Fifty-five arrests, Rs 802 crore, 22 states. Gujarat Police’s Operation Mule Hunt 2.0 made headlines last week. But the headlines counted the wrong thing.
Look instead at how mule bank accounts were used to channel cyber fraud proceeds. A man in Ahmedabad allegedly registered a bogus firm, opened three bank accounts in its name, and handed them to fraud syndicates. Police linked these three accounts to 253 cybercrime complaints across 22 states and Union Territories, involving over Rs 161 crore. That is the arithmetic of modern cybercrime: one mule account can service crime committed anywhere in India. The fraudster on the phone may be sitting in a compound abroad, but his money must still touch an Indian bank account. That account is the crime’s one fixed address.
This is the fact the public debate keeps missing. What we call cyber fraud is not primarily a technology problem. It is a money-laundering operation wearing a technology mask.
The phone call, the fake arrest, the bogus investment app — these are the collection front, endlessly redesigned and impossible to exhaust. The real enterprise is the plumbing behind it: layer the money through rented accounts, break it into small transfers, move it out of reach before the victim finishes dialling the helpline.
A generation ago, layering was the craft of specialists — hawala men, shell-company accountants. The mule account has democratised it. Layering is now gig work, a commission paid to anyone willing to rent out his identity documents.
Once you see the crime this way, the arrest count stops being reassuring. The mule is the network’s cheapest, most replaceable part — hired labour, often barely aware of what flows through his account. Arrest fifty-five and the syndicate recruits fifty-five more by the weekend, because the supply of people who will lend an account for a few thousand rupees is effectively infinite.
No police force can arrest its way through an infinite supply. It can, however, choke the plumbing.
Don’t just count arrests
In February, the home ministry said at a national cybercrime conference that fraudsters had siphoned off around Rs 20,000 crore, of which Rs 8,189 crore had been frozen or returned to victims. More than 8.2 million complaints had been registered on the National Cyber Crime Reporting Portal, of which only about 1.84 lakh were converted into FIRs.
Read those figures the way an investigator would. The gap between complaints and FIRs shows that the criminal justice pipeline touches barely two per cent of the problem. The money recovered tells another story. It shows where the leverage actually lies: stopping the money in the pipe before it exits the banking system. A crore frozen in the first few hours is worth a dozen arrests made after the money is gone, because the fraudster’s business dies not when his mule is jailed but when his money stops arriving.
So the test of Mule Hunt is not fifty-five arrests. It is three harder questions.
How many of these accounts did banks flag before the police came calling? If the answer is none, why do institutions that detect a suspicious Rs 500 card swipe abroad miss Rs 161 crore washing through a shell firm’s three accounts? How quickly does frozen money reach victims, who must still petition a magistrate to release what the system froze within days? The freeze runs at digital speed; the refund moves at the speed of a court file.
And is anyone pursuing the layer above the mule—the aggregators who buy accounts in bulk—under the anti-money-laundering law, where the proceeds can be attached, rather than under cheating provisions that often end in bail?
There is an honest counter-argument: arrests deter, and no enforcement system can signal that small fish swim free. True. But deterrence follows probability of getting caught, not spectacle.
The mule fears little today because the perceived risks are low.
Also Read: India’s court websites are broken. It’s becoming a justice crisis
The real deterrent
So, what’s the solution?
If every rented account leads to attachment of the commission earned and a permanent flag on the mule’s banking history, the labour supply will thin without a single additional jail cell. Gujarat’s Cyber Centre of Excellence appears to grasp this. Mule Hunt began with accounts, not accused. That instinct deserves to become national doctrine.
Having spent a career watching the state respond to public alarm, I know its reflex: raise the enforcement numbers, hold the press conference, let the metric substitute for the mission. The numbers soothe; they do not solve. The syndicates keep a different ledger — they count settled money. Until we count what they count, we will keep winning the press conference and losing the pipe.
Count the accounts closed and the money returned. The handcuffs will follow.
The writer is a retired IPS officer and former Director General of Police, Haryana. He helped frame India’s anti-money-laundering rules and headed units against cybercrime and organised crime. Views are personal.
(Edited by Asavari Singh)

