New Delhi, Sep 16: Pakistan’s digital economy is facing an unprecedented crisis as cyber scams, data breaches, and online financial fraud spiral out of control, according to a recent report by Islam Khabar’s Khaalid Hanif. Despite the alarming scale of the problem, enforcement remains weak and fragmented, undermining consumer trust and institutional resilience.
Between 2020 and 2024, the Federal Investigation Agency (FIA) received over 722,000 cybercrime complaints. Yet fewer than 10 per cent were investigated, and only 152 cases ended in convictions. In 2024 alone, over 13,000 complaints of online financial fraud led to 1,212 arrests, but just 17 verdicts were delivered — a gap reflecting systemic inefficiency and near-total absence of deterrence.
The financial sector has borne the brunt of the fallout. In the first quarter of 2024, the State Bank of Pakistan (SBP) fined eight major banks PKR 776 million for lapses in anti-money laundering, customer due diligence, and fraud controls. The Banking Mohtasib resolved nearly 28,000 fraud complaints in 2024, ordering PKR 1.65 billion in restitution — but this remains a fraction of total losses, the report noted.
Digital fraud itself has evolved into industrial-scale organised crime. In July 2025, the National Cybercrime Investigation Agency (NCCIA) busted a massive Ponzi racket in Faisalabad, arresting 149 suspects, including foreign nationals. The Securities and Exchange Commission of Pakistan (SECP) has also flagged 141 illegal lending apps exploiting platforms like Facebook and WhatsApp, many of which re-emerge under new names after regulatory takedowns.
Pakistan’s corporate sector remains deeply exposed. The Cybersecurity Council’s 2024 report found that over 60 per cent of companies lack even basic safeguards such as encryption and multi-factor authentication. Meanwhile, jurisdictional overlaps and turf wars between FIA and NCCIA have further weakened enforcement.
Resource gaps exacerbate the crisis: just 350 cybercrime investigators are tasked with over 160,000 cases annually, forcing each officer to handle an average of 6,000 complaints. Courts, too, lack technical expertise and specialised benches to handle digital evidence.
The Pakistan Telecommunication Authority’s Cybersecurity Report 2024–25 recorded a 17 per cent rise in cyberattacks on critical systems, with phishing attempts surging by 173 per cent. Although the CTDISR-2025 introduced stronger protocols, compliance remains patchy, limited mainly to large telecom firms, leaving much of Pakistan’s digital ecosystem dangerously exposed.
