On Sunday, February 22, the IDFC First Bank disclosed a Rs 590-crore fraud committed by its employees and others in accounts held by the Haryana government. IDFC First Bank said preliminary findings suggest that unauthorised and fraudulent transactions were carried out by certain employees at its Chandigarh branch, possibly in collusion with external parties. The irregularities were confined to specific Haryana government-linked accounts maintained at the branch.

The discrepancies came to light after a Haryana government department requested closure of its account and transfer of funds to another bank, triggering internal scrutiny. 

Managing Director and CEO V. Vaidyanathan described the case as clear employee fraud, noting evidence of external involvement. Four officials have been suspended, and the matter was reviewed by the board’s Special Committee for Monitoring and Follow-up of Fraud Cases on February 20, 2026.

The bank has appointed KPMG to conduct a forensic audit, expected to take four to five weeks. Police complaints have been filed, law enforcement agencies engaged, and recovery actions initiated across the banking system.

Following the disclosure, the Haryana government issued a circular stating that no government funds would be parked, deposited, invested or transacted through IDFC First Bank or AU Small Finance Bank until further notice.

IDFC First Bank has informed its board, the Reserve Bank of India and statutory auditors about the development. It has also filed police complaints and requested beneficiary banks to lien-mark balances in suspicious accounts.

In a regulatory filing, the Bank said the eventual financial impact will depend on claim validation, recoveries through lien marking on beneficiary accounts in other banks, liabilities of involved entities, and outcomes of legal proceedings. IDFC First Bank stated that the incident is isolated to a specific group of government-linked accounts and does not extend to other account holders. The bank has initiated an investigation, suspended four officials pending the outcome of the probe and referred the matter to the Special Committee of the Board for Monitoring and Follow-up of Cases of Fraud.

The Haryana government has recovered the bulk of funds linked to the suspected fraud at IDFC FIRST Bank’s Chandigarh branch within 24 hours. Addressing the state Assembly, Haryana Chief Minister Mr. Nayab Singh Saini said approximately ₹556 crore was redeposited by the bank into government-linked accounts, along with about ₹22 crore in interest, taking the total recovery close to the suspected diversion amount. The recovered funds belonged to various Haryana government departments, boards and corporations.

Financial impact of the fraud on IDFC First Bank 

Potential recoveries and employee dishonesty insurance cover of ₹35 crore at IDFC First Bank could partly mitigate the impact. As the bank is likely to make a 100 percent provision for the amount this quarter, this could result in either a marginal loss or a small profit in Q4, compared with a net profit of Rs 503 crore in Q3FY26. In other words, the bank is likely to still report profits for the year 2026-27 even after absorbing this loss of Rs.590 crores (in a worst-case scenario assuming the bank is unable to recover any amount from the culprits who committed this fraud). Haryana government-linked accounts account for about 0.5 per cent of the bank’s total deposits, while overall government deposits — including central and state entities — constitute 8–10 per cent of the deposit base. “The bank’s net worth stood at Rs 41,000 crore at the end of December, and the fraud impact is less than 2 percent of this. Nevertheless, such type of instances will certainly erode the depositors’ confidence in the banking system unless the banks and the banking regulators initiate measures to create a public perception that their money with the banks is safe because all said and done only a deposit sum up to Rs. 5 lakhs per depositor per bank is fully insured with Deposit Insurance and Credit Guarantee Corporation (DICGC). 

The RBI governor also clarified that there is no systemic risk and that the fraud was confined to a limited set of accounts.

On 24th February, 2026 four people have been arrested and the Anti-Corruption Bureau (ACB), which had registered the case, is currently interrogating the accused in connection with the alleged large-scale financial fraud. Investigators are still examining documents and digital records to ascertain the exact modus operandi and timeline of the alleged fraud.

Modus operandi 

Preliminary findings suggest that some branch employees fraudulently cleared forged cheques and payment instructions. It was earlier assumed that the fraud was possibly in collusion with outside parties.

