The Karnataka High Court has delivered a significant ruling on SIM swap fraud, observing that banks must adopt proactive safeguards to prevent such cyber crimes. The Court held that financial institutions cannot remain passive and must implement stronger monitoring systems, while also upholding liability against BSNL in a case involving unauthorised transactions of ₹87.70 lakh.
Unauthorised SIM Duplications and Rapid Fund Siphoning
The judgment was delivered in a dispute involving Basaveshwara Pattana Sahakara Bank Niyamitha, which suffered financial loss after fraudsters obtained a duplicate SIM linked to its registered mobile number. Using intercepted OTPs, the accused executed seven unauthorised RTGS and NEFT transactions between February 6 and 7, 2019, resulting in a massive financial drain within hours.
According to the findings, the duplicate SIM card was issued without proper verification or authorisation from the bank. This lapse allowed the fraudsters to take control of OTP-based authentication systems, which are commonly used for securing high-value digital banking transactions. The Court noted that this failure directly enabled the fraud.
The Permanent Lok Adalat, Dakshina Kannada, had earlier held BSNL liable and awarded compensation of ₹5 lakh with interest. However, the cooperative bank challenged the adequacy of compensation, while BSNL disputed its liability. The High Court, after examining the facts, partly allowed the bank’s petition and enhanced the compensation while dismissing BSNL’s challenge.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
Vicarious Carrier Liability and Award Enhancements
Justice Suraj Govindaraj observed that issuance of duplicate SIM cards is a core telecom function, and negligence in performing this duty can have serious financial consequences. The Court held that BSNL is vicariously liable for the actions of its employee who issued the SIM without proper verification.
The Court directed BSNL to pay ₹50,50,762 towards the net financial loss suffered by the bank, along with ₹5 lakh as consequential damages. The amount will carry interest at 9% per annum from February 7, 2019, significantly increasing the financial liability due to the prolonged litigation period.
Importantly, the Court also clarified that while recovered funds must be adjusted while calculating net loss, insurance proceeds received under independent policies cannot be used to reduce the liability of the wrongdoer. This distinction was highlighted to ensure that compensation remains fair and legally consistent.
Layered Multi-Channel Safeguards and Temporal Delays
In its detailed observations, the Court stressed that banking institutions must also strengthen their internal systems to prevent SIM swap-related frauds. It suggested multiple safeguards, including additional OTP delivery channels, delayed processing of high-value transactions after SIM changes, alternate alert systems, and customer awareness initiatives.
The Court also noted that banks cannot rely solely on telecom providers and must adopt layered security mechanisms to protect customers from evolving cyber threats. It emphasized that SIM swap fraud is a recurring and well-documented issue across India, requiring coordinated preventive action.
Identity Verification Mandates and Systemic Safety
Describing the case as a “paradigmatic instance of SIM swap fraud,” the Court highlighted how quickly funds were siphoned once OTP interception became possible. It observed that such frauds cause immediate and often irreversible damage, underscoring the need for rapid detection systems and strict verification protocols.
The Court further stated that verification of subscriber identity before issuing duplicate SIM cards is not a mere procedural step but a critical security safeguard. It noted that millions of banking customers depend on telecom verification systems for financial safety, making strict compliance essential.
Accordingly, the Court dismissed BSNL’s petition, partly allowed the cooperative bank’s plea, and reinforced the principle that telecom negligence enabling financial fraud attracts civil liability. The judgment is expected to influence future cases involving digital banking security and SIM-based cyber fraud across the country.
