Swift, the interbank messaging system that hackers used to steal$81 million from Bangladesh last year, is developing apayment-screening service that will allow small member banks toautomate the flagging of suspicious payments.

The new service is part of a series of measures from theSociety for Worldwide Interbank Financial Telecommunication todefend against cyberattacks that aim to fraudulently use banks'connections to the messaging system. It will place a “red flag” onpayment messages that appear risky and spot anomalies, providereal-time alerts and allow customers to put a hold on unusualmessages, the cooperative said in an emailed statement onTuesday.

Swift aims to begin offering the service by early 2018. Itsprice will depend partly on how many banks adopt it, thecooperative said.

After initially responding to the Bangladesh hack by saying thatits member banks were responsible for their own security, Swiftrolled out a series of security programs and procedures over thelast year, including a requirement that members share moreinformation about security incidents. Other measures have requiredmember banks to install new equipment or software so that all ofthem would have improved defenses.

Big banks have largely complied, and most already had systems inplace to spot suspicious transaction requests. But getting somesmaller member banks to install these systems has been a challengefor Swift, which said it would begin to report securityshortcomings to regulators. The difference this time is that theanti-fraud service will be hosted by Swift. Banks will be able touse it without having to install any new hardware or software.

Luc Meurant, head of financial crime compliance services atSwift, said the new measures were meant to complement securitysystems already in place at member banks. “We need to assume thatattacks will get increasingly sophisticated, so you need multiplelayers of protection,” he said.

Bangladesh Heist

The payment screening service is initially meant for smallerfinancial institutions and central banks, Swift said. In February2016, hackers exploited the Swift connection of the central bank ofBangladesh to request that funds be transferred from its account atthe Federal Reserve Bank of New York. Similar cyberattacks have hitbanks in countries including Ecuador and Vietnam.

Swift has been under increasing pressure to fortify its systemsto prevent future cyber robberies. Swift has relied on the trustwithin its network to cement its effective dominance of theinternational payments system over the past four decades. If thattrust erodes, it could spell trouble for the cooperative.

“The new payment controls service is a direct response to ourcommunity's request for additional services to complement andstrengthen existing fraud controls,” Swift Chairman Yawar Shah saidin the statement.

Bloomberg News

Copyright 2018 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.