📝 Part 4.2

FIR & Complaint Drafting

"The FIR is the foundation — a weak foundation crumbles the entire case"

A well-drafted FIR triggers effective investigation, captures all offences, preserves evidence requirements, and withstands defence scrutiny. A poorly drafted FIR leads to discharge, acquittal, or quashing. Master the art of cyber crime FIR drafting.

2.1

FIR vs Private Complaint

📋 Understanding the Distinction

FIR (First Information Report) under BNSS S.173 is information given to police about commission of a cognizable offence. Police must register and investigate without requiring court permission.

Private Complaint under BNSS S.200 is filed directly before Magistrate when: (a) offence is non-cognizable, (b) police refuses to register FIR, or (c) complainant prefers private prosecution.

AspectFIR (S.173 BNSS)Private Complaint (S.200 BNSS)
Filed WithPolice (SHO of Police Station)Magistrate (usually JMFC/MM)
Offence TypeCognizable offences onlyBoth cognizable and non-cognizable
InvestigationPolice investigatesMagistrate may order police investigation or inquiry
Arrest PowerPolice can arrest without warrantBailable warrant after process issued
Use in Cyber CrimeMost cyber offences (IT Act, BNS fraud/cheating)Defamation (BNS S.356), when FIR refused
TimelineImmediate investigationProcess after Magistrate examines complaint
💡 When to Choose Private Complaint

1. Criminal Defamation: BNS S.356 defamation is non-cognizable — private complaint only route.

2. Police Refuses FIR: If police won't register FIR despite cognizable offence, file complaint before Magistrate who can direct FIR registration.

3. Cross-Complaint Strategy: When accused in one case wants to file counter-case, private complaint avoids delay of FIR route.

4. Quicker Process Sometimes: In some jurisdictions, Magistrate complaint proceeds faster than overburdened police investigation.

📖BNSS Section 173
Information in Cognizable Cases
"Every information relating to the commission of a cognizable offence, if given orally to an officer in charge of a police station, shall be reduced to writing by him or under his direction, and be read over to the informant... and shall be signed by the person giving it..."
2.2

Essential Elements of Cyber Crime FIR

🎯 The 7 Critical Components

Every effective cyber crime FIR must contain these elements to trigger proper investigation:

1. Complainant Details
  • Full name, parentage, age, occupation
  • Complete address with PIN code
  • Mobile number and email address
  • Relationship to victim (if filing on behalf)
  • Authority to file (for corporate complaints — board resolution/authorization)
2. Accused Details (If Known)
  • Name and known details
  • Phone numbers, email IDs, social media handles
  • UPI IDs, bank account numbers (for financial fraud)
  • IP addresses, device identifiers (if available)
  • If unknown: "Unknown persons operating under [handle/ID]"
3. Incident Description (MOST CRITICAL)
  • Date and time of incident (or discovery)
  • Exact sequence of events — chronological narrative
  • Mode of commission (phishing link, fake app, direct hacking, etc.)
  • Platform/medium used (WhatsApp, email, website, app name)
  • Technical details: URLs, phone numbers, account details
4. Loss/Damage Suffered
  • Financial loss — exact amount with transaction details
  • Data compromised — type and sensitivity
  • Reputational harm — nature and extent
  • Emotional/psychological impact (for harassment cases)
  • Business disruption — quantifiable impact
5. Sections of Law (Critical for Proper Investigation)
  • IT Act sections (S.43, 66, 66C, 66D, 67, etc.)
  • BNS sections (S.318 cheating, S.319 fraud, S.356 defamation)
  • Special laws if applicable (POCSO, Copyright Act)
  • Note: Include all potentially applicable sections
6. Evidence Annexed
  • Screenshots (with URL visible, timestamp)
  • Bank/UPI transaction records
  • Call records/SMS logs
  • Email printouts with headers
  • Social media posts/messages
  • Any communication with accused
7. Prayer/Relief Sought
  • Registration of FIR under specific sections
  • Investigation and arrest of accused
  • Seizure of devices/accounts
  • Preservation notices to intermediaries
  • Recovery of stolen money/data
2.3

Section Mapping for Common Cyber Crimes

⚠️ Why Section Selection Matters

Correct section selection determines: investigation scope, arrest powers, bail provisions, punishment range, and limitation period. Wrong sections can lead to discharge or quashing.

