Sri Lanka presents a combination of ethnic, religious and political tensions. Following the recent Easter Sunday bombings, wherein over 250 people were killed, tensions have flared between the Muslim community and the Singhalese Buddhist community. On 21 April, several coordinated terror attacks, reportedly carried out by the Islamist extremist group, National Thoweed Jamath (NTJ), were executed across Sri Lanka. Following the attacks there has been fierce criticism of the government and state authorities, along with increased religious tensions. Religious conflict has been extant in Sri Lanka in recent years, following the destructive 26-year civil war which came to an end in 2009. The conflict between the two largest ethnic groups in Sri Lanka, the Sinhalese and the Tamils, caused the deaths of around 100,000 people. The recent increase in tensions has largely been blamed on hard-line Buddhist monks from the Bodu Bala Sena (BBS) or the Buddhist Power Force, and Muslim retaliation. The BBS argue that the Muslim community in Sri Lanka has become more conservative and insular, abandoning local traditions in favour of stricter Islamic law. The radical Buddhists believe they must preserve their religions, and consequently carry out attacks against Muslim communities and Mosques. They maintain that they must protect their country from the ‘invasion’ of Islam, although Muslims make up less than 10 per cent of the population. Whilst hostility remains between religions in Sri Lanka, a great deal of anger has also been targeted at the government, who have been blamed for the recent terror attacks.

A leaked memorandum, which gave details of a warning from India regarding the danger posed by Mohamed Zahran Hashim, the leader of the Islamic insurgency NTJ, was discovered after the attacks. On 9th April, the Chief of the National Intelligence issued a warning to the Sri Lankan Police Chief of a plan by Hashim and NTJ to carry out an attack in the country, including possible locations. The Police Chief was later given compulsory leave and arrested for negligence when investigated following the bombings. The intelligence officer also testified that President Maithripala Sirisena was forewarned of the threat of attack; however was removed from office following these disclosures. As part of investigations into the negligence of the Sri Lankan authorities on preventing such a deadly attack, the Defence Secretary was also arrested. Attorney General Dappula de Livera has called for those arrested to be tried for “crimes against humanity.” The accusations of governmental negligence up to the president of the country reveals a serious lack of reliability and accountability in ensuring the safety of the citizens of Sri Lanka, and those travelling to the country.

Some have argued that the failure to act on intelligence was due to distrust between Sirisena and Prime Minister Ranil Wickremesinghe, as the president allegedly did not invite the Prime Minister to national security meetings. The former defence secretary confirmed this allegation at the select committee hearing. The rift between the president and the prime minister has been ongoing, the two lead opposing parties in the coalition government and in 2018, a constitutional crisis was triggered when Sirisena tried to dismiss Wickremesinghe who refused to step down. The Supreme Court intervened and reinstated Wickremesinghe.

The issue of government foreknowledge of the attacks is exacerbating the adverse effects of the bombings. Hard-line Buddhists monks are using the information to lay further blame on the Muslim community. The monk Athuraliye Rathana said he would starve himself to death if Sirisena did not remove two Muslim provincial governors and one senior Muslim minister, who Rathana accused of having ties with the Easter bombers. All nine Muslim ministers and the two governors resigned in solidarity and to ease tensions. On 7th July hundreds of BBS monks gathered in Kandy to discuss the presidential elections. The leader of the BBS Galagoda Aththe Gnanasara addressed the crowds calling for need to win votes for Sinhala Buddhists with the aim of creating a Sinhala government. Which candidate to back, he did not say, but said that if the BBS were able to get the support of at least 7,000 temples across the country to form a united political front then there would be a Sinhala government. If this can be achieved, then presidential hopefuls will be competing for support of this front.

The controversy surrounding allegations of forewarning and dismissal of staff in select committee investigations have greatly reduced Sirisena’s chances of being re-elected in the upcoming 2019 presidential elections. Wickremesinghe on the other hand as leader of the nationalist party stands to benefit from the committee hearings, if he can lay the blame at the hands of Sirisena and avoid it himself. Sirisena’s position grows more tenuous, with his government defeating a motion of no confidence by 119 to 92 votes on 12th July. The ongoing political and religious tensions result in an increased threat of protest or unrest in the country, with the possibility of future violent conflict, especially between the BSS and Muslim communities.



