Who Committed the Fraud?
A woman employee, Shakshi Gupta, working as a relationship manager at ICICI Bank's Kota branch, was entrusted with the management of Fixed Deposit (FD) accounts of high-net-worth individuals. She had privileged system access to customer KYC documents, bank account data, FD maturity details, and internal banking software.
This fraud was carried out over two years, between 2022 and early 2024, and was detected only after some customers raised complaints regarding their missing or prematurely closed FDs.
Identification of Targets
She selectively targeted 41 unsuspecting customers, mostly those with high-value FDs (10 lakh+), less frequent transactions and possibly inactive communication or no alerts set up.
Unauthorized Premature Withdrawal of FDs
She used her access to ICICI's Core Banking System (CBS) to prematurely liquidate FDs without customer consent and bypass customer alerts, either by diverting OTPs or accessing internal override options. The matured amount (principal plus accrued interest) was then transferred to accounts that she controlled.
Fake Overdrafts and Loans
In addition to stealing FDs, she created personal loan and overdraft accounts in customer names. Misused KYC documents stored digitally to process loan applications without the customers ever being aware. In some cases, even forged signatures and bypassed authentication procedures.
Concealing the Fraud
Internal documents were tampered with to avoid audit detection. Fake renewal entries were made to make it appear that the FD was still active, and fraudulent repayment schedules were input into the system for loans.
Gambling the Money in Stock Market
She moved the entire ₹4.58 crore into her personal demat and trading accounts and invested heavily in high-risk equity shares and derivatives. Her strategy was speculative, expecting quick, large returns to potentially repay the diverted funds before discovery. However, market losses eroded the capital quickly, resulting in zero recovery.
Final Outcome
The entire amount of ₹4.58 crore was lost in stock market trading. Customers noticed that no interest was credited on the expected FD dates and received loan repayment notices for loans they never took. These complaints triggered an internal audit, leading to the detection of the fraud and the initiation of legal action.
ICICI Bank Response
The bank acknowledged the fraud after the internal audit, and the employee was terminated immediately. They promised customer reimbursement, subject to case review. Additionally, they strengthened internal access controls, implemented a real-time audit system, and established alerts and OTPs for FD-related transactions.
Lessons for Banks
1. Strengthen Internal Controls: Implement robust internal controls to prevent unauthorized access to sensitive customer information and financial transactions.
2. Regular Audits: Conduct regular internal audits to identify and address potential fraud risks before they escalate.
3. Real-Time Monitoring: Utilize real-time monitoring systems to detect unusual activities or transactions, allowing for prompt action.
4. Employee Training: Provide ongoing training for employees on ethical practices, fraud detection, and the importance of safeguarding customer information.
5. Customer Alerts: Establish automated alerts for customers regarding significant account activities, such as changes to FD status or loan repayments.
6. Incident Response Plan: Develop a clear incident response plan to address fraud cases swiftly and effectively, minimizing impact on customers.
Lessons for Customers
1. Monitor Accounts Regularly: Regularly check account statements and transaction histories to identify any discrepancies or unauthorized activities.
2. Report Suspicious Activity: Promptly report any suspicious activity or communications from the bank, such as unexpected loan repayment notices.
3. Understand Terms and Conditions: Familiarize yourself with the terms and conditions of financial products, including FDs and loans, to recognize any irregularities.
4. Use Strong Security Practices: Utilize strong passwords and enable two-factor authentication for online banking to enhance account security.
5. Stay Informed: Keep informed about potential scams and fraud tactics to better protect personal and financial information.
6. Engage with the Bank: Maintain open communication with the bank regarding any concerns or questions about account management and security measures.
Comparable Cases
- PMC Bank Scam (2019)
- Yes Bank Overdraft Scam (2021)
- Nirav Modi PNB Scam (Rs 11,400 Cr)
.png)
.png)
0 Comments