Treasury hacking concerns deepen as Nandalal explains the US$2.5 million transaction dispute and vows stronger safeguards with Finance Ministry.
Treasury hacking concerns took a new turn today after Central Bank Governor Dr. Nandalal Weerasinghe made a special revelation to the media for the first time on the foreign debt payment system and the controversial US$2.5 million transaction that recently triggered a major dispute.
The Governor said the issue had been linked to a problem that emerged during the migration of a system originally obtained in 2016.
He noted that by 2020, those systems had become outdated, creating an unclear situation over who should be held responsible for the relevant transactions.
Explaining the debt payment process, the Governor said the Central Bank functions as the banker to the government. “When the Ministry of Finance gives instructions for a payment, the Central Bank uses its reserves or obtains dollars in exchange for rupees and credits the money to the relevant account,” he said.
These payments were earlier handled through the Public Debt Department (PDD), but now come under the new Public Debt Management (PDM) unit. During this transition, it has been revealed that relevant officials had used Central Bank systems to carry out data entry and approvals.
The Governor stressed that a bank has no authority to alter instructions issued by a customer. “As in a normal transaction, if the account number provided is correct, the bank makes the payment. Beyond that, the Central Bank has no responsibility to check or change those instructions,” he further explained.
However, the Governor assured that the Central Bank and the Ministry of Finance are now working together to strengthen systems and introduce tighter security measures, using the experience from this incident to prevent such fraudulent activity in the future.
