The Lazurus Hei$t

Excellent and well worth a listen, The Lazurus Hei$t, a new BBC World Service podcast, tells the story of the Bangladesh Bank robbery and the attempted theft of a billion dollars by the North Korean-linked Lazurus Group. The tale has it all, financial and personal impacts of the Sony Pictures cyber-hack, state sponsorship of cyber-crime, the creation of counterfeit currency that’s almost better than the original, hacker hotels, hacking of payment systems at Bangladesh Bank, the movement of 500kg of cash from bank premises with faulty CCTV, laundering of funds through an unregulated Filipino casino system, Japanese links to the North Korean leadership dynasty, abuse of the charity sector, and more casino mayhem in Macau.

A fantastic plot for a fictional movie, if the story wasn’t true.

One somewhat ironic take-away from it all (in a Scooby-Doo style) is that they would’ve got away with it if it hadn’t been for those pesky sanctions filters. A reported $1 billion transfer from the Federal Reserve Bank of New York, on behalf of Bangladesh Bank, to the Philipines based Rizal Commercial Banking Corp (RCBC) was never sent as the transfer to the branch location in Jupiter Street in Manila hit an OFAC SDN sanctions entry for “Jupiter“, an Iranian vessel. Another $20 million was stopped by another sanctions filter hit at Deutsche Bank against a spelling error of “fundation” where the hackers had tried to direct the funds to a, not entirely legitimate, nonprofit foundation in Sri Lanka.

Sanctions filter hit rates can be really bad, and often as poor as 1 in 20, that is one in every twenty transactions stopped for review when the filters are badly built or misconfigured. Of those hits, only a tiny fraction, less than 1%, are ever then reported as illegitimate transactions to regulators, so most of the work done by sanctions teams is wasted effort.

So the unanswered question “inefficient sanctions filters, a blessing or curse”? Well in this instance sanctions filters saved the day but more typically they are just creating cost and inconvenience for legitimate customers. Fixing and streamlining the poor quality of sanctions filtering is long overdue. It would remove cost, improve compliance, improve the speed and certainty of payments, and lead to a better customer experience.

And as to stopping those fraudulent payments, that’s the role of fraud prevention tools – not something detected by accident!