Due to the impact of the bombings and a subsequent increased terror threat in the country, authorities have imposed curfews throughout Sri Lanka as they attempt to track down suspects responsible for the bombings, as well as to contain outbreaks of communal violence. They can be implemented under short notice, so travel plans and activities may be disrupted. Sri Lanka’s authorities have confirmed that airlines passengers can travel to the airport during curfews so long as they can present their passports and flight tickets. Travellers to Sri Lanka will need to obtain a visa prior to travel.

Transport in Sri Lanka is known for its tendency to be slow-moving. The island has narrow roads, often congested with pedestrians, cyclists, and tuktuks. Travellers can self-drive in the country, however, an International Driving Permit and a Sri Lankan recognition permit are required. Buses are the standard mode of travel for locals and visitors alike, however travel by rail is also widely utilised. Private buses and hire cars can also be used when travelling in Sri Lanka. Aside from the time-consuming nature of travel in the country, public transportation is typically safe. Although, during times of unrest or demonstrations travellers should exercise caution in public. Participants in the anti-Muslim violence that took place after the Easter Bombings reportedly travelled by public bus. Given the hassle, and sometimes security issues posed by public transport, many travellers opt to hire a car and driver to get around the island. It is recommended that travellers op to use a Sri Lankan Tourist Board accredited chauffeur-guide.

For short-term travellers to Sri Lanka, the Centres for Disease Control and Prevention (CDC) advises vaccinations against measles, mumps and rubella (MMR), diphtheria, tetanus, hepatitis A, typhoid and hepatitis B. Malaria can also pose a risk in some areas of Sri Lanka. Caution is advised when eating and drinking. Only drink bottled water, or water that has been disinfected, and food that is hot and cooked, or has been thoroughly washed. Travel insurance is strongly advised, and it is necessary to check prior to travel that any prescription drugs being taken into the country are legal.

Sri Lanka’s Monsoon season, between May and September, brings heavy showers and strong winds. This may affect and disrupt travel plans. Heavy rainfall can cause flooding and landslides leading to road closures and risking life and injury. Cyclones are also prevalent during this season, which can cause a high degree of damage and harm. We recommend checking in with the Disaster Management Centre for up to date information on extreme weather warnings. However fortunately with poor weather conditions, riots and communal violence becomes less likely.



Following the Easter Sunday bombing attacks, there have been outbreaks of mob violence across the country. Travellers should be aware that this could occur again with little or no warning, those visiting the country are advised to remain vigilant when in public and especially when in or around places of worship. Military bases and buildings can also be a target for attacks, many now operate increased security due to this threat. Foreign nationals may not be distinct targets of such violence, however there is a real threat of visitors getting caught up in violent demonstrations or attacks in public. The threat of future terror attacks in Sri Lanka cannot be ruled out, however Sri Lankan authorities have arrested over 2,000 suspects in the recent terror strikes and have taken a tougher stance on extremist suspects.

Violent crimes against travellers in Sri Lanka are comparatively lower than in other south-east Asian countries. However, female travellers should take extra caution as Western women continue to report incidents of verbal and physical harassment by groups of men. There have been incidents of sexual harassment and drinks being spiked in bars and restaurants in southern beach resorts. Vigilance should be exercised when in areas such as these to reduce the ability of opportunists to attack. Theft is also a present threat to travellers. Petty criminals and organised gangs can be responsible for muggings, and even express kidnappings, against Western nationals who are perceived as wealthy.

Security checkpoints and roadblocks still occur in parts of Sri Lanka. When travelling through, it is always advised to cooperate with whoever may be operating them. For security and safety reasons, police and military personnel remain present on the streets of the bigger cities such as Colombo. Since the end of the military conflict in 2009, there has been an increase in nationalism in Sri Lanka, and with this occasional anti-Western rhetoric. Although this does not present a substantial threat to Western travellers, it is important to note. Confrontation with people is discouraged. Discretion is advised when discussing political or religious matters in Sri Lanka due to the instability within the country.

