Indian Call Center Fraud Case Highlights Need for Change
The experience of Citibank could prompt some U.S. clients to consider using smaller, better-managed facilities. It could prompt the consideration of new outsourcing locations within India, particularly Kolkata, which has an abundant supply of English-speaking talent.
Apr 12, 2005 5:00 AM PT
Police in India announced on Thursday that they had recovered 1 million Indian Rupees (almost US$23,000) in funds allegedly stolen from Citibank customers in the U.S. by employees of an Indian call center firm.
The case highlights the need for a reexamination of corporate cultures and corporate ethics, as well as the sorry state of the Indian judicial system that serves as an impediment to international business and to individual safety and security there. It also emphasizes that U.S. enforcement agencies must adapt to new high-tech fraud activities conducted from offshore locations.
The experience of Citibank could prompt some U.S. clients to consider changes in their outsourcing operations in India.
The announcement Thursday about the recovery of funds came a day after it was announced that three former employees of Indian call center firm MphasiS BFL and nine alleged accomplices were being held on suspicion of stealing $350,000 (over 15 million Rupees) from four Citibank customers in the U.S.
Police in Pune, in the Indian state of Maharashtra, said on Thursday that 1 million Rupees were recovered from the home of a relative of Ivin Samuel Thomas, 30, a former employee of Msource, a call center in Pune that is a subsidiary of MphasiS BFL.
How the Fraud Operated
The former employee is being portrayed in local press reports in India as the ringleader who organized a fraud operation against MphasiS's Citibank customers. Two other MphasiS employees reportedly arrested are Siddhartha Subhash Mehta, 20, and Stephen Daniel, 24. The other nine individuals arrested were reportedly not MphasiS employees.
Police officials in Pune said that the three MphasiS employees were customer service agents who came into contact with U.S. customers who called into the MphasiS call center for help with their Citibank accounts.
The trio gained the confidence of four U.S. customers and obtained PIN numbers and other account information, which was then used to transfer money out of those customers' accounts and into the accounts of members of the gang. Police reports said that the three worked as account representatives at MphasiS for six months, ending in December 2004.
The thefts from Citibank's U.S. customers were discovered by the customers, who notified Citibank. Citibank traced the fraud to Pune and notified local police there.
The arrests were made under the direction of Assistant Commissioner of Police Sanjay Jadhav, who heads the cyber-crime cell of Pune police. Jadhav was assisted by Inspector Satish Devre and Assistant Inspector Pradeep Afle.
Eight of the arrested individuals who were not former MphasiS employees have been identified as Shailesh Chandrakant Bhurewar, 24, Ginny Thomas George, 31, Nitin Madhav Valkar, 42, Vijay Lalaji More -- also known as Vijay Kakaji Gore, 37, Prijimon Philippose, 23, Saundhraj Ramanujam, 28, Satish Madhukar Parab, 29, and Bijoy Alexander, 26.
MphasiS Ties to Citibank
MphasiS hired former Citibank executives to assist MphasiS in obtaining and implementing Citibank outsourcing contracts. The prices quoted by MphasiS to the project management firm InternationalStaff.net in 2002 were $18 per production hour, compared to $15 to $16 for competing firms. According to MphasiS representatives, their prices were justified on the basis of the security and reliability offered by MphasiS for call center services.
MphasiS' officials in India did not return repeated calls asking for comment. The telephone numbers of their Santa Monica, Calif., office have been discontinued. The Sydney Morning Herald reported on Friday that telephone numbers published by MphasiS for their Australian representatives are also invalid.
On Friday, Vivek Dayal of MphasiS sent this reply to an e-mail inquiry about the progress of the investigation: "We are in close contact with the police and are working with them in their efforts towards law enforcement. MphasiS regrets this occurrence, which seems to involve some ex-employees."
Dayal continued: "While we are unhappy with the incident itself, we are at the same time quite pleased that detection systems worked and that there was swift, coordinated information exchange between the affected parties. While such incidents unfortunately do happen everywhere, timely and exemplary enforcement ensures that no one needs fear that culprits or potential culprits can get away and the reputation, and credibility of the entire system is actually preserved and enhanced."
In other news regarding the firm, on March 14, MphasiS announced that it was acquiring U.S. medical insurance billing company Eldorado Computing, with annual revenues of over $10 million. MphasiS previously purchased Princeton Consulting, a U.K.-based outsourcing project management firm.
Indian Legal System
The idea of the Indian police arresting Citibank employees is something businesses considering outsourcing to India should consider.
According to Suketu Mehta, the Mumbai-based author of the book Maximum City, physical abuse by police of detainees is routine, especially during interrogations. Abuse is driven in part by police manpower shortages and a debilitated judiciary.
Indian police are reportedly responsible for more than 1,200 extra-judicial killings in that country every year. However, Mehta reports that once a suspect has appeared before a judge, the likelihood that they will be killed by the police is low.
