New Delhi, February 13 The CBI and the I4C are considering a range of measures to recommend to the government, including linking banks' KYC processes with biometric verification and tethering international mobile roaming services to passports, as part of a broader effort to curb cybercrimes, such as digital arrests, originating from abroad, officials said on Friday.
The proposals emerged from a recent two-day conference organized by the CBI and the home ministry's Indian Cybercrime Coordination Centre (I4C) on tackling cybercrimes, where cyber-security experts, law-enforcement agents, and banking officials, including those from the Reserve Bank of India (RBI), Interpol officials, and security agencies, discussed the misuse of Indian SIM cards and mule accounts by cyber-criminal syndicates in Southeast Asian countries.
The conference focused on the three key pillars of the cyber-fraud ecosystem: the financial pillar (mule accounts and money laundering), the telecom pillar (misuse of SIM or eSIM and digital infrastructure), and the human pillar (cyber slavery and trafficking into scam compounds).
Home Minister Amit Shah had flagged the alarming cybercrime situation at the conference, noting that one person becomes a victim of such crimes every 37 seconds, and on average, 100 people fall prey to these fraudulent acts every hour. Shah had also asked the agencies to send recommendations to the government based on the discussions at the conference.
Addressing the national conference on "Tackling Cyber-Enabled Frauds and Dismantling the Ecosystem," organized by the Central Bureau of Investigation and the I4C, CBI chief Praveen Sood said that, regardless of the location of cyber criminals, it is not possible to commit a crime without a SIM card and a bank account.
He said that the hubs of cybercrimes have moved from the country's hinterlands—in Jamtara, Mewat, and Bharatpur—to Southeast Asian countries like Cambodia, Thailand, and Myanmar, where people are lured for lucrative jobs and enslaved to commit such crimes.
Sources said that the suggestions to the government are likely to focus on curbing this particular aspect of cybercrimes—the misuse of Indian SIM cards and mule bank accounts.
It has been observed that Indian SIM cards are activated, smuggled abroad, and calls are made from these cards to unsuspecting Indians, coercing them through various stratagems, such as digital arrests and loan/job offers, to pay money to cyber criminals, the sources said.
Once the money is transferred, it is distributed through tens of mule accounts, and from there, sent to cryptocurrency or other bank accounts, making the tracing of the money trail and recovery extremely difficult, they said.
The mule accounts—set up using falsified identification documents—are primarily used as conduits to siphon off funds from unsuspecting victims. A mule account is opened in the name of an individual who may be involved in laundering illicit money or a completely clueless pawn in a more elaborate scheme.
Among the key suggestions, four key points have emerged as actionable proposals: linking international roaming to passports, regulating the international-roaming facility based on the customer's profile, linking biometrics in the banks' Know-Your-Customer (KYC) process to curb mule accounts, and regulating the access to Indian bank accounts from abroad using VPNs, the sources said.
Sources familiar with the developments added that these proposals may be part of the suggestions that would be sent to the government for further tweaking, discussions, and implementation.
"The effort will be to ensure that normal citizens do not face any inconvenience while travelling abroad in using phones or bank accounts, but at the same time, any misuse may be flagged, and for that, discussions will be held, and a final strategy may be decided," an official said.
The Supreme Court recently noted that, according to some estimates, more than Rs 54,000 crore might have been stolen by cyber criminals from Indians, using various tricks like digital arrests.
The CBI has been investigating cybercrimes since 2000 and has upgraded its capabilities by establishing the Cybercrime Investigation Division in 2022, a government statement said.
The CBI serves as the nodal agency for investigating cybercrimes affecting the Centre and its offices, handling both cyber-dependent crimes and cyber-enabled frauds.