An assessment of the banking fraud trend and the Nepali legal system

In Nepal, banking fraud is on the rise. The patent system has undergone a revolution as a result of modernization. People no longer carry paper money these days. Even a small vegetable vendor uses a QR Code to accept payment. This article examines banking fraud that occurs around the world and defines the legal remedies for it.

Operational Procedures and Precautions to Be Taken Against Fraud

1. Modus Operandi of Phishing Links

Fraudsters create a third-party phishing website that appears to be a genuine website, such as a bank’s website, an e-commerce website, or a search engine, for example.

2. Phishing refers to Modus Operandi.

Imposters call or approach customers via phone or social media, posing as bankers, company executives, insurance agents, government officials, and so on. Imposters share a few customer details, such as the customer’s name or date of birth, to gain trust.
In some cases, imposters pressurize / trick customers into sharing confidential details such as passwords / OTP / PIN / Card Verification Value (CVV), etc., by citing an urgency / emergency such as the need to block an unauthorised transaction, payment required to avoid some penalty, an appealing discount, etc. Customers are then duped using these credentials.

3. Online sales platform fraud

Fraudsters pose as buyers on online sales platforms, expressing an interest in the seller’s product/s. To gain trust, many fraudsters pose as defense personnel stationed in remote locations.

Instead of paying the seller, they use the Unified Payments Interface (UPI) app’s “request money” option and insist that the seller approve the request by entering the UPI PIN. Money is transferred to the fraudster’s account after the seller enters the PIN.

4. Frauds committed as a result of the use of unknown / unverified mobile apps

• Fraudsters distribute app links disguised to look like the existing apps of authorized entities via SMS, email, social media, and instant messenger, among other channels.

• Customers are duped into clicking on such links, resulting in the installation of unknown / unverified apps on their mobile / laptop / desktop, and so on.

• The fraudster gains complete control of the customer’s device once the malicious application is downloaded. These include confidential information stored on the device as well as messages / OTPs received prior to and after the installation of such apps.

5. ATM card skimming

Fraudsters install skimming devices in ATMs and steal data from the customer’s card.

Fraudsters may also conceal an ATM PIN with a dummy keypad or a small / pinhole camera.

When a customer enters their PIN into an ATM machine, fraudsters pretending to be other customers standing nearby can sometimes gain access to it.

This information is then used to create a duplicate card and withdraw funds from the customer’s account.

Such frauds were committed by citizens of the then-united Soviet Union in Nepal because Nepal’s cyber security is weak and crime is on the rise.

6. Screen sharing app fraud / Remote access

The customer is tricked into downloading a screen sharing app.

Using such an app, fraudsters can monitor / control the customer’s mobile / laptop and gain access to the customer’s financial credentials.

Fraudsters use this information to conduct unauthorized funds transfers or payments using the customer’s Internet banking / payment apps.

7. SIM swap / SIM cloning Mode of Operation

Fraudsters gain access to the customer’s SIM card or obtain a duplicate SIM card (including electronic-SIM) for the registered mobile number linked to the customer’s bank account.

Fraudsters use the OTP received on such a duplicate SIM card to conduct unauthorized transactions.

Fraudsters generally collect personal / identity details from customers by posing as phone / mobile network staff and requesting the customer details in the name of offers such as free SIM card upgrade from 3G to 4G or additional benefits on the SIM card.

8. Fraud by compromising credentials on search engine results

Customers use search engines to find contact information for their bank, insurance company, Aadhaar update center, and so on. These contact information on search engines frequently DO NOT belong to the respective entity, but are made to appear as such by fraudsters.

Customers may end up contacting unknown / unverified contact numbers of fraudsters displayed on search engines as bank / company contact numbers.
When customers call these numbers, imposters ask them to share their card credentials / details for verification.
Customers share their secure information because they believe the fraudster is a genuine representative of the RE.

9. QR code scanning scam Mode of Operation

Fraudsters frequently contact customers under false pretenses and trick them into scanning Quick Response (QR) codes with apps on their phones.

Customers may unknowingly authorize fraudsters to withdraw money from their accounts by scanning such QR codes.

10. Social media impersonation

• Fraudsters create bogus accounts on social media platforms such as Facebook, Instagram, and Twitter, among others.

• Fraudsters will then send a request to the users’ friends for money for urgent medical needs, payments, and so on.