The routine nature of this abuse leads one to expect that it might have happened to those former MphasiS employees and to some of their alleged accomplices.
I don't mean to defend what the 12 individuals are accused of doing. However, in Western businesses in India, when a staff person or a member of his or her family is tortured in police custody, productivity can easily break down. The tortured person's life is often broken apart and the disruption spreads to their family and to the co-workers of relatives too. I know this from personal experience.
This is not the only issue in the Indian legal system. The conviction rate for criminal offenses in India is only 10 percent, according to Mehta, who attributes this to a prolonged lack of funding of the judiciary, leading to a 350-year backlog of legal cases awaiting resolution. Mehta said that politicians in India are afraid of the judiciary, so they starve it of funds.
The lack of an effective judiciary to resolve commercial disputes often leads to the use of hired mobsters to force resolutions through violence, threats, intimidation and kidnapping.
The state of the judiciary has contributed to a jail population in India that is largely made up of poor people awaiting hearings and trials. According to Mehta, 73 percent of India's jail population is made up of people who are being held in pretrial confinement, with only 27 percent of India's jail population actually having been convicted.
To illustrate the state of the Indian judiciary, Mehta said that hearings on interim legal appeals (not final appeals) that were being held in 1996 were for appeals filed in 1984. There are 25 million legal cases pending in India now, according to Mehta.
Given the publicity surrounding the Citibank case, those accused of fraud will likely have their cases expedited. However, the underlying structural problems of India's legal system and penal institutions will likely remain as impediments to international business and to individual safety and security in India.
Causes of Security Problems
The MphasiS call center in Pune is CMM Level 5-certified, but this was not sufficient to prevent the security problems with Citibank's customers. Security problems at call centers in India are encouraged by the following:
- Turnover rates of 50 percent to 100 percent in many call centers, which makes it hard to monitor employees;
- High internal and external turnover by top managers at big outsourcing firms, which makes accountability and continuity difficult;
- Poor employee screening procedures;
- Lack of action by NASSCOM and other Indian high-tech associations, which are more focused on the needs of the largest firms in the industry than on the industry as a whole;
- A corporate culture that seeks to maximize financial gains from offshore outsourcing, and which permeates down through the ranks;
- Disengagement by the U.S. client community, particularly banks and credit card firms;
- An outmoded and obsolete fraud enforcement apparatus in the U.S., which has been slow to recognize how new global business practices and technologies are changing the way enforcement activities need to be conducted.
According to Vasant Subramanyan, manager of an InternationalStaff.net contract facility in Kolkata, India, all U.S. banks and credit card companies need to set up and staff inbound help lines where customers who have received solicitations that could be fraudulent can call and receive help. Some U.S. financial services firms are doing this now, but not all -- and not all firms with hotlines are doing a good job of responding to their customers' fraud concerns.
U.S. enforcement agencies have to adapt to new high-tech fraud activities conducted from offshore locations, but they also need to do a better job of shutting down illegal call center operations within the U.S.
Role of NASSCOM
NASSCOM is the major Indian trade association for call centers and software firms. The previous chairman of NASSCOM is Jerry Rao, who is also the chairman and CEO of MphasiS BFL. He served as NASSCOM's chairman in 2004-2005. He continues to sit on NASSCOM's Executive Council. MphasiS is closely identified with NASSCOM, and vice versa.
NASSCOM has been largely silent on the issue of corporate-wide schemes undertaken by Indian call centers conducting telemarketing work in the U.S. in violation of state and federal laws in the U.S. NASSCOM focuses on the big firms and big personalities in the Indian IT industry, rather than on the health of the industry as a whole.
One example of their approach to the U.S. and to U.S. firms might be seen in NASSCOM and its members' endorsement of India's corporate income tax scheme, announced Sept. 28, 2004. This scheme will tax non-Indian IT firms operating in that country at more than 36 percent, but leaves domestic Indian firms untouched, thereby creating a significant advantage for domestic IT firms operating in India.
Options for US Firms
The experience of Citibank could prompt some U.S. clients to consider using smaller, better-managed facilities. It could prompt the consideration of new outsourcing locations within India, particularly Kolkata, which has an abundant supply of English-speaking talent. U.S. firms with outsourcing work can also look to new outsourcing destinations such as Pakistan and countries in the Persian Gulf.
More importantly, this fraud case could prompt a reexamination of corporate cultures and corporate ethics. We need corporate cultures that place greater emphasis, from the top down, on the benefits of a job well done and on the worth of individuals within organizations, rather than on short-term greed.
Businesses and governments need to recognize how shoddy human rights practices and debilitated legal systems are both anti-business and anti-prosperity. We cannot have a global economy that is safe for Americans at home and abroad until those two issues are adequately addressed.
Anthony Mitchell , an E-Commerce Times columnist, has been involved with the Indian IT industry since 1987, specializing through InternationalStaff.net in offshore process migration, call center program management, turnkey software development and help desk management.