Immediately after the recent terror attacks, the situation in Sri Lanka grew worse for Muslim communities who were the target of retribution attacks. Beginning on 6th May in Negombo, the majority Singhalese Buddhist rioters destroyed Muslim owned businesses. In Kiniyama, hundreds of people stormed a Mosque, destroying windows and doors and burning Korans. In Puttalam, a man died from stab wounds after a mob attacked his business. There are reports of police inaction while mobs attacked a pasta factory in Minuwangoda. In response to the riots, the Sri Lankan authorities imposed a nation-wide curfew on 13th May. Additional security forces, including military units were deployed to hotspots such as Hettipola to restore order and a nationwide emergency was declared. In this climate of intimidation Muslims fear that they will be targeted next and fled their homes and some have set up temporary shelter away in the jungles. Muslims driven from their homes have fled to Mosques for safety. There are reports of police dropping off Muslims at these Mosques for their own safety and protection.

Communal violence and demonstrations continue to occur. There were protests in Colombo on 3rd June in support of the Rathana’s hunger strike. These can restrict movement and access to area. Riots broke out in Negombo on 5th May and continued throughout May in the North Western Province, as Muslim owned business and shops were targeted. Groups of rioters were seen arriving on buses to Muslim areas. Mosques and shops were ransacked. Care is advised when travelling on public transportation, if large groups of agitated people are seen gathering, it is advised to avoid the area. Seek advice from local media outlets or citizens who may be able to offer information regarding any planned demonstrations. The government has also intermittently blocked social media in the country as a response to the anti-Muslim riots, in order to mitigate the spread of misinformation and hate speech as well as inhibit rioters’ abilities to organise. This may be repeated if more violence occurs.



The coordinated suicide attacks targeting Easter church services, hotels, and housing complexes on 21 April 2019 prompted a country-wide curfew and state of emergency in Sri Lanka. Since the bombings, the Muslim community has come under fierce scrutiny in the country. The NTJ, a hitherto small local militant Islamist group is believed to be responsible for the attacks. There has been an uptick in violence from the nationalist BSS in response to the attacks, with retaliation strikes against Muslim communities.

The NTJ has possible links to the Islamic State (IS), however it was previously associated with another hard-line Islamist group, Sri Lanka Thowheeth Jama’ath (SLTJ). The NTJ formed a splinter group in 2014, operating on Sri Lanka’s east coast. Prior to the Easter Sunday bombings, the group were reportedly responsible for low-level vandalism of Buddhist temples. The escalation of intent and capability from criminal activity to large-scale acts of terrorism suggests a degree of influence and support from external forces. Authorities have stated they do not believe IS were directly responsible for the Easter attacks, however they may have been working in cooperation with the group. The possibility of growing links between small-scale insurgencies such as NTJ and larger transnational Jihadist organisations such as IS pose a significant threat to the security of Sri Lanka. Retaliatory attacks by the nationalist Buddhist factions may prove to only further fuel future attacks, however, the attacks themselves are outside local grievances and context. The nature of the recent attacks is indicative of IS aims and objectives. The targets were areas frequented by western tourists and Christians, not Buddhists. This is far more consistent with global jihadism than local tensions.

Following the most recent attacks and under international pressure and scrutiny, Sri Lankan authorities have carried out heightened counter-terror operations. Methods have included the detaining of suspected insurgents, as well as raids and controlled explosions of weapons. Despite this, the possibility of future terror attacks in Sri Lanka remains high. Attacks could be indiscriminate, occurring in places such as hotels or tourist areas. Travellers are advised to remain vigilant when travelling in the country and are encouraged to contact local law enforcement or authorities if they feel suspicious or are threatened.


Want to take this report with you?

Subscribe to our mailing list below to unlock access to the PDF report.

Subscribe to our mailing list to unlock this content.
SI Risk Ltd collect data about individuals, usually within a business context. SI Risk Ltd treats all data which identifies an individual, or when combined with any other information which identifies an individual, as ‘Personal Data’.

As SI Risk Ltd is registered in the United Kingdom (UK), the decision has been taken to nominate the UK Information Commissioners Office (ICO) as their Lead Data Protection Supervisory Authority. As such, all practices will comply with guidance issued by the ICO.

Unless otherwise stated, SI Risk Ltd will be known as the Controller of any personal data which is provided to them by users. This means we control what happens to the data in our possession. We will treat user information with the same care and attention as SI Risk Ltd would expect their own personal data to be treated. This will include taking appropriate organisational and technical measures to protect your information while we are holding and processing it.

SI Risk Ltd collect personal data which may include (but is not limited to) name, physical address, email address, telephone number, age, IP address, organisation name, job title, dietary requirements, allergies, qualifications, interests, and other information which helps them provide their services. In some cases, this may include (but is not limited to) travel itinerary, as well as live and historical GPS tracking data.

