Indian banks deploy tech tools to counter mule accounts

Mule accounts, so named because they act as conduits for sending and receiving funds that do not belong to the bank account holder, usually remain dormant but can see a sudden spurt in typically low-value, high-volume transactions.

The Reserve Bank of India (RBI) has urged banks to keep a close watch on such accounts.

RBI governor Shaktikanta Das recently expressed concern over digital frauds and the “rapid increase in use of mule bank accounts to perpetrate such frauds". In FY24, the value of digital payment frauds at banks was at ₹1,457 crore and involved 29,082 transactions, higher than both FY22 and FY23, as per the RBI’s annual report. 

Experts said mule accounts are used by scamsters for digital frauds that involve transferring money out of the victim’s bank account into a chain of accounts, making it harder to trace such funds. 

Read more: Private banks collaborate with social media influencers, but with caution

Typically, the mule accounts involve up to 15 accounts in a distribution chain, and this entire chain is kept ready at any point—with scammers tasked with live-tracing which accounts are operational, and which are not. 

Teams at banks are using artificial intelligence (AI) and machine-learning (ML) tools in order to take on such scams. For instance, Axis Bank created a new internal unit about six months ago that consolidated some of the existing roles of monitoring and detecting suspicious accounts across the bank. 

“We call that unit the financial crime intelligence unit," Subrat Mohanty, executive director of banking operations and transformation, Axis Bank said during an earnings call on 24 July. 

“This unit has been working on 20 initiatives as we speak, largely focussed on preventing frauds and identifying suspicious and mule accounts. This is something we believe we are a bit ahead in terms of our thinking and execution." 

However, Mohanty declined to share details on what kind of accounts these were—savings or current—saying the bank does not share “that kind of internal intelligence at this point in time to the external world". 

“It is something we work very closely with the law enforcement authorities."

Rival lender Kotak Mahindra Bank is also using technology to detect mule accounts. According to Ashok Vaswani, chief executive, Kotak Mahindra Bank, the lender takes the issue “extremely seriously". 

“We have actually seen, and the governor has also pointed out, that it (mule accounts) is more in the current account space than in savings accounts," Vaswani said in response to a question on its earnings call on 20 July. 

“We have built machine learning models that spot these transactions and therefore the accounts as early as possible. We are very very vigilant on this particular item."

Read more: Is Axis Bank's share price fall a knee-jerk reaction?

India’s largest lender State Bank of India (SBI) has initiated the process of putting in place “a robust fraud monitoring solution – specifically for electronic channels that are being used by the customers".  

The bank said in its 2023-24 annual report that this was in addition to the “industry standards of IT security/Cyber Security that are being followed".

Cybersecurity experts said that mule accounts at banks are being identified through techniques such as behavioural authentication, or risk-based authentication. 

“Most of these mule accounts do small transactions, but at a very high volume," said Sandip Panda, chief executive at cyber security firm, Instasafe. 

“Such accounts are trickier to trace, since small-ticket transactions are very inconspicuous and are difficult to have a blanket rule against and to take on such accounts, additional authentication mechanisms and productivity of banking operations come as a collateral damage and trade-off to security standards."

Panda also pointed out that several Indian banks are stuck with legacy systems in their IT infrastructure and there is a need for smarter, faster security solutions that conduct trials to come up with better ways to identify such accounts.

A banker involved in investigating fraudulent transactions said that most mule accounts are those whose know-your-customer (KYC) details are sold to scammers. 

People living in abject poverty are approached by scam circles who urge them to sell their KYC documents, and are promised an incentive of 5-10% for every transaction that happens in that account. Those targeted are mostly people in the lowest income and education circles who are not aware of the legal and risk aspects of agreeing to such an arrangement.

“By doing this, the main perpetrators get away with the crime, and cyber investigations remain incomplete since the real criminals are never caught," the banker said on condition of anonymity. 

Read more: ICICI Bank expects its LCR to fall by 10-14 percentage points due to new norms

The unified payments interface or UPI is also being used by scammers to quickly transfer funds between multiple accounts. A cyber security expert working closely with regulators said that transfers made through UPI are instantaneous and seamless, unlike other modes of electronic fund transfers that require adding beneficiaries and waiting for a specific time before movement of funds are allowed. 

“The ease of access of UPI has also made scams harder to prevent, as it removes multiple practical barriers of the transaction chain," said the expert cited above who also spoke on condition of anonymity.