Last Verified: Jun 2026 | By SimOwner.net.pk Editorial Team — Pakistan’s SIM fraud documentation specialists since 2015
When a Pakistani citizen becomes a victim of SIM fraud, online financial crime, or digital harassment, the Federal Investigation Agency’s Cybercrime Wing is often the most powerful legal resource available — more technically specialized than local police and carrying broader investigative authority for digital crimes under PECA 2016. Yet most Pakistanis have never heard of FIA’s Cybercrime Wing, do not know what it investigates, and have never filed a complaint with it.
This guide provides the complete picture of FIA’s Cybercrime Wing: its legal mandate, investigative powers, the categories of crime it handles, how to file a complaint effectively, what happens during an investigation, realistic timelines, and how FIA’s jurisdiction complements (rather than replaces) local police FIRs and PTA regulatory complaints.
For SIM fraud victims specifically: your first action should always be checking which unauthorized SIMs are on your CNIC at SimOwner.net.pk — this information goes directly into your FIA complaint and significantly strengthens it.
What Is FIA’s Cybercrime Wing?
The Federal Investigation Agency (FIA) is Pakistan’s federal law enforcement agency — equivalent to the FBI in the United States in terms of its federal (rather than provincial) jurisdiction. The Cybercrime Wing is FIA’s specialized unit for investigating crimes committed through electronic means.
Legal authority: FIA’s Cybercrime Wing derives its investigative authority primarily from:
- PECA 2016 (Prevention of Electronic Crimes Act) — the primary cybercrime law in Pakistan
- FIA Act 1974 — the foundational legislation establishing FIA’s federal mandate
- Criminal Procedure Code (CrPC) — governing investigation procedures
Jurisdiction: The Cybercrime Wing has federal jurisdiction — meaning it can investigate crimes regardless of which province the victim or perpetrator is in. This is particularly important for SIM fraud cases where a franchise in Karachi may have registered a fraudulent SIM targeting a victim in Peshawar.
Structure: The Cybercrime Wing operates through:
- National Cybercrime Reporting Centre (NCRC) — the public-facing complaint handling unit
- Regional FIA Cybercrime Circles in major cities (Islamabad, Karachi, Lahore, Peshawar, Quetta)
- Digital Forensics Labs equipped for electronic evidence analysis
What FIA Cybercrime Wing Investigates
Category 1 — SIM Fraud and Identity Crimes
This is directly relevant to SimOwner.net.pk’s audience. FIA investigates:
Unauthorized SIM registration: When a SIM is registered on your CNIC without your consent — violating PECA 2016 Section 16 (identity information crimes).
SIM swap fraud: When your existing SIM number is fraudulently transferred to a new SIM by a criminal — enabling OTP interception, JazzCash access, and financial fraud.
MNP (Mobile Number Portability) fraud: Fraudulent porting of your number to a different network — as detailed in our MNP fraud guide.
Identity information crimes: Obtaining, selling, using, or transmitting another person’s CNIC information without authorization — Section 16, PECA 2016.
Category 2 — Financial Cybercrime
Mobile wallet fraud: Unauthorized JazzCash, Easypaisa, or Raast transactions facilitated through SIM fraud or social engineering.
Online banking fraud: Unauthorized access to internet banking accounts through OTP interception or credential theft.
E-commerce fraud: Selling non-existent products online, taking payment and not delivering.
Advance fee fraud: The classic “you have won a prize, pay processing fee” schemes — including BISP/Ehsaas impersonation scams.
Category 3 — Cyber Harassment
Section 19 harassment: Repeated unwanted electronic communications with intent to harass, alarm, or distress — including phone calls, WhatsApp messages, SMS campaigns.
Section 20 violations: Non-consensual sharing of intimate images, content threatening modesty or dignity.
Sextortion: Financial demands backed by threats to distribute intimate content — combining harassment and fraud elements.
Category 4 — Unauthorized System Access
Hacking: Unauthorized access to computer systems, databases, or information systems — PECA Section 14.
Data theft: Unauthorized copying or transmission of data — PECA Section 15.
Malware distribution: Creating, distributing, or using malicious code — PECA Section 18.
Category 5 — Online Defamation and Fake Content
PECA Section 20 violations involving reputation damage: False statements made electronically to harm reputation.
Fake news and misinformation (in specific circumstances involving harm): PECA has provisions addressing harmful electronic content.
Impersonation online: Creating fake social media profiles impersonating real persons.
FIA’s Investigative Powers Under PECA 2016
Understanding FIA’s legal powers helps you understand both what they can do for you and what limitations they operate within.
Power 1 — Data Preservation Orders (Section 31)
FIA can issue a preservation order directing network operators, financial institutions, or digital platforms to preserve specific data (call records, transaction records, account access logs) while investigation proceeds. This is critical for SIM fraud cases because CDR (Call Detail Records) data is typically only retained by operators for 1–3 years.