SI Risk Ltd need to collect this personal data to provide users with Safety and Security Risk Management Services and uphold contracts agreed with entities which may include (but is not limited to) individuals, organisations, or other third parties. SI Risk Ltd will only collect personal data from users when required for the delivery of Safety and Security Risk Management Services and when there is a legal basis for doing so.

Data is processed by SI Risk Ltd and the client which is subscribing to the Safety and Security Risk Management Services provided by SI Risk Ltd. Data processing will take place in the UK, but also in the jurisdiction of the entity (which includes, but is not limited to, a partner, client, or user) which SI Risk Ltd is providing services to resides in. SI Risk Ltd will endeavour to provide details of the processing locations (where possible) at the point at which data is collected. This will not always be possible when delivering some services, such as live tracking, due to the nature of mobile data connections. Data may be processed via Asana, Dropbox, Microsoft Office 365, Lead Forensics, Google Analytics, and other similar platforms which may include the transmission of data into the United States of America (USA). Data may be shared with other entities if it is prerequisite for the delivery of Safety and Security Risk Management Services by SI Risk Ltd or for contractual agreements between which includes, but is not limited to, a partner, client, or user and the entity (which includes, but is not limited to, a partner, client, or user) to be upheld. This may include which include providing information to travel providers (e.g. airlines and hotels) and other service providers. It may not be possible to confirm these providers in advance of collecting data from the user, but SI Risk Ltd will endeavour to inform you of all data sharing that takes place.
Data processed directly by SI Risk Ltd is located on services in the UK and USA. Newsletter (and other mailing list data) is managed via third-party software (Zoho). In conjunction with this third-party software, SI Risk Ltd use analytics packages to track engagement with the information sent via email to entities which have voluntarily opted into receiving communications from SI Risk Ltd. This information may include (but is not limited to) the email address of the user and whether the user opened the communication sent from SI Risk Ltd.

Users are required to provide explicit consent that they would like to receive communications via email from SI Risk Ltd. If consent is provided by a user, we will continue to contact you for up to 10 years from the date you initially consented to receive communications from SI Risk Ltd (unless the user withdraws their consent at any time, at which point the user will cease to receive emails from SI Risk Ltd.

No other 3rd parties have access to a user’s personal data unless specifically agreed in advance of the data being collected by SI Risk Ltd, or in circumstances detailed in this Privacy Statement.

SI Risk Ltd have a Data Protection Regime in place which oversees the effective and secure processing of your personal data, which can be provided on request by contacting the Data Protection Officer.

All details provided to SI Risk Ltd will be held according to the legal and contractual requirements which SI Risk Ltd is subject to – which is detailed below.

- SI Risk’s public liability insurance requires that all the details of all events are maintained for a period of 3 years following an event or service provision provided by SI Risk Ltd.
- UK Revenue and Customs require that all payment information which is subject to VAT be kept for a period of at least 6 years following receipt of payment for services provided by SI Risk Ltd.

In accordance with this, all personal details of attendees for events and services provided by SI Risk Ltd will be retained by SI Risk Ltd for a period of 5 years following the end of our contract (unless otherwise indicated). This information may include (but is not limited to) the user’s name, physical address, email address, telephone number, age, IP address, organisation name, job title, dietary requirements, allergies, qualifications, interests, and other information which helps them provide their services. In some cases, this may include (but is not limited to) travel itinerary, as well as live and historical GPS tracking data.

In addition, billing information, which includes any personal data contained within invoices and accounting records, will be retained for a period of 6 years following the receipt of payment for services provided by SI Risk Ltd.

SI Risk Ltd endeavor to respond to all contact, including enquiries, in a timely and professional manner. Any contact which contains personal data will be retained for a period no more than 18 months from the date of receipt and response by SI Risk Ltd. This data is held by SI Risk Ltd under the legal basis of legitimate interest as it may be required to respond to future queries, both internally and externally, within this period.

No data retained by SI Risk Ltd will be used for any purpose other than that which is agreed at the time of contact between the user and SI Risk Ltd. This information will never be shared with third-parties without the user’s knowledge and will not be used to contact the user in future without the user’s express consent unless we believe it is relevant to your original enquiry.

