Transcript
The discussions around ethics largely come down to the idea of how our actions will impact those that are around us. From a legal perspective, the law is also trying to ensure that those who are in a position to stop bad things from happening stop it, and those who are harmed receive redress for their harm.
In this case of cybersecurity crime, there’s a question of who is actually harmed and how can they be compensated or helped. From a law enforcement perspective, if you can’t identify who is harmed, it is going to be very difficult for a government to have enough courage, or to marshal the resources necessary to help those people.
When you think about the after-effects of this, Bangladesh Central Bank ended up suing this bank in the Philippines, RCBC, where this money was transferred. Ultimately, this bank may or may not have followed proper procedures, but it was very difficult to say that they were the perpetrators of the actual crime. Yet somehow, they were being held accountable for a minor mistake relative to the magnitude of the actual crime.
That brings up another related question. In this situation, there were multiple parties along the way that were touching the transactions. The Bangladeshi regulators, the Bangladeshi bank officials, the US Federal Reserve, and the Filipino banks and regulators, etc. So, who is in the best position to be responsible for this type of transaction?
There is a lot of debate around that, to be honest, we don’t know if that’s actually settled. If we could identify the source country of where the hacking occurred, that would of course be a locust of the crime and we would bring up prosecutions there. Apparently, some of that money was sent to the Philippines and then laundered through casinos. Therefore, it seems there may have been some criminal activities there. And the people who transferred the money to the casinos may have been involved in this. But they may not have understood the full magnitude of where the money came from.
Although each of those crimes was a part of the larger narrative, it’s very difficult for a local prosecutor to connect all the dots. For instance, if a Philippine official contacts the US Fed, it’s not likely that they’re going to receive the information required for the investigation. Such level of cooperation might require some national support.
So, let’s move this now to a distributed ledger type of system such as blockchain, or some type of cryptocurrencies. If such technology is involved in illegal activities, do you anticipate this type of crime being more likely to occur? And would it have changed the process of actually securing the funds, or finding who was responsible?