NIC Asia to seek CIB help after KPMG investigation concludes

Kathmandu, October 25

NIC Asia Bank has decided to seek help from the Central Investigation Bureau (CIB) of Nepal Police to investigate possible hacking of its SWIFT server after the forensic investigation of KPMG team concludes. The KPMG team is currently investigating the matter, and is expected to submit its report to the bank and Nepal Rastra Bank (NRB) by Friday.

“The forensic investigation of KPMG will give a clear picture on how the funds were transferred without authorisation using our SWIFT server, then we will hand over the case to CIB,” a high-level source at NIC Asia Bank told The Himalayan Times.

“The bank can directly approach CIB or through the central bank for the investigation.”

NIC Asia Bank has not reported the case to CIB till date, which has raised suspicions of involvement of insiders in the incident.

During a separate investigation carried out by the central bank immediately after NIC Asia Bank informed the regulator about the incident, it was revealed that the staffers assigned to operate the SWIFT system of the bank had used the computer dedicated for SWIFT operation for other purposes also. “Moreover, the bank had not installed the security updates received from SWIFT,” said one central bank source, seeking anonymity.

Reportedly, the bank has already transferred the staffers assigned to the SWIFT department to other departments.

According to sources at NIC Asia Bank, the bank was able to put on hold the payment order placed to eight different banks of six countries — United States, United Kingdom, Japan, Singapore, Hong Kong and China. However, some of the banks have already released the payment, worth around Rs 27.5 million, which will be difficult to retrieve.

There was fund transfer order of around Rs 460 million placed through Standard Chartered Bank and Mashreq Bank of New York to the eight banks of the six countries.

Following the incident, the bank has put all its cross-border transactions on hold. The bank has already installed a new SWIFT server and shut down the old one.

The KPMG team has been looking into the genuine payment orders and fake payment orders and it will take a few days to resume cross-border transactions of the bank, according to bank sources.