It became known as one of the world’s biggest cyber-heists in banking history, and last Friday the central bank of Bangladesh filed a federal lawsuit in the US District Court for the Southern District of New York, accusing a Filipino bank, its top brass and others of facilitating the theft of US$81 million from its account at the Federal Reserve Bank of New York.
The move was another step in a legal battle to recover the full amount – $101 million – which was stolen from Bangladesh’s central bank’s reserves three years ago. Hackers stole the $101 million from Bangladesh Bank’s (BB) foreign reserves account with the New York Federal Reserve. Only $20 million of the stolen money was returned by a Sri Lankan bank because the name of the recipient was wrong.
Last Thursday, a team of lawyers filed a case against the Rizal Commercial Banking Corporation (RCBC) of the Philippines, claiming in the complaint that the Manila-based bank helped North Korean hackers steal $81 million.
In September last year, the US Justice Department charged a North Korean man, Park Jin Hyok, with computer fraud, saying he was part of a government-sponsored team, known as the Lazarus Group, which were behind the hack of Sony Pictures, the Bangladesh Bank theft and global ransom attacks.
Ajmalul Hossain, the Bangladesh Bank’s counsel, told Asia Times the bank had accused RCBC and several others, including some top executives, of involvement in a “massive” and “intricately planned” multi-year conspiracy to steal $81 million of its money.
Hossain said much of the money disappeared in the Philippines’ casino industry. It was funneled through a series of complicated account transfers. The Philippines has so far returned $15 million after an order from a regional Philippine court in November 2016, while $66 million is yet to be recovered.
“The legal battle that we started will likely continue for the next three years. We hope to recover the full money by that time,” Hossain said.
Also on Thursday last week when the Bangladesh Bank filed its case, RCBC hired the US law firm Quinn Emanuel for its defense against the lawsuit, the Daily Inquirer of the Philippines reported.
The RCBC’s lead attorney on the case, Tai-Heng Cheng, said Bangladesh’s legal attempt to recover the full money was “nothing more than a thinly veiled PR campaign disguised as a lawsuit.” He added that if the Bangladesh Bank was “serious about recovering the money, they would have pursued their claims three years ago and not waited until days before the statute of limitations (expired).”
Hossain, however, returned fire. “It takes meticulous preparations to file a case like this. Besides, we needed to collect a lot of internal reports and probe reports. We wanted to be fully prepared rather than make haste.”
No update on probe
While Bangladesh launches a legal battle against the Manila-based bank in a New York court, there has been no update on its internal probe run by the country’s Criminal Investigation Department (CID).
After the heist, the Bangladesh Bank started an internal probe through a committee headed by former central bank governor Mohammed Farashuddin. The investigation by the committee found that a handful of negligent and careless bank officials inadvertently helped facilitate the heist by hackers.
“They were negligent, careless and indirect accomplices,” Farashuddin told news agency Reuters, adding that the hackers had exploited vulnerabilities in the bank’s information security defenses. “The committee came to the conclusion that the heist was essentially committed by external elements.”
Later Bangladesh Bank filed a case about the theft in Motijheel Police Station in the country’s capital Dhaka. The CID was put in charge of investigating the case filed under the country’s Money Laundering Prevention Act and the ICT Act, or Information and Communication Technology Act. The CID, however, failed to submit a report to the court for the 25th time since the case was filed, Asia Times discovered. The CID was recently asked to submit its report to the court by February 10.
When asked why there had been no update on the CID report, Bangladesh Bank Governor Fazle Kabir said: “You are asking the question in the wrong place. We have provided all sorts of help to the CID in their investigation.”
Rayhan Uddin Khan, an additional CID superintendent and the investigating officer in the bank-heist case, said they had already submitted a preliminary forensic report to the Anti-Money Laundering Council of the Philippines in July last year. The council could use the report to determine the RCBC’s role in the heist, he said.
Khan added that the CID would need to conduct further investigations to prepare a final and conclusive report.
The Philippines takes action
On January 10 this year in Manila, a Philippine court found Maia Deguito, who managed RCBC’s Makati City branch, guilty of eight counts of money laundering tied to the Bangladesh Bank heist. The court sentenced her to varying prison terms ranging from 32 years to 56 years and fined her $109 million.
In August 2016, after conducting its own investigation into the heist, the central bank of the Philippines – Bangko Sentral ng Pilipinas (BSP) – slammed RCBC, which it oversees, with a record fine of 1 billion pesos ($21.3 million). In a statement, BSP said the penalty represented “the largest amount ever approved as part of its supervisory enforcement actions on a BSP-supervised financial institution.”
