A significant operational breakdown at People’s Bank has sparked broader discussion on governance standards and systemic risk within Sri Lanka’s banking sector after the institution confirmed that an exchange rate application error led to unintended overpayments in a remittance system over a period spanning nearly three years.
The issue, which originated in May 2023 and continued until its identification and correction in March 2026, involved a miscalculation in exchange rate application for a specific currency channel. While the bank has framed the incident as a technical and procedural lapse rather than deliberate misconduct, the extended duration of the error has drawn attention to potential weaknesses in internal audit frequency, system validation protocols, and exception monitoring frameworks.
The estimated financial impact stands at approximately Rs. 656 million. According to the bank, this exposure has already been fully reflected in its financial statements over the relevant years, reducing the likelihood of any sudden balance sheet adjustments. However, financial governance experts note that the true cost of such incidents extends beyond direct monetary impact, often affecting institutional credibility, investor perception, and customer trust.
Recovery efforts targeting affected customers have already been initiated, with the bank reporting early progress. Nevertheless, such recovery exercises can present operational and ethical challenges, particularly when determining repayment obligations in cases where customers may not have been aware of the system error at the time of receiving funds.
The bank has reiterated that its daily operations remain uninterrupted and that its strong asset base of approximately Rs. 3.8 trillion provides a buffer against isolated financial disruptions. It has also stressed its commitment to transparency, stating that the issue is being reviewed in consultation with regulatory authorities, including the Central Bank of Sri Lanka, as part of ongoing supervisory engagement.
Despite these reassurances, the incident has revived debate about risk governance in large state-owned banks. Industry observers suggest that reliance on legacy systems, combined with high transaction volumes in remittance operations, can increase vulnerability to configuration errors if not matched with robust, automated oversight tools.
For customers, the immediate concern is less about systemic stability and more about confidence in accuracy. Even when corrected, such errors can create uncertainty about transaction reliability, particularly in cross-border financial services where trust and timing are critical.
As the review continues, the case is likely to serve as a reference point for strengthening digital banking controls across the sector.
By a Special Correspondent