M/s Gujarat Petrosyntheses Limited (GPL), a public limited company headquartered in Mumbai with offices in Bangalore, maintained a current account with Axis Bank at its Marathahalli branch. On 20 June 2011, unauthorized electronic instructions were used to siphon Rs. 39,00,550 from that account — of which Rs. 35,44,400.01 remained unrecovered. GPL approached the Adjudicating Officer under the IT Act in October 2011. Instead of a hearing on merits, what it got was a dismissal on a legal fiction — that a company is not a "person" under Section 43. Fifteen years later, TDSAT corrected that error with costs.

The appeal before the Telecom Disputes Settlement and Appellate Tribunal is a definitive ruling on a question of statutory interpretation that had been wrongly decided at the adjudicatory level: whether the word "person" in Section 43 of the Information Technology Act, 2000, as amended in 2008, encompasses a body corporate such as a bank or a limited company. The answer, always obvious from first principles, was yes.

01 ——

The Cyber Fraud — What Happened on 20 June 2011

GPL maintained its banking account with the Axis Bank branch at Site No. 43, Varthur Main Road, Marathahalli, Bangalore. All instructions concerning the disputed transactions were passed through electronic documents delivered to — and carried out by — Axis Bank, Marathahalli.

On 20 June 2011, unknown persons gained unauthorized access to the information systems of Axis Bank, manipulated electronic data, and issued instructions for fund transfers that drained GPL's credit balance. The complaint alleged contraventions of Sections 43(a), 43(f), and 43(g) of the IT Act — unauthorized access, damage to electronic information, and assistance to unknown persons in gaining unauthorized entry into the bank's systems.

The alleged liability extended not just to Axis Bank (the account-holding bank), but also to five beneficiary banks — IndusInd Bank, ING Vysya Bank, HDFC Bank, Standard Chartered Bank, and Canara Bank — through whose systems the fraudulently transferred funds flowed.

Date / Stage
Event
Status
20 Jun 2011
Cyber fraud — unauthorized access to Axis Bank systems, electronic fund transfer of Rs. 39,00,550 from GPL's account
Fraud
28 Oct 2011
GPL files adjudication application before Principal Secretary (IT), Government of Karnataka under Section 46, IT Act
Filed
01 Dec 2011
Power of Attorney executed by GPL's authorised signatory Mr. Urmi N. Prasad appointing Mr. Na. Vijayshankar as Special POA holder
PoA Executed
27 Dec 2011
Adjudicating Officer dismisses complaint — holds Section 43 inapplicable to body corporates; proceedings terminated
Dismissed
2012
GPL files Cyber Appeal No. 1 of 2012 before TDSAT challenging impugned order of the AO
Appeal Filed
18 Jul 2019
TDSAT Division Bench in CA No. 2/2012 (Rajender Prasad Yadav v. ICICI Bank) lays down identical precedent — Section 43 covers body corporates
Precedent Set
27 May 2026
TDSAT allows appeal, sets aside impugned AO order, imposes Rs. 50,000 cost on Axis Bank, remands for merits adjudication within six months
Appeal Allowed
02 ——

The Adjudicating Officer's Error — A Cryptic and Legally Unsound Finding

Before the Adjudicating Officer — the Principal Secretary, Department of IT, Government of Karnataka — Axis Bank filed two Interlocutory Applications. The first sought time to file a reply. The second challenged jurisdiction and the very sustainability of proceedings under Section 43 of the IT Act.

While the AO correctly overruled the jurisdiction objection, he accepted Axis Bank's second submission and ended the proceedings in a single, conclusory paragraph:

Impugned Order — AO Karnataka — 27 December 2011

"However the contention of the respondent that the complainant has wrongly invoked Section 43 seeking adjudication and compensation under Section 46 of IT Act does hold water."

"Section 43 of the Act relates to a person and not a body corporate. The IT Amendment Act of 2008 has made a separate provision for a body corporate to seek compensation. In the instant case both the Complainant company and the Respondent bank are body Corporates."

On this basis alone, the proceedings were terminated — without any examination of the merits, without application of judicial mind to the evidence, and without engaging with the General Clauses Act or any statutory definition of "person".

The AO's reasoning was, in the Tribunal's assessment, a cryptic finding with no reasons — contrary to the facts on record and contrary to the mandatory interpretive guidance of both the Central and Karnataka General Clauses Acts.

03 ——

The Tribunal's Analysis — Why the AO Was Wrong in Law

The Tribunal identified four independent and cumulative reasons why the AO's order was bad in law.

