• Mixed messaging from Govt.
• COPF Chair slams Fin. Min. over 3 no-shows
• Govt. activates 24/7 cyber monitoring centre
• New national watchdog in the pipeline

Preliminary findings have not established evidence of a cyber intrusion into Government systems as Sri Lanka continues investigations into the purported misdirected Treasury payment of $ 2.5 million, Deputy Minister of Digital Economy Eranga Weeraratne claimed on Friday (24). 

This was a day after the Treasury Secretary stated that hackers had breached the e-mail system to carry out the deed. 

According to Weeraratne, the payment, intended for a foreign debt repayment, had instead been transferred to a third party between December 2025 and January 2026. Authorities are examining whether the incident had resulted from a technical breach or an impersonation scheme involving fraudulent communication. 

“Based on the investigations conducted thus far, no evidence of a system breach has been identified. There has been no indication of email hacking or similar intrusion. However, investigations are ongoing to determine how a foreign party may have impersonated a legitimate entity and facilitated this transaction. At present, there is no indication that the Ministry of Finance’s systems were compromised,” Weeraratne told The Sunday Morning. 

He added that efforts were underway to strengthen the Government’s digital security infrastructure, including operationalising a centralised monitoring mechanism. 

“The Government has established a 24/7 National Cyber Security Operations Centre, which is now operational. This facility is mandated to carry out real-time monitoring using Artificial Intelligence (AI)-enabled tools to detect potential threats in advance. Integrating critical IT infrastructure across institutions with this system remains a key priority,” he said. 

Weeraratne noted that legislative measures were in progress to reinforce institutional oversight of cybersecurity. “There are plans to establish a national cybersecurity authority and the relevant bill is currently with the Legal Draftsman. This institution is expected to play a central role in enforcing cybersecurity standards across State institutions,” he said.

The incident in question relates to a January foreign debt repayment, when funds from a wider $ 22.9 million settlement due to Export Finance Australia were allegedly diverted. 

Deputy Minister of Finance and Planning Anil Jayantha Fernando reported that a similar fraudulent attempt involving a payment to India had further exposed the discrepancy. 

Meanwhile, Department of External Resources Director General R.M.S.P.S. Bandara declined to comment in detail, citing the ongoing investigation.

“The Treasury has already issued a press release. Beyond that, I am unable to provide further comment as the matter remains under investigation,” he said.

When questioned further regarding the timeline and discovery of the discrepancy, Bandara reiterated that disclosures at this stage could affect the process.

The incident has prompted responses from lawmakers, particularly regarding governance and oversight of public finance. 

Committee on Public Finance (COPF) Chairman Harsha de Silva said that prior concerns had been raised about institutional capacity in managing sovereign debt operations. 

“What has happened to $ 2.5 million in public funds raises serious concerns. This is not merely a case of negligence, but reflects a broader failure that had been previously highlighted. When debt management responsibilities were transferred from the Central Bank to the Treasury’s Public Debt Management Office, the COPF repeatedly emphasised the need for experienced and competent personnel. Managing sovereign debt in international markets requires specialised expertise, and those concerns were not adequately addressed,” he said.