The heist happened when hackers attacked the reserves of Bangladesh’s central bank and siphoned off $101 million. The bank’s money was kept in the New York Federal Reserve. The hackers had access to the SWIFT codes used by Bangladesh Bank employees and used them to send more than three dozen fraudulent money transfer requests to the NY Fed on February 4, 2016. They then requested the bank to transfer millions of dollars of the Bangladesh Bank funds to bank accounts in Sri Lanka, the Philippines and other parts of Asia.
The hackers were successful in getting $81 million transferred to RCBC in the Philippines through four different transfer requests and an additional $20 million to Pan Asia Banking in a single request.
Fortunately, Bangladesh Bank was able to stop $850 million in 30 transactions before the money disappeared. According to central bank officials, the Federal Reserve did not complete an additional 30 transfers ordered by the cyber hackers who, by some means, placed malicious software into the Bangladesh central bank’s computer systems.
If the transfer orders had been carried out, Bangladesh would have lost a further $951 million. Somewhat unsurprisingly, the cyber-crime took the then-governor of Bangladesh Bank, Atiur Rahman, by complete surprise. “It was like a terrorist attack, into the central bank,” he said. “I couldn’t believe it … because nothing like that … ever happened,” he said.
——
Asia Times has relaunched on www.asiatimes.com. Download our brand new native App for a sweeping selection of geopolitical and business news from across Asia.
Post writing is also a excitement, if you know then you can write
if not it is difficult to write.
My spouse and I stumbled over here different web address and thought I should check things
out. I like what I see so now i am following you. Look forward to exploring
your web page yet again.
Valuable information. Lucky me I found your web site by accident, and I’m shocked why this accident
didn’t happened in advance! I bookmarked it.
Spot on with this write-up, I seriously believe that this website
needs much more attention. I’ll probably be back again to read more, thanks
for the info!
Hello, I enjoy reading all of your article. I like to write a little comment to support you.
Hmm is anyone else experiencing problems with the pictures on this blog loading?
I’m trying to determine if its a problem on my end or if it’s
the blog. Any feed-back would be greatly appreciated.
Great site you have here but I was wanting to know if you knew of any discussion boards that cover the
same topics discussed in this article? I’d really like to be a
part of online community where I can get opinions
from other knowledgeable people that share the same interest.
If you have any recommendations, please let me know.
Many thanks!
Pretty nice post. I just stumbled upon your blog and wanted to say
that I have really enjoyed surfing around your blog posts.
In any case I’ll be subscribing to your feed and I hope you
write again soon!
WOW just what I was looking for. Came here by searching for natalielise natalielise pof
Tremendous things here. I am very happy to see your article.
Thanks a lot and I’m having a look forward to touch you.
Will you kindly drop me a mail?
Thanks designed for sharing such a fastidious opinion, article is nice, thats why
i have read it entirely
This is a topic which is near to my heart…
Best wishes! Exactly where are your contact details though?
Attractive section of content. I just stumbled upon your site and in accession capital to
assert that I get in fact enjoyed account your blog posts.
Any way I will be subscribing to your feeds and even I achievement you access consistently fast.
Nice answer back in return of this question with solid
arguments and explaining everything on the topic of that.
What’s up to all, the contents present at this web site are really awesome for people knowledge, well,
keep up the good work fellows.
Asking questions are in fact pleasant thing if you are not understanding anything totally, however
this article presents good understanding even.
Appreciating the time and energy you put into your site and
in depth information you offer. It’s awesome to come across a
blog every once in a while that isn’t the same old rehashed information. Fantastic read!
I’ve bookmarked your site and I’m adding your RSS feeds to my Google
account.
Hi there very cool site!! Man .. Beautiful .. Wonderful ..
I’ll bookmark your web site and take the feeds additionally?
I’m happy to search out numerous helpful information right here in the post,
we’d like work out extra strategies on this regard, thank you for sharing.
. . . . .
I was wondering if you ever thought of changing the
structure of your website? Its very well written; I love
what youve got to say. But maybe you could a little more in the way of content so people could connect with it
better. Youve got an awful lot of text for only having one or two pictures.
Maybe you could space it out better?
I do not even know how I ended up here, but I thought this post was great.
I don’t know who you are but certainly you
are going to a famous blogger if you aren’t already 😉 Cheers!
What i don’t understood is if truth be told how
you are not really a lot more well-favored than you may be now.
You are very intelligent. You know therefore considerably in relation to this matter, produced me in my opinion imagine it from a lot of
varied angles. Its like men and women don’t seem to be interested unless
it’s something to do with Girl gaga! Your personal stuffs excellent.
At all times take care of it up!
Hi, I want to subscribe for this web site to get newest updates, thus where can i do it please help.