By Huw Jones and Tom Bergin
LONDON May 24 The SWIFT secure messaging
service that underpins international banking said it plans to
launch a new security programme as it fights to rebuild its
reputation in the wake of the Bangladesh Bank heist.
The Society for Worldwide Interbank Financial
Telecommunication (SWIFT)'s chief executive, Gottfried
Leibbrandt will tell a financial services conference in Brussels
that SWIFT will launch a five-point plan later this week.
Banks send payment instructions to one another via SWIFT
messages. In February thieves hacked into the SWIFT system of
the Bangladesh central bank, sending messages to the Federal
Reserve Bank of New York allowing them to steal $81 million.
The attack follows a similar but little noticed theft from
Banco del Austro in Ecuador last year that netted thieves over
$12 million and a previously undisclosed attack on Vietnam's
Tien Phong Bank that was not successful.
The crimes have dented the banking industry's faith in
SWIFT, a Belgium-based co-operative owned by its users.
The Bangladesh Bank hack was a "watershed event for the
banking industry", Leibbrandt will say.
"There will be a before and an after Bangladesh. The
Bangladesh fraud is not an isolated incident ... this is a big
deal. And it gets to the heart of banking."
SWIFT wants banks to "drastically" improve information
sharing, to toughen up security procedures around SWIFT and to
increase their use of software that could spot fraudulent
payments.
SWIFT will also provide tighter guidelines that auditors and
regulators can use to assess whether banks' SWIFT security
procedures are good enough.
Leibbrandt will again defend SWIFT's role, saying the hacks
happened primarily because of failures at users. However, some
finance industry executives say SWIFT has not been as active as
it should be in improving security.
Users frequently do not inform SWIFT of breaches of their
SWIFT systems and even now, the co-operative has not proposed
any sanctions for clients who fail to pass on information, which
SWIFT itself says is key to stopping future attacks.
Some critics say SWIFT should also be more active in
auditing clients and be ready to cut off members whose security
is not up to scratch.
But the messaging service says other authorities also have a
role.
"SWIFT is not all-powerful, we are not a regulator and we
are not a policeman," Leibbrandt will say.
Former SWIFT Chief Executive Leonard Schrank said it
appeared that SWIFT's security efforts had not kept pace with
the criminals increased sophistication and that the co-operative
needed to work hard to restore its reputation.
"They really have to earn that credibility back," he told
Reuters.
