By a special correspondent
The disappearance of US$2.5 million during a Sri Lankan Treasury debt repayment has exposed critical failures in the country’s financial technology systems. Intended for a foreign creditor, the funds were diverted elsewhere, raising urgent questions about how such a high-value transaction could proceed without effective safeguards.
This payment formed part of a US$22.9 million debt settlement due in September 2025. In any well-functioning system, such transfers would undergo strict verification, including multiple approvals, secure authentication, and continuous monitoring. The fact that the funds went astray suggests a complete breakdown in these essential controls.
At the heart of the issue is the Ministry of Finance’s recently restructured debt servicing process. Responsibilities were shifted to specialized divisions to streamline operations and improve efficiency.
However, the changes appear to have been implemented without ensuring strong digital security integration across all units. This fragmentation may have created blind spots, allowing unauthorized transactions to slip through unnoticed.
The involvement of Treasury computer systems points to deeper technical flaws. Weak encryption, insufficient access controls, and the absence of real-time fraud detection mechanisms are all possible factors. In a time when cyber threats are increasingly sophisticated, relying on outdated or poorly managed systems can have severe consequences.
In response, authorities have suspended two Treasury directors and two deputy directors, alongside other key personnel connected to the transaction process. These actions underscore the scale of internal lapses but also highlight how accountability mechanisms failed to prevent the breach in the first place.
An investigation is currently underway, yet the broader issue remains unresolved: the lack of a robust and secure digital infrastructure to manage national financial obligations. Without immediate upgrades and stricter oversight, similar incidents are likely to occur again.
The wider economic impact cannot be ignored. Sri Lanka depends heavily on maintaining trust with international lenders. Any disruption in debt servicing even due to internal failures can damage credibility, complicate negotiations, and deter future investment. At a time when economic stability is critical, such risks are particularly dangerous.
This case aligns with other recent financial irregularities, pointing to systemic weaknesses rather than isolated mistakes. It highlights the urgent need for comprehensive reform, including modern cybersecurity systems, transparent processes, and clear accountability across all levels of financial management.
In the end, this is more than a financial loss it is a warning that the systems meant to protect public money are no longer fit for purpose.