SWIFT looks to train BD bankers on cyber-crimes

FT ONLINE

The SWIFT has moved to train Bangladeshi bankers and ministry officials to help them prevent, detect and respond to fraudulent acts, sources said.

The move has been made as criminals have sharpened their nails by engaging sophisticated means to burst into the cyber accounts of individuals and institutions.

The SWIFT (Society for Worldwide Interbank Financial Telecommunication) is the global provider of secure financial messaging services which most of the banks across the world use to carry out financial transactions.

Regional head of SWIFT for India and subcontinent Kiran Shetty recently communicated his interest to be engaged with the finance ministry and the central bank on this issue.

In a letter sent to Bangladesh High Commission in New Delhi, he said there had been a significant evolution in cyber threats facing the global financial industry over the last 18 months "as adversaries have advanced their knowledge".

"They have deployed increasingly sophisticated means of circumventing individual controls within users' local environments and probed further into their systems to execute well-planned and finely orchestrated attacks," Mr Shetty said.

He also wrote that SWIFT launched the Customer Security Programme (CSP) in 2016 to raise awareness and empower its customers.

Its global payments innovation (GPI) is transforming correspondent banking and enables faster, more efficient payment combined with transparency of transactions and fees across the payments chain.

"SWIFT is engaged with the banks in Bangladesh to assist them in using SWIFT products and services, provide technical training and help with their CSP attentions," Mr Shetty said.

"We are keen to talk about the CSP and GPI initiatives with the finance ministry and the central bank and agree on workshops to educate the community in Bangladesh," he said in his letter.

Like other global banks, Bangladeshi banks, including the central bank, also use SWIFT's financial messaging service in inbound and outbound payments.

However, the cybercriminals succeeded to steal US$101 million from the Bangladesh Bank (BB) reserves deposited with the US Federal Reserve Bank in New York in February 2016, and channelled to accounts at a bank in the Philippines, by placing fraudulent orders on the SWIFT payments system.

The hackers sent 35 orders, via the SWIFT, to transfer around $951 million from the BB's account with the Fed on February 4 to a series of private accounts in other countries.

The Fed executed five of these orders, transferring $101 million to four private accounts in the Rizal Commercial Banking Corporation (RCBC) in Manila and one to the account of a non-governmental organisation in Sri Lanka.

It, however, did not carry out the remaining 30 transfer orders, totalling $850 million, and instead sought reconfirmation from the BB.

Mr Shetty in his letter also said the SWIFT would again make available the GPI Stop and Recall service in the third quarter of this year. The service is a powerful tool in allowing banks to stop fraudulent or erroneous payment instructions instantly, no matter where it is in the payment chain.

If such a payment is stopped, every bank in the payment chain would be notified at the same time. And if the payment was credited, the instructed bank would receive an immediate recall of funds instruction.

"SWIFT is committed to supporting our community in responding to persistent cyber threat," he added.

He also wrote that SWIFT's customer security programme is already making a strong impact on assisting its customers in preventing, detecting and responding to fraud and reinforcing the security of global banking.

A senior official at the Ministry of Finance (MoF) said that they welcome such a move taken by SWIFT as the cyber system is becoming increasingly risky day by day.

He said they will be happy to get engaged more with the SWIFT to ensure security of banking and payment systems.