How bank insiders enabled cyber fraud: CBI exposes nexus among Canara Bank's manager, Axis Bank's BD and money mule operators

On December 24, 2025, the Central Bureau of Investigation (CBI) arrested two bank officials involved in creation of mule accounts in collaboration with organized cyber criminals. These accounts were subsequently used for transferring funds in cyber frauds. The most alarming aspect of this whole cyber fraud operation is that the arrested bank officials themselves advised the cyber criminals on how to avoid detection, ensuring their operations ran without a hitch. The arrested bank officials were removed from their post as soon as the banks got to know about this fraud.

Money mule frauds operate like a network and it starts with a cyber criminal commiting fraud and stealing money from other people’s accounts. Once the money is stolen, the cyber criminal then launders it until it becomes impossible to trace. To achieve this, the cyber criminals distribute the money across lakhs of bank accounts in small denominations, eventually amplifyin it till it becomes untraceable. The money ultimately leaves India by way of cryptocurrency or other means.

These distributions of illegal money happens via unsuspecting people's bank account (money mule a/c) and sometimes with the help of banks' employees themselves, as it happened in this case. To facilitate these distributions, sometimes the cyber criminals also use the real IDs of bank customers, altering them to open new bank accounts (as it happened in this case).


For instance, if an Aadhaar card is altered and used to open a new bank account, it might evade the human eye, but it can’t bypass the banks’ software. Therefore, these cyber criminals bribe bank officers (as it happened in this case), instructing them to ignore the system’s red flags and allow the cyber criminals to open new bank accounts using altered IDs of real people.

Sometimes the cyber criminals also give incentives to customers for renting their bank accounts. Few months a restaurant waiter in Lucknow was caught by police for doing this. The student sold his bank account for Rs 20,000 to cyber criminals who used it for money laundering.

Axis Bank Spokesperson said to ET Wealth Online: "The matter is under active investigation, and Axis Bank is extending full cooperation to the authorities to ensure a swift resolution. As a responsible institution, the Bank upholds the highest standards of integrity and maintains zero tolerance for any conduct that violates its policies or code of ethics."

Recently lenders like HDFC Bank, ICICI Bank and others have paused the digital account opening process due to the risin number of money mule accounts being operated.

Also read: ICICI Bank branch manager duped depositors of crores for years to meet targets

How the fraud happened

Bank branch manager and business development associate received money for assisting cyber fraudsters as part of the conspiracy.

According to CBI’s press release, during the course of investigation of a case registered in connection with the mule accounts opened for committing cybercrime frauds and based on the analysis of the digital devices, sufficient evidence was gathered by CBI against the then Assistant Manager, Canara Bank, Patna, and the then Business Development Associate of Axis Bank, Patna.

These two bank employees were found to have played active roles in opening and helping operationalize the mule accounts and further guiding the cyber crooks in money mule transactions.

The CBI said that evidence was also gathered to prove that these bank employees received quid pro quo for assisting the cyber crooks as part of the conspiracy. Moreover, it was discovered that these arrested bank officials of Canara Bank and Axis Bank were advising the fraudsters by showing ways to avoid the system generated red flags.

Also read: ICICI Bank branch manager forged signatures, siphoned off 'Rs 11.95 crore' by transfer and cash, alleges the customer; case in EOW's net

— CBIHeadquarters (@CBIHeadquarters)

Modus Operandi of the money mule fraud

Kanishk Gaur, CEO, Athenian Tech, says that money mule fraud is used for laundering illicit money which are mostly proceeds of cyber crimes.

According to Gaur: The money mule fraud can work either with bank officials themselves disclosing confidential customers’ information or customers themselves selling their information in exchange for money and becoming part of the money mule network.

Also read: ICICI Bank customer accuses manager of stealing Rs 16 crore from her FDs. Bank responds

When customers themselves sell their information for money

Another way money mule fraud can happen is when some people willingly sell their bank details for a bit of cash allowing cyber criminals to use their accounts for money laundering.

According to a PTI report, Ajay, a 24-year-old restaurant waiter from Old Lucknow did just that when his friend introduced him to a crypto trader who offered Rs 20,000 if Ajay allowed the use of his bank account for a day's transaction. Tempted by the offer, he said yes.

The following morning, lakhs of rupees flowed into his bank account before these were withdrawn under someone else's instructions, and handed over to strangers. Within weeks, police knocked on Ajay's door. The money, they told him, was part of an elaborate international cyber fraud routed through his account.

Shaken, Ajay turned approver, helping investigators identify other account holders and middlemen in a growing nexus that links the narrow lanes of Chowk, Indira Nagar, and Vrindavan Yojna, Sushant Golf City to handlers operating out of Cambodia, Vietnam, Laos and Thailand.

Investigations by the Crime Branch and Cyber Cell of Police over the last three months have revealed dozens of mule accounts that is bank accounts used to launder illicit funds, belonging to young men and women from Lucknow.

Many of these people work in restaurants, small shops, or in contractual jobs; others are college students. Lured by commissions ranging from Rs 10,000 to Rs 30,000, they knowingly lend their accounts to local facilitators, who route cyber fraud proceeds into cryptocurrency, through unregulated peer-to-peer networks on blockchains.

When bank officials themselves sell out customers’ information

Fraud kicks off when a cyber criminal tricks someone into giving up their cash. Once the money is taken, the cyber criminal bribes some bank officials and gets them to launder the money via unsuspecting customers’ bank accounts and then distribute it among a large number of accounts till the money becomes untraceable.

When cyber criminals get their hands on any official documentation and try to open a new bank account, the bank’s system red flags it. Gaur says: “Now obviously the bank officials will see this red flag but in this case they chose to ignore it and even advised the cyber criminals on how to avoid the red flags.”

Gaur explains using an example:

Suppose some cyber criminal somehow manaes to get another person’s real Aadhaar card and goes to the bank to open an account or KYC re-check. Now the bank officer should see that the person in the Aadhaar card is different from the person who is coming to open the account or KYC. Gaur says: “The bank officer can stop this but in this case will not stop since he/she is getting money from cyber criminals to look the other way.”

Gaur says the cyber criminals use multiple such bank accounts till the point the investigative agencies lose track of the money trail. Gaur says: “It is a full network of mule accounts.”

The arrested bank officials were produced before the court

The CBI press releases said that the two bankers have been arrested on December 24, 2025 at Varanasi, Uttar Pradesh and Betia, Bihar respectively, and are being produced before the jurisdictional court after obtaining transit remand.

The CBI said that the role of other bank officials who are connected with the opening and operationalizing of mule accounts is under investigation. The investigation is continuing in this case.

It may be recalled that CBI had earlier conducted searches in 61 locations across the country and arrested 13 accused in connection with opening and operating of mule accounts and filed charge sheets against them recently for various offences under IPC/BNS and Prevention of Corruption Act.