Pro Tip: Include all potentially applicable sections. Investigation can always drop inapplicable sections, but adding new sections later is procedurally complex.

Crime TypeIT Act SectionsBNS Sections
Hacking/Unauthorized AccessS.43 (damage) + S.66 (hacking)S.329 (criminal trespass) if physical + digital
Data TheftS.43 + S.66 + S.72 (breach of confidentiality)S.303 (theft), S.316 (criminal breach of trust)
Identity TheftS.66C (identity theft)S.319 (cheating by personation)
Phishing/Online FraudS.66D (cheating by personation using computer)S.318 (cheating), S.319, S.336 (forgery)
Cyber StalkingS.67 (if obscene content)S.78 (stalking), S.351 (criminal intimidation)
Morphed ImagesS.67/67A/67B (obscenity)S.79 (word/gesture to insult woman), S.356 (defamation)
Online DefamationS.356 (defamation) — non-cognizable
RansomwareS.43 + S.66 + S.66F (cyber terrorism if critical)S.308 (extortion), S.351 (criminal intimidation)
Banking FraudS.66C + S.66DS.318, S.319, S.316
CSAM (Child Abuse Material)S.67B (child pornography)POCSO Act provisions
✅ Combination Strategy

Most cyber crimes require combination of IT Act + BNS sections:

IT Act: Addresses the "cyber" aspect — unauthorized access, digital medium, computer manipulation

BNS: Addresses the traditional crime — cheating, theft, extortion, defamation

Example (Phishing Attack): S.43 + S.66 IT Act (unauthorized access, hacking) + S.66C (identity theft) + S.66D (cheating by personation) + BNS S.318 (cheating) + S.319 (cheating by personation)

2.4

Model FIR Templates

MODEL FIR — ONLINE FINANCIAL FRAUD (UPI/BANKING)
To: The Station House Officer
Cyber Crime Police Station, [District]
Subject: Complaint for registration of FIR — Online Financial Fraud
Complainant Details:
I, [Name], S/o/D/o [Parent Name], aged [Age] years, occupation [Occupation], residing at [Complete Address with PIN], Mobile: [Number], Email: [Email]
Facts of the Case:

1. On [Date] at approximately [Time], I received a call/message from mobile number [Number] claiming to be from [Bank/Platform/Authority claimed].

2. The caller falsely represented that [false claim — KYC update required/reward pending/account blocked, etc.]

3. Under this false pretense, I was induced to [share OTP/click link/install app/transfer money]

4. As a result, an unauthorized transaction of Rs. [Amount in figures] (Rupees [Amount in words]) was made from my account.

5. Transaction Details:
- Date: [Transaction date]
- Amount: Rs. [Amount]
- Transaction ID/Reference: [ID]
- Debited from: [My Bank Name, A/c No.]
- Credited to: [Beneficiary UPI ID/Account if known]

6. Immediately upon realizing the fraud, I called 1930 cyber crime helpline and reported the incident. Complaint number: [1930 complaint number if any]

Accused:
Unknown person(s) operating mobile number [Number], using UPI ID [UPI ID if known], and any other persons involved in the conspiracy.
Sections of Law:
The above acts constitute offences punishable under:
- Section 66C of IT Act, 2000 (Identity Theft)
- Section 66D of IT Act, 2000 (Cheating by personation using computer resource)
- Section 318 of BNS (Cheating)
- Section 319 of BNS (Cheating by personation)
- Section 61(2) read with Section 3 of BNS (Criminal conspiracy)
Evidence Annexed:
1. Bank statement showing fraudulent transaction
2. Screenshot of call log/message
3. Screenshot of UPI transaction
4. 1930 complaint acknowledgment (if any)
5. Any other communication with accused
Prayer:
I humbly request that FIR be registered under the above sections and investigation be conducted to:
1. Trace and arrest the accused persons
2. Freeze the beneficiary account(s)
3. Recover the defrauded amount
4. Seize electronic devices used in the crime
Place: [City]
Date: [Date]

Signature of Complainant
[Name]
💡 Drafting Tips

1. Be Chronological: Narrate events in sequence — helps police understand modus operandi.

2. Be Specific: Include exact dates, times, amounts, phone numbers, transaction IDs.

3. Be Technical: Include URLs, IP addresses, IMEI numbers, UPI IDs — these are investigation starting points.

4. Be Complete: Include all sections that might apply — can be reduced during investigation, hard to add later.

5. Annex Evidence: Attach everything you have — screenshots, statements, communications.

2.5

Common FIR Drafting Mistakes

❌ Mistakes That Sink Cases

1. Vague Description: "I was cheated online" — doesn't trigger specific investigation. Be detailed about what happened, how, when.

