How Banks Plan To Tackle 'Mule' Fraud

'A mule operates someone else's account to transfer illegal money.'

Illustration: Dominic Xavier/Rediff.com

Commercial banks in India have stepped up their control mechanism in taking on new current and savings accounts customers while enhancing surveillance on the existing ones.

This is in the wake of an increase in the number of 'mule accounts' (illegal accounts) in the past six-nine months, bankers said.

In an interaction with managing directors and CEOs of public and private sector banks, Reserve Bank of India Governor Shaktikanta Das asked the lenders to step up efforts to tackle mule accounts and also intensify customer awareness and education initiatives, among other measures, to curb digital frauds.

According to officials in the liabilities business, 0.5 to 1 per cent of the new accounts are mule accounts, which prompted them to step up the control mechanism.

This is the first time bankers are facing frauds of a bigger scale on deposit accounts. Typically, bank frauds are committed on loans like those on the credit card.

According to the RBI data, there were 606 deposit-related frauds in the first half of 2023-2024 as against 551 in 2022-2023.

"The phenomenon of mule accounts was noticed in the early part of 2023-2024, though volumes were not alarming then," said a senior official in a private-sector bank.

"A mule operates someone else's account to transfer illegal money. By the third and fourth quarters, it showed up across the industry. Most of the transactions were in digital mode," the official said.

Bankers said the volumes started increasing and they were 0.5 per cent of the new accounts opened.

For some banks, the number was around 1 per cent or even more. This prompted banks to devise strategies, which included revising the standard operating process for opening accounts.

"Eighty-eighty-five per cent of the accounts were sole-proprietorship current accounts," said another banker.

"These accounts were mostly in rural and semi-urban areas."

Following the alerts, most of the banks started to look at the data from 1997 onwards. It was found most were opened in FY24.

While analysing the data, a particular pattern of transactions were found. Most of these transactions were routed through the UPI (Unified Payments Interface) handle. And the credits were in multiples of 100.

The earlier experience of the banks was that most of the frauds happened with large amounts. So there were large-transaction alerts.

But this logic did not apply to these accounts because you are getting Rs 1,500 or Rs 2,000 UPI credits to your account.

The consolidated sum over the period of the day becomes larger, and most of these accounts were showing behaviour called zero washout.

"It means whatever credit comes into the system during the day gets withdrawn in the evening," said a source.

"Typically, a local kirana store transaction would be of Rs 277, Rs 595, or Rs 783. However, the money credited to these accounts was in the region of Rs 1,500 or Rs 3,000. This was something unusual," the person added.

To enhance due diligence at the time opening accounts, particularly for current accounts, a person at the level of branch manager or someone with 12 to 15 years' experience and knowledge of regulation, particularly compliance, was entrusted with the job, and not a relationship manager.

It would involve taking photographs of the business premises, the proprietor, and also the person who sourced the account.

"The other thing to know is the geography these accounts are in. All the banks have longitude and latitude details in the forms. So it can be verified through an independent agency," a banker said.

Government agencies such as the Indian Cybercrime Coordination Centre are involved in the matter, and the Department of Telecommunications has shared intelligence with banks on mules.

Bankers say the issue has been tackled to a great extent but there is still some distance to be covered.

Mule Accounts Fuel 99% of Financial Frauds

Harsh Kumar, Ashutosh Mishra

The proliferation of mule accounts has emerged as one of the major reasons behind rising financial fraud in the country, a senior cybercrime official said requesting anonymity.

"Mule accounts are a major reason behind smooth transfer of money in a financial fraud...I can say that around 99 per cent of the frauds won't happen if mule accounts do not exist.

"It's very surprising to see how easily such mule accounts are opened and are used comfortably by cybercriminals across the country," said the official.

Mule account holders are termed money mules who often are innocent victims duped by fraudsters into laundering stolen or illegal money through their bank accounts.

Money mules are recruited, sometimes unwittingly, by criminals to transfer illegally obtained money between different bank accounts.

When such incidents are reported, the money mule becomes the target of police investigations due to their involvement.

The official also said that apart from Jamtara and Mahabaleshwar, some hot spots in southern India have been identified. However, the official did not reveal the names of the places.

The number of cyber fraud cases has skyrocketed from 2,677 in FY20 to 29,082 in FY24 registering a 10-fold increase, according to the data provided by the government in the Parliament.

It also underscored the growing sophistication of fraudsters and exposing vulnerabilities within the financial system.

Government agencies and the Reserve Bank of India have increased their scrutiny of the mule accounts in recent times.

In a meeting last month, RBI Governor Shaktikanta Das urged heads of select public and private sector banks to step up efforts against mule accounts and asked them to intensify efforts to curb digital frauds.

The apex financial regulator has been working closely with the Indian Cyber Crime Control Centre (I4C) under the ministry of home affairs and multiple other agencies to curb mule accounts and digital frauds.

The magnitude of the cyber frauds issue can be understood by the fact that I4C, which is the home ministry wing for overseeing and coordinating cybercrimes, was recently 'promoted' to be an attached office under the ministry, giving it more freedom and resources at its disposal.

"Mule accounts pose significant dangers, facilitating money laundering and other illicit activities that can undermine the integrity of the financial system," said Ashok Hariharan, co-founder & CEO, IDfy - an identity verification platform.

"Given that many mule accounts are rented with the knowledge of the account holders, they are among the hardest to detect in fraudulent activity. As such, they require robust defence systems at both onboarding and transaction monitoring stages," said Hariharan.

Hariharan strongly recommends that banks flag suspicious accounts at the on-boarding stage and have enhanced know-your-customer requirements for these accounts.

"This allows the bank to on-board a majority of genuine accounts with no additional friction while still creating a check for suspicious accounts," he added.

Despite some advancements in recovering funds, these efforts have not matched the scale of frauds.

The amount recovered rose more than 11 times from Rs 12 crore (Rs 120 million) in FY20 to Rs 139 crore (Rs 1.39 billion) in FY24.

However, the recovery rate remains relatively modest, with only 9.5 per cent of the total fraudulent amounts being reclaimed in 2023-2024, a slight increase from 9.3 per cent five years ago in 2019-2020.

Feature Presentation: Ashish Narsale/Rediff.com