PROSPER PROFESSIONAL DEVELOPMENT LIFE PRIVATE LIMITED

Electricity

Electricity

Enable your retail business to offer fast, secure and reliable BBPS bill payments, recharges, OTT subscriptions and more all from one platform.

Fraud Prevention, Risk Management and Anti-Fraud Policy

Last Updated: July 01, 2026

FRAUD PREVENTION, RISK MANAGEMENT AND ANTI-FRAUD POLICY

Issued By: PROSPER PROFESSIONAL DEVELOPMENT LIFE PRIVATE LIMITED

Registered Office: CC Road, Tamkuhi Road, Kushinagar, Uttar Pradesh, 274406

Version: 1.0

Effective Date: 01 July 2026

1. INTRODUCTION

This Fraud Prevention, Risk Management and Anti-Fraud Policy ("Policy") has been formulated and adopted by PROSPER PROFESSIONAL DEVELOPMENT LIFE PRIVATE LIMITED ("PROSPER", "Company", "We", "Us", or "Our"), a technology-enabled B2B financial services and fintech company incorporated under the Companies Act, 2013, engaged in providing digital financial services, payment solutions, business correspondent services, merchant acquiring services, and financial inclusion services through its authorized agents, distributors, retailers, merchants, and banking partners across India.

PROSPER recognizes that fraud prevention, risk management, and financial crime mitigation are critical to maintaining trust, protecting customers, ensuring regulatory compliance, and preserving the integrity of the financial ecosystem. This Policy establishes a comprehensive framework to prevent, detect, investigate, report, and mitigate fraud, cybercrime, money laundering, identity theft, account takeover, payment fraud, and other financial crimes.

This Policy shall apply to all employees, agents, distributors, merchants, customers, service providers, technology partners, and third-party entities associated with PROSPER.

2. PURPOSE OF THE POLICY

The objectives of this Policy are:

  • To establish a robust fraud prevention framework;
  • To identify and mitigate operational and financial risks;
  • To protect customers and agents from fraudulent activities;
  • To ensure compliance with RBI, NPCI, FIU-IND, and other regulatory requirements;
  • To establish procedures for fraud detection and reporting;
  • To prevent money laundering and terrorist financing;
  • To protect customer funds and data;
  • To maintain the integrity of PROSPER's services and operations;
  • To facilitate cooperation with law enforcement agencies.

3. REGULATORY FRAMEWORK

This Policy has been developed in accordance with:

  • Prevention of Money Laundering Act, 2002 (PMLA);
  • Prevention of Money Laundering Rules, 2005;
  • Information Technology Act, 2000;
  • Digital Personal Data Protection Act, 2023;
  • Reserve Bank of India Act, 1934;
  • Payment and Settlement Systems Act, 2007;
  • RBI Master Directions on KYC;
  • RBI Payment Aggregator Guidelines;
  • RBI Cyber Security Framework;
  • NPCI Operational Guidelines;
  • FIU-IND Guidelines;
  • CERT-In Directions;
  • Aadhaar Act, 2016;
  • FATF Recommendations;
  • Other applicable laws and regulations.

4. SCOPE OF THE POLICY

This Policy applies to all services facilitated through PROSPER, including but not limited to:

  • Bharat Bill Payment System (BBPS);
  • Aadhaar Enabled Payment System (AEPS);
  • Micro ATM Services;
  • Domestic Money Transfer (DMT);
  • Merchant Payment Services;
  • UPI Payment Services;
  • Prepaid Card Services;
  • Business Correspondent Services;
  • Account Opening Services;
  • Insurance Facilitation Services;
  • Loan Facilitation Services;
  • Financial Inclusion Services;
  • Other digital financial services.

5. DEFINITIONS

5.1 Fraud

Fraud means any intentional act, omission, misrepresentation, deception, forgery, manipulation, unauthorized transaction, cyber attack, or unlawful conduct intended to obtain financial gain, avoid obligations, or cause loss.

5.2 Financial Fraud

Any activity resulting in unauthorized financial gain through deception or misuse of financial systems.

5.3 Cyber Fraud

Any fraud committed through electronic means, digital systems, internet services, or information technology infrastructure.

5.4 Suspicious Transaction

A transaction inconsistent with a customer's profile, business pattern, or legitimate purpose.

