Ahmedabad: A major financial fraud has been uncovered at an e-procurement technology company, where internal employees allegedly manipulated the digital system to siphon off nearly ₹1.56 crore.
The case has raised serious concerns over corporate cybersecurity, internal access controls, and the vulnerability of escrow-based financial systems used in digital tendering platforms.
Manipulation of Digital Signature Certificates
The incident has been reported from Ellisbridge-based E-Procurement Technologies Limited, a firm that provides e-auction and e-tendering services. In such systems, bidder security deposits are stored in escrow accounts and are refunded after the bidding process is completed. However, in this case, investigators allege that employees exploited system access privileges to redirect these funds into personal accounts.
According to the complaint filed by finance head Dhwani Deepakbhai Vrajlal Kamani, employees Dharam Harishbhai Rathod and Nikhil Rajeshbhai Khalas misused their administrative rights to manipulate bidder account details. They are accused of tampering with Digital Signature Certificate (DSC) files, resetting bidder passwords, and altering registered banking details to divert refund transactions into accounts under their control.
Siphoning Escrow Funds into Personal Accounts
Investigations suggest that approximately ₹16 lakh was transferred into Nikhil Khalas’s SBI account, while nearly ₹1.40 crore was credited into a Bank of Baroda account belonging to his wife, Priyanka Khalas. The total alleged misappropriation stands at around ₹1.56 crore, executed in multiple phases between January 2021 and April 2026, making detection difficult during routine audits.
As per reports, the accused gained unauthorized access to multiple bidder accounts and systematically replaced original bank details with fraudulent account information. Once the changes were made, escrow-linked refund transactions were rerouted, allowing funds to be transferred without immediate detection. The misuse of DSC credentials played a key role in bypassing system verification checks, weakening the overall security architecture.
Internal Audit Exposes System Breaches
The fraud came to light only after an internal audit and digital forensic review revealed irregular system activity. Suspicious login patterns, repeated credential changes, and unauthorized modifications in financial records were flagged during the investigation. These findings prompted a deeper probe, which eventually exposed the involvement of the accused employees.
Authorities are now examining server logs, transaction histories, and digital authentication trails to determine whether more individuals were involved in the network. Investigators suspect that the fraud may not be limited to just two employees and could be part of a larger insider-driven cyber fraud pattern exploiting weaknesses in enterprise systems.
The Growing Risk of Enterprise Insider Threats
The case highlights the growing risks faced by digital procurement platforms, where large volumes of financial transactions depend heavily on user access controls and authentication mechanisms. Experts believe that insider threats remain one of the most difficult cybersecurity challenges, as they involve authorized users misusing legitimate access.
Cybersecurity analysts note that such incidents underline the need for stronger safeguards, including multi-layer authentication, real-time transaction monitoring, and stricter control over digital signature usage. As government and private sector operations increasingly shift to digital procurement systems, ensuring system integrity has become a critical priority.
The investigation is ongoing, and officials are continuing to trace financial flows and digital evidence to uncover the full extent of the fraud network and identify any additional beneficiaries involved in the scam.
