ENB - தமிழீழச் செய்தியகம்

சென்ற வாரம் இலங்கை-சண்டே ரைம்ஸ்

Political agendas undermine credibility of Easter attack probesSallay episode sparks political debate on CID investigations amid questions over moves to pin mastermind tag on GotabayaSallay’s wife expressed fears for her husband’s life, says his detention driven by a personal vendetta and lacks credible evidenceTreasury and Central Bank in blame game over USD 2.5 million cyber theft; Harsha says ultimately people will pay the price if money is not recovered price if money is not recovered New details reveal payments were made even after warnings from top global banks; expert calls for reforms to address system weaknessesBy our ST Political Desk 14-06-26Investigations into the multiple terrorist attacks carried out on April 21, 2019 – Easter Sunday – were never going to be clear-cut given the level of politicisation of investigations of crimes in the country over the years, but one thing that is becoming clearer with each passing week and seven years later is that all sides are more fixated on scoring political points than allowing a transparent, independent and evidence-based investigation into the case.Like with most other high-profile cases, before the dust settled and the country and the world became aware of the extent of the attacks in 2019, the finger-pointing had begun with allegations levelled against the Yahapalanaya government led by then President Maithripala Sirisena and Prime Minister Ranil Wickremesinghe as well as against police and the security officers who had failed to act upon warnings of possible attacks received from foreign intelligence agencies. Months later in November 2019, the presidential candidate of the newly formed Sri Lanka Podujana Peramuna (SLPP), Gotabaya Rajapaksa, was elected with a landslide victory, followed by an equally impressive showing by the party at the general election that followed. The public love affair with the SLPP ended much sooner than expected when Mr Rajapaksa was forced to quit the presidency after months of economic turmoil and general unrest. The feeling of anger and frustration with the established political parties paved the way for the National People’s Power (NPP) led by the Janatha Vimukthi Peramuna to take power in both the presidential and parliamentary elections five years later.Anura Kumara Dissanayake, who was elected in September 2024, aligned himself with the ‘mahamolakaru’ (mastermind) theory during the election campaign and won endorsement from Colombo’s Archbishop Malcolm Cardinal Ranjith, who insisted there was a larger conspiracy behind the attacks. Having pledged to find a ‘mastermind’ during the election campaign, President Dissanayake and those entrusted with security matters in his government have been hard-pressed to follow through with their promises, both to appease the Cardinal and to tighten the noose around its political opponents, mainly the Rajapaksas.Opposition politicians led by Wimal Weerawansa and Udaya Gammanpila staging a satyagraha to protest what they called degrading treatment of former State Intelligence Chief Suresh Sallay in CID custody. Pic by Indika HanduwalaTowards this end, the arrest of Major General (retd) Suresh Sallay, who served as the head of the State Intelligence Services (SIS) under Gotabaya Rajapaksa, was seen as the major breakthrough, and the church was happy with the progress of the investigations. But developments erupted into wider political debate on whose behest the direction of the investigations is being led and if Suresh Sallay’s arrest is to pave the way for the arrest of Gotabaya Rajapaksa, who, some in the government seem to think, is the likely ‘mastermind’ they are looking for. The travel ban imposed on Mr Rajapaksa on June 3 seems the prelude to his arrest in connection with the attacks. The evidence, according to a senior government source familiar with the investigation, is that the former president was present at a meeting held several months prior to these attacks where the plans for such attacks were being discussed. The attacks, it is alleged, were to be used to propel the Rajapakasas back to power.So while the government weighs in on the arrest of a high-profile member of the Rajapaksa family, it is facing some pushback over the arrest of the former SIS chief and the manner in which he continues to be held under a detention order signed by the President.The launch of a hunger strike by Mr Sallay, alleging inhuman and degrading conditions at his holding cell at the Criminal Investigation Department (CID), prompted a group of opposition political parties and some members of the Buddhist clergy to begin a satyagraha on June 8 outside the Fort Railway Station. They called for his release and investigations into the allegations of inhumane treatment being meted out to him by the CID. The campaign was spearheaded by former MPs Wimal Weerawansa and Udaya Gammanpila, with members of Major General Sallay’s family extending their support. The Satyagraha was called off two days later after Colombo Fort Magistrate Pasan Amarasena issued an order to appoint a five-member special medical board to examine whether