Opinion
A Thorium-based path to Sri Lankan energy sovereignty
Sri Lanka’s National People’s Power (NPP) government plans to phase out coal and embrace nuclear power in its 2025–2044 energy strategy. Although it is capital-intensive, the government views nuclear energy as essential for achieving net-zero emissions by 2050. It targets 70% renewables, nuclear supplementation, and a 500 MW HVDC interconnection by 2030. Legal frameworks are pending, while public engagement and long lead times remain key challenges.
Building on earlier approval from March 2024, a Cabinet Paper proposes three 900 MW nuclear plants funded by private investors. Vendors from Russia, China, France, Denmark, USA, and Canada have submitted proposals. (See Table 1)
Despite improved nuclear safety, risks persist—human error, technical failures, and natural disasters can cause severe accidents. Given Sri Lanka’s vulnerability to tsunamis, floods, and climate impacts, the legacy of Fukushima highlights heightened long-term consequences. Dense population levels and coastal siting raise concerns over displacement, ecosystem damage, and socioeconomic disruption. Nuclear plants near tourist hubs may deter visitors, harming vital revenue. Even rare incidents risk contaminating farmland and water, threatening exports and food security. These challenges underline the critical need for careful planning, legal safeguards, and public engagement.
Long-term management of radioactive waste from conventional nuclear reactors, given its longevity, adds to both risk and cost. The need to import uranium means reducing Sri Lanka’s energy security and sovereignty.
However, Sri Lanka holds identified sources of over 4,000 tonnes of thorium—a resource once seen as unusable for energy. Thorium is now gaining traction through China’s TMSR-LF1, a 2 MW prototype that completed a year of full-power operation in June 2024. Thorium molten salt reactors (TMSRs) dissolve fuel in liquid salts, enabling safer, scalable, and more sustainable nuclear power. Operating at atmospheric pressure with passive safety systems, they eliminate steam explosion risk and generate minimal long-lived waste. Uranium-233 from thorium is hard to weaponise, due to uranium-232’s gamma radiation. These reactors achieve up to 98% fuel utilisation and use air cooling, bypassing freshwater demands.
Nevertheless, TMSRs come with some caveats: thorium needs a fissile partner (typically uranium-235 or uranium-239) to initiate and maintain the chain reaction necessary for power generation; online reprocessing is essential; handling uranium-232 decay products requires heavy shielding; fluoride salts are corrosive; and reactor control is more complex. Most nuclear agencies lack regulatory frameworks for licencing MSRs, which slows deployment.
Still, the technology’s promise overshadows these challenges. Thorium MSRs are not speculative—the USA deployed a pilot plant in 1965 but closed it down four years later since it could not be weaponised. China’s recent success, Denmark’s push for containerised reactors by 2028, and India’s ongoing roadmap emphasise a global momentum that Sri Lanka can join. (See Table 2)
Despite its advantages, thorium remains underused commercially due its disadvantages: vendors favour bankable uranium designs familiar to regulators, while thorium reactors require new licencing and complex fuel handling; regulatory frameworks are tailored to uranium, leaving gaps for molten salt technology; thorium needs conversion to uranium-233 and shielding against gamma emissions from uranium-232.
Yet, if Sri Lanka pursues conventional nuclear options, it will forfeit energy sovereignty. Thorium is domestically available, offering cleaner power, reduced import dependency, and greater resilience against global fuel market volatility and geopolitical risks. The question is whether we embrace innovation or cling to the familiar.
Thorium in Sri Lanka is found mainly in alluvial deposits, beach sands, and heavy mineral placers, with key sites in Galle, Balangoda, Pulmoddai, Kondrugala, and gem-rich soils in Sabaragamuwa. Monazite-rich stream sediments exist along the Bentota River; Mannar deposits are less prominent. Further exploration could reveal more viable sources. Although unextracted today, the Geological Survey operated a pilot plant from the 1950s to the 1970s.
