The cyber crime police in the western Indian city of Pune arrested 16 people, including a few former call center employees for defrauding the U.S. customers of Citibank to the tune of $425,000 recently.

They are accused of soliciting PIN numbers out of customers and using them to transfer funds illegally. Customers noticed the suspicious transfers and alerted Citibank, which traced the problem back to Pune. Bank officials then contacted the company who called the police.

While widely reported by the foreign media, this issue presented a benevolent opportunity to mock the Indian call centre industry, that is being accused of taking away jobs from the U.S and Europe.

After this incident, research agency Forrester said, “While the center in Pune was BS 7799 and CMM Level 5 certified, the breach still occurred. Clients and prospects should not be lulled into security complacency by the laundry list of certifications or process changes that suppliers roll out. Customers are going to have to implement their own aggressive requirements, such as eliminating writing instruments in their offshore centers and auditing bi-monthly to ensure that the vendor is following mandated processes.”

Forrester also claimed offshore call center growth in India could decrease by as much as one-third because of security concerns, regulatory pressure and a consumer backlash.
Soon after the incident, the IT body National Association of Software and Services Companies (NASSCOM) said “The threat of data theft and misuse is no higher in India than in other countries, including the U.S.”

Nasscom said that Indian outsourcing companies have adequate security systems in place. To prevent further incidents, Nasscom has proposed a national card, something similar to a citizen’s card that will keep track of BPO employees wherever they go. Without the card, experienced call center employees cannot seek new jobs.