A suspected cyber breach of Sri Lanka’s Treasury systems has triggered a multi-agency probe, political uproar, and calls for parliamentary oversight after $2.5 million meant for foreign debt repayment was allegedly diverted.
Sri Lanka has launched a sweeping investigation into an alleged $2.5 million fraud involving its Treasury, after funds earmarked for foreign debt repayment were reportedly siphoned off through a suspected cyberattack, raising concerns over the country’s financial security and institutional safeguards.
According to reports, the Ministry of Finance has confirmed that complaints have been lodged with multiple law enforcement and regulatory agencies, including the Criminal Investigation Department and the Financial Intelligence Unit, following the discovery of the breach.
Authorities say the fraud originated from a breach of the External Resources Department’s computer system, through which hackers allegedly diverted funds in several transactions.
The ministry has also initiated an internal inquiry and taken disciplinary action against several officials, though it has refrained from disclosing detailed findings, citing the sensitivity of ongoing investigations.
Funds Diverted During Debt Repayment Process
Preliminary findings suggest the missing funds were part of a scheduled foreign debt repayment, with reports indicating that the amount was transferred in multiple tranches between late 2025 and early 2026.
Officials revealed that the fraud only came to light after the intended foreign creditor flagged non-receipt of payments, prompting a deeper probe into the transaction trail.
Separate reports indicate that the payment – intended as part of a broader loan settlement – may have been rerouted to a fraudulent account using forged instructions or compromised communication channels.
Sources cited in media reports also suggest that a hacked email account linked to the Public Debt Management Office could have played a role in facilitating the fraudulent transfer.
The incident has exposed vulnerabilities in the country’s financial transaction systems, particularly in the handling of sovereign debt repayments, which involve multiple layers of authorization.
COPF Raises Concerns Over ‘Technical Default’ Risk
The controversy has taken a more serious turn after the Chairman of Sri Lanka’s Committee on Public Finance (COPF), economist Harsha de Silva, questioned whether the alleged hacking incident could have triggered a “technical default” on the country’s external debt obligations.
According to the report, at least five payments were expected to be made to a creditor nation, but delays or non-payment raised red flags when the recipient sought clarification.
“Five payments were supposed to be made to the creditor country, but when it did not receive them, they had reportedly asked why the payment had not been made,” De Silva said.
De Silva warned that even a temporary failure to honour repayment obligations due to such disruptions could damage Sri Lanka’s financial credibility, especially as the country continues to navigate a fragile post-crisis recovery.
The possibility that a cyberattack could interfere with sovereign debt servicing has prompted calls for urgent reforms in cybersecurity protocols within financial institutions.
Calls for Parliamentary Probe Intensify
Civil society groups and legal activists have demanded that Parliament take charge of the investigation, arguing that the scale and implications of the fraud go beyond an internal administrative matter.
A group of lawyers, including President’s Counsel Maithri Gunaratne, has formally requested the speaker to initiate an independent parliamentary probe into the incident.
In their submission, the group argued that a transaction of such magnitude could not have been executed without the involvement – or at least oversight – of senior Treasury officials, including top-level authorisation channels.
They also expressed concern over the transparency of internal investigations conducted by the same institutions that may be under scrutiny, calling instead for an external inquiry mechanism.
Reports indicate that several officials, including senior treasury personnel and IT division heads, have already been suspended pending investigation.
Political Opposition Flags Systemic Risks
Opposition leaders have seized on the issue, warning that the alleged fraud points to deeper systemic weaknesses in Sri Lanka’s financial governance framework.
Statements from opposition figures suggest that the diversion of funds through fraudulent instructions reflects inadequate verification protocols and weak internal controls within key financial institutions.
Critics argue that if foreign currency reserves can be compromised through cyber manipulation, it raises broader concerns about national financial security and the integrity of debt management systems.
The incident has also sparked debate over whether the transfer of debt servicing responsibilities – from the central bank to other state institutions – may have created gaps in oversight and accountability.
Cybersecurity and Accountability Under Scrutiny
The alleged breach has underscored the growing threat of cyberattacks targeting government financial systems, particularly in countries managing complex external debt portfolios.
Experts note that sovereign financial operations are increasingly vulnerable to sophisticated cyber fraud schemes, especially when reliant on digital communication channels such as email for transaction authorisation.
Sri Lanka’s case highlights the need for stronger cybersecurity frameworks, enhanced verification protocols, and real-time monitoring systems to safeguard public funds.
The government has indicated that further steps will be taken in coordination with international partners, particularly where cross-border financial transactions are involved.
Unanswered Questions Remain
Despite the ongoing investigations, key questions remain unanswered: how the breach occurred, whether internal lapses facilitated the fraud, and if all diverted funds can be recovered.
The incident has placed Sri Lanka’s financial management systems under intense scrutiny at a time when the country is attempting to rebuild investor confidence and stabilise its economy.
As investigations continue, the outcome is likely to have significant implications – not only for accountability within the Treasury but also for broader reforms in governance, cybersecurity, and public financial management.
Image: NewsonAIR