Sri Lanka’s 4,000 tonnes of thorium could support a 127 MW molten salt reactor for 40 years (90g of thorium producing 1 MWh). About 6.6% of current generation, it could contribute to uninterrupted baseload power, and ensure supply to roughly three million high-consumption households.
The Asia Progress Forum proposes the Sri Lanka Thorium Energy Initiative (STEI), deploying 120 MW of modular molten salt reactors (MSRs) by 2050, using domestic thorium to advance energy independence, climate resilience, and innovation. This strategy enhances energy security by reducing fossil fuel imports, lowering costs, and diversifying supply. MSRs offer near-zero emissions, minimal waste, and passive safety. Their air-cooled design supports seawater desalination and industrial byproducts. Modular deployment suits Sri Lanka’s geography, enabling distributed generation, rural electrification, and grid resilience. Standardised modules improve operability and reduce staffing needs. Strategically, Sri Lanka could attract climate finance and become a regional nuclear leader.
Following the IAEA’s 2024 safety review, Pulmoddai was identified as the most suitable site due to geological stability and proximity to mineral sands, ports, and transmission lines. It supports desalination, salt production, and chemical synthesis. Other locations should be selected transparently with input from universities, environmental agencies, and local communities. (See Table 3)
Sri Lanka holds an estimated 4,000 tonnes of thorium in mineral sands, yet commercial production remains absent due to modest reserves, complex and costly separation from rare earths, lack of infrastructure, regulatory gaps in the Atomic Energy Act (2014), and environmental concerns.
However, thorium molten salt reactors (TMSRs) offer a viable path forward. They dissolve thorium into molten fluoride salts, bypassing pellet fabrication. Fission products are continuously removed, enabling high fuel efficiency and minimal waste. Thorium is transmuted into uranium-233 within the reactor, supporting a self-sustaining nuclear cycle. (See Table 4)
Sri Lanka’s nuclear energy ambitions face regulatory hurdles. The controversial Electricity Amendment Bill 2025 has intensified concerns over governance and fossil fuel bias. Meanwhile, legal teams are working with the IAEA to draft nuclear-specific legislation. The Atomic Energy Act No. 40 of 2014 provides a safety framework via the Sri Lanka Atomic Energy Regulatory Council (SLAERC), which oversees reactor licencing, radiation safety, and emergency preparedness. The Sri Lanka Atomic Energy Board (SLAEB) promotes peaceful nuclear applications.
To enable thorium molten salt reactors (TMSRs), the Act must be amended to support MSR licencing and thorium fuel cycles, while Sri Lanka ratifies IAEA conventions on safety and waste. A Thorium Task Force should guide implementation, involving SLAERC, SLAEB, and the Ceylon Electricity Board (CEB), selecting reactor designs and partnering with IAEA and the Shanghai Institute of Applied Physics of the Chinese Academy of Sciences (SINAP).
STEI would operate as a Public-Private Partnership (PPP) with climate finance from Green Bonds, UNIDO, and IAEA technical cooperation, plus developer investments via Expressions of Interest (EOI). The goal would be to deploy a 40 MW TMSR using local thorium by 2032, integrated into the Marco Polo Blue Deal for clean hydrogen. (See Table 5)
Sri Lanka lacks nuclear experience and faces a shortage of skilled personnel due to weak education infrastructure and high staff turnover. Effective training is critical; vendors should support comprehensive programmes covering operations, maintenance, curriculum, simulation, and capacity building. Universities should launch nuclear engineering programmes, while the SLAEB establishes a National Nuclear Training Institute. Partnerships with India, China, and the IAEA would aid technical exchange and adherence to safety standards. To build public trust, SLAERC should create a Citizen Advisory Council, promote awareness, and publish audits.
Sri Lanka’s thorium reserves offer a once-in-a-generation opportunity to leapfrog into clean, scalable nuclear energy. With modular MSRs, the nation can achieve energy sovereignty, climate resilience, and regional leadership in advanced nuclear technology.