5.5 Identity Theft

Unauthorized acquisition or misuse of another person's identity information.

6. TYPES OF FRAUD COVERED

This Policy covers, but is not limited to:

Customer Frauds

  • Identity theft;
  • Fake KYC;
  • Account takeover;
  • Social engineering fraud;
  • Impersonation fraud;
  • Fake payment confirmation.

Agent Frauds

  • Unauthorized transactions;
  • Commission fraud;
  • False customer onboarding;
  • Fake account creation;
  • Misappropriation of funds;
  • Collusion fraud.

Merchant Frauds

  • Merchant collusion;
  • Fake transactions;
  • Transaction laundering;
  • Refund abuse;
  • Chargeback fraud.

Payment Frauds

  • UPI fraud;
  • QR code fraud;
  • Card fraud;
  • Wallet fraud;
  • BBPS fraud;
  • AEPS fraud;
  • Micro ATM fraud.

Cyber Frauds

  • Phishing;
  • Vishing;
  • Smishing;
  • Malware attacks;
  • Ransomware attacks;
  • Credential theft;
  • SIM swap fraud;
  • Device spoofing.

Internal Frauds

  • Employee fraud;
  • Insider abuse;
  • Data theft;
  • Unauthorized access;
  • Manipulation of records.

7. FRAUD RISK MANAGEMENT FRAMEWORK

PROSPER adopts a three-layer fraud management framework:

First Line of Defense

Operational teams, agents, and customer-facing staff.

Second Line of Defense

Risk management, compliance, AML, and fraud monitoring teams.

Third Line of Defense

Internal audit, external audit, and regulatory review.

8. CUSTOMER VERIFICATION CONTROLS

PROSPER shall implement:

  • KYC verification;
  • PAN verification;
  • Aadhaar verification;
  • Mobile OTP verification;
  • Device verification;
  • Bank account validation;
  • Video KYC where applicable;
  • Beneficial ownership verification.

No customer shall be onboarded anonymously.

9. AGENT AND MERCHANT DUE DILIGENCE

Before onboarding agents or merchants, PROSPER shall conduct:

  • KYC verification;
  • Business verification;
  • AML screening;
  • PEP screening;
  • Sanctions screening;
  • Criminal background checks;
  • Bank verification;
  • Fraud history assessment.

10. TRANSACTION MONITORING

PROSPER shall continuously monitor:

  • Transaction frequency;
  • Transaction velocity;
  • Geographic anomalies;
  • Device changes;
  • Behavioral changes;
  • Duplicate transactions;
  • Unusual payment patterns;
  • High-risk transactions.

Transactions may be automatically flagged, restricted, or blocked.

11. FRAUD DETECTION SYSTEMS

PROSPER may utilize:

  • Artificial Intelligence (AI);
  • Machine Learning models;
  • Rule-based monitoring engines;
  • Device fingerprinting;
  • Behavioral analytics;
  • Geo-location analysis;
  • Velocity monitoring;
  • Risk scoring engines;
  • Fraud analytics systems.

12. HIGH-RISK ACTIVITIES

The following activities shall be treated as high-risk:

  • Multiple failed login attempts;
  • Rapid fund movement;
  • Suspicious IP addresses;
  • Multiple accounts from same device;
  • Fake documentation;
  • Large-value transactions;
  • Sudden changes in transaction behavior;
  • Transactions from restricted jurisdictions;
  • High-volume cash transactions.

13. SUSPICIOUS ACTIVITY REPORTING

Employees, agents, and partners shall immediately report:

  • Suspected fraud;
  • Unauthorized transactions;
  • Identity theft;
  • Cyber incidents;
  • Money laundering concerns;
  • Security breaches.

Reports may be submitted to:

Fraud Monitoring Cell

Email: fraud@prosper.in

Phone: +91 9918784000

14. ACCOUNT FREEZING AND TRANSACTION HOLD

PROSPER reserves the right to:

  • Freeze accounts;
  • Hold transactions;
  • Suspend services;
  • Restrict withdrawals;
  • Block customers;
  • Disable agents.

Such actions may be taken without prior notice where fraud is suspected.

