New Delhi, March 15: All public sector banks (PSBs) will have to link their SWIFT systems with their respective Core Banking Solution (CBS) systems by April 30 as a measure to prevent frauds like the recent one perpetrated on Punjab National Bank (PNB), it was announced on Thursday.
The state-run banks also decided to speed up the process of taking out “cyber insurance”, among other decisions that were taken here at a workshop of senior PSB officials on risk management.
The Rs 13,540 crore fraud on PNB by accused diamantaire Nirav Modi and his uncle Mehul Choksi, involved using Letters of Undertaking (LoUs) issued in favour of the accused by bank employees who misused their access to PNB’s SWIFT (Society for Worldwide Interbank Financial Telecommunications) electronic messaging system used for overseas funds transfers.
None of these fraudulent transactions were registered on the bank’s internal transaction messaging system, the CBS, enabling the fraud to go undetected for long.
Briefing reporters here following a three-day workshop, State Bank of India Deputy MD and Risk Officer M.S. Shastri said the banks have decided to restrict SWIFT transactions to between 9 a.m. and 8 p.m.
He also said that following an audit by each PSB of their LoUs and Letters of Comfort (LoCs) transactions, which systems were scrapped by the regulator Reserve Bank of India (RBI) earlier this week, it had been reported at the workshop that there are no more fraudulent transations on this account since the PNB fraud.
LoUs are bank guarantees through which a bank allows customers to raise money from another Indian bank’s foreign branch as short-term credit.
“LoUs and LoCs have been a system peculiar to India,” Shastri said, adding that traders who have been doing business through these two instruments will now have to shift their transactions to Letters of Credit and Bank Guarantees, which would increase the cost of credit.
The banks are in the process of establishing their Cyber Security Operations Centres “wherever not in place to monitor all IT assets,” he said.
Improving risk and ethical awareness among staff and strengthening Know Your Employee (KYE) “through technological intervention” are some of the areas identified to strengthen operational risk management, he added.