The Philippines' Rizal Commercial Banking Corporation (RCBC) branch manager Maia Santos-Deguito -- gatekeeper of the $81 million suspected to have been stolen by hackers from the Bangladesh central bank -- expected the big inflow and facilitated its speedy withdrawal, says an RCBC internal report.
Apparently, she did it with some help from her own branch, according to the report, which was submitted to the Philippine's Anti-Money Laundering Council (AMLC) dated March 14.
The RCBC report suggests that Deguito had vouched for the transaction, hastily processed the withdrawal of the money while intimating to other staff members in the branch on Jupiter Street in Makati City that she feared for her life and for her family.
During a senate hearing yesterday, it was revealed that the RCBC allowed the withdrawal of the bulk of the funds despite having received an order from its counterpart banks abroad to stop the payment.
The $81-million money laundering activity has rocked several local banks and put into question the efficacy of the Philippines' laws to guard against the entry of dirty funds.
At the hearing, Senator Teofisto “TG” Guingona III said that after receiving the suspicious funds on Feb 5, the RCBC received a “stop payment” order from the Federal Bank of New York at 5:00pm of Feb 8 -- a banking holiday in the country because of the Chinese New Year celebrations.
“The stop payment order was received by your bank, February 8, 2016,” he told RCBC president and CEO Lorenzo Tan. “On the morning of February 9, the first banking day, you should have seen the stop payment request. But apparently it was not honoured because the funds were withdrawn. All the funds were withdrawn.”
Guingona further pointed to documents filed by the Anti-Money Laundering Council with the courts noting that RCBC “responded to the Bangladesh Bank's stop payment request at 7:45pm of February 9.”
“That was the end of the day already,” Guingona said. “Would you care to explain why the stop payment request -- which should have been honoured at the very start of the banking day -- was not honoured?”
To this query, the RCBC chief invoked the Bank Secrecy Law and declined to reveal specific details about the transaction, but offered an explanation of general procedures pointing to the responsibility of the branch manager to execute the stop payment order.
Deguito, the branch manager, too, invoked the Bank Secrecy Law, telling senators that she was willing to answer questions only in a closed-door executive session, because she has become the subject of a complaint filed by the AMLC against her, and that anything she would say in public could be held against her.
According to the RCBC report submitted to AMLC, on February 5 or the day the $81 million was wired to the accounts of Jessie Christopher Lagrosas ($30 million), Alfred Vergara ($19.999 million), Enrico Vasquez ($25 million) and Michael Cruz ($6 million), Deguito “facilitated the opening of the account of businessman William S. Go DBA Centurytex Trading at Jupiter BC,” said the report submitted to the AMLC.
This was the same account that Go vehemently denied, instead pointing to Deguito as part of the money laundering conspiracy.
Go claimed that Deguito had admitted to him that she had opened the account herself and offered P10 million if he would go along with the scheme, allegations that Deguito denied.
The $81 million was credited to the four accounts via a straight-through-process after the transactions passed validation criteria.
On the same day, a cash withdrawal from Lagrosas' account amounting to $22.73 million was made and deposited in the newly opened Go account. “William Go” transferred a total of $14.7 million to the account of remittance firm Philrem.
The report noted that all debit documents -- Lagrosas' withdrawal slip, fund transfer forms and managers check applications of “William Go”-- had no signatures of clients.
A hold-out order on all four accounts and the Go account was posted at 6:45pm to 7:04pm.
“ [A] series of phone calls among district sales head Nestor Pineda, regional sales head Briggite Capina, Jupiter BM (business manager) Maia Deguito and outgoing RBG (retail banking group) head Raul Tan transpired.
“In these conversations, Deguito assured [us] that the clients were long-standing clients of hers, and she expected these funds since last year and the documents were in order,” the report said.
The hold-out order was lifted by the bank past 7:00pm that Friday, after which the bank paused for a long weekend break. The following Monday (Feb 8) was a nonworking holiday in observance of the Chinese Lunar New Year.
MESSAGE FROM BANGLADESH
By Feb 9, RCBC received a message from Bangladesh Bank requesting a stop in payment and to freeze the beneficiaries' accounts for proper investigation. That same day, withdrawals from the four accounts totalling $58.15 million were processed by the Jupiter branch.
Before lunchtime, RCBC Settlements Department sent four e-mails to the Jupiter branch on the recall of the funds.
“However, BM (branch manager) Maia showed him the Feb 5 e-mail of Ms Capina that [the] accounts were OK to credit. Meanwhile, all the withdrawals and fund transfers were being processed by CSA (customer service assistant) teller Reymart Marbella and approved/overridden by SCRO (senior customer relationship officer) Angela Torres,” the report said.
The assistance given by Marbella and Torres has been seen as an indication that apart from Deguito, the entire branch may have been compromised.
WITHDRAW RATHER THAN DIE
“In subsequent interviews, both CSH (customer service head) and SCRO said that BM Deguito told them that she would rather process withdrawals 'kaysa mamatay siya at ang pamilya niya' [instead of she and her family being killed],” the report said.
Deguito herself facilitated the opening of the four US dollar accounts that received the suspicious remittance, which turned out be part of large funds stolen by computer hackers from the account of Bank of Bangladesh with the Federal Reserve Bank of New York.
She claims having done due diligence on these customers in line with mandatory know-your-client rule, but except for the William Go account, the addresses have turned out to be fictitious.
In the suit against Dequito, AMLC investigators claimed that the branch manager knew that $81 million deposited in her branch had been stolen from the Bangladesh central bank but she still allowed the money to be withdrawn by fictitious account holders.
AMLC investigators made this allegation in a complaint against Deguito and four John Does.
“Not only did respondent Deguito fail to verify the identifies of the respondents within nine months from the time the accounts were opened, she even allowed respondent John Does to withdraw money stolen from Bangladesh Bank,” stated the joint affidavit of AMLC Deputy Director Julia Bacay-Abad and Rafael Echaluse of the council secretariat's compliance and investigation group.