15. FRAUD INVESTIGATION PROCEDURE

Upon identification of suspicious activity:

Step 1: Detection and initial review.

Step 2: Risk assessment.

Step 3: Temporary suspension or hold.

Step 4: Collection of evidence.

Step 5: Internal investigation.

Step 6: Regulatory reporting.

Step 7: Resolution and corrective action.

16. REPORTING TO AUTHORITIES

PROSPER may report fraudulent activities to:

  • FIU-IND;
  • RBI;
  • NPCI;
  • CERT-In;
  • Cyber Crime Cell;
  • State Police;
  • Enforcement agencies;
  • Courts of competent jurisdiction.

17. LAW ENFORCEMENT COOPERATION

PROSPER shall cooperate with:

  • Cyber Crime Police;
  • Financial Investigation Agencies;
  • RBI;
  • NPCI;
  • FIU-IND;
  • CERT-In;
  • Courts and Tribunals.

The Company may provide:

  • Transaction details;
  • IP addresses;
  • Device identifiers;
  • Account information;
  • KYC documents;
  • Audit trails;
  • Server logs;
  • Digital evidence.

18. CYBER SECURITY CONTROLS

PROSPER implements:

  • AES-256 encryption;
  • TLS 1.2+ encryption;
  • Multi-factor authentication;
  • Device binding;
  • Role-based access control;
  • Intrusion detection systems;
  • Firewalls;
  • Security monitoring;
  • Endpoint protection;
  • Vulnerability assessments;
  • Penetration testing.

19. CUSTOMER RESPONSIBILITIES

Customers shall:

  • Maintain confidentiality of credentials;
  • Protect OTPs;
  • Verify beneficiaries;
  • Report fraud immediately;
  • Avoid sharing sensitive information;
  • Exercise due care.

PROSPER shall not be liable for losses caused by customer negligence.

20. EMPLOYEE TRAINING

PROSPER shall conduct regular training on:

  • Fraud awareness;
  • Cyber security;
  • AML/CFT;
  • Social engineering;
  • Financial crime prevention;
  • Incident response.

21. DATA RETENTION

Fraud-related records shall be retained for:

  • Minimum five (5) years;
  • Or longer if required by law or investigation.

Records include:

  • Transaction logs;
  • KYC records;
  • Investigation reports;
  • Audit logs;
  • Communication records.

22. PENALTIES AND DISCIPLINARY ACTION

Violations may result in:

  • Warning;
  • Suspension;
  • Termination;
  • Commission forfeiture;
  • Financial recovery;
  • Civil proceedings;
  • Criminal prosecution.

23. GRIEVANCE AND FRAUD REPORTING

Fraud Prevention Officer

Name: Mr. Divyanshu Kumar

Address: CC Road, Tamkuhi Road, Kushinagar, Uttar Pradesh, 274406

Email: fraud@prosper.in

Alternate Email: legal@prosper.in

Phone: +91 9918784000

Working Hours: Monday to Saturday, 10:00 AM – 6:00 PM

Emergency fraud complaints may be reported 24×7 through designated channels.

24. POLICY REVIEW

This Policy shall be reviewed:

  • Annually;
  • Upon regulatory changes;
  • Following fraud incidents;
  • Upon introduction of new products.

25. GOVERNING LAW AND JURISDICTION

This Policy shall be governed by the laws of India.

Any disputes arising under this Policy shall be subject to the exclusive jurisdiction of the competent courts at Lucknow, Uttar Pradesh.

26. EFFECTIVE DATE

This Policy shall become effective on 01 July 2026 and remain in force until modified or withdrawn.

27. DECLARATION

This Fraud Prevention, Risk Management and Anti-Fraud Policy has been approved by the management of PROSPER PROFESSIONAL DEVELOPMENT LIFE PRIVATE LIMITED and shall be binding upon all employees, agents, distributors, merchants, customers, service providers, and business partners.


FOR AND ON BEHALF OF

PROSPER PROFESSIONAL DEVELOPMENT LIFE PRIVATE LIMITED

Registered Office:
CC Road, Tamkuhi Road, Kushinagar, Uttar Pradesh, 274406

Email: legal@prosper.in

Phone: +91 9918784000

Website: www.prosper.in

"PROSPER – Secure Payments. Trusted Services. Protected Customers."