The Bangladesh Bank wants to file the lawsuit in US court for damages over the 2016 reserve heist before the country goes to election on Dec 30, according to a central bank official familiar with the matter.
It has already completed all the processes to start the lawsuit to claim damages, which is required to be filed before Feb 3 next year in line with international laws.
A senior Bangladesh Bank official told Bangla Tribune, on condition of anonymity, that the decision to file the case before the general election was taken in September “so that it can’t be made an issue during the campaigns.” Hackers stole $81 million from Bangladesh Bank’s account at the New York Fed, using fraudulent orders on the SWIFT payments system.
The fund was sent to Manila-based Rizal Commercial Banking Corp (RCBC) and then disappeared into the casino industry in the Philippines.
Bangladesh has been able to retrieve only about $15 million, mostly from a casino junket operator.
Another $17 million has been traced to money remittance company Philrem. The Anti-Money Laundering Council in the Philippines has confiscated the fund and a lawsuit is ongoing.
A further $29 million has been traced to Casino Solaire, now frozen by the Philippines court in a pending case. The remaining $14 million is yet to be traced.
On Sept 6 this year, the US government alleged in a court complaint that a North Korean hacker was behind breaking into the Bangladesh Bank’s system.
Park Jin Hyok worked as part of a team of hackers, also known as the Lazarus Group, to try to breach multiple other US businesses, according to the complaint filed in the US court.
In 2016 and 2017, Park's targets included defence contractor Lockheed Martin Corp. The complaint said there was no evidence Lockheed was breached.
The US Treasury Department has imposed sanctions against Park and the Chinese-based front company he worked for, Chosun Expo.
Park has been charged and sanctioned by the US government in the 2017 global WannaCry ransomware cyberattack and the 2014 cyberassault on Sony Corp, according to US officials.
Four days later, Devprasad Devnath, an adviser to the Bangladesh Bank’s Financial Intelligence Unit, told Bangla Tribune that they were instructed by Governor Fazle Kabir to file a lawsuit in the US to recover the damages.
“The lawsuit may be filed before the general election. We have started the procedures in line with the governor’s orders,” he said then.
In the audacious bank heist, hackers tried to swindle $100 million belonging to Bangladesh from the Federal Reserve Bank of New York using forged commands through SWIFT messaging system.
The hackers siphoned off $81 million to accounts in the Philippines using five messages. Another $20 million was wired to Sri Lanka.
Though the Sri Lankan transfer was stopped successfully, the fund wired to the Philippines made its way to gambling dens, making it impossible to be recovered.
People in Bangladesh could learn about the largest cyber heist in the world through reports published in a Filipino newspaper a month after the incident.
The heist cost the then-Governor Atiur Rahman his job after he drew flak for keeping the theft under wraps. It was followed by a major overhaul of the top brass of Bangladesh’s central bank.
The Bangladesh government had commissioned a probe led by former central bank governor Mohammed Farashuddin, which filed its findings in May 2016.
The government, however, has not made it public as well as turned down Philippines’ RCBC bank’s request to share the findings with them.