In the rapidly expanding age of Information Technology, there is growing concern that criminal offenders, hooligans, and religious radicals are increasingly taking advantage of high-tech resources. The sensitivity of the tech industry demands strict oversight, yet there appears to be a serious lack of effective policy and due diligence at the time of company incorporation with the Securities and Exchange Commission of Pakistan (SECP). Moreover, there are limited controls and monitoring mechanisms to ensure that illegitimate operations—such as non-compliant call centers, micro-level offices engaged in unauthorized tech work, and unlawful information sharing within and outside the country—are prevented.
This situation not only underscores the critical importance of thorough due diligence but also raises alarming questions about how individuals with questionable backgrounds are able to seek and gain access to government IT sectors. The potential risks to national data security and private-sector information are substantial.
Recently, a case surfaced involving the CEO of an IT company (Private) Limited who was allegedly found to be involved in criminal offenses, yet continued to conduct business with both government and private-sector entities, thereby placing sensitive data at risk. Mr. Syed Waqas Mazhar, who heads the firm, reportedly has a criminal record registered at Police Station New Town, Rawalpindi. According to available information, he was involved in a case in which unknown individuals were accused of robbery at gunpoint. Subsequent investigations, however, suggested that the incident was in fact part of an extortion attempt.
The matter was initially registered as FIR No. 552/20, in which Mr. Waqas Mazhar later identified the accused during an identity parade. Further developments revealed that the Investigating Officer subsequently registered another case, FIR No. 1076/21, against Mr. Syed Waqas Mazhar. This later FIR alleged that he may have taken a significant amount of money and settled the matter out of court, thereby exposing his alleged ulterior motives.
According to the findings cited in the later FIR, the sequence of events suggested that the accused individuals were lured to an ATM location, followed by a call to emergency services (15) claiming an attempted robbery. This was then followed by the lodging of the FIR, identification of the accused at the police station, retrieval of the recovered amount from Police Station New Town, and an alleged out-of-court settlement for additional financial gain and benefits. These details were reportedly documented by the Investigating Officer in the subsequent FIR.
Such allegations point to an extortionist and blackmailing mindset, making the access of such individuals to the tech industry—and particularly to sensitive data—highly questionable and deeply concerning.
Mr. Waqas Mazhar was contacted and provided an opportunity to present his point of view. However, he chose not to do so, stating that he was out of the country. Contrarily, it was observed that he remained available at his office located in Bahria Town, Rawalpindi.
This case highlights the urgent need for stronger regulatory frameworks, comprehensive background checks, and continuous monitoring within Pakistan’s IT sector to safeguard public trust, data security, and national interests.