Violation of the General Clauses Acts — "Person" Includes Body Corporate
Section 3 of both the Central General Clauses Act, 1897 and the Karnataka General Clauses Act, 1899 provide that the term "person" includes any company or association or body of individuals, whether incorporated or not. The IT Act, 2008 provides no separate definition of "person" in Section 2 that would exclude bodies corporate. The AO's finding was directly contrary to mandatory statutory guidance.
Body Corporate Is a "Legal Person" Capable of Suing and Being Sued
Under the Indian Companies Act, a registered corporate entity is a distinct legal person. The Apex Court in Telco v. State of Bihar (AIR 1965 SC 40) confirmed that a corporation in law is equal to a natural person with full legal capacity. GPL and Axis Bank, as registered companies, can sue and be sued in their own names — they are squarely "persons" within the meaning of Section 43.
!
Section 43A Does Not Exclude Bodies Corporate from Section 43
Section 43A, introduced in 2008, creates a specific obligation on body corporates to protect sensitive personal data and provides a compensation remedy for its breach. This is a supplementary provision dealing with a distinct subject matter — data protection negligence — not a provision that excludes body corporates from all other remedies under Section 43 for unauthorized access, damage, or fraud.
Complaint Filed Under Section 46 — Jurisdiction Is Wide Enough
The complaint was filed for adjudication under Section 46 of the IT Act, 2000 as amended, with specific reference to contraventions of Section 43 and other provisions. The jurisdiction conferred under Section 46 is broad enough to make the complaint maintainable. An AO cannot curtail that jurisdiction by holding the complaint unmaintainable on a misreading of Section 43.

"It may be one thing to hold in the facts of a particular case that Section 43 of the IT Act is not attracted against a particular body corporate but as a general principle of law it would be an error of law to say that the word 'person' mentioned in Section 43 cannot cover a body corporate and a bank."

TDSAT Division Bench — CA No. 2 of 2012, Rajender Prasad Yadav v. ICICI Bank Ltd., 18 July 2019 — Applied as binding precedent
04 ——

The Technical Objection — And Why It Failed

Axis Bank raised a collateral technical challenge: that the Authorized Representative (AR) who filed the complaint and this appeal did not have authority under the Power of Attorney to argue before the Tribunal, and was not a legal practitioner under the Advocates Act, 1961.

The Tribunal rejected this comprehensively on two grounds.

First, the appeal before the Tribunal was filed by a learned counsel appearing under a vakalatnama. A Special Power of Attorney was also placed on record, executed by GPL's authorised signatory Mr. Urmi N. Prasad before a Government Notary, appointing Mr. Na. Vijayshankar as Special POA holder. The counsel appearing for the appellant had full authority. The objection had no substance.

Second, and more fundamentally, the Tribunal applied the settled principle that procedure is the handmaid of justice, not its master. Even if there had been a procedural lapse — which there was not — it could not be allowed to deny substantial justice to a victim who had been defrauded of Rs. 39 lakhs and had been litigating since 2011 on the basis of a legally untenable objection by the bank.

05 ——

The Final Order — Appeal Allowed with Costs

Order — Justice Ram Krishna Gautam, Member, TDSAT — 27 May 2026
(i)

The appeal is allowed with a special cost of Rs. 50,000/- (Rupees Fifty Thousand only) to be paid by Axis Bank to the complainant/appellant within two months of this judgment.

(ii)

The impugned order of the learned Adjudicating Officer is set aside.

(iii)

The file is remanded back to the learned Adjudicating Officer with a direction to adjudicate the matter as per law and procedure within a stipulated period of six months from the date of communication/receipt of this order.

(iv)

Both side counsels are in attendance and are aware of this judgment. They are directed to extend full cooperation to the learned Adjudicating Officer for disposal within the stipulated period.

06 ——

Why This Judgment Matters

S.43
Body Corporates Are "Persons" Under Section 43
This judgment settles — following the 2019 TDSAT Division Bench precedent — that companies and banks are "persons" within Section 43 of the IT Act. Neither the introduction of Section 43A in 2008 nor any other provision creates an exception for body corporates.
S.46
Wide Adjudicatory Jurisdiction Cannot Be Curtailed
The jurisdiction under Section 46 to adjudicate complaints under the IT Act is broad. An AO cannot narrow that jurisdiction by wrongly ruling a complaint unmaintainable before examining any merits, particularly when the complainant has invoked the correct adjudicatory mechanism.
GCA
General Clauses Act Is Binding Interpretive Authority
Adjudicating Officers under the IT Act must read "person" in Section 43 consistently with Section 3 of the General Clauses Acts. A finding that excludes body corporates is not merely wrong — it is directly contrary to a mandatory statutory direction on how to interpret that term.
Cost
Vexatious Technical Objections Attract Costs
The Tribunal imposed Rs. 50,000 in costs on Axis Bank, noting that the company had been compelled to "run from pillar to post" from 2011 to 2026 because of objections that were without force in law. Banks that weaponise procedural and jurisdictional defences to delay meritorious complaints will face cost consequences.
07 ——

The Precedent That Clinched It — CA No. 2 of 2012

The Tribunal applied its own Division Bench judgment in CA No. 2 of 2012 — Rajender Prasad Yadav v. ICICI Bank Ltd., decided on 18 July 2019. In that case, the same AO at Karnataka had dismissed a similar complaint on the identical ground — that Section 43 does not apply to body corporates. The Division Bench had categorically rejected that view and remanded the matter with costs of Rs. 75,000 on the bank.

