Bilaal Lookman, a first-year law student of Sri Lankan origin, has been elected as a municipal councillor in France at the age of 18.

He secured a seat on the city council of Guyancourt, located on the outskirts of Paris, after contesting in the recent municipal elections—where he also cast his vote for the first time.

Born in November 2007 to a family with roots in Mannar and Jaffna, Lookman is among the youngest elected officials in France.

He developed an early interest in public affairs, gaining experience through internships in the offices of a Member of Parliament, a former Minister of Education, and the mayor of his town during his mid-teens.

Lookman has also engaged with senior political figures and diplomats, while actively participating in community service from a young age through local youth councils and volunteer work with a food-aid organisation.

The Ministry of Defence has announced the implementation of a special island-wide security programme to ensure a safe and peaceful environment during the Sinhala and Tamil New Year season.

The initiative has been launched under the direction of Defence Secretary Air Vice Marshal Sampath Thuyacontha, with the joint involvement of the Tri-Forces, Sri Lanka Police, and intelligence agencies.

According to the Ministry, the coordinated security plan will cover a range of events taking place across the country, including festivals, musical shows, and religious activities during the festive period.

A special joint operations room has also been established at Police Headquarters in Colombo, staffed by Tri-Forces officers. The centre is tasked with enhancing coordination among security agencies, improving information sharing, and ensuring rapid response to any emergency or security situation.

Members of the public can reach the operations room via the following contact details:
Telephone: 011-2013051 / 011-2027148 / 011-2027149 / 011-2430912
Email: [email protected]

The Ministry of Defence has urged the public to cooperate with security forces and law enforcement authorities to help maintain a safe and secure environment for all during the New Year celebrations.

The Central Bank of Sri Lanka (CBSL) has assured the public that National Development Bank PLC (NDB) remains financially stable, following the recent disclosure of an internal fraud incident.

In a statement issued on Friday, the CBSL said it has been closely monitoring the situation and confirmed that NDB continues to maintain capital and liquidity levels well above the minimum regulatory requirements.

The Central Bank emphasised that the incident has had no impact on customer accounts or deposits, which remain safe and secure.

CBSL further noted that it is maintaining continuous engagement with the bank and other relevant stakeholders to assess developments.

The regulator also affirmed its readiness to take any necessary measures to safeguard the stability of the bank and protect the interests of depositors.

Showers or thundershowers will occur at several places in Western, Sabaragamuwa, North-western, Southern and Uva provinces and in Anuradhapura, Mannar, Kandy and Nuwara-Eliya districts after 2.00 p.m.

Mainly dry weather will prevail over the other parts of the island.

Misty conditions can be expected at some places in Central, Sabaragamuwa and Uva provinces during the early hours of the morning.

The general public is kindly requested to take adequate precautions to minimize damages caused by temporary localized strong winds and lightning during thundershowers.

On the apparent northward relative motion of the sun, it is going to be directly over the latitudes of Sri Lanka during 05th to 15th of April in this year. The nearest areas of Sri Lanka over which the sun is overhead today (11th) are Pomparippu, Anuradhapura, Mihinthale, Galenbindunuwewa, Agbopura and Serunuwara about 12:11 noon.

Artemis II’s four astronauts made a dramatic return to Earth on Friday, splashing down in the Pacific Ocean and marking the end of humanity’s first crewed lunar mission in more than 50 years.

Commander Reid Wiseman, pilot Victor Glover, mission specialists Christina Koch and Canada’s Jeremy Hansen reentered Earth’s atmosphere aboard the Orion capsule Integrity at speeds of up to Mach 33. The high-speed descent, reminiscent of NASA’s Apollo era, tested the spacecraft’s heat shield as temperatures soared during reentry and communications temporarily blacked out.

Mission Control closely monitored the tense six-minute blackout period before parachutes deployed successfully, slowing the capsule to a safe splashdown speed. Recovery teams aboard the USS John P. Murtha were on standby off the coast of San Diego. Officials confirmed a “perfect bull’s-eye splashdown,” signaling a successful conclusion to the mission.

Launched on April 1, Artemis II did not land on the moon but achieved several historic milestones. The crew traveled farther from Earth than any humans before, surpassing the Apollo 13 record by reaching a distance of over 252,000 miles. During the flyby, the astronauts captured unprecedented views of the moon’s far side and witnessed a total solar eclipse, describing the experience as unforgettable.

The mission also echoed iconic moments from past lunar expeditions, including imagery similar to the famous “Earthrise” photograph taken during Apollo 8. The crew’s journey drew global attention and praise from world leaders and public figures.

Despite minor technical issues involving onboard systems, the astronauts completed the nearly 10-day mission successfully. Artemis II serves as a critical test flight for NASA’s broader Artemis program, which aims to establish a sustained human presence on the moon.

Future missions are already in planning, with Artemis III expected to test docking procedures in Earth’s orbit and Artemis IV targeting a crewed lunar landing near the moon’s south pole later this decade.

By : Nalinda Indatissa (President’s Counsel)

The rapid digitalisation of banking has fundamentally transformed the manner in which financial institutions operate, while simultaneously exposing them to sophisticated forms of internal and external fraud. Among these, internal IT fraud—perpetrated by employees within the bank’s own technological infrastructure—presents a particularly serious legal and regulatory challenge. Such fraud is often facilitated by privileged system access, technical knowledge, and the ability to circumvent internal controls.

In this context, the question of liability assumes critical importance, especially in determining whether the bank, as an institution, bears responsibility for the acts of its employees. The resolution of this issue depends not only on traditional legal doctrines such as vicarious liability and contractual obligations, but also on a detailed examination of the bank’s internal governance systems, supervisory mechanisms, and the degree of diligence exercised in preventing and detecting such misconduct, as measured against binding regulatory standards.

Vicarious Liability

The foundational principle governing institutional responsibility in cases of internal fraud is that of vicarious liability. Under this doctrine, an employer is held liable for wrongful acts committed by its employees in the course of their employment. In the banking context, where IT personnel are entrusted with access to critical systems, any misuse of such authority—even for fraudulent purposes—may fall within the scope of employment if it is sufficiently connected to the functions assigned to the employee. Courts are generally inclined to hold that where the employment relationship has materially enabled the commission of the fraud, the bank cannot disclaim responsibility merely on the basis that the act was unauthorized or criminal in nature.

Non-Delegable Duty of Care

Banks owe a high and non-delegable duty of care to their customers to ensure the safety of funds and the integrity of transactional systems. This duty arises from both the fiduciary nature of the banker–customer relationship and the inherent risks associated with financial intermediation. Consequently, a bank cannot evade liability by attributing wrongdoing solely to rogue employees. The obligation to maintain secure systems, enforce controls, and ensure proper supervision remains with the institution at all times.

Contractual Liability

The relationship between a bank and its customer is fundamentally contractual. One of the core obligations of the bank is to honour only those transactions that are properly authorized by the customer. Where internal IT fraud results in unauthorized debits or transfers, the bank is prima facie in breach of contract. The burden then shifts to the bank to demonstrate that it exercised due care and that the loss did not arise from any deficiency in its systems, supervision, or internal controls.

Assessment of Institutional Diligence

The determination of whether a bank has acted diligently is central to the allocation of liability. Courts apply an objective standard, often described as the “reasonable bank” test, assessing whether the institution has acted in accordance with the practices expected of a prudent and well-regulated bank. In the contemporary regulatory environment, this assessment is no longer confined to general industry practice but is increasingly anchored in compliance with binding regulatory directions, particularly those governing technology risk management and resilience.

Regulatory Benchmark for Diligence

In Sri Lanka, Banking Act Directions No. 16 of 2021 (as amended by Directions No. 5 of 2023) establishes a comprehensive and legally binding framework for technology risk management. These Directions require licensed banks to implement structured governance, risk assessment, and control mechanisms in respect of all technology-driven operations. Accordingly, the concept of a “reasonable bank” must be understood in light of these mandatory standards. A failure to comply with such Directions—whether by omission of required processes or inadequate implementation—may constitute direct evidence of a lack of institutional diligence.

Supervisory Framework and Board Oversight

The Directions expressly impose ultimate responsibility for technology risk management on the board of directors. The board is required to define the bank’s IT strategy, ensure the establishment of effective governance structures, and oversee the implementation of risk management frameworks. This includes ensuring that adequate supervisory mechanisms exist at all operational levels, supported by escalation protocols for reporting irregularities. The absence of active and informed board oversight is therefore not merely a governance lapse but a breach of regulatory obligation.

Risk Assessment and Internal Capital Adequacy
The regulatory framework mandates that technology risk be integrated into the Internal Capital Adequacy Assessment Process (ICAAP), ensuring that banks maintain sufficient capital to absorb potential losses arising from technology-related incidents. In addition, banks are required to conduct periodic Risk and Control Self-Assessments (RCSA) in respect of technology-driven products and services. A failure to conduct such assessments, or to act upon their findings, may indicate that foreseeable risks were neither identified nor mitigated.

Segregation of Duties, Authorization and Supervision Levels

One of the most critical safeguards against internal fraud is the strict segregation of duties. A prudent bank must ensure that the functions of system development, system administration, transaction initiation, authorization, and review are separated among different individuals or departments. Multi-level authorization protocols must be implemented, particularly for high-value or sensitive transactions. Equally important is the separation between those who execute transactions and those who supervise or audit them. Any concentration of power in a single individual or unit is likely to be viewed as a serious lapse in internal control and inconsistent with regulatory expectations.

Access Control and Periodic Review

The Directions impose specific obligations in relation to user access management. Banks are required to conduct periodic reviews of access privileges, including quarterly reviews for critical systems and regular reviews for non-critical systems. Administrative privileges must be strictly controlled, and all access must be subject to logging and independent review. A failure to implement or document such reviews may be treated as clear evidence of deficient control systems.

Documentation and Record-Keeping

A well-governed bank must maintain comprehensive and contemporaneous documentation of its IT governance and operational activities. This includes IT policies, standard operating procedures, access logs, audit trails, system change records, incident reports, and minutes of meetings of relevant committees. Documentation serves not only operational purposes but also evidentiary functions in legal proceedings. The inability to produce records demonstrating compliance with regulatory requirements may give rise to an adverse inference against the bank.

Monitoring, Reporting and Incident Escalation
The regulatory framework requires banks to establish structured monitoring and reporting mechanisms. Suspicious activities, system anomalies, and control breaches must be promptly identified and escalated. Importantly, cybersecurity incidents and technology-related breaches must be reported to the supervisory authorities in accordance with prescribed timelines, including reporting to the Bank Supervision Department under applicable circulars. Failure to comply with such reporting obligations may aggravate liability and suggest an attempt to conceal or downplay systemic weaknesses.

Whistleblowing and Internal Reporting Mechanisms

A robust whistleblowing framework is an essential component of effective governance. Employees must be provided with secure and confidential channels to report suspected misconduct. The effectiveness of such mechanisms is relevant to the assessment of whether the institution fostered a culture of accountability and transparency. The absence of such systems, or their ineffective implementation, may be viewed as contributing to the persistence of internal fraud.
Internal Audit and Independent Review
The Directions require that the internal audit function independently assess the effectiveness of technology risk management on a regular basis, including annual reviews of compliance. Audit findings must be reported to the board and acted upon without delay. A failure to implement audit recommendations or to address identified vulnerabilities is often treated as compelling evidence of negligence.

Third-Party Risk Management
Banks are also required to manage risks associated with outsourced technology services. This includes ensuring that third-party service providers adhere to equivalent standards of security and control. Liability cannot be avoided by outsourcing critical functions; the bank remains ultimately responsible for risks arising from such arrangements.
Liability of the Board of Directors
In addition to institutional liability, the conduct of the board of directors is subject to heightened scrutiny in light of express regulatory obligations. The Directions clearly place ultimate responsibility for technology risk management on the board, thereby imposing a positive duty to ensure compliance with all prescribed requirements, including RCSA processes, access reviews, incident reporting, and audit oversight. Directors are required to exercise informed judgment, actively engage with risk issues, and ensure that adequate systems of control are in place and functioning effectively. A failure to do so—whether through inaction, lack of inquiry, or disregard of known risks—may constitute a breach of fiduciary duty. In appropriate cases, such failures may expose directors to regulatory sanctions, personal liability, or disqualification, particularly where their conduct has materially contributed to the occurrence or continuation of fraud.
Post-Incident Conduct and Remedial Action
The conduct of the bank after the discovery of fraud is also relevant. A diligent institution is expected to act swiftly to contain the incident, secure systems, preserve evidence, notify regulators, and mitigate customer loss. Prompt corrective action and transparency may mitigate liability, whereas delay or concealment may aggravate it.
Conclusion
In cases of internal IT fraud, liability will ordinarily attach to the bank due to the combined operation of vicarious liability, contractual obligations, and the non-delegable duty of care owed to customers. However, the determination of liability is now firmly grounded in compliance with binding regulatory standards, particularly those contained in Banking Act Directions No. 16 of 2021 (as amended). These Directions provide a clear and objective benchmark for assessing institutional diligence. Where a bank fails to implement the required governance structures, risk assessments, access controls, reporting mechanisms, and audit processes, the resulting fraud is likely to be viewed not merely as the act of rogue employees, but as the consequence of systemic and regulatory failure. In such circumstances, liability may extend beyond the institution to its governing body, reinforcing the central role of the board in ensuring technological integrity and accountability.

Sri Lanka’s post-disaster recovery from Cyclone Ditwah is losing momentum, with tens of thousands still unable to return home despite an expanded humanitarian response, according to the United Nations Office for the Coordination of Humanitarian Affairs.

More than 149,000 people remain displaced weeks after the cyclone, highlighting a shift from emergency response to a more complex, prolonged recovery phase. While initial displacement figures peaked at over 233,000, the decline has been uneven, with many affected families now living in temporary or informal arrangements rather than organised shelters.

Humanitarian efforts under the national priority plan have reached over 291,000 individuals across all districts, supported by dozens of aid organisations. However, the nature of displacement is evolving. Instead of large-scale camps, families are increasingly scattered staying with relatives or in makeshift housing making assistance delivery more difficult and less visible.

Shelter remains a critical concern. Although the number of official safety centres has dropped significantly, hundreds of families still depend on them, particularly in vulnerable districts such as Badulla, Nuwara Eliya, and Kegalle. Authorities are now transitioning some communities to tent-based accommodation, a move that underscores the absence of long-term housing solutions.

 A key bottleneck is the slow pace of resettlement approvals. The National Building and Research Institute is struggling to keep up with demand for hazard assessments required before families can safely return or rebuild. Without these clearances, reconstruction remains stalled, prolonging uncertainty for affected communities.

Meanwhile, the Government has attempted to streamline compensation through updated guidelines, consolidating multiple relief schemes. Financial assistance has also been extended to the agricultural sector, with significant grants allocated for replanting key crops such as tea, rubber, and coconut.

Despite these efforts, funding constraints continue to hamper recovery. A substantial gap remains in the overall humanitarian budget, leaving critical sectors like health, nutrition, and early recovery under-resourced.

The disasters scale affecting over 2.2 million people and causing widespread destruction—means recovery will likely stretch over months, if not years. As the immediate crisis fades, the challenge now lies in sustaining support and ensuring that displaced populations are not left behind in a slow and uneven rebuilding process.

