BB reserve heist: 10 central bank officials among 70 suspects
Nearly a decade after the Bangladesh Bank (BB) reserve heist stunned the world, investigators say they have identified 65 to 70 suspects across seven countries and are now preparing to submit the charge sheet soon.
Among those implicated are about 10 officials of the central bank, according to the Criminal Investigation Department (CID) under Bangladesh Police.
For all latest news, follow The Daily Star's Google News channel. “The long-running probe is now in its final stage,” Al Mamun, the investigation officer and an additional superintendent of police, told The Daily Star.
“We are now preparing the draft charge sheet and hope to submit it soon,” he said.
The development comes after years of delays. Over the past 10 years, the investigation officer has been changed four times, and the submission of the probe report has been deferred more than 86 times.
On February 4, 2016, hackers broke into the BB’s systems and issued 70 fake payment instructions to the Federal Reserve Bank of New York, seeking to withdraw nearly $1.94 billion.
Most of the transactions were blocked by the Fed’s security system. But five slipped through, resulting in the release of $101 million.
Of that amount, $81 million was transferred to accounts at Rizal Commercial Banking Corporation in the Philippines. Another $20 million was sent to Sri Lanka, but was recovered after a spelling error in the transfer request raised red flags.
On March 15, 2016, a case was filed by then BB Deputy Director Zobayer Bin Huda with Motijheel Police Station. The investigation was later handed over to the CID.
So far, Bangladesh has recovered $14.66 million from the Philippines.
On condition of anonymity, a senior CID official said the recovery process has proved complex because the funds were not returned through the same banking channels used for the transfers, complicating legal proceedings.
INTERNATIONAL TRAIL, NEW LEADS
Investigators say the probe gained pace last year after authorities received a report from a US intelligence agency through the Mutual Legal Assistance Request (MLAR) process.
The information helped identify several foreign suspects.
“Without getting information from those countries, it was not possible to complete the investigation properly. Due to delays in receiving responses to the MLAR requests, the investigation took longer,” said Additional SP Mamun.
CID officials say they have gathered information from authorities in China and the Philippines as well.
On September 18 last year, a Dhaka court ordered the seizure of funds from Rizal Commercial Banking Corporation as part of the ongoing investigation.
Investigators said they have traced the laundering of the stolen funds across the Philippines, Japan, North Korea, Sri Lanka, India and China.
They say around 30 individuals and seven companies in the Philippines were linked to the laundering process.
According to investigators, Philippine businessman Kam Sin Wong has been identified as a central figure in the network. Wong allegedly hired North Korean hacker Park Jin Hyok, believed to be associated with the state-backed Lazarus Group, also known as APT38.
The hackers allegedly sent malware-infected links to BB officials by email, gaining access to internal systems and initiating fraudulent SWIFT transactions.
Funds were routed through several intermediaries before being channelled into casinos, including Solaire Resort and Casino and Midas Hotel and Casino. Other entities identified in the laundering chain include Philrem Service Corporation, Centurytex Trading, ABBA Currency Exchange Inc and Beacon Currency Exchange Inc.
In Sri Lanka, investigators traced the attempted $20 million transfer to an account at Pan Asia Bank in Colombo belonging to the Shalika Foundation, led by Hegoda Gamage Shalika Perera.
The transaction failed after the word “foundation” was misspelt, alerting authorities and preventing the funds from being withdrawn.
CID officials say eight individuals and institutions in Sri Lanka have been linked to that attempted transfer.
SCRUTINY OF CENTRAL BANK LAPSES
Investigators are also examining possible lapses within the central bank.
They are reviewing why the Real Time Gross Settlement (RTGS) system was connected directly to the SWIFT network without adequate risk assessment.
They are also looking into the approval process that allowed the SWIFT server used to manage foreign reserves to be linked with the RTGS system under the then-governor Atiur Rahman.
Some BB officials allegedly downloaded malware-infected files without verifying their source, while others are suspected of removing technical evidence after the breach came to light.
CID officials say these issues will be detailed in the charge sheet.
Comments