• Fraudsters contact users and gain their trust over time by using forged information. When users share their personal or private information, fraudsters use it to blackmail or extort money from them.

11. Juice stealing

A mobile phone’s charging port can also be used to transfer files and data. Fraudsters use public charging ports to transfer malware to customer phones connected there and take control / access / steal sensitive data from the customers’ mobile phones, such as emails, SMS, saved passwords, and so on (Juice Jacking).

12. Modus Operandi of Lottery Fraud

• Scammers send emails or make phone calls claiming that a customer has won a large lottery prize. Customers must confirm their identity by entering their bank account / credit card information on a website from which the fraudsters collect data in order to receive the money.

• In order to receive the lottery / product, customers are also required to pay taxes/forex charges/upfront or to pay shipping charges, processing / handling fees, and so on.

• In some cases, fraudsters will pose as an RBI representative or a representative of a foreign bank/company/international financial institution and ask the customer to transfer a small amount in order to receive a larger amount in foreign currency from that institution.

13. Modus Operandi of online job fraud

• When job seekers share secure credentials from their bank account, credit card, or debit card on these websites during registration, their accounts are compromised.

• Fraudsters may also pose as representatives of reputable companies and offer employment after conducting bogus interviews. The job seeker is then persuaded to transfer funds for registration, mandatory training, a laptop, and other expenses.

14. Modus Operandi of Money Mules

• Money Mule refers to innocent victims who are duped by fraudsters into laundering stolen or illegal funds through their bank account/s. Customers are contacted by fraudsters via emails, social media, and other means and persuaded to receive money into their bank accounts (money mule) in exchange for attractive commissions.

• The money mule is then instructed to transfer the funds to another money mule’s account, thereby initiating a chain reaction that eventually results in the funds being transferred to the fraudster’s account.
• Alternatively, the fraudster may instruct the money mule to withdraw cash and deliver it to a third party.
• When such frauds are reported, the money mule becomes the subject of an investigation by the police for money laundering.

Banking Fraud Legal Provision

• If the aforementioned fraud is discovered, it is a Banking Offence under the Banking Offence and Punishment Act of 2064. If anyone commits fraud, a FIR must be filed with the nearest police station. Following the submission of the FIR, the government attorney must file a lawsuit.

• Essentially, a banking offence is any act for which the state’s banking laws impose criminal liability (punishment for any crime-intended act) in order to maintain financial stability and discipline. The state imposes criminal penalties for acts such as cheque forgery and misuse of bank loans or other services. In Nepal, these are the most common banking offenses.

In Nepal, these are the two most common banking offenses.

Banking offense classifications

The following 14 types of banking offenses are listed in the Banking Offence and Punishment Act:

• Unauthorized account opening or cash payment demands
• Making illegal withdrawals or payments
• Obtaining or making payment through the unauthorized use or abuse of electronic means
• Unauthorized lending,
• Abuse of credit facility
• Taking advantage of banking resources, means, and assets
• acquiring assets or opening a dues-paying account by the borrower
• Stopping credit facilities in order to lose the borrower’s working project
• Making a loss by tampering with an account or ledger or committing forgery or fraud
• Making transactions under false pretenses by misrepresenting a bank, financial institution, or cooperative institution.
• Excessive, low, or false valuation
• carrying out or causing to be carried out unauthorized economic or financial transactions
• Dhukuti transactions, as well as
• Banking transactions that are illegal.

Up to three months in prison and penalties based on the amount of the fine

If anyone opens an account or demands cash payment in an unauthorized manner based on the process outlined above: If anyone (a) opens or knowingly allows another person or organization to open an account by submitting false documents, (b) opens or allows another person or organization to open an account in the name of a fictitious or other person or organization, except as otherwise permitted by law.

Banking Fraud Punishment

The Banking Offence and Punishment Act of 2064 provides for prison terms based on the amount of banking fraud committed.

SN.	Total Amount	Penalties
1	The suit is worth up to one million rupees.	Imprisonment for up to a year
2	If the suit is worth more than one million rupees but less than five million rupees	Imprisonment ranging from one to two years
3	If the suit is worth more than five million rupees but less than ten million rupees	Increased prison term from two to three years
4	If the suit is worth more than ten million rupees, with whatever amount	Increased prison term from three to five years

Should you have any questions, connect with us at 9745374671 or by email info@corporatelawyernepal.com