On February 5, 2016, a large amount of money, about $81 million, was transferred from a Federal Reserve Bank of New York account to accounts in the Philippines and Sri Lanka.  The bank account belonged to Bangladesh Bank (the national bank of Bangladesh) and held the entire foreign cash reserve of the small country, worth several billion dollars.  (Bangladesh has seemingly come a long way since George Harrison’s famous fundraiser) 

The money was transferred via the SWIFT (Society for Worldwide Interbank Financial Telecommunication) network.  The SWIFT network is the primary means of transferring money between countries.  It allows for secure payment requests and authorizations to be sent between major banks centered in different countries.   

Hackers, including at least one employee of Bangladesh Bank were able to introduce malware into the Bangladesh Bank computer systems that allowed transfers to be made, possibly exploiting loopholes in the SWIFT system.  On Friday, February 5th messages went out authorizing transfers to banks in the Philippines and Sri Lanka.  Transfers were in process in amounts over $1 billion.  In Bangladesh it was already after business hours and into the weekend, a most dangerous time for financial institutions.  

Fortunately, the SWIFT network flagged many of these transactions for an incredible reason.  A spelling mistake!  The perps had misspelled “foundation” as “fandation”.  The error was spotted by a SWIFT member bank, and messages were flagged as potential fraud.  This error saved the Bangladesh Bank more than $850 million.  (I’ll keep that in mind the next time I post a typo in Weekend Buff)

“Only” about $101 million made it out of Bangladesh’s coffers.  Approximately $20 million was sent to Sri Lanka, but savvy investigators were able to freeze that money quickly and get it back to the Bangladesh Bank.  

The Philippines was a different story.  A Chinese-Filipino businessman was involved in receiving that money, and it was immediately moved around in a money laundering scheme.   Laundered through casino’s and other intermediaries, the money became impossible to recover.  Although a few money laundering arrests were made, most of the $81 million was lost.