Why this matters for you: If you file an FIA complaint promptly, FIA can issue a preservation order that locks the evidence before it is overwritten. If you delay filing, critical evidence may be permanently deleted.
Power 2 — Production Orders (Section 32 and 34)
FIA can obtain court orders directing service providers to produce subscriber information, traffic data, or content data. This allows FIA to:
- Obtain the CNIC registered to the fraudulent SIM
- Pull CDRs showing call patterns of the fraudulent SIM
- Access NADRA MBVS logs for the fraudulent SIM registration
- Request data from digital platforms like WhatsApp, Facebook (through MLAT processes)
Power 3 — Search and Seizure (Section 32)
With appropriate authorization, FIA investigators can search premises and seize devices relevant to cybercrime investigations. This enables:
- Seizure of the device used with a fraudulent SIM
- Seizure of computers used for online fraud operations
- Preservation of physical evidence from franchise locations
Power 4 — Arrest Authority (Section 33)
FIA Cybercrime Wing investigators have arrest authority for PECA offences without requiring a separate court warrant in certain circumstances — because PECA offences are classified as cognizable. This allows FIA to act quickly in cases where suspects are identified and may flee.
Power 5 — International Cooperation (MLATs)
For cases involving foreign elements (international numbers, overseas platforms, cross-border money movement), FIA can utilize Mutual Legal Assistance Treaty (MLAT) processes to request information from foreign agencies and platforms. This is how FIA obtains data from WhatsApp (Meta), Google, and other international platforms.
How to File an FIA Cybercrime Complaint — Step by Step
Method 1 — Online Portal (complaint.fia.gov.pk) — Recommended
Available 24/7. Most efficient for documenting complex cases with evidence attachment.
Step 1: Visit complaint.fia.gov.pk
Step 2: Click “Register Complaint” and create an account with your CNIC and email.
Step 3: Select complaint category — for SIM fraud, select “Cyber Crime” → “Identity Crimes” or “Financial Cyber Crime.”
Step 4: Complete the complaint form:
| Field | What to Enter |
|---|---|
| Complainant name | Full name as on CNIC |
| CNIC | Your 13-digit CNIC |
| Contact | Current active phone number |
| For correspondence | |
| Nature of crime | Unauthorized SIM registration / SIM swap / Financial fraud |
| PECA section | Section 16 (identity) + Section 21 (financial fraud) |
| Suspect details | Phone number of fraudulent SIM, any other known details |
| Description | Factual narrative of what occurred |
| Loss amount | Financial loss in rupees (if applicable) |
Step 5: Attach evidence:
- 668 response screenshot (timestamped)
- Bank/wallet transaction records showing unauthorized activity
- Network operator fraud case reference number
- PTA complaint reference (if already filed)
- Any other documentary evidence
Step 6: Submit and note your complaint reference number.
Method 2 — FIA Cybercrime Regional Circle (In-Person)
For complex cases or where you need to provide physical evidence, visit your nearest FIA Cybercrime Regional Circle:
| City | Address | Contact |
|---|---|---|
| Islamabad | FIA Headquarters, Sector G-9/4 | 051-9261220 |
| Karachi | FIA Building, Saddar | 021-99204401 |
| Lahore | FIA Regional Office, Gulberg | 042-99263200 |
| Peshawar | FIA Regional Office | 091-9213300 |
| Quetta | FIA Regional Office | 081-9202300 |
Bring to in-person filing:
- Original CNIC
- Printed evidence (668 screenshot, transaction records)
- Completed complaint form (downloadable from FIA website)
- Any physical evidence
Method 3 — FIA Helpline
Pakistan Citizen’s Portal: Accessible via the Pakistan Citizen’s Portal app — allows complaint filing connected to Prime Minister’s performance management system.
FIA National Complaint Centre: 1102 (from any phone)
What Happens After You File — The Investigation Process
Week 1 — Complaint Registration and Assignment
Your complaint is registered in FIA’s Case Management System. A Cybercrime Circle in your region is assigned. An Investigation Officer (IO) is designated to your case.
Initial assessment: FIA determines whether the complaint falls within PECA jurisdiction, whether sufficient evidence exists to open a formal investigation, and what priority level to assign.
Priority factors:
- Financial loss amount (higher loss = higher priority)
- Clear evidence of PECA violation
- Ongoing fraud risk (criminal SIM still active)
- Vulnerability of victim (elderly, BISP recipient, etc.)
Week 2–4 — Data Preservation and Initial Investigation
FIA issues preservation orders to relevant parties:
- Network operator: preserve CDRs and registration records for the fraudulent SIM
- JazzCash/Easypaisa/bank: preserve transaction records
- Relevant platforms: preserve account access logs
FIA analysts begin preliminary analysis:
- Identify the CNIC registered to the fraudulent SIM (via SVMS query)
- Pull NADRA MBVS logs for the registration event
- Begin building the suspect profile
Month 1–3 — Active Investigation
With suspect identity established (via CNIC), FIA investigators pursue:
- Witness interviews (franchise employees at registration location)
- CCTV footage review (30–90 day retention at franchises)
- Financial tracing (following the money from fraudulent transactions)
- Device identification (IMEI records from CDRs)
For cases with international elements, MLAT requests to relevant foreign agencies are initiated.
