Gambling with the sweat of our workers' brow!

We are doing a postmortem on the sensational cyber crime that has depleted us of Tk 800 crore in foreign exchange from the reserve maintained with the Federal Reserve Bank of New York. While we rejoiced in garnering a record forex reserve at US$ 27 billion, we were not equally cautious in taking guard against ploys by quarters eying wistfully at our healthy reserve.

In the immediate aftermath, we busied ourselves with sideshows and dramatics instead of showing signs of tackling head-on the substantive issues thrown up by the cyber scandal.

With each passing day, however, a clearer picture is emerging of the heist, its modus operandi and ramifications in terms of the stolen money having strayed into fraudulent accounts, most of it surfacing in a casino in the Philippines.

Our front-page infographics yesterday gave a blow by blow account of the cyber heist and the trail of money from February 6 to 9. The salient points are: Software on the terminal connected to Swift Systems not responding, an attempt was made to restart the terminal when the message flashed: 'A file is missing or changed;' manually printed receipts show the Federal Reserve Bank of New York sent back queries to Bangladesh Bank against 46 payment/transaction orders in different messages: Significantly there was no debit confirmation with the BB against payment orders.

An email was sent on February 6 to New York Fed followed by fax urging stoppage of unauthorised payments. On the following day, a Sunday, BB's attempts to contact Fed officials failed, as it was a holiday. On February 8, SWIFT could be used to alert Fed and Rizal Commercial Bank in Philippines, Pan Asia Banking Corp of Sri Lanka et al. Five unauthorised SWIFT messages were sent against which $101 million to the Philippines and Sri Lanka.

The Sri Lankan bank on BB's request canceled payment of $20 million to its beneficiary and routed the fund back to Bangladesh's account. On February 9, the Rizal Bank manager allowed withdrawal of funds without checking the stop order issued on February 8, banking holiday in Philippines.

Now move on to the Philippines and you got to hear the BBC interview with Major General John Gomes, psc (Retd.), our ambassador in the country, who sat as an observer in the Senate hearing on the issue. It centred on money laundering and terror financing concerns, being treated with great seriousness in Manila. Now the ambassador is engaging the foreign office in pursuit of the chunk of money having found its way in to the public-sector-operated casino in Manila. What are the gaming laws for there ought to be a betting ceiling beyond which it would attract the attention of authorities?

We now know that the money has been lying with the casino for 20 days and put on the dice. The gaming authorities did not detect any abnormality about the gambling. Yet, the fact remains that about three weeks' time was available for tracking down the money and recovering it; a rather simplistic suggestion given the collusion between the Rizal Bank's Jupiter branch and the beneficiaries!

A pertinent contention, though academic at the stage, has raged between some experts and the ex-Governor of Bangladesh Bank Atiur Rahman. Whilst the former are of the view that if the Governor had revealed the dreadful intrusion into the technology earlier on, the money could have been substantially seized back through an all out effort. But ex-Governor Atiur thinks it wouldn't have made difference. On the contrary, he believes whatever money has been recovered would have eluded our grip. He admits though that there could have been 'an error of judgment' on somebody's part and so he resigned by taking moral responsibility for it.

One trait of people in authority has been that anything adverse happening under their charge or on their watch is considered too embarrassing to be owned up to. This attitude breeds a denial or secretive mode which is unhelpful in solving problems that impact on the institution's meaningful exercise of its writ. Even Bank of England or Natwest Bank have not been immune to cyber attacks or attempted onslaughts. In fact, the latter had to be closed down for days together to rewire it with new software in order to protect the bank's reputation and depositors' money.

George Osborne, the Chancellor of Exchequer in Britain has been a staunch advocate for robust security systems for financial institutions and infrastructure generally.

Chain of safeguards and checks should be put in place with surveillance and monitoring of the IT technology revamped against split second intrusions into the system. Who knows, the thugs had not knocked for small amounts first so as to measure the level of agility of the system in order to break in for bigger tranche some day! Therefore, even the holidays would have to be covered for at the national and international ends.

The writer is an Associate Editor, The Daily Star.