Security & Fraud

Bangladesh Central Bank Won’t Sue The NY Fed, SWIFT Over $81 Million Hack

It looks like after all the Sturm und Drang, Bangladesh’s central bank will not take action against the Federal Reserve Bank of New York and SWIFT network over the $81 million theft it suffered earlier this year. Instead, the bank confirms that it will be working with the Fed in an attempt to get back some of the funds purloined by cybercriminals.

“At the moment we have no plan to go for any legal action against the Fed bank or SWIFT; rather we will seek their assistance,” Subhankar Saha, the spokesman for Bangladesh Bank, told Reuters.

A month ago the information out of Bangladesh was breaking in a different direction. Insiders were telling news outlets that a lawsuit was being prepared wherein Bangladesh would look to the NY Fed for financial compensation for their loss. At the time, Bangladeshi banking officials were alleging that errors made by the Fed and SWIFT had made Bangladesh’s central bank vulnerable to the attack that looted it in February.

“We only assessed different options, including the legal [option],” Saha said on Tuesday. “We look forward to cooperation both from the Fed and SWIFT.”

Officials from the Fed and Bangladesh Finance Minister Abul Maal Abdul Muhith both had no immediate comment to offer on the matter.

The shift seems to have come as a result of meetings between officials of both the Bangladesh Bank, the New York Fed and SWIFT in New York last week. Putting additional pressure on the officials from Bangladesh, the New York Fed last week published its standard contract with correspondent banks, which spells out that the burden of preventing and reporting breaches lies largely with the correspondent bank.

Officially, Saha claims there was no link between the decision not to pursue a lawsuit and the contract. “We were assessing options, and we prefer cooperation,” he said.

So far, progress on recovering funds has been limited since it seems much of it has been laundered through casinos in the Philippines.

According to reports, the Bangladesh Bank did not know it had been hacked for some time – and only informed the Fed 48 hours after the funds had been sent. And since that notice came over a weekend in New York, the Fed took an additional two days to take action. This is important because the Fed requires “reasonable notice” to stop or block transactions. Reports also indicate that the Fed had tried and failed to cancel the payments before it had informed the Bangladesh Bank of its efforts.


Featured PYMNTS Study:

More than 63 percent of merchant service providers (MSPs) want to overhaul their core payment processing systems so they can up their value-added services (VAS) game. It’s tough, though, since many of these systems date back to the pre-digital era. In the January 2020 Optimizing Merchant Services Playbook, PYMNTS unpacks what 200 MSPs say is key to delivering the VAS agenda that is critical to their success.

Click to comment