the detained former head of the SIS was subjected to torture while in custody and to submit a report to the court. While the SLPP and the UNP too extended support for the Satyagraha’, the main opposition Samagi Jana Balawegaya (SJB) has chosen to remain silent on the matter given the political implications it could face with some of its support base.CBSL Governor Nandalal Weerasinghe and Treasury Secretary Harshana Suriyapperuma attending the CoPF meetingMeanwhile, Sallay family members who had refrained from speaking publicly on his arrest and detention went public over the plight of the former SIS chief after he began the ‘fast unto death’, which led to him being admitted to the Colombo National Hospital last Sunday night.Manori Sallay, the wife of Major General (retd) Suresh Sallay, who spoke to the Sunday Times, expressed fears for her husband’s life and said his arrest and detention have been driven by a personal vendetta and minus any credible evidence against him.“They picked him up at Peliyagoda while he was on his way to work on February 25 without any credible evidence against him. We were denied access to him for many days, not allowed to take meals for him even though he was not provided with proper or adequate meals and he was kept at the CID under the worst possible conditions,” she said.Since his transfer to the NationalHospital, Ms Sallay has been given permission to visit along with their son and daughter, but his refusal to take food has made his health deteriorate.“He refuses to take food or water and is on a drip, and his condition is deteriorating. My husband is a highly decorated officer who has served the country diligently and fearlessly. I am scared for his life,” she said.Much of the criticism by Maj. Gen. Sallay’s family is directed at the CID Director, retired Senior Superintendent of Police (SSP) Shani Abeysekera, who they claim has a personal vendetta against the former army officer due to the leaking of an audiotape in which Mr Abeysekera is heard discussing the Easter Sunday attacks. “There is clearly an attempt to frame my husband by depending on a dubious witness who everyone is aware of,” she said.Family members are demanding that Mr Sallay be transferred to the remand prison from the CID but a senior government source said that it would be difficult to ensure adequate security for him in the remand prison. At the National Hospital, where he is now under treatment, security has been tightened too. “The government is determined to ensure his safety and security,” a senior government source said.He added that the former SIS chief may have had nothing personally to gain by causing the deaths of several hundred people but was more a pawn in the hands of bigger conspirators who were working toward gaining political power, and they would be determined to sabotage the ongoing investigations.Meanwhile, Public Security Minister Ananda Wijepala told Parliament on Thursday that investigators have gathered sufficient evidence to link the former SIS chief to the attacks, alleging he had prior knowledge of the attacks and related extremist activities.He claimed that, three weeks before the bombings, Mr Sallay used four individuals to gather information, including attendance figures at a church in Negombo. One of the individuals has been identified by witnesses as an ISIS-linked extremist who disappeared after the attacks, the minister said. He rejected allegations that Mr Sallay had been subject to degrading treatment in custody.The detention of Mr Sallay under the Prevention of Terrorism Act (PTA) has once again drawn attention to the draconian law which the NPP pledged to abolish during its election campaign. Despite the promise, the law continues to be used to detain citizens, with the recent arrest of a Tamil singer in Jaffna exposing the dangers posed by the PTA to the rights of citizens.Twenty-four-year-old rapper Ganeshkumar Sangeethsan, better known by his stage name ‘Hiphop Sangee’, was arrested under the PTA earlier this month and was granted bail by the Chavakachcheri Magistrate’s courts on strict conditions after the Attorney General decided to withdraw charges under the PTA and file fresh charges under Section 120 of the Penal Code. (See page 14 for the full story).“Show me the man and I’ll show you the crime” are words attributed to Lavrentiy Beria, a long-serving secret police chief in Joseph Stalin’s Russia. His method was to target “the man” first and then proceed to fabricate a crime/evidence. Such cases are not unheard of in Sri Lanka, which is why investigations against any suspect need to be done without the cloud of political interference as well as the pressure from those with vested interests hanging over them. This week’s developments show that it’s political interests that are driving the investigations in the Easter Sunday attacks case and not so much a genuine interest in the welfare or well-being of the families of the victims.The missing dollarsMeanwhile, Parliament’s Committee on Public Finance (CoPF) convened this week to discuss a key report submitted by the Finance Ministry on the disappearance of USD 2.5 million belonging to the