Bangladesh yesterday filed a case in New York’s southern district court against the Rizal Commercial Banking Corporation (RCBC) of the Philippines over the heist of USD 81 million from Bangladesh Bank is (BB) reserves. Abu Hena Mohammed Raji Hasan, head of the Bangladesh Finance Intelligence Unit (BIFU) of Bangladesh Bank, told The Independent that the case was filed in the New York court accusing the RCBC and the casinos and others involved in the heist.
Hasan said details of the case filing will be shared with the media at a press briefing on Sunday. The money of Bangladesh’s central bank was kept in the Federal Reserve Bank of New York. Unidentified hackers, with possible ties to North Korea, stole $101 million from Bangladesh’s central bank account with the Federal Reserve Bank of New York by using fake orders on the SWIFT payments system in February 2016. Of the stolen money, $81 million was transferred to the Rizal Commercial Banking Corporation (RCBC) of the Philippines.
The Philippines Daily Inquirer reported yesterday (Friday) that the RCBC hired the US law firm of Quinn Emanuel for its defense against the Bangladesh lawsuit.
When asked about the RCBC’s hiring of legal counsel, BB official Raji Hasan said: “It’s a legal battle. They are entitled to hire a law firm.”
The RCBC’s lead attorney in the case, Tai-Heng Cheng, a partner at the firm’s New York office, told the Daily Inquirer: “This is nothing more than a thinly veiled PR (public relations) campaign disguised as a lawsuit. Based on what we have heard, this suit is completely baseless. If BB was serious about recovering the money, they would have pursued their claims three years ago and not wait until days before the statute of limitations. Not only are the allegations false, they don’t have the right to file here since none of the defendants are in the US.”
In 2016, USD 81 million in dirty money stolen by hackers from Bangladesh Bank slipped into the RCBC’s branch on Jupiter St. in Makati City, quickly withdrawn, and eventually laundered through local casinos. The $81-million Bangladesh Bank heist had attracted international attention.
Following an investigation by the Philippines Department of Justice, Makati City Regional Trial Court (RTC) last year convicted ex-RCBC manager Maia Deguito of money laundering over the 2016 Bangladesh Bank heist and sentenced her to 4 to 7 years in prison for each of the 8 counts of money laundering. She was also ordered to pay $109 million in penalties.
The probe revealed that funds stolen from Bangladesh’s central bank were converted to Philippine pesos and distributed to junket operators and casinos. The money was deposited to foreign currency accounts of RCBC, which passed it on to Philrem Service Corporation for conversion and distribution. In 2017, the Philippines Department of Justice cleared Philrem executives, leaving Deguito to face the charges.
So far, Bangladesh has been able to retrieve $15 million from the Philippines. Another $20 million sent to a bank in Sri Lanka has also been recovered.
Meanwhile, the Criminal Investigation Department (CID) of police in Bangladesh, entrusted with probing the $101 million cyber heist, has been asked to submit its probe report on the case to the court by February 10.
Metropolitan Magistrate Sadbir Yeasir Ahsan Chowdhury passed the order after the investigation officer of the case failed to submit the probe report.
The central bank had initiated the case with Motijheel Police Station in February, 2016 after the hacking incident. The CID was given the charge of investigating the case filed under the Money Laundering Prevention Act and the ICT Act. The police investigating the cyber heist, however, failed to submit a report to the court for the 25th time since the case was filed.
Former Bangladesh Bank Governor Mohammed Farashuddin had told reporters that the attackers had exploited vulnerabilities in the central bank’s information security defenses. “The probe committee came to the conclusion that the heist was essentially committed by external elements,” he added.
Talking to media, RCBC attorney Cheng said the defense panel would show that this lawsuit was “nothing more than a political stunt by the Bangladesh central bank to try and shift the blame from themselves to
“A review of the facts shows that BB’s errors, omissions and lapses in security protocols are the cause of its loss. We believe it is telling that they have concealed information from their own investigation and despite admitting their own culpability, continue to try to blame others,” the legal counsel said.
In the biggest bank robbery of recent times, unidentified hackers gained access to the SWIFT codes of Bangladesh Bank employees and used them to send more than three dozen fraudulent money transfer requests to the Federal Reserve Bank of New York on February 4, 2016. They then requested the bank to transfer millions of dollars of BB funds to bank accounts in Sri Lanka, the Philippines and other parts of Asia.
The hackers were successful in getting USD 81 million transferred to the Rizal Commercial Banking Corporation in the Philippines through four different transfer requests and an additional USD 20 million to Pan Asia Banking in a single request. The USD 81 million was deposited in four accounts at a Rizal branch in Manila on the 4th of February.
Fortunately, BB was able to stop USD 850 million in 30 transactions before it was too late.