Seventeen months before the Punjab National Bank loan scandal became public, there was an attempt to defraud another public sector bank, the Union Bank of India, by abusing the SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging system. The situation was “salvaged post event without any apparent monetary loss”.
This incident took place in July 2016 and “preventive measures” were supposed to have been taken by banks thereafter.
Moreover, in January 2017, S S Mundra, the then Deputy Governor of Reserve Bank of India, specifically flagged risks from the abuse of the SWIFT platform at a seminar on financial crimes in the presence of banking sector representatives.
“We have already witnessed an attempt to defraud a bank by abusing the SWIFT messaging system which thankfully could be salvaged post event without any apparent monetary loss,” he said at the seminar organised by RBI-promoted Centre for Advance Financial Research and Learning (CAFRAL) in Mumbai.
Mundra could not be reached for comments Monday.
So, in the case involving jewellery designer Nirav Modi — his companies are at the centre of alleged fraudulent transactions of Rs 11,400 crore in connivance with some bank staffers — the Punjab National Bank’s contention that it was not alive to the dangers of its Core Banking Solutions not being integrated with the SWIFT platform appears untenable.
Incidentally, coinciding with Mundra’s red flag over the potential misuse of the SWIFT platform, employees at Punjab National Bank’s Brady House branch in Mumbai were issuing LoUs on behalf on entities owned by Nirav Modi. According to PNB’s FIR lodged with the CBI, its employees issued two LoUs on February 9, 2017; three on February 10; and, another three LoUs on February 14.
In the July 2016 case involving Union Bank of India’s treasury department, an amount of $170 million was debited from the bank using the SWIFT payment mode without authorisation by way of a cybercrime. Siphoning was done via hacking — a bank official opened an email containing a malware which enabled transmission of the money through the SWIFT route.
The RBI, Union Bank of India officials and banking sector players were involved in investigations and recovery of funds routed through New York branches of two American banks, where Union Bank had its nostro accounts.
The fraud was discovered when one of the bank’s treasury department staffers checked the statement of the day on July 20, 2016 from the bank’s dollar account — the $170-million unauthorised SWIFT payment was noticed. Checking of the statement, an official with another bank said, is either done daily or at the end of the bank week. The Union Bank management was alerted and recovery action initiated, with the RBI on board.
A detailed mail sent to Union Bank of India on the case and preventive measures taken since the incident did not elicit a response. It is among the handful of banks named in the current controversy involving payments raised from Punjab National Bank by Nirav Modi.
“The Union Bank case pertained to a cyber security breach. Subsequent to this incident, most banks and the RBI were alive to the perils of a leak in the SWIFT system. Despite this incident, the PNB’s contention that they did not link their core banking system to the SWIFT system is surprising,” a senior official with another public sector bank said.