Treasury. The funds were meant to be paid as an instalment for a bilateral debt repayment to Australia but had been diverted to an account of a third party by cybercriminals posing as officials from the Australian government’s export credit agency – Export Finance Australia (EFA). The report was taken up on Monday (8) when the CoPF met under the chairmanship of Samagi Jana Balawegaya parliamentarian Harsha de Silva. Treasury Secretary Harshana Suriyapperuma and Central Bank of Sri Lanka (CBSL) Governor Nandalal Weerasinghe were present, along with senior officials of both institutions. Officials from several other agencies, including the Sri Lanka Computer Emergency Readiness Team (SL-CERT), were also in attendance.It soon became apparent that the Finance Ministry’s report on the alleged cyber-theft had placed much of the responsibility for the incident at the feet of CBSL. The CBSL in turn has disputed the Finance Ministry’s version. CoPF Chair Dr de Silva told the media after the meeting that two different opinions were presented as to who should be held responsible for the incident. The CBSL had not been given a copy of the Treasury’s report prior to the CoPF meeting, and as such, the committee had given a copy of the report to Central Bank officials. The CBSL assured the CoPF that it would submit its own report on the incident to the committee within one week. Once that report is submitted, the CoPF will release the reports submitted by both institutions, as well as the committee’s own report on the matter.Dr de Silva stressed that ultimately, it is the country’s people who will have to foot the bill for any of the missing funds that are not recovered, noting that this was confirmed by the Treasury Secretary when he put the question to him. The committee chair also highlighted that there had been a number of significant failures on the part of authorities that ultimately led to the theft of the funds. These included the use of an outdated email server and ignoring red flags related to anti-money laundering. “A $2.5 million theft of public funds, and the public will have to pay for it. The secretary confirmed: Whatever is not recovered will be on the people. Outdated email server for years, basic management regulations and internal controls overlooked. Anti-money laundering flags ignored. CID & forensic audit now underway. This is why we need proper systems. No more shifting blame,” the CoPF chair later posted on X.Even government sources conceded that the likelihood of the USD 2.5 million ever being recovered is slim at best. As such, the far likelier scenario is that the people will have to pay an extremely heavy price for the failures of those tasked with ensuring the safety of public funds.Adding another layer of complexity to the investigation is that the alleged cyber-theft occurred during the transition of debt management functions from the CBSL to the newly established Public Debt Management Office (PDMO) under the Ministry of Finance. The PDMO was established under the Public Debt Management Act (PDMA) No. 33 of 2024 in December 2024. Though PDMO staff officially assumed duties in January 2025, public debt management functions continued to be handled by the Central Bank’s Public Debt Department (PDD). From March to December 2025, newly recruited PDMO officials were trained at the CBSL premises under the direct supervision and guidance of PDD-CBSL officials. The Treasury’s PDMO became fully operational only in December 2025.The Sunday Times has managed to establish a timeline of events leading up to the alleged cyber-theft through several sources who have knowledge of the ongoing criminal investigations into the missing funds as well as the Treasury’s report submitted to the CoPF. According to these sources, officers from the Treasury’s External Resources Department (ERD) had received six fake invoices from cybercriminals posing as officials from Export Finance Australia (EFA) on November 13, 2025, with the due date for payment on November 15, 2025. Instructions had been given via email to deposit the funds to several foreign bank accounts under the name of “Mish Global LLC”. The ERD had then forwarded these invoices to the Treasury’s PDMO without conducting any out-of-band verification (communication outside a primary or standard channel) such as a phone call with the EFA.Following authorisation by the Treasury, payments had been processed by the CBSL for four of the invoices on November 14 – a day after the invoices were received.On November 24, however, an intermediary bank rejected two invoices amounting to more than USD 1.3 million that had been paid to a bank account in the US and returned the funds to CBSL. A senior official from the Treasury’s ERD had then contacted the cybercriminal/s who had been posing as an EFA official and notified them of the rejection of the invoices. The person claiming to be the EFA official had replied back to the ERD the following day (November 25), acknowledging the rejection of the funds and sending revised invoices with instructions for payments to be deposited in a new bank account in Abu Dhabi, United Arab Emirates (UAE).The next day (November 