A sophisticated gang of cybercriminals, allegedly aided by officials from the Federal Board of Revenue (FBR) and Pakistan Revenue Automation Limited (PRAL), has inflicted a significant financial blow to Pakistan’s national treasury. The group exploited dormant accounts belonging to retired armed forces personnel to orchestrate a fraudulent scheme involving fake supplies valued at Rs. 1.625 trillion. This scam resulted in a staggering sales tax loss of Rs. 292.549 billion and an additional tax loss of Rs. 235.340 billion.

Almas Jovindah, Advisor Legal & Media Wing, disclosed to the media that this cybercrime was facilitated by current and former employees of PRAL and FBR, who had access to the computerized system. The criminals identified dormant sales tax accounts from the FBR website and used these accounts to conduct bogus transactions, ultimately benefiting certain end consumers and manufacturers.

In a notable instance, the cybercriminals, with insider assistance, manipulated the sales tax account of Mrs. Firdous Anwar, a 79-year-old Karachi resident living abroad. Despite her account showing “Null” sales tax returns for over four years, the gang filed Annexure “C” to declare supplies of re-melting scrap ingots of iron or steel worth Rs. 1.625 trillion. This fraudulent activity resulted in a sales tax impact of Rs. 292.549 billion and further tax implications of Rs. 235.340 billion. A significant portion, Rs. 81.434 billion, was funneled through a dormant account of retired military personnel, eventually reaching seven beneficiaries in Lahore and Faisalabad, who were iron and steel manufacturers.

The Federal Tax Ombudsman (FTO) Advisor Legal & Media Wing highlighted that these transactions were purely on paper, with no physical movement of goods or banking transactions, violating section 73 of the Act. The beneficiaries knowingly purchased fake invoices without any actual exchange of goods or payments.

The current lax enforcement regime has emboldened such fraudulent activities, allowing unscrupulous individuals to exploit the system without fear of repercussions. The sales tax law, based on self-assessment and trust in taxpayers, includes penal and prosecution mechanisms. However, the “Check” feature in the web portal, designed to prevent tax fraud under Rule 18(5) of the Sales Tax Rules 2006, was reportedly disabled during this period.

The credibility of the FBR web portal has been severely compromised, with user IDs and passwords being misused. In one case, a complainant’s “Null” returns were replaced with fake supplies worth trillions. Additionally, security measures, such as the “Checks” in the web portal, were deactivated, and the complainant’s contact details were altered to prevent remedial action.

In another instance, Sultan Ali, the proprietor of M/s New Metro Footwear Co., who passed away on February 9, 2017, was deregistered. Yet, cybercriminals continued to file sales tax returns with fake supplies six years after his death.

The FTO official emphasized that the failure to secure the complainant’s user ID and password, along with the breach of taxpayers’ confidential data, led to this tax fraud case. These administrative lapses amount to maladministration under section 2(3)(i)(a)(b)(c) of the FTO Ordinance.

This case underscores the urgent need for enhanced security measures and stricter enforcement to protect taxpayer data and prevent future fraud.