Karnataka HC Orders BSNL to Pay ₹55 Lakh in SIM Swap Fraud Case

Jyoti Rathi - Kolkata Bureau Jun 07, 2026 1,750 Views

The Karnataka High Court has ordered BSNL to pay ₹55 lakh in compensation to a cooperative bank for a 2019 SIM swap fraud. The court ruled that telecom providers bear civil liability for financial losses if their negligence in verifying identity during SIM issuance enables cybercriminals to intercept OTPs.

BENGALURU — In a landmark ruling for digital financial security in India, the Karnataka High Court has directed Bharat Sanchar Nigam Limited (BSNL) to pay ₹55 lakh in compensation to a cooperative bank in Shivamogga district. The order follows a major SIM swap fraud in 2019, where cybercriminals siphoned off ₹87.7 lakh from the bank’s account by obtaining a duplicate SIM card without the account holder's consent.

The court’s decision, delivered by a bench led by Justice Suraj Govindaraj on June 5, 2026, overturns a previous Lok Adalat ruling that had awarded only ₹5 lakh in damages. The High Court has ordered BSNL to pay the compensation with 9% annual interest, calculated from February 7, 2019.

Negligence and Systemic Vulnerability

The case originated when Sri Basaveshwara Pattana Sahakara Bank Niyamitha, which maintained a current account with Canara Bank, discovered unauthorized transactions between February 6 and 7, 2019. Investigations revealed that an unknown individual had obtained a duplicate SIM card linked to the bank's registered mobile number from a BSNL office in Bengaluru.

The court noted that this duplicate SIM allowed the perpetrators to intercept One-Time Passwords (OTPs) necessary for completing seven high-value RTGS and NEFT transfers. Justice Govindaraj emphasized that the issuance of a duplicate SIM card without rigorous identity verification is a breach of the "duty of care" telecom providers owe to their subscribers.

"The very fact that a duplicate SIM reached a non-subscriber is proof that verification was either not conducted, or was conducted in so perfunctory a manner as to be worthless," the court observed. The bench further highlighted that BSNL’s own initiation of disciplinary proceedings against the employee responsible for issuing the SIM card served as an admission of fault.

Impact on Digital Banking Architecture

The High Court’s ruling extends beyond the immediate parties, addressing the broader risks to India's digital economy. The court characterized telecom service providers as "custodians" of the digital gateway.

"Just as a vault keeper who carelessly or dishonestly gives access to unauthorized persons bears responsibility for the resulting theft, a telecom service provider that carelessly or dishonestly issues a duplicate SIM bears responsibility for the financial fraud that the duplicate SIM enables," the judgment stated.

The court cautioned that as mobile numbers remain the primary mechanism for OTP-based authentication, telecom providers must treat every request for a SIM replacement with extreme gravity to prevent introducing systemic vulnerabilities into the nation's financial architecture.

Quote Section

"Organizers stated that" the court’s decision establishes a crucial precedent for telecom accountability. According to officials, the ruling reinforces the mandate that telecom service providers, as fundamental pillars of the digital economy, are legally and civilly liable for financial damages resulting from their failure to adhere to mandatory KYC and verification protocols.

Why It Matters

This verdict significantly raises the stakes for telecom operators regarding subscriber security. For consumers, the ruling provides a clear path for legal recourse in cases of negligence by service providers. For businesses and banking institutions, it emphasizes the need for multi-factor authentication beyond just SMS-based OTPs, while compelling telecom companies to overhaul their internal verification systems to prevent fraudulent SIM swaps.

Key Facts at a Glance

Total Fraud Amount: ₹87.70 lakh.
Compensation Awarded: ₹55,50,762 (including ₹50.5 lakh for net loss and ₹5 lakh in damages).
Interest Rate: 9% per annum from February 7, 2019.
Court's Stance: Telecom companies act as "custodians" of the digital financial gateway and must be held civilly liable for negligence.

FAQ

What is a SIM swap fraud? It is a cybercrime where fraudsters obtain a duplicate SIM card of a target's mobile number by impersonating them. This allows them to receive the target's OTPs and gain unauthorized access to financial accounts.

Why was BSNL held liable? The High Court found that BSNL failed to perform adequate identity verification before issuing a duplicate SIM, enabling the fraud. The court noted this was a breach of their duty of care.

Can telecom companies be held responsible for third-party fraud? Yes. The court ruled that if a telecom company's negligence—such as failing to follow KYC norms—facilitates a third party to commit fraud, the company can be held vicariously and civilly liable.

What steps can banks take to prevent this? The court suggested that banks should implement multiple OTP delivery channels, time delays between SIM swap notifications and large transactions, and educate customers on digital security.