Theft of $1b from BB reserve in NY attempted [ Tritiyo Matra News ]

Theft of $1b from BB reserve in NY attempted

Local March 10, 2016

Computer hacking suspects tried to steal about $1 billion from the Bangladesh Bank’s reserve through its account with the New York Federal Reserve Bank and succeeded to transfer $101 million, said central bank officials and Philippine media reports on Wednesday.
The Bangladesh Bank is now investigating both ‘internal’ and ‘external’ involvement in the money theft, they said.
Philippine newspaper Inquirer reported on Wednesday that an attempt to transfer to Philippine banking system an additional $870 million stolen by computer ‘hackers’ from the Bangladesh Bank’s account with the New York bank, was foiled in February ‘after international banks recalled an order to transfer the amount to local banks’ in the Philippines.
The attempt was made a few days after the hackers had already transferred $101 million (around Tk 808 crore) to the Philippines and Sri Lanka on February 5, the report said.
Central bank officials said that the ‘hackers’, who had managed to get the Bangladesh Bank’s password or code for transactions with the New York bank, logged in the central bank’s cyber network and sent 30 requests to the New York bank to transfer about $1 billion.
‘Five of the 30 requests, made one after another, were executed immediately resulting in the transfer of $81 million to a Philippine bank and $20 million to Sri Lanka…Had all the requests
been executed, an additional $900 million could have been stolen,’ said a central bank official.
The Bangladesh Bank could recover $20 million from Sri Lanka through its central bank which froze the amount on suspicion of money laundering, the officials said.
They said that on suspicion, the New York bank sent queries to the Bangladesh Bank about the 30 requests to transfer $1 billion (Tk 8,000 crore) to personal bank accounts and $101 million was transferred as the central bank failed to reply promptly as it was a weekend, Friday.
The Bangladesh Bank on Wednesday held a press conference where its deputy governor Abu Hena Md Razee Hasan hoped that they might recover the entire amount soon.
Governor’s IT adviser, Rakesh Ashtana, former IT director of the World Bank, said that they were now in the ‘middle point’ of the investigation into the theft.
He said that there was ‘unauthorised transactions’ and the central bank was investigating both internal and external sides.
Razee Hasan that Philippine central bank was now investigating the incident and the anti money laundering authorities of the country filed a case for freezing concerned bank accounts.
‘After the Philippine investigation, we can know the trail of the money,’ he said.
He said that the Bangladesh Bank was also investigating whether the New York bank had followed due diligence in transferring the money. ‘We will review legal aspects of all points,’ he said.
Inquirer reported on Wednesday that $81 million was transferred to the Philippines and released to local clients of Rizal Commercial Banking Corp. As with all international wire transfers, the funds were cleared through US-based correspondent banks, in this case, the New York bank, Citibank and Wells Fargo.
The local counterpart was then notified of the incoming funds using the SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging system commonly used by banks for international transactions, the report said.
The money was channelled to a foreign exchange dealer and then transferred to casinos — Solaire Resort and Casino, City of Dreams and Midas — where they were converted into chips for betting at the gaming tables, then converted back into cash and remitted to accounts in Hong Kong soon after, said the report.
It said that the head of the Rizal Commercial Banking Corp branch on Jupiter Street in Makati City where the transactions were made issued a statement to the bank’s management that top officials of the Yuchengco family-controlled bank were ‘aware of the transactions at every stage, from the very beginning to the end.’
The funds were deposited into the five bank accounts created a few months earlier and were transferred to foreign exchange broker Philrem for conversion into pesos. It was then transferred back to Rizal Commercial Banking Corp and consolidated into the bank account of a Chinese-Filipino businessman, who then moved it to the casinos, said the report.
The Chinese-Filipino businessman also took care of remitting the funds to Hong Kong after these were moved through local casinos, it said.
Soon after Rizal Commercial Banking Corp released the funds to its client, the bank received a ‘MT103’ message through the SWIFT system recalling the $81 million and ordering a stop to another $870 million in inward transfers, it mentioned.
The transfer of $870 million was stopped in time, but $81 million had already been released and, by the time authorities were alerted, had already been moved back offshore, the report said.
A representative of the Rizal Commercial Banking Corp branch manager—who has since been suspended as part of the bank’s internal investigation— alleged that the transactions had the imprimatur of top bank officials ever since the manager was ordered to open five bank accounts as early as May 2015, it said.
To support the opening of these bank accounts, the branch manager was provided with five identification documents, all of which were determined to carry fictitious identities after the controversy broke out, said the report.
The New York bank on Tuesday said that it followed normal procedures in transmitting the funds, reported Reuters.
The New York bank issued a brief statement on the incident a day after Bangladesh’s central bank disclosed the theft, saying its account at the US Federal Reserve had been hacked. The New York Fed has said there was no evidence that its systems had been compromised.
‘The payment instructions in question were fully authenticated by the SWIFT messaging system in accordance with standard authentication protocols,’ said the statement from the New York Fed, which manages accounts for some 250 central banks, governments and other institutions globally.
‘The Fed has been working with the (Bangladesh) central bank since the incident occurred, and will continue to provide assistance as appropriate,’ it said.
SWIFT, a Belgian-based provider of messaging services for banks, issued a short statement late on Tuesday saying it was looking into the case.
‘SWIFT does not comment on individual users or messages, but can confirm it is in contact with the parties concerned,’ the statement said.
‘Messages sent over SWIFT are authenticated between sending and receiving institutions. There is no indication that our network has been compromised,’ it said. SWIFT was founded as the Society for Worldwide Interbank Financial Telecommunication in 1973.
Finance minister AMA Muhith, however, on Tuesday said that Federal Reserve Bank of New York would be sued for the theft of $100 million of Bangladesh Bank’s reserve through its account with the US bank.