The RBI had issued two circulars in 2016 to banks on strengthening the Society for Worldwide Interbank Financial Telecommunication (SWIFT) system, the misuse of which was unveiled last month in the Rs 12,600 crore fraud on state-run Punjab National Bank (PNB), Parliament was informed on Tuesday.
Apart from diamantaire Nirav Modi and his uncle Mehul Choksi, some PNB employees have been accused of misusing their access to the bank's SWIFT electronic messaging system used for overseas funds transfers. None of the fraudulent transactions were registered on the bank's internal transaction messaging system, the Core Banking Solution (CBS), enabling the fraud to go undetected for long.
"Reserve Bank of India (RBI) has apprised that it had issued two circulars to banks in the months of August and November 2016, related to security and operational controls in the SWIFT environment," Minister of State for Finance Shiv Pratap Shukla told the Rajya Sabha in a written reply.
"As per RBI inputs, compliance with RBI's instructions is the bank's responsibility and the Compliance Officer in the bank monitors the same."
"The RBI monitors compliance to its instructions on an ongoing basis and during RBI inspections and, where necessary, enforcement action is also initiated," he said.
After the unearthing of the PNB scam, an RBI notification last month said: "The risks arising from the potential malicious use of the SWIFT infrastructure has always been a component of their operational risk profile. RBI had, therefore, confidentially cautioned and alerted banks of such possible misuse."
Noting that the RBI has instructed banks to "strengthen their SWIFT operating environment", Shukla said the central bank has also constituted an expert committee to look into factors "leading to increasing incidence of frauds in banks and the measures (including information technology interventions) needed to curb and prevent it, and the role and effectiveness of various types of audits conducted in banks in mitigating the incidence of such frauds".
The RBI has taken other fraud-control measures like bringing out a framework for dealing with loan frauds above Rs 50 crore, creating an online Central Fraud Registry, issuing caution advices detailing names of fraudsters and their modus operandi and ordering banks to re-verify the title deeds for all credit exposures above Rs 5 crore.
The central bank has also mandated commercial banks to put in place adequate audit and compliance mechanisms with bank board-level reporting through the audit committee of the board, the minister added.