SWIFT is a Belgium-based secure financial messaging service which is used by over 11,000 banking and securities organisations.
The Reserve Bank of India (RBI) recently penalised 19 Indian lenders for non-compliance of directions on the SWIFT messaging network. It earlier came into limelight in the Punjab National Bank fraud case where it was misused to siphon off as much as Rs 14,000 crore.
The system was not integrated with the lender's core banking solution which could have flagged suspicious transactions and stemmed the losses. This raised regulatory concerns on the usage of this network by banks in the country.
So, what is SWIFT and how is it operated in India?
-The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a Belgium-based secure financial messaging service which is used by over 11,000 banking and securities organisations in more than 200 countries across the world.
-In order to use the service, institutions are required to declare compliance of 16 basic security principles laid out by SWIFT for securing their access points with the network. These include credentials management and setting up of firewalls.
-The messages comprising financial documents, operational data or reports are sent over the network and are encrypted using codes and can be tracked till the point of delivery. An 8-character Business Identifier Code (BIC) is given to each institution to facilitate automated processing of information.
-For providing domestic financial transactions in India, SWIFT formed a joint venture with 11 Indian banks and was given regulatory approval in February 2016. State Bank of India, ICICI Bank and nine other lenders together own 45% of stake in SWIFT India. This model is specific to India as the local mandate set by RBI does not allow domestic data to leave the country. As of now, 44 Indian entities use the messaging network.
-The RBI, has on various occasions, confidentially cautioned and alerted banks to implement prescribed measures to prevent misuse of the messaging system. In February 2018, the regulator said that the risks arising from the potential malicious use of the SWIFT infrastructure are component of their own operational risk profile.
-In the PNB scam, SWIFT was used to carry out fraudulent transactions, and at the same time, these were not reported to the bank's core banking system.
