Fraud, financial crime and forensic analysis, with Mayur Joshi.

We sit down with an Indian pioneer of forensic analysis to discuss the country’s most common scams, the successes and limitations of the world’s largest biometric ID system, and why it’s unfair to refer to Kolkata as the call center scam capital of the world.

Back in 2005, when Mayur Joshi founded Indiaforensic – India’s first training and educational hub focused on financial crime investigation – the concept of forensic accounting was relatively unknown in the country. 

Despite this, Mayur knew that due to increasing rates of financial fraud and India’s lack of domestic fraud prevention specialists, the launch was essential. 

“The initial reaction to the launch was mixed and met with both curiosity and skepticism due to the novelty of the concept. However, as financial fraud became increasingly sophisticated and prevalent in India, the need for specialized education became clear,” said Mayur. 

Twenty years later, Indiaforensic has over 5,000 members from a range of industries, including the public sector, non-banking financial companies, payment aggregators, cooperative banks, multinational banks operating in India, fintech companies, fraud control teams, chartered accountancy firms, telecom companies and retail organizations. 

In this interview, we discuss India’s most common compliance mistakes, the role that technology plays in the proliferation and prevention of new fraud attacks, the importance of enabling organizations to combat financial crime and maintain robust compliance standards, and much more.

What would you say are the 3 most common compliance mistakes that organizations make in India?

The three most common compliance mistakes made by organizations in India, particularly within the financial services, are: 

1. Inadequate training: One of the most significant gaps in India’s compliance sector is the lack of advanced training for employees. Many compliance professionals are trained primarily in basic Know Your Customer (KYC) regulations, but advanced topics like sanctions compliance and Trade-Based Money Laundering (TBML) often remain underexplored. This results in a narrow understanding of the broader compliance landscape, making it difficult for employees to effectively handle more complex issues like international sanctions or intricate financial crime patterns. Without comprehensive training, compliance teams are not equipped to address the evolving and multifaceted challenges of global financial crime. 
   
2. Inadequate testing: A major issue in the Indian compliance sector is the proliferation of certification courses that fail to adequately test the knowledge and skills of participants. While these certifications may appear beneficial, the lack of rigorous testing means that compliance professionals may not be fully prepared to handle real-world scenarios. This becomes particularly problematic in high-stake situations, such as when an organization is under regulatory scrutiny or when dealing with complex fraud cases. The absence of practical assessments during training means that employees may struggle to apply their knowledge effectively in critical situations, leading to costly errors or regulatory breaches. 
   
3. Inadequate due diligence: A common mistake in compliance practices is an over-reliance on databases to conduct due diligence, often at the expense of more in-depth investigative skills. While database searches are essential, they don’t always provide the full picture. Compliance teams may fail to connect the dots or identify red flags that are not present in the databases but can be uncovered through a more thorough investigation. This could include deeper inquiries into the business relationships, transaction histories, or risk profiles of clients or partners. 

Failing to conduct comprehensive due diligence can leave organizations exposed to financial crimes like money laundering, fraud or terrorist financing.

How about financial crime, what trends are you seeing right now?

In India, digital fraud has rapidly emerged as one of the most common forms of financial crime, driven by the increasing use of digital payments and online platforms. United Payments Interface (UPI) fraud is a major concern, where fraudsters trick victims into sharing their UPI credentials or One Time Passwords (OTPs) through fake links or impersonation. 

Similarly, OTP fraud, often enabled by SIM card swapping or phishing attacks, allows criminals to intercept OTPs and complete unauthorized transactions. Fraudsters also exploit digital payment systems by manipulating payment gateways or using fake payment links to steal users’ financial details. Phishing attacks, where fraudsters impersonate legitimate organizations to steal sensitive information, have also seen significant growth. 

Another concerning trend is the rise of SIM card swapping, where criminals gain control of a victim’s mobile number to intercept OTPs and access bank accounts or payment platforms. Digital blackmail or fake arrests are also becoming common, with fraudsters using threats to extort money or personal details from victims. Fake job offers and investment scams, especially involving cryptocurrency or high-return schemes, have targeted individuals looking for employment or investment opportunities.  

These forms of digital fraud highlight the need for stronger cybersecurity, increased public awareness and more robust regulations to protect against emerging financial crimes.

In September 2024, the global anti-money laundering watchdog, Financial Action Task Force (FATF) urged India to speed up its prosecutions in financial fraud cases. To what do you attribute the delay in prosecutions and what do you think would speed up the process?

The delay in prosecuting financial fraud cases in India can be attributed to several factors, including the overburdened judicial system, complex legal procedures and resource constraints. The Indian legal system is often slow due to the sheer volume of pending cases, which leads to prolonged trial timelines. Additionally, financial fraud cases are inherently complex, involving intricate details that require meticulous investigation, expert testimony and specialized knowledge, all of which can delay the process. Moreover, a lack of adequate resources and skilled personnel in investigative agencies can contribute to the inefficiency in handling cases. 

To speed up the prosecution process, India could benefit from establishing specialized courts focused on financial crime, allowing for more efficient and faster trials. Capacity building for law enforcement agencies, including providing training on financial fraud detection and investigation, would also help improve case resolution. Legal reforms that streamline procedures and introduce stricter timelines for trial completion could further expedite the judicial process. Enhanced coordination between financial institutions, law enforcement and regulatory bodies would also ensure quicker identification and prosecution of fraudsters. These measures would significantly reduce delays and improve the overall effectiveness of the judicial system in tackling financial fraud.

