RBI orders banks to compensate victim in Rs 22.92 cr digital arrest fraud case: Report

In a significant development in one of India’s largest cyber fraud cases, the Reserve Bank of India (RBI), under its Integrated Ombudsman Scheme, has directed five banks to compensate a victim of a “digital arrest” scam for lapses in regulatory compliance. The order marks a rare instance of partial financial relief being granted in a high-value cybercrime case involving systemic banking failures.

The case pertains to 78-year-old Naresh Malhotra, a retired banker, who was defrauded of ₹22.92 crore between August and September 2025. Acting on the ombudsman’s order dated February 25, the banks — Axis Bank, City Union Bank, ICICI Bank, IndusInd Bank, and Yes Bank — have been directed to collectively pay ₹1.31 crore as compensation, Indian Express reported. 

Lapses in KYC

The RBI ombudsman’s decision followed a detailed review of the role played by both remitter and beneficiary banks. While no deficiencies were found on the part of the remitting banks—since the victim himself initiated the transactions under coercion—the regulator identified lapses in the monitoring of mule accounts by beneficiary banks.

“These deficiencies were mainly related to inadequate compliance to the KYC guidelines… and monitoring of transactions in these accounts,” the order noted. The banks were found lacking in adherence to anti-money laundering (AML) norms and transaction monitoring standards, which enabled the rapid movement of fraudulent funds.

 

Four banks — Axis Bank, City Union Bank, ICICI Bank, and IndusInd Bank—have been directed to pay 5% of the transferred amount, while Yes Bank has been asked to compensate 7.5% due to additional lapses in monitoring dormant or mule accounts.

MUST READ: RBI caps recurring payments at ₹15,000 without OTP under new e-mandate framework

Digital arrest pattern

The fraud followed a now-familiar “digital arrest” pattern, where victims are psychologically coerced into transferring funds. In this case, the stolen money was split and routed through multiple accounts at high speed, making real-time intervention challenging.

Investigations revealed that the funds were fragmented across 4,236 transactions spanning several layers of accounts. Law enforcement agencies later identified 811 mule accounts across nearly 47 banks that were used to channel the illicit funds.

The ombudsman observed that, given the speed and layering of transactions, stopping the fraud through manual intervention alone may not have been feasible.

MUST READ: RBI ‘new rules’ for old ₹500 and ₹1,000 notes? PIB Fact Check clarifies viral claim

Victim seeks full restitution

Malhotra has so far recovered a fraction of the total amount. Apart from the ₹1.31 crore ordered by the RBI, an additional ₹60 lakh has been returned, and about ₹2.7 crore has been frozen. However, he has challenged the decision, seeking full restitution of the defrauded sum along with interest and damages.

In his appeal, he argued that the findings point to a “systemic failure” in banking compliance, asserting that institutions failing to adhere to RBI norms should bear full liability.

The case, now transferred to the Central Bureau of Investigation (CBI), underscores growing concerns around cyber fraud, mule accounts, and gaps in banking oversight, even as regulators tighten compliance frameworks.