DHAKA (Reuters) - Bangladesh’s central bank chief will meet the head of the Federal Reserve Bank of New York and a senior executive from global financial messaging service SWIFT next week to seek the recovery of about $81 million stolen by hackers, officials in Dhaka said.
Two Bangladesh Bank officials said the bank believed both the New York Fed and SWIFT bore some responsibility for the February cyber heist. The officials spoke on condition of anonymity since they were not authorized to brief the media.
The bank’s governor Fazle Kabir, New York Fed President William Dudley and a SWIFT representative will meet in Basel, Switzerland around May 10, they and another person briefed by the central bank said. It was not immediately clear who would represent SWIFT.
Spokeswomen for SWIFT and the New York Fed declined comment.
Hackers tried to steal nearly $1 billion from Bangladesh Bank’s settlement account at the New York Fed in early February by sending fraudulent transfer orders through SWIFT.
Of the 35 transfer orders sent, 30 were blocked. Four transfers to a Philippine bank for a total of $81 million went through while a $20 million transfer to a Sri Lankan company was reversed because the hackers mis-spelled the name of the firm.
”There is a responsibility the New York Fed has to accept,“ said one of the Bangladesh Bank officials. ”If you stopped 30 transactions, why did you not stop the others?
“SWIFT also bears responsibility,” the official said. “It’s supposed to be a closed system. Now you have seen they have disclosed that there have been attacks previously on its software.”
A potential lawsuit by Bangladesh Bank would probably fail in the United States unless it could marshal more evidence than is currently public to show negligence by the New York Fed or SWIFT, said William Black, a professor of economics and law at the University of Missouri-Kansas City.
A U.S. court would look to any contracts that Bangladesh Bank had with the New York Fed or SWIFT, and those contracts most likely require only “due care” to prevent such a hack, Black said.
Citing news reports that the hackers sent the correct codes to the New York Fed to authenticate their requests, Black said that would seem to meet the legal standard for taking due care to protect the money, Black said.
The New York Fed could also try to put a stop to a lawsuit by arguing that it has sovereign immunity as an arm of the U.S. government, but that question would need to be decided by a judge, Black said.
Last week, SWIFT acknowledged that the Bangladesh Bank attack was not an isolated incident but one of several recent criminal schemes that aimed to take advantage of the global messaging platform used by about 11,000 financial institutions.
The other Bangladesh Bank official said lawyers would be present at the meeting. Ajmalul Hussain, a Dhaka-based lawyer hired by the central bank to help it retrieve the funds, could not be reached for comment. His office said he was out of the country.
It was not immediately known if Bangladesh Bank had retained any U.S. or European law firm to help recover the money.
However the bank said in an internal report in March it was considering “preparing the ground to make a legitimate claim for the loss of funds” against the New York Fed “through a legal process.”
Both central bank officials said Kabir, the governor, would be accompanied by an official from the accounts and budgeting department on the trip to Basel and would seek the recovery of the stolen funds.
Basel is the headquarters of the Bank for International Settlements, a group of major central banks. Central bankers from several countries will meet there next week, according to the bank.
The stolen $81 million was sent to a bank in the Philippines and quickly passed on to casinos and casino agents. Most of it remains missing. However, one junket operator has returned about $15 million to authorities in Manila.
One of the Bangladesh Bank officials expressed confidence that there would be a resolution to the dispute soon, though he didn’t provide any evidence for the optimism.
Additional reporting by Jim Finkle, Jonathan Spicer and David Ingram; Editing by Raju Gopalakrishnan and Brian Thevenot