Tulod, Byron Jon Sept 24, 2016

2016400264, 2B, Banking Laws Atty. Cabaneiro

2016 Bangladesh Bank Robbery: Wake-up Call for Philippine Banks

The 2016 Bangladesh Bank Heist was certainly an unconventional heist as it was
perpetrated by unmasked robbers with no guns and large sacks were not necessary to
consummate the idea of the crime of robbery – to steal money. In February 2016, a group of
hackers tried to steal almost $1 billion from the Federal Reserve Bank of New York, out of an
account Bangladesh uses for international settlements. The thieves got away with $81 million,
and it’s probably one of the biggest heists in history in which the Philippines found itself to be a
part thereof. As a result, it served as an expensive wake-up call for all banks in the country.

For a brief background, the crime was done on February 2016 when unknown hackers
took advantage of SWIFT, which stands for the Society for Worldwide Interbank Financial
Telecommunication and is a consortium that operates a trusted and closed computer network for
communication between member banks around the world. The hackers used SWIFT credentials
of Bangladesh Central Bank employees to send more than three dozen fraudulent money transfer
requests to the Federal Reserve Bank of New York asking the bank to transfer millions of the
Bangladesh Bank’s funds to bank accounts in the Philippines, Sri Lanka and other parts of Asia. 1

The hackers managed to get $81 million sent to Rizal Commercial Banking Corporation
in the Philippines via four different transfer requests and an additional $20 million sent to Pan
Asia Banking in a single request. But the Bangladesh Bank managed to halt $850 million in
other transactions. The $81 million was deposited into four accounts at a Rizal branch in Manila
on Feb. 4. These accounts had all been opened a year earlier in May 2015, but had been inactive
with just $500 sitting in them until the stolen funds arrived in February this year, according to
Reuters.2

As to how the hackers perfected the crime, news reports have indicated that insiders
might have cooperated and provided the credentials to the hackers. Other reports indicate that lax
computer security practices at Bangladesh Bank were to blame: the bank reportedly didn’t have
firewalls installed on its networks, raising the possibility that hackers may have breached the
network and found the credentials stored on the system.3

Currently, the National Bureau of Investigators (NBI) is probing the incident in an effort
to uncover who made off with the $81 million stolen from Bangladesh Bank. In recent news
report published in The Philippine Star on August 6, as well, it stated that “Bangko Sentral ng

1
That Insane, $81M Bangladesh Bank Heist? Here’s What We Know, retrieved September 24, 2016 from
https://www.wired.com/2016/05/insane-81m-bangladesh-bank-heist-heres-know/

2
Ibid
3
Ibid
Pilipinas (BSP) has slapped a record P1 billion fine on Rizal Commercial Banking Corp.
(RCBC) for its role in the theft of $81 million from the account of the Bangladesh government in
the Federal Reserve Bank of New York.”4

The BSP decision came in the midst of pressure calling for the return of the stolen
amount. An earlier report published in The Philippine Star indicated that Bangladesh officials
visited Manila to pressure authorities in the Philippines to find ways for Bangladesh to fully
recover the amount.5

The Philippine Star’s editorial “Give them back their money” (Aug. 3) stated that
“proposal to ease bank secrecy laws to deter money laundering is expected to face stiff
opposition…But the government can speed up action on the request of the Bangladeshis for the
return of the stolen funds. It’s their money and they deserve to get it back, ASAP.”6

The announcement of the hefty P1 billion fine is definitely a wakeup call for all banks to
initiate reforms and strengthen control systems in their respective operations. Furthermore, the
need to tighten banking regulation is highlighted. Whether this will hasten the return of the stolen
money is something we have to watch in the coming weeks or months.7

4
An expensive wake-up call, retrieved September 24, 2016 from
http://www.philstar.com/business/2016/08/16/1613779/expensive-wake-call
5
Ibid
6
Ibid
7
Ibid