Fraudulent wire transfers aren’t always the work of hackers. In May 2015, the U.S. Department of Justice (DoJ) filed an indictment against 14 officials and sports business executives associated with the international soccer association FIFA alleging wire fraud, money laundering, racketeering and obstruction of justice over the course of about 25 years.2 The transfers were made using a network of payment processing services spanning several countries. The financial institutions involved may have believed the transfers were legitimate; the DoJ says that the fraud involved “the use of various mechanisms, including trusted intermediaries, bankers, financial advisors, and currency dealers, to make and facilitate the making of illicit payments.”3
As these examples show, the nature of today’s payment processing services can make it difficult to follow the movements of money. Even with current Know Your Customer rules, it can be challenging to link the name on a bank account to an identifiable person or company – though new “beneficial ownership” rules may make it easier in the U.S.4 In some countries, secrecy rules prevent banks from revealing financial information about their customers to foreign regulators.
Would Blockchain-Based Payments Processing Services Make Fraud Easier to Spot?
Enter blockchain, promising “secure, tamper-proof digital records.”5A blockchain is a complete and immutable record of asset transfers. When blockchain underpins a payments processing service, it’s possible to trace the entire sequence of wire transfers. The promise of trusted transactions is one of the big reasons the financial services industry is rapidly exploring blockchain technology. If the central banks involved in the Bangladesh bank heist had been using blockchain, the money might still have been stolen but it would be easier to trace and, therefore, recover.
Or would it? Central banks already have a complete and immutable record of transactions. Their payment processing services are double-entry accounting systems: wire transfers are recorded as pairs of postings to accounts, which cannot be deleted, though they can be reversed by making equal and opposite postings. Furthermore, central banks don’t allow just anybody to hold accounts with them. Only banks have direct access to the NY Fed’s payment processing solution. The money stolen from the Bangladesh central bank went to banks. So did the funds transferred by FIFA officials.
Even if commercial banks as well as central banks used a blockchain-based system, tracing payments would come to an abrupt end once the money was converted to physical cash. Banknotes and coins are completely anonymous. The trail goes dry at the bank teller’s counter, or the ATM. So blockchain payment processing solutions in banks and central banks wouldn’t prevent fraud, and they wouldn’t necessarily make the money any easier to recover.
In both the Bangladesh heist and the FIFA wire fraud, however, SWIFT messages were used to authorize money transfers. Would the fraudulent messages have been easier to spot if SWIFT had been using blockchain?
Distributed ledger technology using blockchain would have created a complete record, with copies of the record held on multiple computers, effectively preventing the record from being altered. Furthermore, in a blockchain-based SWIFT all of its 8,000 members would have been able to see the messages and approve them as valid, reducing the chances that obviously fraudulent messages would get through. But the SWIFT messages were not “obviously fraudulent.” They were correctly authenticated. The problem is not the SWIFT system itself, but the access to it.
Access Control Security in Payment Processing Services
The Bangladesh authorities argue that hackers gained access to the system without the knowledge or involvement of bank staff. But SWIFT has strict security protocols, including use of a physical key, long passwords and biometric access control. International investigators believe it is more likely that the SWIFT messages were sent or authorized by someone inside the central bank.6
Could a blockchain solution have prevented fraudulent access to SWIFT? Bitcoin security protocols, for example, are impressive. Wallets are cryptographically secured, multiple digital signatures can be required to access them and information can be stored offline (“cold storage”).
And yet even these measures could not prevent hacking of a Bitcoin exchange and theft from hundreds of Bitcoin wallets. In August 2016, Bitfinex was hacked and the equivalent of $66 million in bitcoin was stolen. The money has never been recovered, and because the exchange’s own solvency was threatened (a problem not faced by central banks, of course), it distributed the loss among all customers, including those unaffected by the hack. All customers lost the same 36 percent of their holdings (which were exchanged for Bitfinex tokens expected to be redeemable someday either for repayment or shares in Bitfinex stock).7
The Bitfinex hacking was possible because of a weakness in the way the exchange used multisig wallets. Wallets had three cryptographic keys, of which two were required to access the funds. One key was held either offline or by the customer, one by the exchange and one by a third party custodian. But the agreement between Bitfinex and the custodian effectively meant that the exchange controlled both keys. Therefore, the hacker appeared able to drain the wallets by getting through Bitfinex’s own security protocols.8
As with the Bangladesh bank heist, the problem was not that the payments processing service was insecure, but that access security was compromised.
Bitfinex has since changed its multisig arrangement so that funds are held in secure cold storage. But it is not the first cryptocurrency exchange to be hacked. The history of Bitcoin shows repeated hackings at exchanges, the largest being the theft of the equivalent of $460 million from Mt Gox in 2014.9Blockchain technology may not eliminate the risk of fraud.
Wire frauds and thefts have raised questions about whether today’s payment processing services are sufficiently secure. Some argue that adopting blockchain solutions would help in the fight against fraud. But the problem is not the payment processing systems themselves, but the access to them. Access to blockchain systems also can be compromised. Technology can help to defend against fraud, but it cannot prevent it. There will always be a need to ensure that the human beings who make and authorize payments can be trusted.
- “Cyberthefts In Banks Highlight The Importance Of Security In Wire Transfer Systems,”American Express FXIP Blog; https://www.americanexpress.com/us/foreign-exchange/articles/cyberthefts-importance-of-security-in-wire-transfer-systems/ .
- “So What Exactly Was Citigroup's Role In The FIFA Corruption Case?,” Forbes.com; http://www.forbes.com/sites/francescoppola/2016/03/02/citigroups-involvement-in-the-fifa-corruption-case-signals-trouble-ahead/#5d5c3f822563 .
- USA v. Jose Hawilla, Traffic Sports USA, Inc., and Traffic Sports International, Inc.,U.S. Attorney’s Office;https://www.justice.gov/opa/file/450216/download
- “Paying Foreign Contractors: New Rules Companies Should Know,”American Express FXIP Blog; https://www.americanexpress.com/us/foreign-exchange/articles/rules-for-paying-foreign-contractors/
- Blockchain reaction: Tech companies prepare for critical mass,EY; http://www.ey.com/Publication/vwLUAssets/ey-blockchain-reaction-tech-companies-plan-for-critical-mass/$FILE/ey-blockchain-reaction.pdf
- “Failure to publish a report stokes a bank-heist scandal,”The Economist;http://www.economist.com/news/finance-economics/21707719-government-claims-publishing-report-would-undermine-efforts-retrieve
- “Hacked Bitcoin exchange Bitfinex will reduce balances by 36% to distribute losses amongst all users,”TechCrunch;https://techcrunch.com/2016/08/08/hacked-bitcoin-exchange-bitfinex-will-reduce-balances-by-36-to-distribute-losses-amongst-all-users/
- “The Bitfinex Bitcoin Hack: What We Know (And Don't Know),”CoinDesk;http://www.coindesk.com/bitfinex-bitcoin-hack-know-dont-know/
- “The Inside Story of Mt. Gox, Bitcoin’s $460 Million Disaster,”WIred;https://www.wired.com/2014/03/bitcoin-exchange/