MUMBAI—India’s state-run Punjab National Bank has stepped up its controls on the use of global payments network SWIFT following an alleged $1.77 billion fraud, according to memos issued this month and seen by Reuters.
India’s second-biggest state lender this month revealed the country’s biggest loan fraud, which it alleges was committed by two junior officials at a Mumbai branch, who issued unauthorized “letters of undertaking” (LOU) via SWIFT, for firms linked to a billionaire jeweler Nirav Modi and his uncle Mehul Choksi.
The undertakings, which PNB says were issued between 2011 and 2017 with incomplete ledger entries by the two officials, were used by Modi and Choksi’s firms to obtain credit from the overseas branches of mostly Indian lenders.
A lawyer for Modi has denied his client was involved in any fraud. Choksi has not commented but his firm, Gitanjali Gems, has also denied involvement in the alleged fraud.
The new measures mean only PNB officers will be able to initiate messages on SWIFT, taking away the authority of clerks to do so. Several new limits have been placed on the amount that officers can generate depending on their seniority in the bank hierarchy.
The note sent by the bank’s head office in New Delhi to all regional offices on Feb. 17 also stated any SWIFT message will have to be created, verified, and authorized by three different officers, starting Feb. 22. Previously only two individuals were needed for the process.
“In continuation of efforts to strengthen SWIFT operation and deploy additional measures to ensure more effective control, it has been decided to set up SWIFT user base limits,” the note went on to say.
A SWIFT spokeswoman in Brussels said it was aware of the reports around PNB but that it could not comment on individual customers.
“When a case of potential fraud is reported to us, we offer our assistance to the affected user to help secure its environment,” Natasha de Terán said. “SWIFT can reassure customers that there is no indication the SWIFT network has been compromised.”
PNB has also created a unit called “Treasury Division Mumbai” for re-authorization of most messages sent over SWIFT by branches. The messages include those meant for LOUs, according to a separate circular the bank sent to all its offices on Feb. 12.
“The designated officer at SWIFT Center, Treasury division, will cross-check the credentials of (the) message in Finacle,” said the note, referencing the lender’s core banking software that was allegedly bypassed to pull off the scam, whose scale PNB only disclosed last week.
Any rejection due to any mismatch will be “kept on record for audit by auditors,” the note added.
The alleged fraud occurred as one PNB deputy manager, with the assistance of one or more colleagues, issued more than 100 fraudulent LOUs for firms linked to Modi and Choksi.
India’s federal police have arrested some half a dozen bank officials, including the two junior Mumbai officials, as well as employees of companies controlled by Modi and Choksi. Lawyers and families of the accused officials have denied any wrongdoing.
The Central Bureau of Investigation says Modi and Choksi left the country last month before the issue came to light.
Since PNB disclosed the fraud last week the bank, auditors and the Reserve Bank of India have been under scrutiny over how they could have failed to detect a scam of such proportions.