Breaking News
A.R.B.J Rajapaksha
A.R.B.J Rajapaksha
May 25 2026
59Sri Lanka’s banking and financial sector Chief Information Officer (CIO) Forum has stated that it has structured a comprehensive National Cyber Resilience Framework, proposing 20 strategic measures to protect the country’s financial infrastructure against escalating cybersecurity threats.
Forum officials told the Sunday Observer Business on condition of anonymity, that the cybersecurity threats confronting Sri Lanka’s financial sector are not hypothetical future risks, but immediate and active dangers causing daily harm.
They stressed that safeguarding Sri Lanka’s financial stability is a “shared responsibility”, requiring the urgent and unified commitment of the Government, law enforcement authorities, and the private sector, together with immediate attention to implementing the proposed framework.
“We are awaiting potential dates to present our framework to the authorities for their immediate action,” they said.
According to them, the island nation experienced a dramatic 134% surge in cybersecurity complaints in 2025, with over 12,650 reported incidents.
“We believe this represents only a fraction of the true volume, which is estimated to range between 38,000 and 63,000 incidents annually,” they said.
The Forum stated that the sector faces critical risks from Artificial Intelligence (AI)-powered deepfakes used for large-scale financial fraud and identity theft, similar to the US$25 million fraud reported in Hong Kong in 2024.
They also identified triple-extortion ransomware attacks as a major threat capable of paralysing banking operations, referring to the 1.9-terabyte data leak that affected several banks in March 2025. The Forum further highlighted the growing threat of telecom scams, which continue to cause daily financial losses to citizens through short message service (SMS) and voice spoofing, with nearly 90% of incidents linked to social media platforms.
Through this proposed framework, the Forum called on the Government to take decisive and immediate action to close critical security gaps.
Key proposals include emergency regulations requiring the Telecommunications Regulatory Commission of Sri Lanka (TRCSL) to gazette urgent uniform resource locator (URL)-blocking and telephone-number ban regulations within 30 days. The Forum also called for urgent amendments to the Computer Crimes Act to grant the Computer Crimes Investigation Division explicit powers to arrest suspects, secure remand orders, and freeze funds linked to cybercrime investigations.
To strengthen national governance, the framework seeks Cabinet approval within 90 days for the setting up of a National Cyber Governance Council aimed at eliminating institutional silos.
For improved intelligence-sharing, the Forum proposed the mandatory establishment of a Financial Sector Information Sharing and Analysis Centre within six months to facilitate collaboration between the public and private sectors.
A key component of the framework focuses on transforming cybercrime investigations and fund recovery processes. The proposal addresses systemic delays identified by the Criminal Investigation Department and recommends the setting up of a 24-hour Cybercrime Liaison Desk at the Central Bank of Sri Lanka, together with a secure portal enabling real-time retrieval of financial data by law enforcement agencies.
The officials said that, at present, the likelihood of recovering stolen funds falls below 15% after 48 hours. However, under the proposed framework, recovery rates could exceed 60% if intervention takes place within six hours of fraud being detected. The Forum also requested that the newly established Proceeds of Crime Investigation Division be empowered to pursue civil forfeiture of illicit assets, including cryptocurrency holdings, even in cases where criminal convictions have not yet been secured. The framework draws inspiration from successful models adopted in India and Singapore, including proposals to introduce a national “1929” cybercrime hotline and the ScamShield mobile application.
It also outlines a three-tier engagement strategy with global cybersecurity companies such as CrowdStrike, Microsoft, and Google to integrate real-time threat intelligence into Sri Lanka’s cybersecurity ecosystem.
Among the immediate low-cost measures proposed are the deployment of Cloudflare Domain Name System (DNS) filtering across Government networks and the integration of the Google Safe Browsing Application Programming Interface (API) into the national URL database.
However, Sri Lanka’s digital economy agenda targets major cybersecurity reforms between 2025 and 2030, including a National Cyber Security Strategy, a Cyber Security Authority, stronger banking cyber resilience, telecom scam controls, and secure digital identity systems.
Source - Sunday Observer
