Sunday, 25 Jan, 2026
Over the last six years, Indians have lost more than ₹52,976 crore to fraud and cheating-related offences. Image Source: Getty
The SOP establishes a uniform framework for how financial and digital ecosystem entities must respond once a cybercrime complaint flags a transaction as suspicious.
The Ministry of Home Affairs has cleared a new Standard Operating Procedure for the Cyber Financial Crime Reporting and Management System under the National Cybercrime Reporting Portal, aimed at streamlining responses to online financial fraud. A key feature of the SOP is faster relief for victims of low-value cyber fraud. In cases where the disputed amount is less than ₹50,000, refunds can be processed without the need for a court order. Where no judicial or restoration order exists, banks are mandated to remove freezes on such amounts within a period of 90 days.
The SOP establishes a uniform framework for how financial and digital ecosystem entities must respond once a cybercrime complaint flags a transaction as suspicious. This framework applies not only to banks but also to payment aggregators, non-banking financial companies, e-commerce platforms, stock trading applications, mutual fund houses and other financial intermediaries. The objective is to ensure clarity, consistency and accountability in handling cyber financial crime cases across the system.
Data compiled by the Indian Cyber Crime Coordination Centre, which operates under the MHA, highlights the scale of the problem. Over the last six years, Indians have lost more than ₹52,976 crore to fraud and cheating-related offences. In 2025 alone, reported losses amounted to ₹19,812.96 crore, spread across 2,177,524 complaints. This marked a slight decline in value from 2024, when losses stood at ₹22,849.49 crore across 1,918,852 complaints. Earlier years saw comparatively lower losses, with ₹7,463.2 crore reported in 2023, ₹2,290.23 crore in 2022, ₹551.65 crore in 2021 and ₹8.56 crore in 2020, reflecting both the rapid growth of digital transactions and the increasing sophistication of cyber fraud.
Source: National Cybercrime reporting portal, Ministry of Home Affairs
The cases of cyber crime in the country are continuously rising as scamsters find new ways to dupe the people. According to the National Crime Records Bureau (NCRB) Crime in India Report 2023, the total number of cases reported during the year was 86,128, showing an increase of 31.2 percent in registration over 2021 (65,893 cases). The crime rate under this category increased from 4.8 in 2022 to 6.2 in 2023. During 2023, 68.9 percent of cyber-crime cases registered were for the motive of fraud (59,526 out of 86,420 cases) followed by Sexual Exploitation with 4.9 percent (4,199 cases) and Extortion with 3.8 percent (3,326 cases).This was the highest number of cases of cyber-crime reported in a year till date. The chargesheeting rate in the cyber-crime cases was just 33.9 percent.
Source: National Crime Records Bureau
Cyber fraud, commonly referred to as internet or online fraud, typically involves deceiving individuals to extract money through digital means. Scammers often reach out via phone calls, emails, text messages, or other communication channels to collect sensitive personal data. In many cases, they send malicious links or software to gain unauthorized access to devices or networks, allowing them to steal confidential information like bank account details, credit card numbers, or identity credentials.
According to data from the National Crime Records Bureau (NCRB), cybercrime in India has been rising at a concerning pace. Cases nearly doubled from 27,248 in 2018 to 44,735 in 2019, with 2023 marking the year with the highest number of cybercrime incidents on record.
These statistics highlight a troubling trend, not only is cybercrime increasing, but many cases remain unresolved. Moreover, the actual number of incidents is likely far higher, as many cases go unreported.
In response, the Indian government has implemented various initiatives to bolster cyber defense capabilities. These include creating comprehensive cybersecurity regulations, establishing robust legal frameworks, and enhancing the capacity of the judiciary to tackle digital crimes. Sector-specific Computer Security Incident Response Teams (CSIRTs) have also been formed to provide technical assistance and manage cybersecurity threats within distinct industries.
In a related development, and following directions from the Supreme Court in a suo motu case concerning so-called “digital arrest” scams, the MHA has set up a high-level inter-departmental committee to examine the issue comprehensively. Media reports indicate that the committee is chaired by the Special Secretary (Internal Security) in the MHA and includes senior representatives from a wide range of ministries and agencies. These include the Ministries of Electronics and Information Technology, Telecommunications, External Affairs, Law and Justice, Consumer Affairs, the Department of Financial Services, as well as the Reserve Bank of India, the Central Bureau of Investigation, the National Investigation Agency, Delhi Police and the I4C.
According to a report carried by Live Law, the committee has been tasked with reviewing operational difficulties faced by enforcement agencies, studying existing court directions and recommendations made by amicus curiae, identifying gaps in existing laws and rules, and proposing corrective legal, regulatory and institutional measures. A status report submitted to the Supreme Court noted that the panel held its first meeting on December 29.
During this meeting, the CBI proposed the introduction of a monetary threshold to rationalise investigation responsibilities, suggesting that high-value cyber fraud cases be handled by the CBI, while lower-value cases be dealt with by State and Union Territory agencies with support from the MHA. The RBI informed the court that it had already issued advisories to banks on deploying artificial intelligence-based tools for fraud detection and was at an advanced stage of finalising its own SOP for freezing accounts linked to suspicious transactions.
The Ministry of Electronics and Information Technology highlighted the need to strengthen adjudication mechanisms under Section 46 of the Information Technology Act, 2000, to improve enforcement and accountability. Meanwhile, the Department of Telecommunications informed the panel that draft rules under the Telecommunications Act, 2023, were currently undergoing stakeholder consultations. These rules are intended to address persistent issues such as negligent issuance of SIM cards and the problem of multiple connections being misused for fraudulent activities.
The committee also deliberated on victim compensation and broadly agreed that accountability must be fixed in cases where losses arise due to negligence or service deficiencies on the part of banks, telecom service providers or other regulated entities. It emphasised that victims should not be made to bear the consequences of systemic failures, and that compensation mechanisms should operate effectively without limiting or prejudicing other legal remedies available to affected individuals. The chair of the committee directed the RBI, DoT and MeitY to review existing systems within their respective domains and suggest concrete improvements to strengthen prevention, response and victim redressal mechanisms.