Month 3–6+ — Prosecution Phase
If sufficient evidence is compiled:
- FIA files a challan (charge sheet) before a cybercrime court
- The accused is summoned or arrested
- Court proceedings begin under PECA 2016
Realistic conviction timeline: PECA cases in Pakistan’s court system typically take 12–36 months from filing to final judgment — reflecting the broader judicial system workload, not FIA-specific delays.
FIA Cybercrime Statistics — The Scale of the Problem
FIA Cybercrime Wing case data provides context for the scale of digital crime in Pakistan:
| Year | Complaints Received | Cases Registered | Arrests |
|---|---|---|---|
| 2021 | 85,000+ | 12,000+ | 900+ |
| 2022 | 96,000+ | 15,000+ | 1,100+ |
| 2023 | 110,000+ | 18,000+ | 1,400+ |
| 2024 | 125,000+ | 21,000+ | 1,600+ |
Key insight from the data: Complaints significantly outnumber registered cases — because not all complaints meet the threshold for formal case registration (sufficient evidence, clear PECA violation). This is why evidence quality in your initial complaint matters so much.
Case completion rates have improved with PECA courts becoming more established and FIA’s digital forensics capability maturing, though backlogs remain significant.
How FIA Complements PTA and Police — The Three-Channel Approach
For SIM fraud, using all three complaint channels simultaneously is the most effective approach:
| Channel | Best For | File At |
|---|---|---|
| FIA complaint | Criminal investigation, prosecution | complaint.fia.gov.pk |
| PTA complaint | Operator accountability, SIM blocking | complaint.pta.gov.pk |
| Police FIR | Criminal record, bank reversal support | Local police station |
FIA handles: Criminal prosecution of the fraudster PTA handles: Regulatory accountability of the operator Police FIR enables: Bank reversal requests, local law enforcement record
None of these replaces the others. Filing all three creates the most comprehensive legal response.
For the exact police FIR process including PECA wording, see our FIR for SIM Fraud complete guide. For PTA complaint guidance, see our PTA complaint process guide.
Frequently Asked Questions
Q: Can I file an FIA complaint if I do not know who the fraudster is? A: Yes — FIA complaints against “unknown accused” are standard in cybercrime cases. The investigation process is how the accused is identified through CNIC records, IMEI tracing, and NADRA MBVS logs. You provide the evidence of the crime; FIA identifies the perpetrator.
Q: How long after the fraud can I still file an FIA complaint? A: Practically, file as soon as possible — within hours or days of discovering fraud. PECA’s limitation period for prosecution is several years for serious offences, but evidence quality deteriorates rapidly. CCTV footage at franchise locations is typically kept only 30–90 days. CDR preservation requires FIA’s proactive order. File immediately.
Q: Does FIA coordinate with FIA counterparts in other countries? A: Yes — through Pakistan’s MLAT (Mutual Legal Assistance Treaty) agreements with other countries. For international fraud cases (overseas fraudsters, foreign platforms), FIA initiates MLAT requests. These processes take time (months) but are available.
Q: What if FIA does not investigate my complaint? A: If FIA does not respond within 30 days, escalate through: (1) The FIA Director General’s office, (2) The Federal Ombudsman (mohtasib.gov.pk), (3) A High Court writ petition compelling investigation. Pakistan’s courts have issued multiple orders directing FIA to investigate specific cybercrime complaints where FIA had been non-responsive.
Q: Can FIA trace a fraudster who used multiple different SIMs? A: Yes — multiple SIMs used by the same fraudster typically trace back to the same CNIC through SVMS registration. Even if the fraudster used different CNICs (suggesting a fraud ring), the IMEI of the device used across multiple SIMs is the connecting link — one device with multiple SIMs leaves a common IMEI trail.
Summary: FIA Cybercrime Wing Quick Reference
File complaint: complaint.fia.gov.pk (24/7) Helpline: 1102 Regional offices: Islamabad, Karachi, Lahore, Peshawar, Quetta
What to include: CNIC, fraudulent SIM number, 668 screenshot, financial loss details, operator complaint reference
Key powers: Data preservation orders, production orders, arrest authority, international cooperation
Expected timeline: 24–72 hours for acknowledgment; 4–12 weeks for active investigation progress; 12–36 months for court proceedings
For ongoing SIM monitoring during the FIA investigation, use SimOwner.net.pk — and verify via the CNIC information tools that no new unauthorized SIMs appear while your complaint is active.
All FIA contact details, legal references (PECA 2016, FIA Act 1974), and case statistics based on publicly available FIA data and official documentation as of May 2026. SimOwner.net.pk is not affiliated with FIA or any government entity.
Related Guides on SimOwner.net.pk: