Even the best bank systems, processes, and internal controls are useless if the theft is done from inside.
Just take a look at what happened in the case of the Bank of Bangladesh and the Federal Reserve Bank of New York.
The instructions to pay $81 million sent out from the Bangladesh central bank were valid and were fully authenticated by SWIFT or the Society for Worldwide Interbank Financial Telecommunications, which is the member-owned global communication network that facilitates secure international exchange of payment instructions between banks, central banks, multinational corporations, and major securities firms.
The Federal Reserve Bank of New York, where the Bank of Bangladesh held its account, also had security measures in place. It required handprints, access codes, which curiously, the thieves had on hand. Then there were the three big American banks that were used to transfer the money to RCBC through SWIFT.
According to a report by Rappler.com, on Feb. 4, a SWIFT code was sent to RCBC ordering an inward remittance of $81 million to the Philippines from the account of Bangladesh Bank in downtown Manhattan.
It was found out that unknown cyber criminals hacked the computer systems of Bangladesh Bank, attempting to steal a total of $951 million from its account at the Federal Reserve Bank of New York. Most of the attempted transfers were blocked by the New York bank, but $81 million was transferred to five fake RCBC accounts in the Philippines, using the SWIFT system, the same report said.
But SWIFT, through Alain Raes who is chief executive for SWIFT Asia Pacific, Europe, Middle East, and Africa, said it was not at fault nor was its system breached, emphasizing that member-banks are responsible for ensuring the safety of all of their transactions.
It took the Bangladesh central bank days to find out that their money was stolen and days to inform their finance minister who had been quoted as saying it was “100 percent” an inside job.
In a news report by Agence France-Presse, the Bangladesh finance minister has accused central bank officials of being responsible for the theft. A.M.A. Muhith said the Federal Reserve Bank of New York, where Bangladesh Bank’s account was held, requires handprints and other biometric information from central bank officials to activate transactions. In this case, the handprints of six different persons were needed to be placed sequentially on a plate.
Muhith, according to the same report, said that the official explanation that the action against the hackers were delayed because the theft took place on a Friday when the bank is closed was totally implausible. The central bank governor and his two deputies have since then lost their jobs.
According to analysts, the global banking system’s security was not compromised in the $81M theft of Bangladesh funds, confirming the position of SWIFT.
They said it also appears that the Bangladesh central bank was too slow to act. It merely sent a request for RCBC to keep the funds from being withdrawn, not a freeze or hold order. Also, the Bank of Bangladesh never called RCBC nor did it send a clarificatory message as to why the transactions were “doubtful” and possibly against anti-money laundering laws.
As to RCBC, as already mentioned, it appears that their systems and processes are no different from those of other banks. Unfortunately, there were bank officials and employees, specifically those in RCBC’s Jupiter Makati branch, who were determined to see this theft through. In fact, they were informed of the request to hold the funds, but still they allowed the money to be withdrawn.
It was easy for these branch officials and employees to say that they were just following instructions from above, or that the main office could not have known of such a huge transaction, or that the system was to blame, but at the end of the day, the ugly truth is that they made the money laundering happen.
PA cancellation sought
Former Iloilo Rep. Rolex Suplico has asked the National Telecommuniciations Commission (NTC) to cancel the provisional authorities and to take back the telecom frequencies that have been assigned to three companies.
Suplico has petitioned the NTC to revoke the 700 Mhz frequencies assigned to Wi-tribe, Inc. (WTTI), Hi Frequency Telecommunication Inc. (HFTI), and New Century Telecoms for having been unutilized for years, in violation of the conditions contained in the PAs granted to them.
The said PAs, he emphasized, required these companies to commence deployment of the first year of the roll-out within nine months and to launch commercial operations within 12 months from date of frequency assignment.
Suplico pointed out that as per their respective legislative franchises, they were supposed to commence operations within five years from effectivity thereof, and that NTC Memorandum Cicular No. 3-3-96 mandates that the NTC should review frequency assignments periodically and can recall frequencies assigned to private networks if they remain unused for at least one year.
He said that since respondents have violated the conditions of their PAs and frequency assignments, these should be recalled, cancelled or otherwise revoked.
The 700 MHz band has been much sought after for 4G or long term evolution (LTE) deployment around the world due to its efficiency, higher penetration inside buildings, and wider coverage, reducing the number of towers required for setting up LTE networks as well as the capital expenditure involved in rolling-out and operating said networks.
Suplico has also urged the NTC to reallocate the 700 MHz frequencies held by these three companies to existing telcos which are in a position to effectively and efficiently utilize these frequencies.
Suplico, a party-list candidate under Abyan Ilonggo, said that one of their core programs is to increase internet speed in the country, noting that the utilization of the 700 MHz for broadband provides a solution for this problem.
The government attempted to establish a national broadband network to improve telecommunications service but this was shelved due to allegations of corruption in the awarding of the $329 million contract to Chinese firm ZTE.
Both Globe Telecom and the PLDT group have been asking the NTC to reallocate the said 700 MHz frequencies to them to allow them to improve internet speeds.
Rule of law
The ASEAN Law Association has passed a resolution calling for an amicable resolution of issues in the region through the rule of law, during its annual governing council meeting last April 2 in Vietnam, according to ALA president Avelino “Ave” Cruz.
ALA is the designated affiliate for law under the ASEAN Charter of 2007 and in 2009, ASEAN Secretary General Surin Pitsuwan had asked for ALA to fulfill the role of legal counsel.
At the April 2 meeting, the body approved a proposal to amend the ALA Constitution to include the link between ASEAN and ALA for that purpose, subject to clearance by the present Sec Gen Le Loung Minh.
Meanwhile, the compromise resolution was reached following Vietnam National Committee’s call for a strong resolution by ALA against possible transgressions of international law in the South China Sea.
ALA Philippine National Committee chairman and former Supreme Court Chief Justice Artemio Panganiban said a compromise was reached after Brunei and other national committees cautioned against ALA politicizing its actions beyond the scope of its constitution. Also during the meeting, former senator Edgardo Angara, ALA founding president, suggested for the group to conduct a study of all legal issues undertaken in the deliberation.
ALA’s current officers, other than the president and secretary general, are the national committee chair of the 10 countries. These include six incumbent ASEAN Chief Justices, with Philippine SC Chief Justice Lourdes Sereno being a leading member of the ALA Governing Council.
ALA chairman for legal information Atty. Michael Toledo said that ALA has successfully bound together the legal community of the ASEAN to include high court judges, legal luminaries, and members of the academe.
For comments, e-mail at philstarhiddenagenda@yahoo.com