As per Government of India revert in Rajya Sabha, PNB has taken below steps to ensure that such unauthorised activities in SWIFT systems are not repeated (other banks may have changed accordingly):
- Establishment of an additional tier(off-site) as a third level of re-authorisation of SWIFT messages, wherein payment messages are re-authorised by a separate team of SWIFT Centre, Mumbai only after cross-checking the authenticity of messages in CBS (Core Banking System);
- Defined SWIFT-user-based limits for all SWIFT users, under close monitoring;
- Switching off of SWIFT server (LTE) by 10:00 p.m., and restricting SWIFT operations at branches to 6:30 p.m. and centralised back office for trade finance by 7:00 p.m.;
- Concurrent auditors at branches advised to ensure physical reconciliation of all SWIFT messages with CBS on daily basis;
- Placing of auditor at SWIFT Centre, Mumbai to carry out audit of SWIFT Operation at SWIFT Centre, Mumbai for anomaly, if any; and
- Monitoring of SWIFT user ID creation/resetting on the recommendation of senior level functionaries.