted under the PMLA) to, inter alia, track illicit financial activities and attach and confiscate assets derived from the proceeds of crime.

The PMLA assumes particular significance in the context of new types of financial crimes. As outlined above, schemes such as UPI fraud, digital arrest extortion, investment fraud, etc, invariably generate illicit proceeds of crime that are subsequently layered through complex transactions, crypto-assets and international wire transfers.

The PMLA provides a legal basis for investigating and penalising such offences where there is involvement of, or a link to, money laundering, thereby extending the reach of enforcement beyond the immediate act of fraud to the downstream movement of its proceeds.

Further, recognising the need for enhanced inter-agency co-ordination, the central government has included the I4C as a data-sharing entity under the PMLA. This inclusion has materially strengthened the ED’s investigative capacity by facilitating more robust and timely exchange of intelligence between law enforcement agencies, thus addressing the information-sharing delays that have historically hindered effective enforcement.

The ED has further leveraged key digital platforms maintained by I4C, namely the SAHYOG and SAMANVAYA portals and the Cyber Crime Police Portal, to support its anti-money laundering operations.

Additionally, the ED utilises the Inter-operable Criminal Justice System portal, which enables access to FIRs registered by state/UT police authorities in relation to such crimes, thereby enhancing inter-agency co-ordination and strengthening the evidentiary basis for PMLA investigations.

Intervention by Courts To Tackle the Menace of Financial Crimes

Courts in India have, in recent times, assumed a proactive role in addressing the growing menace of financial crimes, often stepping in to bridge legislative and regulatory gaps. The Honourable Supreme Court of India and several High Courts have, through various judgments, not only expanded the scope of existing laws but also provided immediate relief in individual cases.

By way of these judgments, the courts have also contributed to shaping a more robust architecture, which ensures that the legal system remains responsive and resilient to new financial crimes.

Set out hereinbelow are a few examples where the courts have, in recent times, stepped in to provide certain guidelines in an effort to deal with new types of financial crimes.

The Honourable Supreme Court of India has recently taken suo moto cognisance of the issues arising from “digital arrest” and has laid down guidelines to deal with the same. Some of the important guidelines are set out hereunder:

• the Central Bureau of Investigation (CBI) has been selected as the primary agency to investigate cases relating to digital arrest;
• the CBI has been permitted to investigate the role of bankers under the provisions of the Prevention of Corruption Act, 1988, wherever they are found to be involved in the opening of mule bank accounts;
• the information technology intermediaries under the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (the “Rules”) have been directed to co-operate with the CBI and render full assistance to provide traffic and content data for the investigation of digital arrest cases;
• recognising the cross-border implication of such financial crimes, the CBI has been directed to submit a request to Interpol and co-ordinate with it to apprehend cybercrime havens operating from different jurisdictions;
• telecoms service providers have been directed to implement directions issued by the Department of Telecommunications (DoT), especially with respect to the issuance of SIM cards;
• the state governments and UTs have been directed to ensure expeditious establishment and operationalisation of regional and state cybercrime co-ordination centres;
• all the intermediaries under the Rules have been directed to preserve all data relating to mobile phones allegedly used in crimes, including details mentioned in the FIRs/crimes registered by various states;
• the MHA has been directed to adopt and implement the National Cyber Crime Reporting Portal (NCRP)-CFCFRMS standard operating procedures, as finalised by the Reserve Bank of India, with the objective of preventing money-mule activity;
• the DoT has been directed to implement the centralised international out roamer system for addressing the issue of spoofed international calls;
• the DoT has been directed to notify the Telecommunications (User Identification) Rules, 2025 to prevent biometric e-KYC and issuance of multiple SIM cards in one box; and
• the Reserve Bank of India, MHA and Department of Revenue have been directed to consider the desirability of suspending suspicious transactions and facilitating the reporting of cases under the PMLA.

The Honourable High Court of Calcutta, after considering the increase in instances of such crimes, has recently issued a notification directing the jurisdictional magistrates to deal with and decide cases relating to the return of money to victims of such frauds, where such money has been blocked by the Cyber Crime Cell pursuant to an online complaint received by the NCRP, without insisting on registration of an FIR.

The Honourable High Court of Kerala has, while recognising that banks are the only entities that can easily monitor and prevent fraudulent transactions and money mules used in such crimes, laid down certain guidelines for freezing the accounts when banks have suspicions about the operation thereof. The primary guidelines are as follows.

• If a bank has reason to believe there are suspicious transactions in an account, it is free to effect a debit freeze without notice to the account holder.
• The bank has to notify the account holder of such freezing by sending a communication giving the reasons for suspicion, by way of SMS and registered post, on the date of the freezing.
• The bank is also required to send a communication detailing the freezing of the account, with the reasons for suspicion, to the jurisdictional Cyber Crime Police Authority and all other relevant authorities.
• The account holder is entitled to submit an explanation to the bank regarding the suspicion, and on receipt of such explanation, the bank is required to consider the same and pass appropriate orders within a period of one week from the date of receipt – and communicate the same to the account holder. If the bank is satisfied with the explanation submitted by the account holder, the bank is required to de-freeze the account.
• If no explanation is received from the account holder, or the explanation submitted is not satisfactory to the bank, the latter can continue to freeze the account for a period of three months from the date of delivery of the communication of the freezing to the authorities.
• In the event the bank receives an instruction/order from any authority regarding the frozen account, it is required to comply with such direction and communicate the same to the account holder. However, if no communication is received within a period of three months from the date of delivery of the communication regarding the freezing to the authorities, the bank is required to lift the freezing and allow the account holder to operate or close the account.

The above measures demonstrate a clear willingness on the part of the courts to step in and issue directions, wherever required, in order to safeguard victims and put in place the necessary framework for dealing with new types of financial crimes.

Conclusion

The landscape of financial crime in India has undergone a fundamental transformation, driven by the rapid convergence of technology and an increasingly digitised financial infrastructure.

As this chapter has attempted to demonstrate, the threat is no longer confined to conventional fraud but encompasses sophisticated, technology-enabled schemes that exploit both systemic vulnerabilities and human psychology on an unprecedented scale.

India’s response, spanning the deployment of real-time digital countermeasures, the modernisation of substantive and procedural criminal law, and the strengthening of anti-money laundering enforcement, reflects a deliberate and multifaceted effort to confront these evolving challenges.