By The Pulseline News Desk
A reported loss of $2.5 million (approximately Rs. 750 million) during a government transaction to Australian authorities has triggered serious concern over the security and oversight of Sri Lanka’s public financial systems, raising questions about cyber vulnerabilities and institutional accountability at a time of fragile economic recovery.
According to initial information, the funds that were intended as a scheduled debt-related payment to Australia were allegedly diverted through fraudulent email instructions, resulting in the money being transferred to an unauthorised third party. The incident is now under investigation by multiple state agencies, with authorities treating it as a suspected cyber-enabled financial crime.
The Ministry of Finance has initiated a formal inquiry, while a technical investigation committee has been appointed under senior treasury officials to examine how the breach occurred. Parallel investigations are also being conducted by the Criminal Investigation Department (CID) and the Financial Intelligence Unit (FIU).
Officials say the probe is focusing on whether internal communication systems were compromised and how fraudulent instructions were able to bypass established verification procedures for high-value international transfers. Several officials involved in the payment chain have reportedly been suspended pending further findings.
Political fallout and opposition scrutiny
The incident has quickly escalated into a political issue, with opposition figures alleging systemic failure in financial governance and oversight. Critics argue that such a high-value transfer could not have been executed without multiple layers of verification, raising questions about procedural breakdowns within key state institutions.
Opposition Leader Sajith Premadasa said the incident raises fundamental questions about the state’s ability to safeguard public funds, arguing that such a high-value international transfer should have been protected by strict multi-layered verification systems. He called for a transparent investigation and urged authorities to ensure that those responsible are held accountable without delay.
Several other opposition figures echoed similar concerns, saying the incident reflects deeper institutional weaknesses rather than an isolated cyberattack. They pointed out that the diversion of funds through fraudulent instructions suggests a failure in basic financial controls and oversight mechanisms within key government agencies.
Opposition member of parliament (MP) Namal Rajapaksa also criticised the government’s handling of the situation, arguing that it demonstrates poor administrative judgment and weak cybersecurity preparedness. He stressed that responsibility should not be limited to junior officials and called for accountability at the highest levels of decision-making.
Opposition MPs further warned that repeated failures of this nature could damage Sri Lanka’s international credibility at a time when the country is still working to restore financial stability and rebuild trust with external partners. They have called for a comprehensive audit of all foreign payment systems and tighter safeguards for state transactions moving forward.
Government representatives, however, have described the incident as a sophisticated cyberattack, stressing that modern financial systems are increasingly vulnerable to external interference. They have pledged a full investigation and accountability once the facts are established.
Structural weaknesses under the spotlight
Beyond the immediate political debate, the case has drawn attention to recent changes in the country’s debt management and external payment systems. Responsibility for certain foreign debt transactions has shifted between institutions in recent years, including the Central Bank of Sri Lanka (CBSL) and newly designated treasury units, a transition some analysts say may have created gaps in coordination and oversight.
Cybersecurity experts note that large-scale financial transfers require stringent multi-factor verification protocols, especially when routed through email-based instructions. Any weakness in authentication systems, they warn, can expose state institutions to sophisticated phishing or impersonation attacks.
Trust and economic recovery at stake
While the financial loss itself is relatively small in macroeconomic terms, the symbolic impact is far greater. Sri Lanka is still in the process of rebuilding credibility following its economic crisis, and public confidence in state financial management remains highly sensitive.
The incident comes at a time when the government has been promoting a narrative of fiscal stability and improved financial discipline. However, the breach risks undermining that message, particularly if investigations reveal procedural lapses or systemic weaknesses.
For a country heavily dependent on external financing and international confidence, the implications extend beyond the immediate loss. Secure and transparent handling of state funds is a critical component of economic recovery, especially as Sri Lanka seeks to strengthen engagement with bilateral and multilateral partners.
Investigation continues
Authorities have pledged to trace the diverted funds and identify those responsible, while also reviewing existing protocols for international payments. Whether the incident is ultimately attributed to external cybercriminal activity or internal procedural failure, it is already being viewed as a significant test of Sri Lanka’s financial governance framework.
As investigations continue, the focus will remain not only on recovering the lost funds, but on determining how a critical payment process was compromised and whether similar vulnerabilities exist elsewhere in the system.
Meanwhile, the Secretary of the Ministry of Finance, Harshana Suriyapperuma, says that efforts are being made to recover as much as possible of the $ 2.5 million that cyber criminals obtained from the Ministry of Finance.
“In January 2026, we came to know that cyber criminals were trying to enter the External Resources Department’s system. When such information was reported, we coordinated with the relevant foreign countries and ensured that no harm was caused to the country that was to receive the payment. That issue was resolved. We felt the need to prepare the necessary procedures to review past payments, because even before January, similar incidents had occurred. Accordingly, it took some time. During that period, it was revealed that the hackers’ activities had also affected a past payment in January,” he said.
“Even though Sri Lanka had made the due payments, the cyber criminals had intervened and diverted it to other bank accounts, instead of the intended recipient,” Suriyapperuma added.
Leave a comment