(Vinod Moonesinghe read mechanical engineering at the University of Westminster and worked in Sri Lanka’s tea machinery, motor spares, and railway industries. He later turned to journalism and history. He served as chair of the Board of Governors of the Ceylon German Technical Training Institute. He is a co-convenor of the Asia Progress Forum.)
by Vinod Moonesinghe
asiaprogressforum@gmail.com
The recent “hacking” incident involving Sri Lanka’s Ministry of Finance and the Treasury cannot be treated as a narrow technical glitch. It raises deeper questions about how public money is managed, who is accountable, and whether systems are designed to prevent—or enable—failure. When such an event occurs at the core of public finance, it does not remain an isolated IT issue. It becomes a test of institutional credibility. At stake is not only money, but trust—the invisible asset on which an economy rests.
Public communication around the incident has not helped. Instead of reducing doubt, it has widened uncertainty. When explanations are partial, delayed, or inconsistent, they create space for speculation. Markets dislike ambiguity. So do citizens. In the absence of clear facts, narratives compete, confidence weakens, and the perceived risk of the system rises. In this sense, poor communication can amplify the damage far beyond the original event.
This article therefore looks beyond the label of a “cyberattack.” It treats the incident as a system-level failure that sits at the intersection of technology, governance, and accountability. The goal is to identify what likely went wrong, what global experience already tells us, and what policy actions are necessary—not only to find the truth, but to restore confidence and prevent recurrence.
What is a “Hacking” incident? – A simple view
The term “hacker” often suggests a highly skilled outsider breaking into a system. In practice, most breaches are less dramatic and more mundane. They exploit weaknesses that already exist: unpatched software, weak passwords, poor access controls, or careless user behaviour such as phishing. These are not rare events. They are predictable outcomes of weak system hygiene.
Fully important is the role of internal access. Many serious incidents involve “insider access”—legitimate credentials used improperly, or privileges that are too broad and poorly monitored. Such access is harder to detect because it appears normal. It often bypasses external defences entirely.
For this reason, the key question is not simply “Who entered the system?” but “How was entry allowed?” That question shifts attention from the attacker to the system. It forces us to examine design, controls, and oversight. In other words, it moves the discussion from a technical story to a governance story.
Deeper questions raised by this incident
When a transaction of USD 2.5 million is involved, the issue cannot be reduced to a single breach. Financial systems—especially those handling public funds—are built with layers of control: approvals, audit trails, and separation of duties. These controls are meant to prevent exactly this kind of outcome. If a large transfer can occur despite them, then either the controls failed, were bypassed, or were never properly enforced.
This leads to a more important question: How was such an event permitted within the system? Was it a one-off technical error? A pattern of weak controls? Or a breakdown in oversight? Each possibility points to a different kind of failure, but all point to the same conclusion—this is not a simple incident.
Trust is the operating system of any economy. Once trust is weakened, the effects spread quickly. Citizens begin to question institutions. Investors reassess risk. Lenders demand higher returns. What starts as a technical incident can evolve into a credibility problem. And credibility, once lost, is difficult and costly to rebuild.
Concerns are compounded when responses are delayed or incomplete. If critical system access was known but not acted upon, or if disclosure to responsible authorities was postponed, the issue becomes one of governance. Timely reporting is not a formality; it is a control mechanism. When it fails, the system loses its ability to correct itself.
Key Arguments
1. Erosion of Institutional Trust
Trust in public financial institutions underpins economic stability. When information is unclear or inconsistent, confidence declines. This affects expectations, investment decisions, and the willingness to engage with the system. Over time, weak trust translates into weaker economic performance.
Information Asymmetry and Narrative Control
When full information is not shared, a gap emerges between what authorities know and what the public understands. This asymmetry allows simplified labels—such as “hacker”—to dominate the narrative. Complex issues become reduced to convenient explanations. The cost is delayed truth and prolonged uncertainty.
