- Bank of England asked to make network add validation measure
- Swift CEO to announce new security initiatives Tuesday
U.K. banks are privately lobbying the Bank of England to pressure Swift into adopting new security measures that would make it more difficult for cyber criminals to target the global payments network, according to a person with direct knowledge of the discussions.
The banks want the Society for Worldwide Interbank Financial Telecommunication to install software that would detect unusual payment requests and require further validation, said the person, who declined to be identified because the meetings were private. The discussions are still at an early stage and any formal talks with Swift would be conducted by the central bank and possibly the British Bankers’ Association, the person said.
Hackers exploited weaknesses in how banks connect to the Swift system to steal $81 million from Bangladesh’s central bank in February and $12 million from an Ecuadorean bank in January 2015. An attack late last year on a Vietnamese lender was foiled. In all three attacks the perpetrators got access to the codes the banks use to direct money movements via Swift and used them to request funds transfers.
Swift, which connects 11,000 financial institutions that send about 25 million messages a day, says its network has not been compromised and that it is the responsibility of the banks to ensure that their computer systems are secure enough to prevent further heists.
Still, the organization is trying to get ahead of the security concerns the hacks have raised. Hackers may have targeted more banks than have been previously reported, according to prepared remarks by Swift’s Chief Executive Officer Gottfried Leibbrandt. He also said Swift would aim to improve information sharing, will increase security requirements for the software clients use and help clients conduct security audits.
"I think it will prove to be a watershed event for the banking industry," he said in the prepared remarks for a speech slated to be delivered at the European Financial Services Conference in Brussels Tuesday. "There will be a before and an after Bangladesh."
Spokesmen for the Bank of England and the British Bankers’ Association didn’t immediately respond to requests for comment.
The hacks, and the increased security efforts in response to them, may accelerate industry plans to develop alternatives to Swift, which has effectively dominated the cross-border payments system for almost four decades. Among them, banks are exploring distributed-ledger technology like the one that underpins bitcoin, known as blockchain.
"One good effect of all of this is that it will encourage financial services organizations large and small to look at some of the new and emerging solutions such as blockchain to help with these challenges," said Eric Van der Kleij, fintech and blockchain special adviser to the U.K. government’s Global Entrepreneur Programme and chairman of its advisory group.
R3, a private consortium of more than 45 institutions, including JPMorgan Chase & Co., Barclays Plc, and Wells Fargo & Co., is working to develop and commercialize blockchain applications to do just that. In February the New York-based group revealed it had successfully simulated trades of digital assets on a private network spanning four continents.