The Reserve Bank of India (RBI) has reportedly sent letters to several heads of top banks in the country questioning why they have yet to fix gaps in their SWIFT systems, according to The Economic Times of India.
Reports from the publication on Wednesday (Sept. 5) said the RBI remains “anxious” following a massive bank fraud scheme in which jewelers Nirav Modi and Mehul Choksi exploited the SWIFT system to defraud Punjab National Bank (PNB) of $2 billion.
The fraud was uncovered earlier this year; soon after, the RBI sent a confidential message to bank CEOs advising them to mitigate the risk of similar fraud. Months later, however, it appears that those bank chiefs have failed to do so, and the RBI wants to know why.
Two unnamed bankers told The Economic Times of India that the RBI has identified security lapses in the SWIFT systems implemented across 25 banks.
“There is a degree of paranoia,” one unnamed source said. “I believe banks have been told to follow a two-step authentication for large-value transactions. Some of these measures may slow down a bank. But that’s the price you pay after a scam.”
The fraudsters were reported to have used the SWIFT network to initiate unauthorized letters of undertaking to raise financing outside of India. The scam went undetected for so long, reports noted, because PNB had not integrated SWIFT into its core banking system.
RBI is now advising banks to also put straight-through processing in place between their central banking systems and SWIFT messaging. Bank management officials should also monitor and set corporate customers’ fund and non-fund based limits. Additional suggested measures included the creation of alerts on breach of control limits and unusual transactions, SWIFT transaction auditing and payment message reconciliation every one or two hours.
The central bank had given these banks until April 30 to implement these measures, reports said.