The United States is signalling a strategic shift in its economic relationship with Sri Lanka, calling for a more balanced and reciprocal trade framework as the island emerges from its recent financial crisis. The message, delivered at a CEO forum hosted by the American Chamber of Commerce in Sri Lanka, reflects growing optimism but also rising expectations from US stakeholders.

Speaking at the event, Zachary Bailey highlighted a notable turnaround in investor sentiment. According to him, American businesses operating in Sri Lanka are significantly more confident than in previous years, describing the current outlook as one of “cautious optimism.”

However, this improved sentiment comes with clear conditions. The United States is now encouraging Sri Lanka to move beyond traditional trade dynamics, where developing economies benefited from asymmetric access to developed markets. Instead, Washington is advocating for a more reciprocal model one that includes increased imports of US goods and stronger bilateral investment flows.

 The imbalance is evident in current trade figures. The US remains Sri Lanka’s largest export destination, accounting for approximately $3 billion of total exports in 2025. Yet, US exports to Sri Lanka and investment inflows remain comparatively limited, with American foreign direct investment representing only a small fraction of total FDI.

US officials believe this gap presents an opportunity. Expanding imports of American products—ranging from agricultural goods to industrial machinery and pharmaceuticals—could help rebalance trade while strengthening economic ties.

At the same time, Sri Lankan companies are being encouraged to look outward. The US is actively promoting inbound investment from Sri Lanka, signalling openness to deeper corporate linkages and cross-border expansion.

Despite the positive tone, structural challenges remain a key concern. US investors continue to prioritise regulatory stability, transparent tax policies, efficient customs procedures, and overall ease of doing business. Without progress in these areas, Sri Lanka risks losing momentum in attracting high-quality foreign investment.

Long-term predictability is especially critical. Investors are increasingly focused on whether policies can remain consistent over five to ten years an essential requirement for large-scale capital commitments.

The message from Washington is clear: while Sri Lanka’s recovery has reopened doors, the next phase will depend on whether it can align with evolving global trade expectations and deliver a more predictable, investor-friendly environment.

Sri Lanka’s energy sector is grappling with the fallout of substandard coal imports, as confirmed by the National Audit Department and acknowledged by Anura Kumara Dissanayake in Parliament.

The President emphasized that the core issue lies not in the tender process but in suppliers failing to meet required coal quality standards. However, the audit paints a broader picture one of systemic weaknesses spanning procurement, oversight, and verification processes.

At the center of the crisis is the Lakvijaya Power Plant, a facility responsible for 30–40% of Sri Lanka’s electricity generation. The plant requires approximately 2.25 million metric tons of coal annually, making consistent quality essential for stable output.

Instead, poor-quality coal has led to reduced generation capacity. While the plant is designed to produce around 900 MW, actual output has fallen to roughly 810 MW after internal consumption. Daily fluctuations further highlight the instability, with some units producing significantly below expected levels.

This shortfall has forced authorities to turn to alternative power sources, including diesel generation, significantly increasing operational costs. The President warned that while these costs will be recovered from suppliers where possible, the broader financial burden could reach Rs. 32 billion over a three-month period.

The audit’s estimated Rs. 2.24 billion loss reflects direct inefficiencies from increased coal consumption. However, the wider economic impact including reliance on costlier energy sources has pushed total coal-related losses to around Rs. 7 billion.

To mitigate the crisis, the Government has withheld payments and imposed steep penalties on suppliers. In one instance, the price of coal was reduced from $98 per tonne to $34 under penalty provisions. Legal action remains on the table for non-compliant companies.

Despite these measures, the situation underscores deeper structural issues. Recurring audit findings from 2016 and 2022 had already warned of weaknesses in procurement and quality control—warnings that appear to have gone largely unaddressed.

As Sri Lanka navigates ongoing energy challenges, the coal procurement crisis serves as a stark reminder: without strict oversight and accountability, failures in supply chains can quickly escalate into national-level economic and energy disruptions.