If at any point a user believes that the information SI Risk Ltd possess is incorrect, or should the user wish to withdraw their consent, or exercise their statutory rights (which includes, but is not limited to, your right to erasure, right to access, right to rectification, and right to be informed) they can request to see this information, have it corrected, or have it deleted.

If a user wishes to raise a complaint on how SI Risk Ltd have handled their personal data, they can contact SI Risk Ltd’s Data Protection Officer, Nathan Monshin (Nathan.mosnhin@sirisk.uk), who will investigate the matter and take all necessary actions to address the complaint.

If the user is not fully satisfied with the response provided by SI Risk Ltd (or believe SI Risk Ltd are not processing data in accordance with the law) you can complain to the Information Commissioner’s Office (ICO) – which is the Lead Data Protection Supervisory Authority of SI Risk Ltd.

SI Risk Ltd will never request consent from, or market to, anybody under the age of 16.

SI Risk Ltd employ cookie technology to help log visitors to their website and facilitate the full and proper functionality of web services (such as but not limited to, logging in to secure areas and processing registrations). Cookies are pieces of data that are often created when someone visits a website, and which are stored in the cookie directory of a computer. Numerous cookies may be created when you visit a website controlled by SI Risk Ltd.

Up-to-date browsers give users the option to accept or decline cookies. This is a global setting that applies to every website a user visits. If a user does switch off cookies at a browser level, their device won't be able to accept cookies from any website. This means the user will struggle to access the secure area of any website they use and won't enjoy the best browsing experience when you are online. AboutCookies (http://www.aboutcookies.org) contains comprehensive information on how to disable cookies on a wide variety of browsers, details how to delete cookies from your computer as well, and more general information about them.

Cookies may be persistent, or session based. Persistent cookies are stored by a web browser and remain valid until the defined expiry date (unless deleted by the user before the expiry date). A session cookie will expire when a user ends their session (which occurs when the web browser is closed).

The type of cookies used on most websites, including those controlled by SI Risk Ltd, can be categorised in four ways (Strictly Necessary, Performance, Functionality and Targeting) according to the International Chamber of Commerce guide to cookie categories.

These cookies are essential, as they enable users to move around the website and use its features (such as accessing secure areas). Without these cookies, services you've asked for can't be provided. These cookies don’t gather information about you that is used for marketing or remembering where you've been on the internet.

These cookies collect information about how users use a website, including which pages you go to most often and if you get error messages from certain pages. These cookies don’t gather any information that identifies the user. All information these cookies collect is anonymous and is only used to improve how a website works. These cookies are not used to target users with online marketing. Without these cookies, SI Risk Ltd can’t learn how their website is performing and make relevant improvements that could better the user’s browsing experience.

These cookies allow a website to remember choices a user makes (such as user name, language, or the region you're in) and tailor the website to provide enhanced features and content for the user. For instance, a website may be able to provide a user with local weather reports or traffic news. These cookies can also be used to remember changes a user has made to text size, font, and other parts of pages that you can customise. They may also be used to provide services a user has asked for, such as watching a video or commenting on a blog. The information these cookies collect may be anonymous and they cannot track a user’s browsing activity on other websites. Without these cookies, a website cannot remember choices previously made by the user or personalise the user’s browsing experience.

These cookies are used to tailor marketing to a user and their interests. They are also used to limit the number of times a user sees an advertisement and help measure the effectiveness of advertising campaigns. They remember that a user has visited a website and this information may be shared with other organisations (such as advertisers). Although these cookies can track a user’s visits to other websites, they don’t usually know who a user is. Without these cookies, online advertisements encountered by a user will be less relevant to them and their interests.

When a user visits an SI Risk Ltd website, SI Risk Ltd collect web statistics concerning their visit which are stored in a log file. Log files allow SI Risk Ltd to record visitors’ use of the website, monitor site performance, and address any errors. The web teams use analytics to record visitors’ use of the site and use this information to make changes to the layout of the website and to the information provided on the website. Log files do not contain any personal information and they are not used to identify any individual patterns of use on the website.

This statement only covers websites and data maintained by SI Risk Ltd and does not cover other data or websites linked to, or associated with, SI Risk Ltd websites.

SI Risk Ltd may change its Privacy Statement to align with legislation and industry standards. They will not explicitly notify website users about these changes. SI Risk Ltd recommend that you check this statement on their website occasionally for any policy changes.

This version was last updated on 16 April 2019.
I agree with the Terms & Conditions