It starts with a small number you don’t recognise. A transaction in your statement for a stock you never bought. A quantity that doesn’t match your memory. A sale that happened on a day you weren’t logged in.
Most investors dismiss these as display errors or platform glitches and move on. Some of them are right. But some of them are looking at the earliest sign of something far more serious — unauthorised trading in their demat or trading account.
Fraud in demat accounts is not theoretical. It happens through compromised login credentials, SIM swap attacks, broker-side misconduct, phishing, and power of attorney misuse. The investors who catch it early limit their damage. Those who don’t often discover the full extent only during annual reviews — by which point months of trades have settled, funds have been withdrawn, and recovery becomes significantly harder.
Here is how to spot it before it compounds.
Understand What You Should Be Receiving
Before you can spot something wrong, you need to know what legitimate communication from your broker and depository looks like.
SEBI mandates that your Depository Participant send you a Consolidated Account Statement (CAS) every month if there has been any transaction activity, and once every six months even if there has been none. This statement — sent to your registered email from CDSL or NSDL — shows every holding, every debit and credit of shares, and every change in your demat account for that period.
Separately, your broker must send you a contract note for every trade executed — typically by end of day or next morning. A contract note is a legally binding record of each transaction: the stock, quantity, price, exchange, and brokerage charged.
If you are receiving these and reading them — not just archiving them unread — you already have the two most important fraud-detection tools in your hands.
Red Flags That Demand Immediate Investigation
Trades you didn’t place. The most direct signal. A contract note arrives for a stock you have no memory of buying or selling. Check your order history in the broker app immediately. If it does not reflect the trade — or if you simply did not place it — call your broker’s compliance team the same day. Do not wait.
Shares missing from your demat without a corresponding sale. Open your CAS or log into CDSL’s MyCAS or NSDL’s Speed-e portal directly — bypassing your broker’s app entirely — and cross-check your holdings against what your broker shows. Any discrepancy between the depository record and your broker’s interface requires explanation.
Unrecognised off-market transfers. Shares can be moved out of your demat account via off-market transfer — the same mechanism used to gift shares. If your CAS shows an outgoing off-market debit you did not authorise, your account has been compromised. This is one of the most common mechanisms in demat fraud.
Unexplained change in registered contact details. If you receive a notification that your mobile number, email address, or bank account linked to your trading account has changed — and you did not initiate that change — act immediately. Fraudsters change contact details first to intercept OTPs and contract note alerts before executing trades.
Trades in derivatives or segments you don’t use. If your account is activated for futures and options trading that you never requested, or if you see F&O contract notes, check whether your broker activated these segments without your explicit consent. This has been documented as a broker-side misconduct pattern.
Power of Attorney misuse. Many investors sign a broad POA when opening a brokerage account, granting the broker authority to transfer shares for settlement purposes. A POA does not authorise discretionary trading on your behalf. If your broker appears to be using it to execute trades you didn’t place, this is both fraud and a regulatory violation reportable to SEBI.
How to Verify Your Account Independently
The most important habit is to verify your holdings directly at the depository level — not just through your broker’s app.
Register on CDSL’s MyCAS portal (mycas.cdslindia.com) or NSDL’s Speed-e portal (nsdlspeed.in) using your demat account credentials. These are the source-of-truth records maintained by the depository itself. What you see here is what you actually own, independent of any broker interface.
Cross-check this against your broker’s holding screen at least once a month. Any mismatch is a red flag until explained.
Similarly, register for SMS and email alerts for every demat debit — most depositories offer this through their portals. You will receive a notification every time shares leave your account, regardless of the reason.
What to Do If You Spot Fraud
Act the same day. Call your broker’s grievance or compliance team immediately and follow up with a written complaint by email. Document everything — screenshots, contract notes, CAS statements.
File a complaint with SEBI. Use SEBI’s SCORES portal (scores.sebi.gov.in) to register a formal complaint. SEBI-registered brokers are obligated to respond within defined timelines.
Report to the depository. Contact CDSL or NSDL directly to flag unauthorised transactions. They can place a freeze on your demat account to prevent further debits while the investigation proceeds.
File a police complaint. For cyber fraud — compromised credentials, SIM swaps, phishing — file an FIR with your local cybercrime cell or use the national cybercrime reporting portal at cybercrime.gov.in.
Speed matters. Settled trades are harder to reverse. Funds withdrawn from a trading account become progressively more difficult to recover the longer the gap between fraud and report.
FAQs
Q1. Can my broker trade on my behalf without my instruction?
A: No. Unless you have explicitly signed a discretionary portfolio management agreement — which is a separate, regulated arrangement — your broker cannot execute trades without your specific instruction. Unauthorised trades by a broker are a SEBI violation and grounds for complaint and compensation.
Q2. How often should I check my demat account for unauthorised activity?
A: Read every contract note the day it arrives. Review your CAS monthly when it is sent. Cross-check depository records with broker records at least once a month. This takes under ten minutes and catches problems early.
Q3. What is a demat account freeze and how do I request one?
A: A freeze prevents any debits from your demat account. You can request a full or partial freeze through your DP — either online or in writing. During a fraud investigation, this is the fastest way to stop further losses.
Q4. Is my money insured if my broker commits fraud?
A: SEBI’s Investor Protection Fund provides limited compensation to investors in cases of broker default or fraud — up to ₹25 lakhs per investor per exchange. This is a protection of last resort, not a guarantee of full recovery. Prevention and early detection remain your strongest tools.
Q5. What is SIM swap fraud and how does it target demat accounts?
A: SIM swap fraud involves a criminal convincing your mobile operator to issue a new SIM with your number, effectively hijacking your OTPs. Once they control your number, they can reset passwords, receive trade confirmations, and drain your trading account. Guard against it by setting strong passwords, using authenticator apps where available, and never sharing personal details in response to unsolicited calls claiming to be from your broker or depository.
Leave a Reply