M/s Gujarat Petrosyntheses Limited (GPL), a public limited company headquartered in Mumbai with offices in Bangalore, maintained a current account with Axis Bank at its Marathahalli branch. On 20 June 2011, unauthorized electronic instructions were used to siphon Rs. 39,00,550 from that account — of which Rs. 35,44,400.01 remained unrecovered. GPL approached the Adjudicating Officer under the IT Act in October 2011. Instead of a hearing on merits, what it got was a dismissal on a legal fiction — that a company is not a "person" under Section 43. Fifteen years later, TDSAT corrected that error with costs.
The appeal before the Telecom Disputes Settlement and Appellate Tribunal is a definitive ruling on a question of statutory interpretation that had been wrongly decided at the adjudicatory level: whether the word "person" in Section 43 of the Information Technology Act, 2000, as amended in 2008, encompasses a body corporate such as a bank or a limited company. The answer, always obvious from first principles, was yes.
The Cyber Fraud — What Happened on 20 June 2011
GPL maintained its banking account with the Axis Bank branch at Site No. 43, Varthur Main Road, Marathahalli, Bangalore. All instructions concerning the disputed transactions were passed through electronic documents delivered to — and carried out by — Axis Bank, Marathahalli.
On 20 June 2011, unknown persons gained unauthorized access to the information systems of Axis Bank, manipulated electronic data, and issued instructions for fund transfers that drained GPL's credit balance. The complaint alleged contraventions of Sections 43(a), 43(f), and 43(g) of the IT Act — unauthorized access, damage to electronic information, and assistance to unknown persons in gaining unauthorized entry into the bank's systems.
The alleged liability extended not just to Axis Bank (the account-holding bank), but also to five beneficiary banks — IndusInd Bank, ING Vysya Bank, HDFC Bank, Standard Chartered Bank, and Canara Bank — through whose systems the fraudulently transferred funds flowed.
The Adjudicating Officer's Error — A Cryptic and Legally Unsound Finding
Before the Adjudicating Officer — the Principal Secretary, Department of IT, Government of Karnataka — Axis Bank filed two Interlocutory Applications. The first sought time to file a reply. The second challenged jurisdiction and the very sustainability of proceedings under Section 43 of the IT Act.
While the AO correctly overruled the jurisdiction objection, he accepted Axis Bank's second submission and ended the proceedings in a single, conclusory paragraph:
"However the contention of the respondent that the complainant has wrongly invoked Section 43 seeking adjudication and compensation under Section 46 of IT Act does hold water."
"Section 43 of the Act relates to a person and not a body corporate. The IT Amendment Act of 2008 has made a separate provision for a body corporate to seek compensation. In the instant case both the Complainant company and the Respondent bank are body Corporates."
On this basis alone, the proceedings were terminated — without any examination of the merits, without application of judicial mind to the evidence, and without engaging with the General Clauses Act or any statutory definition of "person".
The AO's reasoning was, in the Tribunal's assessment, a cryptic finding with no reasons — contrary to the facts on record and contrary to the mandatory interpretive guidance of both the Central and Karnataka General Clauses Acts.
The Tribunal's Analysis — Why the AO Was Wrong in Law
The Tribunal identified four independent and cumulative reasons why the AO's order was bad in law.
"It may be one thing to hold in the facts of a particular case that Section 43 of the IT Act is not attracted against a particular body corporate but as a general principle of law it would be an error of law to say that the word 'person' mentioned in Section 43 cannot cover a body corporate and a bank."
TDSAT Division Bench — CA No. 2 of 2012, Rajender Prasad Yadav v. ICICI Bank Ltd., 18 July 2019 — Applied as binding precedentThe Technical Objection — And Why It Failed
Axis Bank raised a collateral technical challenge: that the Authorized Representative (AR) who filed the complaint and this appeal did not have authority under the Power of Attorney to argue before the Tribunal, and was not a legal practitioner under the Advocates Act, 1961.
The Tribunal rejected this comprehensively on two grounds.
First, the appeal before the Tribunal was filed by a learned counsel appearing under a vakalatnama. A Special Power of Attorney was also placed on record, executed by GPL's authorised signatory Mr. Urmi N. Prasad before a Government Notary, appointing Mr. Na. Vijayshankar as Special POA holder. The counsel appearing for the appellant had full authority. The objection had no substance.
Second, and more fundamentally, the Tribunal applied the settled principle that procedure is the handmaid of justice, not its master. Even if there had been a procedural lapse — which there was not — it could not be allowed to deny substantial justice to a victim who had been defrauded of Rs. 39 lakhs and had been litigating since 2011 on the basis of a legally untenable objection by the bank.
The Final Order — Appeal Allowed with Costs
The appeal is allowed with a special cost of Rs. 50,000/- (Rupees Fifty Thousand only) to be paid by Axis Bank to the complainant/appellant within two months of this judgment.
The impugned order of the learned Adjudicating Officer is set aside.
The file is remanded back to the learned Adjudicating Officer with a direction to adjudicate the matter as per law and procedure within a stipulated period of six months from the date of communication/receipt of this order.
Both side counsels are in attendance and are aware of this judgment. They are directed to extend full cooperation to the learned Adjudicating Officer for disposal within the stipulated period.
Why This Judgment Matters
The Precedent That Clinched It — CA No. 2 of 2012
The Tribunal applied its own Division Bench judgment in CA No. 2 of 2012 — Rajender Prasad Yadav v. ICICI Bank Ltd., decided on 18 July 2019. In that case, the same AO at Karnataka had dismissed a similar complaint on the identical ground — that Section 43 does not apply to body corporates. The Division Bench had categorically rejected that view and remanded the matter with costs of Rs. 75,000 on the bank.
The Division Bench had held that the jurisdiction to adjudicate and enquire vested under Section 46 of the IT Act is wide enough to make the complaint maintainable and that this jurisdiction cannot get curtailed/limited even if the complainant wrongly labels its complaint petition grievances.
It further held that a body corporate such as the respondent bank can well be within the purview of the IT Act — and that the bank had taken a "wrong and vexatious defence of jurisdiction and maintainability" that had caused the complainant years of needless hardship.
That precedent was directly on point. The question of fact and law was identical. TDSAT applied it unreservedly, holding that the same question of fact and law which is in the present appeal was there in the above decided appeal — and the answer was the same.
Legal Team
Conclusion
The Gujarat Petrosyntheses judgment is a sobering reminder of how procedural and jurisdictional objections, when wrongly upheld, can delay justice by decades. A company that lost nearly Rs. 40 lakhs to a cyber fraud in June 2011 was still fighting, fourteen years later, simply to get a hearing on the merits — not because the law was against it, but because an Adjudicating Officer failed to apply the most basic interpretive principles of the Indian statute book.
The Tribunal's message is unmistakable. The word "person" in Section 43 of the IT Act has always included body corporates. The General Clauses Acts say so. The Companies Act says so. The Apex Court said so in 1965. Banks and corporations that suffer or cause cyber fraud are within the jurisdiction of the IT Act's adjudicatory framework — and they were from the moment the Act came into force.
For compliance officers, legal teams, and businesses that have suffered cyber-enabled fraud, this judgment establishes that the IT Act's adjudicatory route under Sections 43 and 46 is available to them. The era of being told that only individuals can complain is over — if it was ever legally true to begin with.