The lingering spectre of the $1 billion heist into the Central Bank of Bangladesh, which specifically involved the hacking into SWIFT’s network, has continued to make waves nearly six months later. This time Wells Fargo is in the crosshairs, as it faces a lawsuit from an Ecuadorian bank in connection with a $12 million theft made over the Swift network.
Don't miss your last chance to sign up for the FM London Summit. Register here!
Ecuadorian bank Banco del Austro (BDA) originally brought the suit after Wells Fargo when it approved at least twelve transfers netting a total of $12 million that was requested over the SWIFT network. Wells Fargo had made an error in sourcing the requests, thinking they originated from BDA, ultimately sending its money to accounts in Hong Kong.
The episode follows an earlier heist this year that saw $81 million stolen from the Bangladesh Central Bank. Since then, banking officials have pointed the blame on SWIFT technicians, alleging that workers had made the network more vulnerable to hacking. SWIFT has denied the allegations and since taken steps to shore up its network security.
Consequently, BDA had sued Wells Fargo in a US court – the suit stipulated that Wells Fargo should have halted the transfer, properly sourcing the requests. Despite the allegations, a US judge threw out some of the charges, including BDA's breach of contract and negligence claims, though it did not dismiss alleged violations of the New York Uniform Commercial Code on whether fund transfer security procedures are "commercially reasonable".
According to US Judge Lewis Kaplan, the court could not "rule as a matter of law that use of the SWIFT system, with nothing more, constituted a commercially reasonable security procedure in the context of this particular customer-bank relationship".