Indian BPO firms come under scanner after global ATM heist

Outsourcing of jobs by global financial institutions to Indian shores has come under scanner, with the perpetrators of a $45-million worldwide ATM heist apparently breaching computer systems of a payment processing firm in India for their con job. According to charges filed by the US federal prosecutors here, eight persons have been indicted for participating in two worldwide cyber attacks culminating into a huge $45 million being withdrawn fraudulently from ATMs across the world in a matter of few hours earlier this year.

The modus operandi for the heist included hacking into computer systems of payment processing companies - one in the US and another in India - to compromise the account details of prepaid card account customers of two banks (one in the UAE and another in Muscat). This was followed by unlimited withdrawals from ATMs across the world. This is the fourth major instance in less than a year when outsourcing of key jobs by global financial conglomerates to India has found a mention by global regulatory or enforcement agencies for wrong reasons, including for ineffective controls against suspicious transactions, a global rate rigging scandal, money laundering risks and now a huge swindle operation. Late last year, a joint probe by British and Swiss regulators found key controls for 'detection of suspicious trading activity' failed at an India outsourcing unit, contributing to $2.3-billion loss caused by a rogue trader of global banking giant UBS. Months before that, outsourcing of key oversight jobs by two global banks - HSBC and Standard Chartered - to India had come under the regulatory scanner in the US and UK for ineffective controls against suspicious transactions.