Sri Lanka's Digital Shield: How Drona Pay Facilitates Banks in Adhering to CBSL's New Standards for Reporting Fraud and Incidents

Sri Lanka's digital economy is at a crossroads.

As mobile banking and digital payments expand at a rate unprecedented before, the Central Bank of Sri Lanka (CBSL) is sharpening its attention to one key area — fraud management and cyber resilience.

From the Baseline Security Standard for Information Security Management to the latest Circular No. 2 of 2025 (on IT and Cybersecurity Incident Reporting), the CBSL is raising the bar on digital security.

All licensed banks and Payment Service Providers (PSPs) have now to ensure real-time detection, swift reporting, and unyielding system integrity.

At Drona Pay, our cloud-native, real-time risk platform enables Sri Lankan financial institutions to move beyond rudimentary compliance — making fraud defense a fundamental cornerstone of operational resilience.

1. Protecting Mobile Devices and Apps — Adhering to CBSL PSD Guidelines

CBSL's PSD Guideline No. 1 of 2020 places stringent requirements on the security of payment apps — requiring banks to block access from rooted or jailbroken phones, identify emulators, and erase sensitive data following log-off.

How Drona Pay Assists:

Our platform implements device and session integrity in real time:

Emulator & Root Detection: Blocks transactions from compromised or emulated devices — completely CBSL-compliant.

Session Monitoring: Monitors log and session activity to detect anomalies such as multiple logins or brute-force attacks.

Behavioral Biometrics: Introduces a fourth, invisible layer of identity proofing by monitoring how users type, swipe, and move — providing greater protection from Account Takeover (ATO) and social engineering scams than regular MFA on its own. 

This ensures that each and every session is secure, authenticated, and compliant — from log-in through log-out. 

2. Real-Time Anomaly Detection and Scam Mitigation

CBSL’s Circular No. 2 of 2025 requires that digital scams and cyber incidents be reported within two hours of detection. That means institutions need not just monitoring — but real-time intelligence.

How Drona Pay Helps:

Our AI-powered Transaction Monitoring Engine delivers speed and accuracy where it matters most:

AI-Driven Anomaly Detection: Uses machine learning and configurable rules to instantly flag unusual behavior based on transaction velocity, value, and location.

Mule and Scam Detection: Using Graph Network Analysis, Drona Pay follows layered money flow and mule accounts — pre-empting fraud rings before money goes missing from the system.

This real-time detection functionality provides compliance teams with visibility and accuracy to act — and report — in real time.

3. Rapid, Auditable Incident Reporting — Satisfying CBSL Circular No. 2/2025

CBSL requires two vital reporting windows:

Immediate Report — within two hours of detection of incident

Comprehensive Report — within 14 days, outlining the nature, extent, and closure

How Drona Pay Assists:

Our Case Management and Regulatory Analytics integration simplifies compliance:

Instant Logging: All alerts, anomalies, or authenticated frauds are logged automatically with timestamp, impact, and impacted customer.

Case Management System: Centralizes investigations and escalations while ensuring an end-to-end audit trail — so the right teams respond at the right time.

Regulatory Analytics: Delivers ready-to-file reports compliant with CBSL standards, such as in-depth incident types (phishing, social engineering, credential theft), financial loss, and remediation steps.

The platform's analytics also aid banks annually with their Technology Risk Assessment — achieving circle-of-compliance and ongoing improvement.

4. Establishing Trust in Sri Lanka's Digital Future

With Sri Lanka fast-tracking to a completely digital banking environment, compliance and trust are turning into strategic strengths.

With Drona Pay, banks don't only comply with CBSL regulations — they instill resilience, transparency, and customer trust in a rapidly changing threat environment.

Compliance shouldn't merely be about reporting breaches — it should be about stopping them.