The SWIFT inter-bank messaging network will launch a new tool in December to help clients identify more quickly any unauthorised payment instructions like those used by hackers to steal $81 million from Bangladesh's central bank in February.

From December SWIFT will begin sending 'daily validation reports' to clients, it said in a statement yesterday.

These would list the messages sent from a client's SWIFT terminal, thus allowing a bank to spot any payment instructions that it had not intended to send.

The new tool will include both activity reports and risk reports. The activity reports will enable institutions to see their aggregate daily activities across currencies, countries and counterparties -- giving them a snapshot view of each day's messaging activity against which to detect unusual patterns.

The risk reports will provide customers with a focused review of large or unusual payment flows and new combinations of payment parties -- allowing unusual senders, destinations and patterns to be more quickly and easily identified, according to the statement.

The move came after the Bangladesh theft and others which have come to light this year have knocked confidence in the supposedly super-secure system, which channels trillions of dollars worth of inter-bank payments each day.

In case of Bangladesh, hackers had originally tried to steal nearly $1 billion by placing 35 unauthorised payment orders from the Bangladesh Bank's account with the Federal Reserve Bank of New York. They were able to transfer $81 million to four accounts at Rizal Commercial Banking Corporation in the Philippines.

SWIFT said the daily validation reports will supplement customers' existing fraud controls. The new reports will be sent to customers' payments and compliance teams through a separate channel, so that even if hackers have gained access to the terminal, the reports will get through.

Based on SWIFT's records of customers' messages, the daily validation reports will give customers an accurate summary of their message flows, affording them an independent means of verifying their messaging activity and detecting any unusual patterns. This will enhance their ability to identify possible fraud attempts and improve the likelihood they can cancel any fraudulent transfers.

In the BB heist and a $12 million theft from a Colombian bank last year, hackers covered their tracks by deleting records of fraudulent SWIFT messages they sent from the banks' terminals.

In both cases, it took days for the thefts to be discovered. 

However, some former SWIFT staff and clients say the Belgium-based organisation has been slow to react to growing security risks in recent years, Reuters reported yesterday.  SWIFT denies it overlooked risks around unauthorised access to client terminals, saying it is up to banks to secure their own facilities.

In the statement, Stephen Gilderdale, head of SWIFT's customer security programme, said a key step in the modus operandi in recent wire fraud cases at customer firms involves the attackers concealing their fraudulent messaging activity on customers' local systems.

Smaller institutions, in particular, are currently dependent on the accuracy of the data on their own systems, but in the event of a security breach, their locally stored payment and reconciliation data may be altered or unavailable, he said. 

"Daily validation reports will provide a reliable and independent source of information, providing such institutions with an activity lens to help them quickly detect fraud -- whether perpetrated by external attackers or by malicious insiders."