MHA’s New SOP on Cyber Financial Frauds

SOP Approval: New Standard Operating Procedure for cyber financial frauds approved by MHA.
Implementation Platform: National Cybercrime Reporting Portal (NCRP) via the Cyber Financial Crime Reporting and Management System (CFCFRMS).
Refund Threshold: Frauds ≤ Rs 50,000 can be refunded without a court order.
Freeze Duration: Banks must lift freeze within 90 days if no court/restoration order exists.
Financial Losses: India lost over Rs 52,000 crore to cyber frauds in the last six years.
Coverage: Banks, NBFCs, payment aggregators, e‑commerce platforms, stock‑trading apps, mutual fund houses.
Stakeholder Network: 85+ banks and payment intermediaries linked to NCRP; coordination with RBI, NPCI, law‑enforcement agencies.
Modules Developed: Grievance Redressal Module and Money Restoration Module.
Related Initiative: High‑level inter‑departmental committee to curb “digital arrest” scams (losses ~Rs 3,000 crore).

The National Cybercrime Reporting Portal (NCRP) was launched in 2020 under the Indian Cyber Crime Coordination Centre (I4C). It expanded reporting beyond child sexual abuse to all cyber offences.
Prior to the SOP, victims faced prolonged account freezes, lack of clarity on refund processes, and fragmented coordination among financial institutions.
Rapid digitisation of payments (UPI, digital wallets) increased exposure to cyber financial frauds, necessitating a uniform response mechanism.

Victim‑Centric Approach: Shifts focus from punitive to restorative, aligning with consumer protection principles.
Financial Inclusion: Faster refunds encourage confidence among small‑value transaction users, crucial for inclusive digital economy.
Regulatory Coordination: Formalises interaction between banks, RBI, NPCI, and law‑enforcement, reducing systemic risk.
Internal Security: Addresses a growing internal security challenge—cyber‑enabled financial crimes that can fund illicit activities.
Legal Implications: Reduces dependence on court orders for low‑value frauds, expediting justice delivery.

Article 21 (Right to Life & Personal Liberty): Courts have interpreted this to include the right to privacy and protection of personal data.
Information Technology Act, 2000 (Amendments 2008): Provides legal framework for cyber offences and empowers the government to issue directions for cyber‑crime response.
Reserve Bank of India (RBI) Guidelines: RBI mandates banks to have robust cyber‑security frameworks and grievance redressal mechanisms.

Note: The SOP is a dynamic policy instrument; aspirants should monitor subsequent notifications and implementation guidelines for any amendments.