Dhaka, Bangladesh (BBN)-A Bangladeshi government-appointed committee investigating the theft of $81 million from the South Asian country’s account at the Federal Reserve Bank of New York blamed the Swift interbank messaging service for negligence but also hinted at insider involvement after handing in its final report Monday.
Mohammad Farashuddin, a former central banker who led the committee, said Swift “could not escape blame” for the breach because the secure messaging service provider had exposed Bangladesh Bank’s network to the Internet while installing equipment and software, repeating Bangladeshi claims that Swift has denied, reports The Wall Street Journal.
Speaking after submitting the committee’s final report to the Bangladeshi Finance Ministry, Mr Farashuddin also pointed to the possible complicity of central bank officials in the theft, one of the largest bank heists in history.
While submitting an interim report earlier this month, Mr Farashuddin had said his committee found no evidence of insider involvement.
On Monday, he said without elaborating that there were “some changes” regarding the possible involvement of Bangladesh Bank officials.
He didn’t elaborate, and the committee’s report hasn’t been made public.
A Swift spokeswoman declined to comment on the Bangladesh report.
Swift has previously said that Bangladesh Bank is responsible for its own internal security.
Bangladesh Bank fired two senior officials and transferred several others after the heist while the central bank chief resigned after taking moral responsibility.
No one has been arrested.
Subhankar Saha, a spokesman for Bangladesh Bank, said Monday that “if anyone within the bank is found to be involved, we will take legal action as appropriate.”
At a news conference earlier this month, Mr Farashuddin said the hacking had been carried out using malware developed in North Korea and Pakistan, citing forensic evidence.
Brussels-based Swift, whose formal name is Society for Worldwide Interbank Financial Telecommunication, has been under scrutiny since a number of breaches at customer banks came to light.
The banking industry cooperative, which provides messaging services to thousands of financial institutions world-wide, has issued a series of security alerts in recent weeks, warning customers that the Bangladesh Bank breach wasn’t an isolated incident, but “part of a wider and highly adaptive campaign targeting banks.”
The North Korean Embassy in Dhaka and its mission at the United Nations didn’t respond to requests for comment on Mr. Farashuddin’s earlier claims.
The Pakistani Embassy in Dhaka and the Pakistani Foreign Ministry didn’t respond to emails seeking comment.