COPF Summons Treasury & CBSL Over US$ 2.5 Mn Breach 📈

The Committee on Public Finance (COPF), chaired by Dr. Harsha de Silva, has summoned the Treasury Secretary and Central Bank (CBSL) officials for a hearing tomorrow (April 30, 2026) regarding a significant cyber-related fund diversion. • Incident Overview: Approximately US$ 2.5 Mn (part of a US$ 22.9 Mn debt repayment to Australia) was siphoned off by hackers between December 2025 and January 2026. • The Breach: Investigations reveal hackers gained access to the External Resources Department (ERD) via a Business Email Compromise (BEC), diverting funds to a fraudulent account instead of the intended creditor. • Key Findings: • A second attempt to divert payments meant for India was detected and blocked. • CBSL and international banks flagged suspicious activity related to money laundering in the receiving accounts. • Five senior officials, including directors from the Treasury, have been suspended. • National Context: The incident raises concerns over the transition of debt operations from CBSL to the Treasury's Public Debt Management Office (PDMO). Critics point to systemic vulnerabilities and a lack of specialized ICT/BPM security expertise within fiscal departments. _Status: Ongoing investigations by the CID and Technical Investigation Committee._