3. System Reality
Large-value transactions typically require multiple approvals, verifications, and recorded trails. If such a system allows a questionable transfer, it signals a deeper problem. Either controls are ineffective, monitoring is inadequate, or responsibilities are not clearly enforced. In any case, it points to a system weakness, not an isolated glitch.
4. Governance Over Technology
Most major cyber incidents succeed not because technology is absent, but because governance is weak. Accountability is unclear. Oversight is fragmented. Operational discipline is inconsistent. Without these, even advanced systems fail. The central lesson is simple: technology cannot compensate for poor governance.
International lessons
Global experience reinforces these points. Repeated incidents across different countries show a consistent pattern: the root cause is rarely technology alone.
The Bangladesh Bank heist demonstrated how weak internal controls can enable large unauthorised transfers through international payment systems. Monitoring and verification failures were as important as any technical breach.
The Banco de Chile incident highlighted the importance of real-time monitoring and rapid response. Delayed detection allowed attackers to move funds before controls could react.
mex ransomware attack showed that preparedness matters as much as prevention. Without clear response plans and leadership accountability, organisations struggle to contain damage once an incident occurs.
These cases are not isolated. They are lessons. They show that effective protection requires a combination of sound technology and strong governance. The critical question, therefore, is not whether such incidents happen elsewhere—they do—but whether those lessons have been learned and applied.
Real consequences
The visible loss in a case like this is financial. The real cost is broader.
First, public trust declines. When institutions appear uncertain or opaque, confidence erodes. This weakens the effectiveness of policy and administration.
Second, foreign investment becomes more cautious. Investors prioritise stability and transparency. Perceived risk rises when systems appear unreliable.
Third, borrowing costs increase. International markets price risk. Lower credibility leads to higher premiums, making financing more expensive.
h, financial stability can be affected. Doubts about institutions can influence liquidity, flows, and overall system confidence.
Over time, these effects accumulate. Growth slows. Development is constrained. The long-term cost exceeds the immediate loss.
Policy Response
A narrow technical fix will not suffice. The response must be comprehensive.
An independent investigation is essential. It must be credible, free from interference, and supported by both local and international expertise. The objective is to establish facts, not narratives.
A full forensic analysis is required. System logs, access records, and transaction trails must be examined in detail. The aim is to understand both the breach and the conditions that enabled it.
Transparent communication is critical. Regular updates and a final public report help rebuild trust. Silence or delay does the opposite.
Accountability must be clear. Where negligence, misconduct, or failure is identified, appropriate legal action must follow. Responsibility should not be diffused.
System reforms are necessary. Stronger controls—such as dual authorisation, multi-factor authentication, and real-time monitoring—should be standard, not optional.
Cyber security capability must be strengthened. Continuous monitoring, training, and regular risk assessments are essential.
Finally, legal and institutional frameworks need reinforcement. Transparency laws, digital governance standards, and protection for whistleblowers can improve long-term resilience.
Can government remain silent?
Silence is not neutral. It increases uncertainty.
When information is withheld or delayed, speculation fills the gap. Markets react. Confidence weakens. Trust erodes. In public finance, this is costly.
The response must be timely and clear. Facts should be disclosed. Responsibility should be assigned. Weaknesses should be corrected. The process must be seen as fair and independent.
If these steps are not taken, the issue will not remain contained. What appears to be a USD 2.5 million problem can evolve into a wider crisis of confidence. And once confidence is damaged, the cost of repair is far greater than the cost of prevention.
Strong systems depend on capable leadership and sound institutions. Positions of responsibility must be matched by competence and experience. Where gaps exist, they must be addressed.
In the end, the question is simple: will this incident be treated as a minor event to be managed, or as a warning to be acted upon? The answer will determine not only accountability for the past, but the credibility of the system going forward.