TDSAT Division Bench — CA No. 2/2012 — Applied as Binding Precedent in This Case

The Division Bench had held that the jurisdiction to adjudicate and enquire vested under Section 46 of the IT Act is wide enough to make the complaint maintainable and that this jurisdiction cannot get curtailed/limited even if the complainant wrongly labels its complaint petition grievances.

It further held that a body corporate such as the respondent bank can well be within the purview of the IT Act — and that the bank had taken a "wrong and vexatious defence of jurisdiction and maintainability" that had caused the complainant years of needless hardship.

That precedent was directly on point. The question of fact and law was identical. TDSAT applied it unreservedly, holding that the same question of fact and law which is in the present appeal was there in the above decided appeal — and the answer was the same.

08 ——

Legal Team

⚖ Counsel Appreciation

"When a fraud victim is told for fifteen years that the law does not protect companies, it takes advocates of rare legal acuity to prove that it always did. Adv. Ranganath M.A., Adv. Rohit Madan, and Adv. Chinmayee Sahoo did exactly that — marshalling statutory interpretation, binding precedent, and constitutional principle with surgical precision."

— Roots Cyber Law Firm  ·  Case Commentary, Cyber Appeal No. 1 of 2012
★ Counsel for Petitioner / Appellant
Roots Cyber Law Firm — TDSAT, New Delhi · Cyber Appeal No. 1 of 2012
Lead Counsel
Adv. Ranganath M.A.
Spearheaded the statutory interpretation strategy, anchoring the appeal on the General Clauses Act and the binding TDSAT precedent in Rajender Prasad Yadav to dismantle the AO's flawed reasoning on the meaning of "person" under Section 43.
Counsel
Adv. Rohit Madan
Argued the appeal on the record, addressing the interplay between Sections 43 and 43A with precision, and countering the bank's technical objections on authority and locus with clear analysis of the POA and vakalatnama documentation.
Counsel
Adv. Chinmayee Sahoo
Brought rigorous research depth to the written submissions — fortifying the legal basis with case law on corporate personhood, the Apex Court's Telco ruling, and the wide adjudicatory jurisdiction conferred by Section 46 of the IT Act.
✓ Appeal Allowed — Impugned Order Set Aside · Rs. 50,000 Cost on Axis Bank · Remanded for Merits Adjudication
Full Roster — Advocates on Record  —  Cyber Appeal No. 1 of 2012
Counsel for Appellant / Petitioner
Adv. Ranganath M.A., Adv. Rohit Madan & Adv. Chinmayee Sahoo
The three-member team from Roots Cyber Law Firm appeared for M/s Gujarat Petrosyntheses Ltd. before TDSAT, successfully arguing that the AO's dismissal of the Section 43 complaint was legally untenable and that a body corporate is fully within the purview of the IT Act. Their advocacy secured an outright reversal of the impugned order, remand for merits adjudication, and exemplary costs against the bank.
Counsel for Respondents R-1 to 7 and R-10 to 12
Dr. Abhimanyu Chopra & Mr. Kushagra Jain
Appeared for Axis Bank (Respondents 1–7 and 10–12), pressing both technical objections on authority of the AR/POA holder and substantive arguments that Section 43A was the exclusive provision for body corporates post the 2008 amendment.
Counsel for Kotak Bank
Ms. Shreya Pathak
Appeared for Kotak Bank as one of the respondent financial institutions in this appeal.
Counsel for HDFC Bank
Ms. Vasudha Arora
Appeared for HDFC Bank, one of the beneficiary banks named as a respondent in the original complaint on account of its role in the fund-transfer chain arising from the cyber fraud.
09 ——

Conclusion

The Gujarat Petrosyntheses judgment is a sobering reminder of how procedural and jurisdictional objections, when wrongly upheld, can delay justice by decades. A company that lost nearly Rs. 40 lakhs to a cyber fraud in June 2011 was still fighting, fourteen years later, simply to get a hearing on the merits — not because the law was against it, but because an Adjudicating Officer failed to apply the most basic interpretive principles of the Indian statute book.

The Tribunal's message is unmistakable. The word "person" in Section 43 of the IT Act has always included body corporates. The General Clauses Acts say so. The Companies Act says so. The Apex Court said so in 1965. Banks and corporations that suffer or cause cyber fraud are within the jurisdiction of the IT Act's adjudicatory framework — and they were from the moment the Act came into force.

For compliance officers, legal teams, and businesses that have suffered cyber-enabled fraud, this judgment establishes that the IT Act's adjudicatory route under Sections 43 and 46 is available to them. The era of being told that only individuals can complain is over — if it was ever legally true to begin with.