Manila, Philippines (BBN) – SWIFT, a global financial messaging network, has claimed it was not at fault in the remittance of the stolen $81-million Bangladesh Bank funds to the Philippines, as its system was not breached.
“We have very strong certainty that our system has never been compromised. We are very sure that there is no breach at all in the network,” Alain Raes, chief executive for SWIFT Asia Pacific as well as Europe, Middle East and Africa, said in a media briefing in Makati City on Thursday, reports rappler.com.
Raes added member-banks are responsible for ensuring the safety of all of their transactions.
“We need to differentiate the responsibility of SWIFT and the responsibility of banks. It is the responsibility of the banks [to ensure] there is nothing wrong going on in their part of the chain,” Raes said.
On February 4, a SWIFT code was sent to the Rizal Commercial Banking Corporation (RCBC), ordering an inward remittance of $81 million to the Philippines from the account of Bangladesh Bank in downtown Manhattan.
It was found out that unknown cyber criminals hacked the computer systems of Bangladesh Bank, attempting to steal a total of $951 million from its account at the Federal Reserve Bank of New York.
Most of the attempted transfers were blocked by the New York bank, but $81 million was transferred to five fake RCBC accounts in the Philippines, using the SWIFT system.
Raes said that SWIFT is only responsible for informing their clients of all the transactions, as well as the security measures it undertakes.
“It is our responsibility to make sure that everyone is informed in the reality of security,” he said.
“There is a certain number of investigations undertaken by local authorities in Bangladesh and it is really up to their responsibility in this investigation. We leave these to the authorities to continue the investigation,” Raes added.
Business as usual
For SWIFT, it’s business as usual despite the fallout surrounding the $81-million bank heist.
“We tend to treat every single transaction the same way. They’re all important to us. We will have the same principles of security,” Raes said.
Even with the money laundering scandal, Raes said they still expect that transactions of Philippine banks would grow further.
“There are 45,000 transactions [under the SWIFT system] going from the Filipino banks to the rest of the world, which yearly grows 15 per cent,” he said.
“Asia is really becoming the fastest engine of growth of the company. In the coming years, [the Philippines is expected to be] one of the largest parts of the business.”
On the other hand, BBN adds a high-profile SWIFT team has already checked as follow-up actions recommended by its experts for repairing the BB’s international transaction system wrecked by hackers.
The two-member SWIFT team, headed by its Managing Director for Asia-Pacific Eddie Haddad, met the newly appointed BB Governor, Fazle Kabir, on April last, according to the central bank officials.
They also said the SWIFT team also met officials concerned of the central bank as well as investigators on the cyber heist that occurred early last February.
Earlier in middle of March, another two-member expert team of SWIFT had scanned its network at the central bank of Bangladesh to find out any clue about the hacked BB system.
The SWIFT (the Society for Worldwide Interbank Financial Telecommunication) expert team had also collected information on overall cyber-security system including ‘Back Office’ under Accounts and Budgeting Department of the central bank, they added.
The SWIFT expert team in its initial report recommended the authorities concerned of the central bank for upgrading the BB’s SWIFT network to prevent the recurrence of such incident.
SWIFT provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardised and reliable environment.
An IT (information technology) forensic expert team earlier had indentified that sophisticated malware was deployed by the attackers on the SWIFT servers to process and authorise SWIFT transactions.
Cybercriminals sent 35 orders, via the SWIFT financial messaging system, to transfer roughly $951 million out of the BB’s account in the New York Fed on February 4 night to a series of private accounts in other countries.
The Fed executed five of these orders, transferring a total of $101 million to four private accounts in the Philippines and one to the account of a non-governmental organisation in Sri Lanka.
It did not carry out the remaining 30 transfer orders, totaling $850 million, and instead sought reconfirmation from the BB.