By Prof. Ranjith Bandara
The President has taken the bold decision to get rid of the office bearers of Sri Lanka Cricket (SLC) and appoint an interim committee till such time suitable persons are elected to run the SLC. All Sri Lankan cricket lovers will applaud and endorse President Anura Kumara Dissanayake’s action as the SLC was one of the most corrupt sports organizations in Sri Lanka for a long time.
The office bearers had organized it in such a manner that no other persons could get elected to this den of thieves. They increased the number of clubs as members to collect their votes. Large amounts of funds were doled out to the clubs to which the office bearers belonged.
All cricket lovers would remember how when a previous Minister holding the Cabinet portfolio pertaining to sports tried to get rid of the corrupt officials which the then Parliament endorsed unanimously and how they manipulated to remain in power and get the President at that time to get rid of the Minister instead of the corrupt officials of the SLC.
They were able to get round the ICC too to get what they wanted. The Minister who was appointed in place of the ousted Minister fell into the pockets of the SLC officials and they continued happily thereafter. The Minister was happy and the corrupt officials were happy!
It is not only the elected officials who have to be removed. There are executive employees and other permanent employees who have to be relieved of their duties as otherwise they could get round the incoming officials, and the activities of the bandwagon could go on.
We would appreciate if the President and the Minister in charge would go the whole hog and relieve the SLC of all corrupt personnel so that Sri Lanka’s cricket could get back to its halcyon days again.
HM NISSANKA WARAKAULLE
Malimawa government and Yahapalanaya are dissimilar in many respects, the most important being whilst Yahapalanaya had to manage with a balancing act in the parliament, Malimawa has the luxury of a massive parliamentary majority. However, they share one thing in common; the main plank for the election of both presidents Dissanayake and Sirisena was their solemn pledge for the eradication of corruption. It looks as if both have failed miserably, on that count!
It did not take very long for Yahapalanaya’s first act of corruption; the bond scam. COPE, headed by the veteran politician D E W Gunasekara, picked on this but to prevent the presentation of the report, Sirisena dissolved the parliament which was done at the request of the Prime Minister Ranil, to whom Sirisena was obliged for the unexpected bonanza of becoming president. This enabled the second bond scam to take place, also masterminded by Ranil’s friend Mahendran, imported from Singapore!
Malimawa convinced the voters that they are the only group that could get rid of the 76-year curse of corruption and made a multitude of promises, most of which are already broken! What is inexcusable is that, in a short space of time, they seem to have become as corrupt as any previous government and they seem to excel their predecessors in doling out excuses. Of course, they have a band of devoted social media influencers who are very adept at throwing mud at their opponents which they hope would help to cover up their sins. How long this strategy is going to work is anybody’s guess!
Some of these issues were addressed in an article, “Squeaky clean image of JVP in tatters” by Shamindra Ferdinando (The Island, 22 April). I hasten to add that, though some of his supporters are still trying to paint an honest image of AKD, he should be held responsible for many of these misdeeds and irresponsible acts.
One of the first acts of the newly elected president AKD was to appoint two retired police officers, who openly worked for the NPP through the Retired Police Collective, to top posts; Ravi Seneviratne as Secretary to the Ministry of Public Security and Shani Abeysekara as the Director of CID. Both of them held top jobs in the CID when the Easter Sunday attack took place and were blamed, by some, that they too failed to prevent this horrendous act of terrorism. In addition, there was a case against Seneviratne for causing accidents whilst under the influence and Abeysekara was exposed as a ’fixer’ by the infamous Ranjan Ramanayaka tapes. No one would have objected had they been appointed after their names were cleared but AKD’s rash decision to appoint them, disregarding all norms, clearly showed what his long-term strategy was. Was this not political corruption?
Now these two tainted officers are heading the search for the mastermind of the Easter Sunday attacks! Are they being used to divert attention away from Ibrahim’s family that was supposed to have funded the project? After all, Mohamed Ibrahim, the father, was on the national list of the JVP, and the two sons were the leading suicide bombers. It is a matter of great surprise that the Catholic church led by Cardinal Ranjith is not demanding the removal of these two officers from the investigation, who obviously have a conflict of interest. It becomes even more surprising when the demand is made for the Deputy Minister of Defence Aruna Jayasekara to resign, for the same reason; as well stated in the editorial, “Of masterminds” (The Island, 21 April).