Building trust through KYC in banking.

How can you set up a KYC process that satisfies your customers, fights fraud and meets regulatory requirements? Download now to discover:

• What is KYC?
• The importance of KYC in the banking sector
• Regulatory impact on KYC processes

Read now

What do you say to those who claim that India, and Kolkata specifically, is the call center scam capital of the world. Is this fair? If so, why do you think this is? What steps can be taken to tackle it?

Labeling Kolkata as the ‘call center scam capital’ is an unfair generalization. While some fraudulent call center operations have been uncovered in India, it overlooks the vast number of legitimate call centers that operate ethically and serve various industries globally.  

Kolkata, being a significant hub for business process outsourcing and call centers, does have a higher concentration of such operations, but I guess it’s not alone. These operations are spread throughout all major metro cities, including Ahmedabad, Bengaluru, Chennai, Mumbai, Noida, Gurugram and Pune. Fraudulent operations are conducted by a small minority of unscrupulous individuals, and they do not represent the entirety of the industry.

What are some of the main 2025 financial crime trends in India? What part does technology play in both the proliferation and prevention of new fraud attacks?

In 2025, digital fraud is expected to see significant growth in India, largely driven by the increasing reliance on digital platforms and online transactions. Traditional fraud is being rapidly replaced by tech-enabled scams, with fraudsters leveraging advancements in technology to exploit vulnerabilities in digital payment systems, mobile apps and social media platforms. This shift is particularly evident in areas such as UPI fraud, OTP phishing and identity theft, which have become increasingly sophisticated with the use of tools like malware and social engineering techniques. 

The rise of cryptocurrency also opens new avenues for fraudsters to manipulate digital assets and launder illicit funds, posing a significant challenge to regulatory bodies. 

Social media platforms and the rise of ‘finfluencers’ — social media influencers focusing on financial advice — are expected to play a larger role in perpetrating fraudulent activities. With their widespread influence, finfluencers could be used to promote fraudulent schemes or investment opportunities, often without proper scrutiny or regulation. These influencers, who have large followings, may inadvertently or intentionally contribute to scams such as Ponzi schemes, fake investment platforms, or high-risk financial products that target unsuspecting investors.

India lays claim to the world’s largest biometric ID system. What would you say are some of Aadhaar’s greatest successes and conversely weaknesses/ limitations since launch?

One of its greatest accomplishments is its role in financial inclusion, enabling millions of people in rural and remote areas to access banking services. It is also one of the best tools in performing e-KYC. With Aadhaar, users can be onboarded in minutes. Plus, by linking Aadhaar to various government welfare schemes, subsidies and services, it has helped reduce corruption and leakages, ensuring that benefits reach the intended beneficiaries directly. The system has also facilitated the streamlining of processes, such as tax filings and identity verification, making them faster and more efficient. 

However, one of the major concerns is its privacy implications. The vast amount of sensitive personal data collected for Aadhaar, including fingerprints, iris scans, and demographic information, has raised questions about the potential security and misuse of such data.

By extension, what role does identity verification and KYC technology play in the fight against fraud? What do you see as the limitations/ threats to their efficacy?

Identity verification and KYC technology plays a crucial role in the fight against fraud, acting as the first line of defense for financial institutions and businesses.  

By accurately confirming the identity of individuals or entities before they can access services, identity verification and KYC technologies help prevent fraudsters from exploiting financial systems. For example, biometric systems, such as facial recognition or fingerprint scans, along with document verification tools, make it harder for fraudsters to impersonate others and gain unauthorized access to bank accounts, loans, or other services. KYC technologies also help institutions assess the risk associated with a customer, ensuring they are not unknowingly facilitating money laundering or financing illegal activities. Indiaforensic offers the certification program in KYC, which is one of the most exhaustive programs guiding the students about the use of regtech in KYC. 

However, while these technologies have certainly strengthened fraud prevention, they are not without their limitations. One major challenge is the growing sophistication of fraud techniques. Fraudsters are increasingly using advanced methods like deepfakes or synthetic identities, which can bypass even the most robust identity verification systems. Another limitation is the reliance on databases and digital records, which may not be completely accurate or up-to-date, allowing some fraudulent identities to slip through the cracks. 

Additionally, the increasing use of digital platforms has led to concerns about data security and privacy. If the data used for KYC processes is not securely stored or transmitted, it could be vulnerable to breaches, exposing customers’ sensitive information to cybercriminals. To maintain the efficacy of identity verification and KYC technologies, ongoing advancements in security measures, continuous updates to databases, and proactive monitoring for new fraud tactics are essential.

If you’re interested in more insights from industry insiders and thought leaders from the world of fraud and fraud prevention, check out one of our interviews from our Spotlight Interview series below.

• Jinisha Bhatt, financial crime investigator
  
• Paul Stratton, ex-police officer and financial crime trainer
  
• Lloyd Emmerson, Director of Strategic Solutions at Cifas

• Or, discover all about the rise of social media fraud, and how one man almost lost a million euros to a pig butchering scam in our blog, ‘The rise of social media fraud: How one man almost lost it all.’

By

Jody Houton
Senior Content Manager at IDnow
Connect with Jody on LinkedIn