By Ashwani Mishra, Editor-Technology, 63SATS
Mule accounts have become a major enabler of cyber fraud—bank accounts opened using fake documents or by manipulating unsuspecting individuals, used briefly to channel illicit funds. These accounts are multiplying faster than authorities can track.
In February 2025, Home Minister Amit Shah revealed over 19 lakh mule accounts had been flagged across India, with ₹2,038 crore in suspicious transactions blocked. While a big win, the message is clear: India is locked in a digital arms race, and banks are the frontline.
Just last week, Cyber Police in Kashmir Zone uncovered 7,200 mule accounts powering a network of large-scale financial frauds.
Banks Call for Power to Act Fast
At the heart of the issue lies a regulatory bottleneck.
Banks currently cannot freeze a suspicious account without court or law enforcement approval, even if their internal monitoring systems flag it as fraudulent. But this delay often allows cybercriminals to move funds quickly and disappear without a trace.
In a working group report by the Indian Banks’ Association (IBA), lenders have made a crucial proposal: give banks direct authority to freeze mule accounts without waiting for legal clearance. The recommendation, which is now under consideration, is being seen as a much-needed reform in India’s fight against financial cybercrime.
“The current framework slows down response time and allows fraudsters to stay one step ahead,” the report notes. “Empowering banks to act on internal red flags immediately could significantly reduce fraud losses.”
Cracking Down on Identity Abuse
Mule accounts are typically set up using forged documents, stolen identities, or with the help of compromised individuals who lend their credentials in exchange for money. Fraudsters exploit weak Know Your Customer (KYC) norms and gaps in verification processes to keep the cycle running.
To counter this, banks have outlined several strategies in their proposal:
- Cross-verifying new accounts with the Election Commission database when Voter ID and Form 60 (used in absence of PAN) are used.
- Imposing transaction caps on high-risk accounts flagged by internal algorithms.
- Deploying AI and machine learning tools to monitor real-time patterns and detect unusual activity indicating mule account behaviour.
This shift toward proactive surveillance rather than reactive action marks a major policy shift—one that could redefine how India handles cyber-enabled financial crime.
A Coordinated Digital Defense
The IBA’s report emphasizes the need for multi-stakeholder collaboration. It calls on regulators like the Reserve Bank of India (RBI), financial institutions, law enforcement agencies, and tech companies to build a joint cyber risk framework.
“This isn’t just a banking problem. It’s a systemic threat that requires layered responses—investment in technology, better staff training, and greater data-sharing between institutions,” the report says.
The roadmap includes:
- Strengthening backend IT infrastructure across banks.
- Creating shared databases of known mule accounts.
- Establishing dedicated cyber fraud response teams at regional levels.
The Indian Cyber Crime Coordination Centre (I4C) estimates cyber fraud losses could exceed ₹1.2 trillion in 2025 if unchecked. The rise of non-KYC compliant accounts, often opened in remote areas with limited oversight, has added fuel to the fire.
Cybercriminals now employ sophisticated tactics like:
- Phishing emails mimicking banks or payment apps.
- Bot-driven account opening on digital platforms using synthetic identities.
- Human mules—individuals paid to open and manage fraudulent accounts.
One official describes mule accounts as “a game of digital whack-a-mole”—as soon as one mule account is frozen, two more pop up elsewhere.
While banks have tightened their internal protocols, experts agree that compliance alone won’t solve the crisis. What’s needed is resilience—the ability to detect, respond to, and recover from attacks with speed and precision.
The key lies in swift, decisive authority to act—especially when millions of rupees can disappear in minutes.
