Growing public concern over the reported Rs. 13.2 billion fraud linked to NDB Bank has intensified calls for the Central Bank of Sri Lanka to initiate independent forensic audits covering all banks and finance companies operating under regulatory supervision.
The controversy surrounding the alleged fraud at NDB Bank has triggered broader concerns regarding the effectiveness of internal controls, audit mechanisms, cyber security systems, and regulatory oversight within Sri Lanka’s financial sector. While NDB Bank has stated that customer deposits were not directly impacted and that immediate corrective measures were taken, the scale of the reported exposure has unsettled many depositors and raised wider questions about systemic vulnerabilities across the banking industry.
Public attention has now shifted beyond a single institution, with depositors and financial observers increasingly questioning whether similar weaknesses may exist within other licensed commercial banks and finance companies operating in Sri Lanka. Concerns have particularly focused on rapid digital banking expansion, online fund transfers, automated payment systems, treasury operations, offshore transactions, and the growing complexity of electronic financial infrastructure used across the sector.
Financial observers reviewing annual reports and financial disclosures of several major banks have also pointed to a number of 
Red Flags (As given below) that they believe require closer regulatory scrutiny and independent forensic evaluation. Among the concerns raised are unusually rapid growth in loan books and balance sheets within short periods, significant increases in customer deposits and digital transaction volumes, declining liquidity buffers despite rising profitability, weakening capital adequacy indicators, and aggressive expansion into high-risk lending sectors.
Analysts have also highlighted concerns regarding sharp reductions in reported impaired loan ratios during periods of aggressive lending growth, raising questions over loan restructuring practices, asset classification methodologies, impairment provisioning, and the possibility of stressed exposures being shifted or reclassified. Others have noted that rapid expansion in SME lending, offshore banking, wealth management, treasury operations, and foreign currency transactions may increase exposure to concentration risks, connected-party lending, and fund flow vulnerabilities if not subjected to enhanced oversight.
Additional concerns have emerged regarding the growing use of artificial intelligence, automated lending systems, fast-track credit approvals, digital onboarding platforms, and fully integrated online banking ecosystems. Financial analysts warn that rapid technological transformation, while improving efficiency, may also increase exposure to cyber fraud, unauthorised transactions, system override risks, identity manipulation, and internal control failures if governance and monitoring systems fail to keep pace.
Observers have further noted that several banks have experienced substantial deterioration in liquidity coverage ratios and funding stability indicators while simultaneously reporting strong profitability and rapid credit growth. According to analysts, such disparities do not necessarily indicate wrongdoing but may warrant deeper forensic examination into treasury management practices, funding structures, risk-weighted asset calculations, and stress management frameworks.
Separate reports relating to cyber intrusions, treasury-related digital systems, and electronic financial infrastructure have further intensified fears about the resilience of Sri Lanka’s wider financial ecosystem. Financial sector observers caution that public confidence remains the foundation of any banking system, and that failure to address emerging concerns transparently could undermine trust across the entire financial sector.
Against this backdrop, depositors are now urging the Central Bank to expand its response beyond NDB Bank and initiate a comprehensive, industry-wide forensic review covering all licensed commercial banks, specialised banks, registered finance companies, and electronic payment platforms operating under its supervision.
Many depositors believe that only a transparent and independent forensic audit process can restore confidence in Sri Lanka’s financial system and reassure the public that adequate safeguards exist to protect depositor funds and maintain financial stability.
Financial analysts have meanwhile called for stronger regulatory reforms, including enhanced cyber security standards, real-time transaction monitoring systems, stricter disclosure obligations for operational losses and fraud incidents, tighter supervision of digital banking platforms, stronger scrutiny of rapid loan growth and liquidity movements, and greater accountability for boards of directors, audit committees, and senior management.
What began as an investigation into a single fraud allegation has now evolved into a wider national debate concerning banking governance, institutional accountability, financial transparency, cyber resilience, and the effectiveness of regulatory supervision within Sri Lanka’s banking and finance sector.
