The inspection is being carried out by the RBI’s department of banking supervision at banks where SWIFT is not linked to core banking systems (CBS). Photo: Aniruddha Chowdhury/Mint
Mumbai: Central bank officials are conducting a special inspection of letters of undertaking (LoUs) issued by state-run banks, after jeweller Nirav Modi allegedly pulled off a $2 billion fraud at Punjab National Bank (PNB).
The Reserve Bank of India (RBI) is also reviewing the working of SWIFT, a global system used to transmit payment instructions, and scrutinizing the issuance of LoUs to check for any gaps, according to four people familiar with the matter.
State Bank of India (SBI) has been exempted from the RBI inspection as its software system is integrated with SWIFT, which stands for Society for Worldwide Interbank Financial Telecommunications. LoUs are guarantees given by banks to allow borrowers to raise foreign currency loans from overseas banks.
“Typically, SWIFT is not part of the RBI’s annual inspection, since it’s the internal auditors’ job to inspect these transactions. RBI is going through all log entries in SWIFT,” said an official with a public sector bank, one of the four people cited earlier.
The inspection is being carried by the RBI’s department of banking supervision at banks where SWIFT is not linked to their core banking systems (CBS), said two of the four people cited earlier. The officials are also looking at who issues and authenticates SWIFT messages, as well as the process of tallying Nostro accounts.
Companies linked to Nirav Modi are alleged to have obtained unauthorised LoUs from PNB. These were issued without making entries in CBS, the software used to support a bank’s most common transactions. Separately, overseas banks issued buyers’ credit against the LoUs issued by PNB and credited the funds to the bank’s Nostro accounts. PNB’s system missed these transactions as daily reconciliations of Nostro accounts did not happen. The size of the fraud is now estimated at Rs12,700 crore.
Mails to RBI and SWIFT did not elicit any response.
According to a 23 February Mint article, RBI has set 30 April as the deadline for banks to integrate their CBS with SWIFT. Only private sector banks and State Bank of India currently have their systems integrated. RBI has also announced the setting up of a panel under the chairmanship of Y.H. Malegam, a former member of its central board of directors, to study rising cases of bank fraud.
In a letter to banks, RBI also reiterated that they must strictly comply with the principle of “four eyes”—that each SWIFT message must be processed by four bank officials: a maker, a checker, a verifier and an authorizer—two people who have seen the letter said on condition of anonymity.
RBI also said it had flagged concerns regarding the risks arising from the potential misuse of the SWIFT infrastructure since August 2016.
“Any foreign exchange transaction will have to be dealt with 3 distinct units- front office or business office; back office where proper documents and registers are created; and third is middle office which is responsible for risk management. RBI does an overall inspection of banks and checks whether such systems, policies and procedures are in place. It doesn’t go into branch level inspection to see how systems are functional,” said R. Gandhi, former deputy governor, RBI.