26), a CBSL official had emailed the PDMO pointing out that the beneficiary address is not the address of Export Finance Australia. She had stated that this would be “a matter regarding AML” (Anti-Money Laundering). On the same day, JP Morgan Chase Bank in the US sent a global SWIFT alert to the CBSL regarding the rejection of a separate USD 3 million transaction, noting that the transaction had been flagged as suspicious. Yet, despite the return of funds, the internal warning regarding AML concerns and the alert by JP Morgan, the fund transfers were still carried out as instructed through the fraudulent emails.Five more fake invoices related to scheduled interest payments amounting to more than USD 420,000 had been sent in January this year, with the funds deposited in a foreign bank account on January 5 in line with the instructions given by cybercriminals via email.The fraud was finally uncovered on January 6, after an email containing fake payment details of an invoice made to look identical to one from India’s Exim Bank bounced back. This led to the discovery that cyber hackers had breached the computer system of the ERD. Both the CID and SL-CERT had been informed on January 9 to investigate the system, as the entire debt restructuring process was mainly conducted via electronic communications. It was when past electronic communications were being scrutinised that officials uncovered that the USD 2.5 million meant as a bilateral debt repayment to Australia had been fraudulently diverted to a third party. A formal complaint was subsequently lodged with the CID and the Financial Intelligence Unit (FIU) of the CBSL. On March 24, the Finance Ministry also appointed an internal Technical Investigation Committee headed by two deputy secretaries of the Treasury.The blame game between the Treasury and the CBSL has been ongoing ever since the cyber theft came to light. Much of the dispute relates to debt management authority and reporting obligations. The CBSL maintains that it acted solely as the banker to the government in processing debt repayments. Sources noted that the CBSL has also informed the Treasury that the provisions on reporting requirements contained in the Financial Transactions Reporting Act No. 6 of 2006 do not apply to the Central Bank. The Finance Ministry, by contrast, is of the view that the CBSL has not accorded adequate attention to transactions carrying potential Anti-Money Laundering (AML) concerns. The Ministry argues that the CBSL had not provided it with information that led to the identification of potential AML concerns regarding the fraudulent transaction. The Finance Ministry further claims that the CBSL has taken the position that disclosure of such information may impede the effective execution of government instructions and payment operations. The CBSL’s position is also that at the time the fraudulent transaction with regard to the USD 2.5 million took place, public debt management functions had already been taken over by the PDMO under the Treasury.Treasury sources, however, claim that repeated warnings were raised about incomplete regulations while the PDMO staff were being trained to take over debt management functions. In September 2025, for example, the Coordination Council confirmed PDMO’s readiness. However, the PDMO’s Director- General had stressed that necessary regulations must be established before the office can be fully operational. Nevertheless, by mid-October, the PDMO began handling auctions and debt servicing under CBSL supervision.The matter was raised in Parliament this week, when New Democratic Front (NDF) MP Ravi Karunanayake accused the CBSL on Friday of washing its hands off the entire matter by claiming the responsibility rests with the Ministry of Finance. He, however, observed that the CBSL cannot cease acting as the agent of the government in respect of the management of public debt until the President, in his capacity as Minister of Finance, issues an extraordinary gazette notification under the provisions of Section 132 of the Central Bank of Sri Lanka Act, No. 16 of 2023. That gazette notification was issued only on May 22, 2026, he pointed out, observing that, as such, the CBSL could not claim it does not bear responsibility.“This USD 2.5 million fraud is not a case of hacking. This is an instance where details were shared cordially and they (cybercriminals) were given all that they asked for without taking any follow-up action to verify the details,” the NDF MP charged.When Parliament and CoPF raised the matter with the CBSL Governor, he had basically replied that the Financial Transactions Reporting Act (FTRA) of 2006 does not apply to the CBSL. He noted that the Prevention of Money Laundering Act (PMLA) of 2006 led to the creation of the CBSL’s Financial Intelligence Unit (FIU).Under provisions of the FTRA and PMLA, anything that is looked at as having money laundering concerns must be reported to the FIU, Mr Karunanayake remarked. “Imagine the audacity of the Central Bank telling the Committee of Public Finance that it doesn’t basically need to comply with that!” said the MP. If this is the CBSL’s attitude, what is the