It is rarely dramatic when cyber fraud begins. A teacher between classes, a software engineer picking up groceries, a retired couple checking messages after lunch. Then comes the unfamiliar alert — money debited, a UPI payment successful, a card used in a city they have never visited. For a brief moment, they assume it is a technical glitch. But a quick look at their bank balance turns uncertainty into dread. The money is gone.
Instinctively, they reach for the only lifelines available — the 1930 cybercrime helpline or the National Cybercrime Reporting Portal (NCRP). Details are typed in hurriedly, voices shaking as victims describe transactions they never made. On the police side, each complaint merges into an unending stream — 93,160 financial complaints lodged in Telangana in 2025, with losses amounting to a whopping ₹2,000 crore.
For victims, filing a complaint is a desperate attempt to salvage whatever is left. For investigators, it marks the beginning of a race against a digital financial ecosystem where money moves in seconds, while banks, the most crucial gatekeepers, often move far more slowly.
The first few minutes: A race against a narrowing window
Every complaint made through 1930 or NCRP is routed to the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS), the platform that offers the first, and often only, opportunity to freeze stolen funds.
“When a complaint comes in, the beneficiary bank is immediately alerted based on the transaction ID and the victim’s account details. But whether the money is actually stopped depends entirely on how quickly that bank responds,” said a senior police official handling cybercrime.
Fraudsters use every second, pushing funds through layers of mule accounts spread across multiple banks. Each transfer triggers another alert, another account to trace, another link in the chain. If the money passes through 10 accounts, investigators must track all 10 transaction IDs and alert each bank individually. This has to be done manually, unable to match the speed at which the funds disperse.
Officials State response times vary widely. Some banks act almost immediately, others take hours, and a few respond only after repeated follow-ups, pushing money further out of reach.
Banking bottlenecks: The systemic choke point
Cybercrime teams across Telangana describe banking gaps as the single largest barrier to timely investigation and recovery. Internal coordination within banks, coordination between banks, and delays in sharing information with law enforcement are the biggest obstacles.
Once alerted, banks first need to verify whether the funds are still in the beneficiary account and place a lien to prevent further withdrawals. Further, they must share additional details essential for tracing the fraudsters, including account statements, device logs, IP addresses and beneficiary information, which takes 7-8 days on average and can stretch into several weeks.
A major reason is the absence of dedicated cyber-response teams within many banks, investigators said. “Banks prioritise profit and operational efficiency. Cybercrime response is still seen as an additional responsibility, not a frontline requirement,” an official said. Police officers have long argued that each branch needs a dedicated cyber desk capable of responding in real time, but most banks have yet to implement such systems. Currently, major banks in Telangana have State-level nodal officials supported by small teams to coordinate complaints, but the response remains inconsistent across multiple levels.
Fraudsters shift to smaller banks
Investigators have observed a growing trend of fraudsters are increasingly routing money through smaller cooperative and local private banks, many of which are not yet integrated into the NCRP system.
The Ministry of Home Affairs has said that 263 banks, payment companies and e-commerce platforms are currently onboarded. But the gaps are considerable, particularly among regional banks operating across State borders.
Officials now routinely encounter banks they had “never heard of”, institutions outside the NCRP ecosystem with no clear contact points. “Tracking down the right officials consumes valuable time, and coordinating with out-of-State banks is even more difficult,” said an official.
The refund maze: A process with no clarity
Even when funds are successfully placed on hold, returning money to the victim remains an opaque and inconsistent process. Officers say ambiguity persists at almost every stage — who can claim a refund, how quickly refund orders must be honoured, and which victim gets priority when multiple complaints involve the same account.
Banks frequently cite a high volume of court orders and process them at their own pace, with no defined timelines. In some instances, police officers note, the decision on who gets the refund first depends on internal interpretations, or influence. “Sometimes those with connections get their refund first and the others wait,” an official said.
Victims repeatedly contact police stations for updates, but investigators themselves rely on bank responses that arrive slowly, sporadically and often after persistent follow-up.
Police officials handling cybercrime stress that banks and police must work in sync for recovery rates to improve. Until banks match the urgency of the crime, with real-time coordination, faster acknowledgements, uniform procedures and dedicated cyber desks, the gap between how quickly money is stolen and how slowly the system responds will only widen.
