MANILA – The Rizal Commercial Banking Corporation (RCBC) has demanded Bangladesh central bank (BB) to release the results of its internal probe on the $81 million heist allegedly stolen from the New York Federal Reserve.
In a statement Tuesday, RCBC said it already revealed everything it legally could to the Senate and its regulator, the Bangko Sentral ng Pilipinas (BSP), and yet the Bangladesh Bank has yet to bare results of its investigation.
RCBC cited BB’s refusal to release investigation results as suspicious after the New York Fed and the Philippine government asked for the findings, RCBC’s head of legal affairs Atty. George Dela Cuesta said.
“For as long as BB refuses to cooperate with global efforts to find out what happened, this suspicion will linger,” he said.
“RCBC asks Bangladesh Bank to stop making RCBC its scapegoat,” he added.
BB's demands for RCBC to return the amount was deemed “factually and legally baseless,” Dela Cuesta added.
"If it was stolen by your own people, why ask us? We are actually a victim of BB's negligence,” he said.
Instead of releasing the result, the BB has been coming out with empty sound bites like "wiping out RCBC" which, coming from a Bangladeshi finance minister, was "extremely irresponsible," RCBC said.
At least five reports including SWIFT, FireEye, a cyber security outfit, the Bangladesh finance minister, a government-appointed panel, and a Bangladeshi expert all pointed out to a conclusion that a “malicious insider” would have made the heist possible, RCBC said.
RCBC urged BB to clarify inquiries pertaining to the heist including the report that BB had no firewall to protect its system and used second-hand $10 switches, making itself vulnerable to hackers. In January, the hackers also did trial runs but apparently BB did nothing to protect its system.
"Bangladesh police investigated some BB people but only for negligence. Up to now, we do not know if anybody has been taken to court," Dela Cuesta said.
The BB belatedly requested the funds to be frozen using ordinary email message, and not a Code Red message that banks use to raise an alarm.
"This resulted in their message being bunched with thousands of ordinary messages RCBC receives from all other banks all over the world each day. Had they sent a Code Red, we would have caught it," RCBC said, adding that BB did not reach out to RCBC in any other way.
RCBC said it received the funds in February last year in good faith because they were cleared and authenticated by the New York Fed and SWIFT, whose secure communications system is used by banks all over the world for their transactions.
Three global banks -- Citibank, New York Mellon and Wells Fargo -- remitted the funds to RCBC.
"These organizations are among the most sophisticated in the world and their remittances are accepted as a matter of course,” RCBC said.