The first act of the new parliament was to elect ‘Dr’ Ranwala as the speaker and pretty soon his doctorate was challenged. He stepped down to look for the certificate, which he is still looking for! Though some of the ministers too have admitted that Ranwala may not have a PhD, AKD seems silent. When Ranwala was involved in an RTA, police had run out of breathalyser tubes and blood was taken after a safe period had elapsed. Why has AKD no guts to sack him?
Episode of the release of 323 containers, without the mandatory inspections, seems to be receding to the past and the long-awaited report may be gathering dust in the president’s office! It is very likely due to political intervention and we probably will never know who benefitted.
A minister, who claimed that he is living on his wife’s salary and on the generosity of the party faithfuls, seems to have been able to build a three-storey house in a suburb of Colombo. He claims that when he made that statement, his father was alive but has since died and he has inherited everything as he is the only son! What a shame that Marxists do not believe in sharing the family wealth with sisters? Though the opposite may be true, his explanation that he was able to build a house in Colombo by selling the land in Anuradhapura rings hollow!
The worst of all was the coal scam which would have long lasting consequences on our economy. I do not have to go into details as much has been written about this but wish to point out AKD’s role. In spite of ex-minister Kumara Jayakody being indicted by CIABOC, AKD continued to give unstinted support till it became pretty obvious that he had to go. In fact, he is being charged with an offence which was committed whilst he was serving the Ceylon Fertilizer Company which was under the purview of, guess who? AKD when he was the Minister of Agriculture.
Devastating report from the Auditor General,before Jayakody’s resignation, would not have happened if AKD had his way. He attempted a number of times to get one of his henchmen appointed to this coveted post, overlooking those experienced officers in the department. AKD’s political machinations were thwarted thanks to the integrity of some members of the Constitution Council. If not for them, AKD’s nominee would have been in post and, perhaps, his friend Jayakody would still be the minister.
Malimawa seems to have beaten Yahapalanaya rather than being the second!
By Dr Upul Wijayawardhana
Police officers donate LKR 9,687,462 from day’s salary to ‘Rebuilding Sri Lanka’ Fund
Iran’s top diplomat in Russia as Tehran intensifies efforts to end the war
Rinku, Narine win Kolkata Knight Riders error-strewn Super Over game
Rabada and Sudharsan crush Chennai Super Kings
Showers or thundershowers will occur at several places in most parts of the island after 1.00 pm
Heat Index at Caution Level in the Northern, North-central, North-western, Western, Sabaragamuwa, Southern, and Eastern provinces and in Monaragala district during the day time
‘Dates have the highest sugar content to fight Coronavirus’
Sunday Island 27 December – Headlines
#SundayIsland 17th December – Headlines
Sunday Island – 28th March
Sunday Island Headlines – 21 March
Sunday Island – 21st February – Headlines
-
News6 days agoRs 13 bn NDB fraud: Int’l forensic audit ordered
-
News4 days agoLanka faces crisis of conscience over fate of animals: Call for compassion, law reform, and ethical responsibility
-
News3 days agoWhistleblowers ask Treasury Chief to resign over theft of USD 2.5 mn
-
News3 days agoNo cyber hack: Fintech expert exposes shocking legacy flaws that led to $2.5 million theft
-
News4 days agoUSD 2 mn bribe: CID ordered to arrest Shasheendra R, warrant issued against ex-SriLankan CEO’s wife
-
News1 day agoHackers steal $3.2 Mn from Finance Ministry
-
News4 days agoParliament urged to probe questionable payment of USD 2.5 mn from Treasury
-
Opinion6 days agoMinisterial resignation and new political culture