The ₹590 Crore IDFC First Bank Fraud Incident | LATEST UPDATE: 4 Masterminds Arrested | ₹583 Crore Fully Refunded by Bank

By /
🔴 LATEST UPDATE (Feb 2026): 4 Masterminds Arrested | ₹583 Crore Fully Refunded by Bank

1. Key Details of the Incident

In February 2026, a massive financial irregularity surfaced at IDFC First Bank. Described as “banking’s oldest fraud,” the incident relied entirely on paper-based manipulation and internal collusion rather than a digital cyberattack.

  • Location & Entity: IDFC First Bank, Sector 32 Chandigarh Branch.
  • Amount Involved: ₹590 crore.
  • Target Accounts: Funds allocated under the Mukhya Mantri Gramin Awas Yojana-2.0 (MMGAY-2.0) scheme by the Haryana State Government.
  • Timeline & Discovery: Accounts were opened in September 2025. The fraud was flagged in January/February 2026 when the government ordered the closure of the accounts, only to find IDFC First Bank could only transfer ₹1.27 crore instead of the expected ₹50+ crore from one specific account.
  • The Shell Company: Investigations revealed that nearly ₹300 crore was illegally funneled into an AU Small Finance Bank account belonging to Swastik Desh Projects, a private shell firm.

2. Latest Progress & Actions Taken (As of Late Feb 2026)

Swift actions from both law enforcement and the bank’s management have dramatically altered the trajectory of the case:

  • Arrests Made: The Haryana State Vigilance and Anti-Corruption Bureau (ACB) has arrested four key individuals:
    1. Ribhav Rishi: Former Branch Manager of the Sector 32 branch (alleged mastermind).
    2. Abhay Kumar: Former Relationship Manager at the branch.
    3. Swati Singla: Abhay Kumar’s wife (Owner of 75% stake in the shell firm Swastik Desh Projects).
    4. Abhishek Singla: Swati’s brother (Owner of 25% stake in the shell firm).
  • 100% Fund Restitution: Without waiting for the investigation to conclude, IDFC First Bank paid out ₹583 crore (principal + ₹22 crore accrued interest) back to the Haryana Government within 24 hours of the exposure, absorbing the immediate financial hit to protect customer funds.
  • Unprecedented PR Response: To contain reputational damage, the bank launched a massive PR counter-offensive, taking out full-page newspaper advertisements titled “Living By Customer-First Principles” to highlight their swift reimbursement and institutional accountability.
  • De-empanelment: Despite the refund, the Haryana Government officially de-empanelled both IDFC First Bank and AU Small Finance Bank from handling state government business.

3. Root Cause Analysis (RCA)

The core vulnerability exposed by this incident was a human governance failure combined with process loopholes in handling physical instruments.

  • Internal Collusion: The fraud was perpetrated by middle-management branch employees (Branch Manager and RM) who manually subverted the bank’s core Maker-Checker-Authorizer mechanisms.
  • Forgery of Signatures: The fraudsters utilized forged signatures of a former Director General of the department (who had already relinquished his post in October 2025) to process physical cheques and debit notes.
  • Lack of Out-of-Band Authentication: There was an absence of secondary, centralized verification (e.g., independent callbacks from a central hub to the authorized government signatories) for exceptionally high-value physical mandates.

4. Impact of the Fraud

Financial & Market Impact

The ₹590 crore hit eclipsed the bank’s Q3 net profit. The stock initially plunged up to 20%, erasing over ₹14,000 crore in investor wealth. Brokerages like Bank of America subsequently downgraded the stock to Neutral.

Reputational Impact

While the bank’s swift ₹583 crore refund and full-page ad campaigns helped stabilize trust, the loss of the lucrative Haryana Government CASA accounts represents a tangible business hit.

Systemic Impact

RBI Governor Sanjay Malhotra publicly clarified that while the incident is significant, it is an isolated localized governance failure and poses no systemic risk to the broader Indian banking system.

5. Breakdown of the 3 Lines of Defence

A standard risk management framework consists of three lines of defence, all of which broke down in this scenario:

  1. First Line (Branch Management & Operations): Failed completely. The Branch Head and Relationship Manager, responsible for primary physical verification, were the active perpetrators of the crime.
  2. Second Line (Risk Management & Central Compliance): Failed to detect. Anomalies—such as ₹300 crore of government funds being transferred to a newly formed private entity (Swastik Desh Projects)—did not trigger timely automated AML/Risk red flags at the central hub.
  3. Third Line (Internal/Concurrent Audit): Failed to prevent. Routine audits missed the critical mismatch between the client’s mandate and actual system entries, failing to detect that the authorizing signatory had retired months prior.

6. Preventive Controls & Lessons Learnt for Lending Sectors

The modus operandi—internal collusion leveraging physical instruments to divert funds to related shell parties—poses severe risks for banks and NBFCs across various lending portfolios. Below are sector-specific preventive controls:

A. Education Loans

  • Risk: Forgery of Demand Drafts (DDs) or diversion of disbursement cheques meant for universities.
  • Control: Transition entirely to API-driven RTGS/NEFT disbursements directly to the pre-validated master bank accounts of educational institutions. Centralize DD dispatch rather than handing them to the borrower/branch staff.

B. Housing Finance (HFC) & Loan Against Property (LAP)

  • Risk: High-value disbursements via physical cheques during property registration can be altered or diverted by colluding sales/branch managers to shell builder accounts.
  • Control: Implement “Zero Trust” disbursement. Any disbursement above a certain threshold (e.g., ₹50 Lakhs) must require an independent video callback to the seller/builder from a centralized back-office before funds are released.

C. MSME & Working Capital Loans

  • Risk: Diversion of working capital funds to related parties via forged vendor cheques (similar to the Swastik Desh Projects methodology).
  • Control: Enforce closed-loop vendor payment portals. Map vendor accounts centrally and block large transfers to newly created, unverified MSME current accounts.

D. Universal Banking Controls (Enhancing the 3 Lines)

  • Dynamic Anomaly Detection: Deploy AI models to flag “Out of Pattern” (OOP) transactions, especially from Government/Institutional accounts to Private/Partnership firm accounts.
  • Automated Reconciliation & Signature Updates: Integrate HR/Admin retirement data of institutional clients with core banking to instantly invalidate signatures of retired/transferred officials.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top