Bangladesh has completed nearly all the processes for filing a lawsuit in US court seeking damages over the 2016 reserve heist of its central bank.
Officials of Bangladesh Bank said that it has already appointed two law firms in the US for the lawsuit, which has to be filed before Feb 3 in line with international laws.
A government delegation led by Md. Ashadul Islam, secretary to the Financial Institutions Division of the finance ministry is already in the US to discuss the matter with the law firms, said the head of the central bank’s Financial Intelligence Unit Abu Hena Mohd Razee Hassan.
“I am flying for the US today. We hope the lawsuit can be filed within the deadline,” he told Bangla Tribune on Tuesday (Jan 8).
Hackers stole $81 million from Bangladesh Bank’s account at the New York Fed, using fraudulent orders on the SWIFT payments system.
The fund was sent to Manila-based Rizal Commercial Banking Corp (RCBC) and then disappeared into the casino industry in the Philippines.
Bangladesh has been able to retrieve only about $15 million, mostly from a casino junket operator.
Another $17 million has been traced to money remittance company Philrem. The Anti-Money Laundering Council in the Philippines has confiscated the fund and a lawsuit is ongoing.
A further $29 million has been traced to Casino Solaire, now frozen by the Philippines court in a pending case. The remaining $14 million is yet to be traced.
On Sept 6 this year, the US government alleged in a court complaint that a North Korean hacker was behind breaking into the Bangladesh Bank’s system.
Park Jin Hyok worked as part of a team of hackers, also known as the Lazarus Group, to try to breach multiple other US businesses, according to the complaint filed in the US court.
In 2016 and 2017, Park's targets included defence contractor Lockheed Martin Corp. The complaint said there was no evidence Lockheed was breached.
The US Treasury Department has imposed sanctions against Park and the Chinese-based front company he worked for, Chosun Expo.
Park has been charged and sanctioned by the US government in the 2017 global WannaCry ransomware cyberattack and the 2014 cyberassault on Sony Corp, according to US officials.
Four days later, Devprasad Devnath, an adviser to the Bangladesh Bank’s Financial Intelligence Unit, told Bangla Tribune that they were instructed by Governor Fazle Kabir to file a lawsuit in the US to recover the damages.
“The lawsuit may be filed before the general election. We have started the procedures in line with the governor’s orders,” he said then.
In the audacious bank heist, hackers tried to swindle $100 million belonging to Bangladesh from the Federal Reserve Bank of New York using forged commands through SWIFT messaging system.
The hackers siphoned off $81 million to accounts in the Philippines using five messages. Another $20 million was wired to Sri Lanka.
Though the Sri Lankan transfer was stopped successfully, the fund wired to the Philippines made its way to gambling dens, making it impossible to be recovered.
People in Bangladesh could learn about the largest cyber heist in the world through reports published in a Filipino newspaper a month after the incident.
The heist cost the then-Governor Atiur Rahman his job after he drew flak for keeping the theft under wraps. It was followed by a major overhaul of the top brass of Bangladesh’s central bank.
The Bangladesh government had commissioned a probe led by former central bank governor Mohammed Farashuddin, which filed its findings in May 2016.
The government, however, has not made it public as well as turned down Philippines’ RCBC bank’s request to share the findings with them.