CoPF to review $ 2.5 m Treasury cyber theft report next week

Saturday, 6 June 2026 00:47 - - {{hitsCtrl.values.hits}}

The report into the $ 2.5 million cyber theft involving Sri Lanka’s sovereign debt repayment process has been submitted to the Committee on Public Finance (CoPF), with lawmakers set to scrutinise the findings next week amid continuing questions over internal controls and reporting failures within the Treasury.

CoPF Chairman Dr. Harsha de Silva informed the Committee on Thursday that copies of the report had been distributed among members for review ahead of a planned discussion with Treasury officials.

The Committee is expected to examine the findings before summoning Treasury Secretary Dr. Harshana Suriyapperuma next week to explain the circumstances surrounding the incident, which has emerged as one of the most significant cyber-related breaches affecting the Government’s public finance management systems in recent years.

The report was submitted to Parliament after concerns arose over its delivery, with Dr. de Silva reportedly declining an attempt to hand it over at his private residence, noting that it had been requested in his official capacity as Chairman of CoPF under Parliament’s oversight mandate.

Disclosures before Parliament and the CoPF have revealed that the loss stemmed from 10 debt repayment transactions intended for Export Finance Australia that were diverted to unauthorised accounts through what authorities have described as a cyber fraud involving manipulated payment instructions.

The transactions occurred over four separate payment dates between November 2025 and January 2026. They comprised three invoices totalling $ 713,757 on 14 November, a further $ 377,660 on 28 November, five invoices totalling $ 420,210 on 5 January, and a final payment of $ 997,799 on 29 January.

The CoPF is expected to determine its next course of action after reviewing the report and hearing further evidence from Treasury officials next week.