- RBI warned banks about abuse of SWIFT interbank network
- Nirav Modi fraud went undetected for years
- RBI circular advised banks to set up Cyber Security Framework
The RBI's letter was dated August 3, exactly a month before economist Raghuram Rajan's term ended.
The PNB, the country's second biggest government bank, discovered last month that its officials at a branch in Mumbai helped celebrity jeweller Nirav Modi and others by issuing fake guarantees or Letters of Undertaking to get loans from banks overseas.
The fraud went undetected for years as one of the officials shared his password to the SWIFT network with Nirav Modi's employees and also didn't record the transactions in the books. The bank says its core banking solutions were not integrated with SWIFT, so there was no internal alert on the transactions. The fake guarantees were routed to the foreign bank branches through the SWIFT system.
RBI's five-page letter asked banks to have the SWIFT infrastructure comprehensively audited for malicious software activities. "Appropriate steps may also be taken to rectify malicious activity and to patch vulnerabilities if any," it said.
Banks were also asked to "strengthen control over payment instructions sent to banks and reconcile transactions in real time so that any abnormality is noticed immediately."
The letter suggested that banks introduce a "second level of approval" for payment messages beyond a limit that could be decided internally. Banks were asked to see if SWIFT messages could be reconciled with payment messages "every one to two hours" for stronger vigilance.
RBI's version follows the government's sharp assessment that the failure to detect the fraud raises questions about the central bank's "efficacy of supervision to detect and check systemic failure".
According to a Reuters report, the government wrote to RBI: "Either the framework designed by RBI to prevent and detect such frauds is inadequate or RBI is unable to ensure its effective implementation."