🛡 Security & DefenceMAINS · GS3.18

I4C and RBIH sign mule-account detection pact

A home-ministry cyber centre teams with the RBI's innovation arm to hunt mule accounts with AI.

What happened

The Indian Cyber Crime Coordination Centre (I4C), under the Ministry of Home Affairs, signed a Memorandum of Understanding with the Reserve Bank Innovation Hub (RBIH) to deepen cooperation against cyber-enabled financial frauds and to curtail the spread of mule accounts.
Under the MoU, I4C will share mule-account intelligence and suspect identifiers drawn from its Suspect Registry, and RBIH will use these datasets to train and sharpen AI-driven fraud-risk models.
The shared intelligence feeds MuleHunter.ai, an AI fraud-detection system being adopted across banks to flag and freeze accounts that launder the proceeds of online fraud.
The MoU's declared scope is three-fold: fraud-risk intelligence sharing, analytical support, and operational coordination between the two institutions.
It was signed by Roopa M, IG (Admin), I4C, and Sahil Kinni, CEO, RBIH, in the presence of RBI Deputy Governor Rohit Jain and I4C CEO Rajesh Kumar.
The arrangement joins two distinct arms of the state — a home-ministry policing-and-coordination body and a banking-regulator innovation subsidiary — around a problem that sits exactly on the seam between policing and banking supervision.

Background & context

A mule account is a real bank account whose holder — sometimes a willing accomplice, often a duped or rented identity — receives and forwards the money stolen in an online scam, putting layers of distance between the victim and the fraudster. Once a victim transfers money to a fraudster, that money is rapidly "layered" through a chain of such accounts and withdrawn or converted, which is why the first few minutes after a fraud are decisive. Mule accounts are the plumbing of digital financial crime: investment-app scams, "digital arrest" extortion, fake-loan apps, UPI-collect frauds and job rackets all ultimately route their proceeds through them. Tackling them requires two things that historically sat in different silos — the crime-side intelligence on which accounts are tainted (held by police and the home ministry) and the banking-side ability to act on accounts in real time (held by banks and the regulator). This MoU is an attempt to wire those two sides together.

On the crime side stands the Indian Cyber Crime Coordination Centre (I4C). I4C is an attached office / coordination centre under the Ministry of Home Affairs, set up to provide a single national framework for tackling cybercrime in a coordinated and comprehensive manner and to support State and Union Territory police. Its best-known public-facing platform is the National Cybercrime Reporting Portal (NCRP), the single online window (and the 1930 helpline associated with it) on which citizens lodge cybercrime complaints, especially financial fraud, so that money can be flagged and where possible frozen before it leaves the banking system. Around this, I4C runs a Suspect Registry — a consolidated repository of identifiers (such as account numbers, mobile numbers and other markers) linked to reported cyber-financial crime, built so that banks and intermediaries can check an entity against a known-suspect list. The MoU effectively channels this registry's intelligence into the banking sector's own detection machinery.

On the banking side stands the Reserve Bank Innovation Hub (RBIH), a wholly-owned subsidiary set up by the Reserve Bank of India to incubate financial-technology innovation and to build platforms that the wider banking system can adopt. RBIH is the developer behind MuleHunter.ai, a machine-learning system that scans transaction and account-behaviour patterns to identify likely mule accounts faster and with fewer false positives than older rules-based filters. A model is only as good as the labelled examples it learns from; by feeding it confirmed mule identifiers from I4C's Suspect Registry, the MoU aims to improve both the accuracy and the speed of that detection. In short: I4C supplies the verified crime intelligence, RBIH supplies the AI tooling and the channel into banks, and the MoU is the legal bridge that lets the two flow into each other.