2. Missing Technical Details: Not mentioning phone numbers, UPI IDs, URLs — police has no starting point for investigation.

3. Wrong Sections: Filing under non-cognizable sections (like S.500 IPC defamation) when cognizable sections apply — loses arrest power.

4. Delayed Filing: Filing months after incident without explanation — raises credibility issues and evidence may be lost.

5. No Evidence Annexures: FIR without supporting documents — police may not take it seriously.

6. Contradictory Statements: Facts in FIR contradict later statements — destroys complainant credibility.

7. Over-Inclusion: Adding persons as accused without basis — can lead to malicious prosecution liability.

8. Missing Prayer: Not specifying what relief is sought — unclear what investigation should achieve.

✅ Best Practices Checklist

Before submitting FIR, verify:

☑️ All dates and times are accurate and consistent

☑️ Transaction amounts match bank records exactly

☑️ All phone numbers, IDs are correctly typed

☑️ Screenshots are clear and show relevant information

☑️ Sections cover all aspects of the offence

☑️ Evidence annexures are numbered and referenced

☑️ Prayer specifically mentions investigation/arrest/recovery

☑️ Complainant has signed all pages

🎯 Key Takeaways — Part 4.2

  • FIR (BNSS S.173) is for cognizable offences; Private Complaint (S.200) for non-cognizable or when FIR refused
  • 7 essential FIR elements: complainant details, accused details, incident description, loss suffered, sections of law, evidence annexed, prayer
  • Most cyber crimes need IT Act + BNS combination — IT Act for cyber aspect, BNS for traditional crime
  • Include all potentially applicable sections — easier to drop than add later
  • Be specific: exact dates, times, amounts, phone numbers, transaction IDs, URLs
  • Always annex evidence: screenshots, bank statements, call logs, communications
  • Call 1930 first for financial frauds — include complaint number in FIR
  • Common mistakes: vague description, missing technical details, wrong sections, no evidence
  • For defamation (BNS S.356) — non-cognizable, must use private complaint route
  • Keep copy of FIR with acknowledgment — essential for all future proceedings

📝 Assessment — Part 4.2 (10 Questions)

1. FIR under BNSS S.173 can be filed for:
Correct: B. FIR under S.173 BNSS is specifically for cognizable offences where police can investigate without magistrate permission.
2. For online defamation under BNS S.356, the correct procedure is:
Correct: C. Defamation under BNS S.356 is non-cognizable. Cannot file FIR — must file private complaint before Magistrate.
3. A phishing attack resulting in bank fraud should be filed under:
Correct: D. Phishing involves identity theft (S.66C), cheating by personation (S.66D), and traditional cheating (BNS S.318, 319). Both IT Act and BNS apply.
4. Which detail is MOST critical for police to start investigation in financial fraud FIR?
Correct: A. Phone numbers, UPI IDs, transaction IDs are the starting points for tracing accused. Without these, investigation cannot proceed effectively.
5. Section 66C of IT Act specifically covers:
Correct: B. S.66C IT Act: "Whoever fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person..." — Identity theft.
6. If police refuses to register FIR, complainant should:
Correct: C. Magistrate complaint under S.200/223 BNSS can compel FIR registration. Magistrate can direct police to register FIR and investigate.
7. Annexing evidence to FIR is important because:
Correct: D. While not legally mandatory, evidence annexures help police understand the case better and provide concrete starting points for investigation.
8. For ransomware attack on critical infrastructure, applicable sections include:
Correct: A. Ransomware on critical infrastructure can attract S.66F (cyber terrorism), S.66 (hacking), and BNS S.308 (extortion) for ransom demand.
9. The 7 essential elements of cyber crime FIR are:
Correct: B. The 7 essential elements are: complainant details, accused details (if known), incident description, loss/damage, applicable sections, evidence annexed, and prayer/relief sought.
10. A common mistake in cyber crime FIR drafting is:
Correct: C. Vague FIRs without specific technical details (phone numbers, UPI IDs, URLs, transaction IDs) leave police with no starting point for investigation.