“Its a case of employee fraud and external parties are involved. The bank has all the system in place but in this case its not an electronic transfer and its not a digital fraud. Its an older, traditional kind of fraud in connivance with employees. It is a case of collusion,” Mr Vaidyanathan, MD and CEO of the bank told analysts over an investor conference call.  

A one-off transaction of clearing forged cheque may be hypothetically possible with the bank’s employee negligence but a series of such forged cheques getting cleared and payments effected indicate employees’ hand in this episode. Similarly, the concerned officials of the Haryana government department who are the authorised signatories to issue the cheques are likely to be held accountable for allowing the cheques in their custody to be forged by the third parties and encashed at the IDFC Bank. Though detailed information on this episode is currently unavailable it appears that a series of such forged cheques would have been presented to the bank and payments effected accordingly since it is unlikely that a sum of Rs. 590 crore would have been paid in a couple of cheques or a few cheques. 

It is a normal practice for any bank to send a SMS and or an email to the client when large payments are either paid or received in a client’s account. This is purely an automated routine operational mechanism. 

Similarly, banks send monthly account balance intimation as well as account statement and also obtain balance confirmation from the client at periodical intervals as a matter of routine. 

The forensic audit of KPMG and the investigations by other agencies, once completed and their findings are disclosed, will hopefully provide answers to the above questions. 

There are various type of frauds that happen in the banks and the following RBI data reveals that they are on the increase over a period of time.  

Frauds in various banking operations (Amount in INR Crs) based on date of reporting  

(Source: https://www.rbi.org.in/scripts/PublicationsView.aspx?id=23084.) 

The IDFC First Bank fraud of Rs.590 crores purported to be due to the forged cheques is significantly very high, if one goes through the types of fraud categories of deposits and cheques in the above chart of frauds in various banking operations. 

Problem at the macro level 

Frauds basically happen because of two factors- opportunity and intention. While effective systems and internal controls can plug the loopholes in the systems intention is a subjective factor and a fraudster will always keenly look for an opportunity to commit fraud.   

Internal audit is the starting counter check point in the banks. This is followed by statutory audit and regulatory audit. Several frauds have happened mainly due to either the disconnect between the internal audit and others (i.e., statutory audit and regulatory audit) or failure of the internal audit to detect the instances of frauds (for example PNB fraud of Rs. 14,000 Crs in 2018). Audit committees in the banks too have an important role in this regard. The main role of Audit Committee is to ensure financial integrity, effective internal controls, and strong risk management, and to act as a bridge between the Board, management, internal auditors, external auditors, and regulators. Rather than going through the internal audit reports in a routine manner, the Audit committee should carry out random verification on its own quite frequently, maintaining the surprise element. Had this been done effectively, the Indus Ind Bank episode of Rs. 1,580 crores losses (2025) in the bank’s derivative portfolio caused by accounting mismatch could have been averted. Through data-driven auditing, and independent validation banks can enhance real-time deterrence measures. 

Not only the flow of information from Internal Audit to Audit Committee, Statutory Audit and regulatory audit should be smooth, there should be checks and counter checks done at every stage at these layers independently, instead of blindly assuming that others in this layer have duly taken care of the things (Yes Bank crisis, 2020). 

Some of the other measures to be effectively implemented are:

Due diligence at the time of recruitment of the employees to be done in letter and spirit.

Job rotation of the employees.

Surprise forensic audit on all banking operations.

The bank officials should visit the residence / place of work of a certain percentage of the total no. of customers of the branch annually for KYC personal verification, which should be a risk-based verification.    

Banks should be enabled to access the centralised data base of Central Fraud Registry, Central Repository of Information on Large Credits, Credit bureaus, STRs & FIU-IND (for suspected fraud & money laundering) on monthly basis to do hundred percent verification of the same with their data base of total customers. This should be in addition to the extant guidelines where the banks access this database before lending or opening accounts so that the bank fraud data is shared between the banks close to real time basis and fraud prevention measures become more proactive. 

Let us hope that the union government and the banking regulator i.e., Reserve Bank of India will initiate prompt corrective action in this regard.