purpose of the independence of the Central Bank? he asked.Addressing systemic weaknessesThe cyber theft of the USD 2.5 million in public funds was enabled by several systemic weaknesses, said a finance sector expert knowledgeable in the workings of the Treasury and the CBSL. The PDMO was pushed into operations before regulations were finalised, leaving gaps in oversight. CBSL raised concerns but ultimately ceded control under Treasury pressure. Internal AML warnings were suppressed, and international alerts from JPMorgan and the Federal Reserve Bank were ignored, he remarked. Fragmented accountability further weakened safeguards, as CBSL claimed exemption from reporting obligations under FTRA, leaving transactions unmonitored. Weak cybersecurity controls allowed manipulated invoices and fraudulent payment instructions to pass through unchecked, the source added.The loss of the funds was not simply a cyber-incident but a multi-layered failure. A rushed institutional transition weakened safeguards, regulatory gaps left transactions outside oversight, and CBSL–Treasury disputes created accountability blind spots, the expert opined. Fraudulent instructions exploited weak controls, resulting in financial loss and reputational damage.The incident underscores the need for reforms across several dimensions, he emphasised. “Cybersecurity must be strengthened with mandatory verification protocols for foreign debt repayments and authentication of invoices and beneficiary accounts,” he asserted. Additionally, governance mandates between CBSL and PDMO must be clarified to avoid overlap, and regular reporting to CoPF should be institutionalised. Regulatory oversight requires amendments to the Finance Business Act to broaden the definition of deposits and ensure CBSL is subject to AML/CFT (Anti-Money Laundering and Countering the Financing of Terrorism) reporting obligations, the source noted. International coordination should be formalised with foreign banks and regulators, and a joint Treasury–CBSL crisis response unit should be established for cross-border payments.Finally, no system can succeed without human capital reform, he pointed out. Debt management requires not only technology but also skilled professionals. Recruitment processes must be modernised to attract the most talented individuals, including those with private sector experience, since market operations are often more familiar to private sector practitioners. Continuous training, international exposure, and structured succession planning must be embedded into the Treasury and PDMO, ensuring that institutional memory is preserved and expertise is constantly renewed. “Politically motivated favouritism and arbitrary transfers will harm the continuity and quality of the process and system; clear guidelines, operational procedures, and instructions are therefore critical to safeguard professionalism. A good rapport with domestic markets and international organisations must also be cultivated, since credibility depends on trust and engagement with stakeholders.”Above all, learning from past mistakes is essential, he stressed. Reforms must be designed not only to correct current weaknesses but also to prevent their recurrence, embedding resilience into both institutions and individuals. “Building a culture of professionalism, integrity, and adaptability is therefore as important as technological upgrades, and without it, even the most advanced systems will fail.”Leadership is central to this transformation: higher officials and political authority must provide clear direction, enforce accountability, and embody professionalism to drive reforms forward, said the source. “The gravity of this fraud cannot be overstated — it claimed the life of an officer, a stark reminder that failures in governance carry human as well as financial costs,” the expert stressed, pointing to the suicide of one of the ERD officials who had been interdicted over the incident. “This must be treated as a turning point. Continuity must be safeguarded by clear procedures and integrity, trust with markets and international partners must be rebuilt, and lessons from past failures must be absorbed. Above all, reforms must be pursued with seriousness and resilience so that such a tragedy is never allowed to repeat, and no officer, no institution, and no citizen ever again pays with their life for failures in governance,” the source stressed.The CBSL, no doubt, will be providing a counter to the Finance Ministry’s report to CoPF in the coming days. As the blame game on who is responsible continues, questions will inevitably be asked as to how those in authority can guarantee the security of public funds. Passing off blame to someone else while trying to completely absolve oneself of responsibility is an unfortunate sign that lessons from the previous incident have not been learnt.

நிதி உதவி வழங்க !

இணைப்புகள்

இதழ்கள்

தலைப்புகள்

Israeli attack on Beirut shows US lacks will or ability to meet commitments: Qalibaf

சென்ற வாரம் இலங்கை-சண்டே ரைம்ஸ்

Israel hits southern Lebanon

அண்மைப் பதிவுகள்

செய்திகள்

செய்தி

About

எங்களை தொடர்பு கொள்ள

eelamnewsbulletin@googlemail.com