CURRENT AFFAIRS | 22 APRIL 2026
CLAT GK + LEGAL REASONING — BANKING & CONSUMER LAW
The RBI Integrated Ombudsman has ordered five banks — Axis, City Union, ICICI, IndusInd and Yes Bank — to pay ₹1.3 crore to Naresh Malhotra, a 78-year-old retired banker who lost ₹22.9 crore in what is now India’s biggest “digital arrest” scam. Investigators traced 4,236 transactions across 7 layers through 47 banks into 811 mule accounts. The Ombudsman held each of the five banks liable for 5%–7.5% of the sums routed through their systems, citing KYC and AML deficiencies. The order sits inside a 120% surge in Delhi cyber-fraud cases over the last decade.
Why it matters for CLAT: The case is a live application of the RBI Integrated Ombudsman Scheme 2021, the Bharatiya Nyaya Sanhita 2023 Sec 318/319 (cheating, cheating by impersonation), Sec 66D Information Technology Act 2000 (cheating by personation using computer resources), the PMLA 2002 (layering/placement), and — most importantly — the doctrine of vicarious liability and duty of care owed by banks under the Negotiable Instruments Act 1881 and RBI’s KYC Master Directions. The order will be cited as a precedent for consumer-protection in digital payments.
Constitutional & Legal Framework
- RBI Integrated Ombudsman Scheme 2021 — ‘One-nation-one-ombudsman’ framework; covers deficiency in service by regulated entities; free and online
- BNS 2023 Sec 318 — Cheating (earlier IPC 420)
- BNS 2023 Sec 319 — Cheating by personation (earlier IPC 416/419)
- IT Act 2000 Sec 66D — Cheating by personation using any communication device or computer resource — 3 years + ₹1 lakh fine
- PMLA 2002 — Placement / layering / integration — ‘proceeds of crime’; bank accounts used as layers are attachable
- Banking Regulation Act 1949 Sec 35A — RBI’s general power to issue directions to banks — basis for KYC Master Directions
- KYC Master Directions (RBI) — Mandates CDD, risk-based monitoring, STR filing, beneficial-ownership identification
- Consumer Protection Act 2019 Sec 2(11) — ‘Deficiency’ — includes any fault, imperfection, shortcoming in the manner of performance
- Article 19(1)(g) — Banks’ right to carry on business — subject to reasonable restriction in consumer/public interest
CLAT Angle — How This Gets Tested
- Ombudsman vs Court: The Integrated Ombudsman is a dispute-resolution forum under Sec 35A of the Banking Regulation Act 1949, NOT a court. Its awards are quasi-judicial; appeals lie to the Appellate Authority (Executive Director, RBI).
- Digital arrest = cheating by personation: The scamsters impersonate CBI/Mumbai Police/ED officials. This triggers BNS 319 and IT Act Sec 66D simultaneously — not double jeopardy, because actus reus overlaps but mens rea targets are distinct.
- Vicarious bank liability: Banks are not ordinarily guarantors against fraud, but failure to apply risk-based monitoring under KYC directions converts a Force-Majeure excuse into actionable ‘deficiency’ under Consumer Protection Act 2019 Sec 2(11).
- Mule-account doctrine: Under PMLA, every account in a layering chain can be attached as ‘proceeds of crime’ — even if the account-holder was unaware. Knowledge is not a defence; good-faith inquiry is.
Key Facts at a Glance
| Victim | Naresh Malhotra, 78, retired banker, Delhi |
| Amount lost | ₹22.9 crore |
| Compensation ordered | ₹1.3 crore (5-7.5% per bank) |
| Banks ordered to pay | Axis · City Union · ICICI · IndusInd · Yes Bank |
| Transactions traced | 4,236 transactions across 7 layers through 47 banks into 811 mule accounts |
| Legal ground | KYC / AML deficiencies; deficient service under Ombudsman Scheme 2021 |
| Delhi cyber-fraud trend | 120% surge in last decade |
| Regulatory framework | RBI Integrated Ombudsman Scheme 2021 + KYC Master Directions |
The principle that makes this order matter. Until now, banks defended digital-fraud claims by pointing to the customer’s own disclosure of OTPs — “contributory negligence” ended the inquiry. The Ombudsman order shifts the frame: if the bank’s receiving-side systems (mule-account onboarding, transaction-monitoring, STR filing) fail their own KYC obligations, a partial liability attaches regardless of victim-side error. This aligns India with the UK’s Contingent Reimbursement Model Code and the EU’s PSD2 “strong customer authentication” regime, and brings Sec 2(11) Consumer Protection Act firmly into the digital-payments space.
Mnemonic — K-A-P (KYC-AML-PMLA) + 66D
KYC Master Directions (RBI) · AML obligations · PMLA 2002 (layering) · BNS 318/319 cheating + personation · IT Act 66D cheating by personation using computers. Ombudsman Scheme 2021. Remember — 5 banks × avg 6% = ₹1.3 cr.
Likely exam questions. (1) The RBI Integrated Ombudsman Scheme was launched in which year? (2) Cheating by personation using computer resources is punishable under which section of the IT Act? (3) Under PMLA 2002, “layering” refers to which stage of money-laundering? (4) Bank KYC obligations derive their statutory force from which section of the Banking Regulation Act? (5) Legal reasoning — can a bank be liable where a customer voluntarily transferred funds but the receiving bank ignored KYC/AML flags?
Test Yourself — 10 MCQs
Click each option to reveal the answer and explanation.
Practice Quiz — 10 CLAT-Style Questions
Click an option to reveal the answer and explanation.
