Exclusive: Central banks seek global standards in wake of Bangladesh heist
By Jonathan Spicer and Tom Bergin
NEW YORK/LONDON (Reuters) - The world's major central banks, stung by this year's $81-million heist in Bangladesh, have launched a task force to consider setting broad rules to protect the vast network of cross-border banking from cyber attacks, according to two sources with knowledge of the matter.
The committee of central banks, part of the Bank for International Settlements (BIS) in Basel, Switzerland, set up the task force this summer. It has begun gathering information from members on their protections against fraud, said the sources, who requested anonymity because work had just begun.
The task force could ultimately set cyber security standards around inter-bank transfers that may be adopted globally. The new principles or guidance could cover responsibilities of banks that send and receive money transfers, and networks like SWIFT that transmit payment instructions in correspondent banking.
The task force also aims to consider recommending the steps each player should follow if a central bank falls short of protecting its systems from hackers, what role domestic regulators should play, and how to respond if another breach happens, the sources said.
"It's in its formative stages," said one of the sources. "It's what needs to happen ... but it's not a fast process." The other source said a focus of the task force will be identifying where the "breakdowns" are hidden in correspondent banking.
The BIS, which oversees the Committee on Payments and Market Infrastructures (CPMI) that launched the effort, declined to comment.
The sources said the attempted theft of nearly $1 billion from Bangladesh Bank's account at the Federal Reserve Bank of New York, as well as other cyber attacks that since came to light, helped spur the committee of central banks.
In early February, hackers breached the Bangladesh central bank's systems and peppered the Fed with payment requests via the SWIFT global money-transfer network. Some requests were filled, amounting to $81 million that disappeared mostly into Philippines casinos. A Reuters investigation found the theft happened amid missed warning signs and miscommunication between the New York Fed and Bangladesh Bank. Continued...