One Spelling Mistake Saved Billions

According to New York Fed banking officials, a spelling error in an online bank transfer instructions helped them prevent a robbery of nearly $1bn last month which involved the Bangladesh central bank and the New York Fed. New York Fed reports that it was the spelling of ‘foundation’ as ‘fandation’ that prompted them to seek clarification and stop the transfer.

The hackers first managed to breach Bangladesh Bank’s systems and stole its credentials for payment transfers and then the Federal Reserve of New York was bombarded with more than thirty-six requests to move the money from the Bangladesh Bank's account there to the entities in the Philippines and Sri Lanka.

Bangladesh Bank has billions of dollars in a current account with the Fed, which is generally used only for international settlements. Four requests were already accepted by the bank to transfer the amount of $81m to the Philippines, but the fifth request for $20m, to a Sri Lankan non-profit organisation was seized up because the hackers misspelled the name of the NGO, Shalika Foundation. Though the spelling mistake saved $20m, the bank had already transferred $81m.

Originally, the Sri Lankan money transfer reached Pan-Asia Banking Corp, which then went back to Deutsche Bank for more affirmation considering the volume of the payment as the transaction was too large for a country like us," a Pan-Asia official said.

Spelling mistake prompted the routing bank to seek clarification from the Bangladesh central bank, as there is no NGO under the name of Shalika Foundation in the list of registered Sri Lankan non-profit organisation.

Bangladesh Bank has said it has recovered some of the money that were stolen and is working with anti-money laundering authorities in the Philippines to try to recover the rest.

A month after the crime, Bangladeshi officials are still struggling to track the money, bank up safety and identify gaps in their operations. Meanwhile, the Bangladesh government has been accusing the New York Fed for not suspecting the transactions in the initial stages only.

The cyber security experts confirming hacking of the system said that the crime was masterminded from outside Bangladesh. An internal investigation is ongoing to find loopholes. The New York Fed has said its systems were not breached, and it has been working with the Bangladesh central bank since the incident occurred. Philippines anti-money laundering authority is also working on the case.