For Prelims

I4C — full form & parent: Indian Cyber Crime Coordination Centre, functioning under the Ministry of Home Affairs (not under the RBI or MeitY). It is a coordination body to fight cybercrime nationally and to back State/UT police.
I4C platforms: it operates the National Cybercrime Reporting Portal (NCRP) and the Suspect Registry; the citizen-facing financial-fraud helpline associated with this ecosystem is 1930.
RBIH — full form & parent: Reserve Bank Innovation Hub, a wholly-owned subsidiary of the Reserve Bank of India, set up to drive financial innovation. It is therefore part of the RBI's ecosystem, distinct from the RBI's own departments.
MuleHunter.ai: an AI / machine-learning fraud-detection system developed by RBIH and deployed across banks to identify mule accounts — the accounts used to move and launder fraud proceeds.
Suspect Registry: an I4C-MHA repository of suspect identifiers tied to cyber-financial crime; under this MoU its data trains RBIH's AI models.
Signatories: Roopa M, IG (Admin), I4C, and Sahil Kinni, CEO, RBIH; witnessed by RBI Deputy Governor Rohit Jain and I4C CEO Rajesh Kumar.
The full I4C set (for "how many components" questions): I4C is commonly described as a multi-pronged programme whose verticals/units span functions like a national threat-analytics unit, a forensics/ecosystem-management capability, a training/capacity-building arm, a research-and-innovation unit, a cybercrime-prevention-and-awareness function, a reporting/portal function and a joint cybercrime coordination function. The exam-safe takeaway is the idea: I4C is a single coordinating umbrella that bundles reporting, analysis, forensics, training and awareness — with NCRP and the Suspect Registry as its named public platforms.
What this is NOT: This is an MoU — an intelligence-sharing and cooperation arrangement — not a new statute, a new regulator or a new body. I4C is not a banking regulator and cannot itself freeze accounts; RBIH is not a law-enforcement agency and is not the RBI itself but its subsidiary. MuleHunter.ai is a detection tool, not a payment system, and it does not replace the 1930 helpline or the NCRP. A mule account is not necessarily a "fake" account — it is usually a genuine account misused to move criminal proceeds.
One peer comparison: Place I4C alongside CERT-In (the Indian Computer Emergency Response Team) to avoid the classic confusion. CERT-In sits under MeitY and is the national nodal agency for cyber-security incidents and computer-network threats; I4C sits under the MHA and is the national coordination body for cyber-crime (policing, citizen complaints, financial fraud). Different ministries, different mandates — security incidents versus crimes.

For UPSC: I4C (under MHA; runs NCRP + Suspect Registry; helpline 1930) signs an MoU with RBIH (a wholly-owned RBI subsidiary) so that I4C's Suspect-Registry intelligence trains RBIH's MuleHunter.ai to detect mule accounts. Do not confuse I4C (MHA, cyber-crime) with CERT-In (MeitY, cyber-security).

Why it matters

Cyber-enabled financial fraud has become one of the highest-volume crimes in a country with one of the world's largest real-time digital-payments footprints. The faster money can move on rails like UPI, the faster fraud proceeds can be layered and cashed out — and the mule account is the chokepoint at which that flow can be detected and stopped. The structural problem this MoU addresses is institutional fragmentation: the police hold the crime intelligence but cannot directly act inside the banking system, while banks and the regulator can act on accounts but lack a verified, national feed of who the criminals are. By formally letting I4C's Suspect Registry feed RBIH's AI models, the arrangement turns scattered complaint data into a usable signal for automated detection, and pushes that signal to where it can be acted on — inside the banks. It also illustrates a wider governance pattern: an enforcement body (MHA's I4C) and a regulator's innovation arm (RBI's RBIH) collaborating through data-sharing and AI rather than through a new law, which is faster to stand up but raises the familiar questions of data accuracy, due process for wrongly flagged account-holders, and oversight of automated decisions.

For Mains

Anchor

A live, datable example of inter-agency cooperation against cyber-financial crime — the I4C–RBIH MoU (12 May 2026) — usable as the centrepiece of an answer on India's institutional architecture for combating digital financial fraud and money laundering.

Exemplification

Concretely shows how the state is operationalising AI and shared databases in policing: I4C's Suspect Registry training RBIH's MuleHunter.ai exemplifies "technology in governance / AI for fraud detection" with a named, verifiable case rather than a generic claim.

Way-forward

For questions on plugging gaps in the anti-fraud chain, this is a ready way-forward point: bridge the crime-intelligence and banking-supervision silos through formal data-sharing and shared AI tooling, while building in safeguards for wrongly flagged account-holders.

Problematisation

The model surfaces an admitted tension: automated mule-account flagging from a centralised suspect registry can mislabel genuine account-holders and raises due-process and data-protection concerns — a usable critique in answers on surveillance, algorithmic decision-making and citizens' rights.

Deploys into: cyber security and money-laundering (GS3.18); internal-security actors and inter-agency coordination (GS3.17); and, by extension, e-governance and the use of AI/data-sharing in public administration.

Ministry of Home Affairs · 2026-05-12 · PRID 2260277 · PIB source ↗