DHAKA (Reuters) - Bangladesh’s central bank has hired a U.S. lawyer for a potential lawsuit against the Federal Reserve Bank of New York after hackers stole $81 million from its account with the NY Fed, according to an internal report by the Bangladesh bank.
After the report surfaced on Tuesday in the Bangladesh capital of Dhaka, U.S. Representative Carolyn Maloney called for a probe of last month’s cyber attack on Bangladesh Bank.
In one of the largest cyber heists in history, the hackers ordered the New York Fed to transfer $81 million from Bangladesh central bank funds to accounts in the Philippines.
“This brazen heist from the Bangladesh central bank’s account at the New York Fed threatens to undermine the confidence that foreign central banks have in the Federal Reserve, and in the safety and soundness of international monetary transactions,” Maloney, a New York Democrat, said in a statement.
The U.S. Federal Bureau of Investigation is helping investigate the heist, which led to the ouster of Bangladesh’s central bank governor.
Maloney also sent a letter to New York Fed President William Dudley, requesting a private meeting with bank staff to discuss the cyber fraud.
She said she wants to ask a series of questions, including whether it is appropriate to rely solely on the SWIFT global bank messaging system to authenticate outgoing payments from foreign central bank accounts.Her comments are the first sign that the attack could gain political traction in the United States. The New York Fed has faced separate political criticism since the financial crisis for missteps and perceived conflicts of interest in its role as the central bank’s top Wall Street regulator.
“We fully intend to reach out to the congresswoman and will endeavor to address her questions,” a New York Fed spokeswoman said on Tuesday.
The New York Fed, which holds the accounts of some 250 foreign central banks and governments, has previously said very little publicly about the heist, beyond a March 9 statement that the payments were made in the usual way and that there was no evidence its systems were compromised.
The office of the Fed’s Investigator General has said it is aware of the situation but has not commented on whether it will conduct its own review.
Meanwhile, Bangladesh Bank criticized the New York Fed in the incident report, which surfaced on Tuesday but was dated March 13. The report said that the New York Fed allowed five of 35 fraudulent payment instructions to go through.
“We view this as a major lapse,” Bangladesh Bank said in the report, a copy of which was obtained by Reuters.
In her letter to the New York Fed, Maloney said she wanted to know why the bank treated the 30 transfers differently than the other five.
The Bangladesh Bank interim report also said the bank was considering “preparing the ground to make a legitimate claim for the loss of funds” against the New York Fed “through a legal process.”
A source at Bangladesh Bank confirmed the authenticity of the report.
Bangladesh police and forensics experts hired by Bangladesh Bank are still collecting information from its computer systems to determine what happened.
Reporting by Serajul Quadir in Dhaka; Additional reporting by Jim Finkle in Boston, Jonathan Spicer in New York, Shihar Aneez in Colombo; Writing by Sanjeev Miglani; Editing by Gareth Jones and Cynthia Osterman
Our Standards: The Thomson Reuters Trust Principles.