Swift, the interbank messaging system that hackers used to steal $81 million from Bangladesh last year, is developing a payment-screening service that will allow small member banks to automate the flagging of suspicious payments.
The new service is part of a series of measures from the Society for Worldwide Interbank Financial Telecommunication to defend against cyberattacks that aim to fraudulently use banks' connections to the messaging system. It will place a “red flag” on payment messages that appear risky and spot anomalies, provide real-time alerts and allow customers to put a hold on unusual messages, the cooperative said in an emailed statement on Tuesday.
Swift aims to begin offering the service by early 2018. Its price will depend partly on how many banks adopt it, the cooperative said.
After initially responding to the Bangladesh hack by saying that its member banks were responsible for their own security, Swift rolled out a series of security programs and procedures over the last year, including a requirement that members share more information about security incidents. Other measures have required member banks to install new equipment or software so that all of them would have improved defenses.
Big banks have largely complied, and most already had systems in place to spot suspicious transaction requests. But getting some smaller member banks to install these systems has been a challenge for Swift, which said it would begin to report security shortcomings to regulators. The difference this time is that the anti-fraud service will be hosted by Swift. Banks will be able to use it without having to install any new hardware or software.
Luc Meurant, head of financial crime compliance services at Swift, said the new measures were meant to complement security systems already in place at member banks. “We need to assume that attacks will get increasingly sophisticated, so you need multiple layers of protection,” he said.
Bangladesh Heist
The payment screening service is initially meant for smaller financial institutions and central banks, Swift said. In February 2016, hackers exploited the Swift connection of the central bank of Bangladesh to request that funds be transferred from its account at the Federal Reserve Bank of New York. Similar cyberattacks have hit banks in countries including Ecuador and Vietnam.
Swift has been under increasing pressure to fortify its systems to prevent future cyber robberies. Swift has relied on the trust within its network to cement its effective dominance of the international payments system over the past four decades. If that trust erodes, it could spell trouble for the cooperative.
“The new payment controls service is a direct response to our community's request for additional services to complement and strengthen existing fraud controls,” Swift Chairman Yawar Shah said in the statement.
Bloomberg News
Copyright 2018 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Thought leadership on regulatory changes, economic trends, corporate success stories, and tactical solutions for treasurers, CFOs, risk managers, controllers, and other finance professionals
- Informative weekly newsletter featuring news, analysis, real-world case studies, and other critical content
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the employee benefits and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
*May exclude premium content© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
