See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/353443653

Combating Cyber Crime in the Banking Sector of Bangladesh-An Evaluation

from Legal Perspective

Article · October 2020

CITATIONS READS

0 168

1 author:

Adnan kabir Kabir

Chittagong Independent University
4 PUBLICATIONS   13 CITATIONS   

SEE PROFILE

All content following this page was uploaded by Adnan kabir Kabir on 25 July 2021.

The user has requested enhancement of the downloaded file.

 International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

Contents lists available at Crown Academic Publishing

International Journal of Multidisciplinary Sciences

and Advanced Technology
Journal home page: http://www.ijmsat.com

Combating Cyber Crime in the Banking Sector of Bangladesh-An

Evaluation from Legal Perspective

Md. A. Kabir
Lecturer, School of Law, Chittagong Independent University, Chittagong, Bangladesh
email: adnankabir@ciu.edu.bd

Received 28 June 2020, Accepted 18 September 2020, Available online 1 October 2020

ABSTRACT

Cyber security has become a matter of great importance and concern, as can be seen by events across the world over the
last years. In the specific case of banking, Asia has arguably been the most vulnerable region to date. In addition to
Bangladesh, a slew of high-profile attacks of financial institutions have recently occurred in Japan, Philippines, Taiwan,
Thailand and Vietnam, which in turn has resulted in billions of dollars in lost banking revenue across the continent.
Cyber attack is an emerging threat to Bangladeshi banking industry and economy especially after the Bangladesh bank
Heist in 2016. In this context, this study focuses on the existing Cyber Crime Laws and Provisions to combat cyber
crime issues in the banking sector of Bangladesh. It is a descriptive type of research and secondary sources of data and
information have been used in the study. The study mainly examines recent trend and pattern of cyber crime issues,
existing legal framework for dealing with the cyber criminal activities and limitations of existing laws have also been
examined and analyzed in this paper. Finally, some probable measures have been suggested for combating the
increasing trend of cyber crimes in the banking industries of Bangladesh. We are hopeful that present study may be
beneficial and contributory to the both decision making authorities like: government policy making bodies, legislative
authorities, top level management of banking industry and the researchers.

Keyword: Banking Industry, Cyber Crime, Legal issues, Revision on laws

1. Introduction

The momentous growth in the digitalization of the finance industry over the last decade(s) has transformed the sector to
a point where an increasingly wide variety of financial services are now becoming available to more and more people,
faster than ever before (Jamal, 2018). The proliferation in online transactions mounting on technologies like NEFT
(National Electronic Fund Transfer), RTGS (Real-time Gross Settlement Systems), ECS (Electronic Clearing Service)
and mobile transactions is a glimpse of the deep rooted technology in banking and financial matters (Goel, 2016).
However, advancement of technology and financial globalization makes easier to transfer funds illegally and then the
term cyber laundering has emerged. Cyber laundering is the practice of money laundering carried out in cyberspace

16
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

through online transactions. Launderers use a diverse and innovative method for concealing and expose financial
institutions or banks to legal risk, reputation risk, operational risk, and financial risk (Joveda et al, 2019). Cyber security
has become a matter of great importance and concern, as can be seen by events across the world over the last years.
Due to digitalization, banks and financial institutions have contributed considerably in the process of economic growth
of Bangladesh. However, their contribution would have been greater, if they had effectively addressed various
challenges faced by the banking sector such as weak management, poor governance, lack of strong leadership, and non-
compliance with ethical standards leading to various types of banking scams such as money laundering and NPLs.
Moreover, because of a lack of understanding, banks and top banking officials are still reluctant to invest in full-scale
security measures, without which, safety of the entire financial system cannot be guaranteed. Corporate governance
weaknesses, especially at state-owned banks, and legal complexities in contract enforcement are adversely affecting the
banking sector. This is limiting the expansion of access to and usage of financial services (Bangladesh Development
Updates, 2019). As a result, the banking sector, however, has been facing with various challenges, which include among
others: weak management, poor governance, lack of strong leadership, and non-compliance with ethical standards
leading to various types of banking scams such as money laundering and Non-Performing Loans (Khuda B. 2019).

Today, web technology has emerged as an integral and indispensable part of the banking sector. The enlargement of
non-cash based transactions around the globe has resulted in the steady development of robust online payment systems.
Cyber security has become a matter of great importance and concern, as can be seen by events across the world over the
last years. With a global population of almost 7.5 billion and an Internet population of 42%, solving cybercrime is one
of the world’s current digital challenges (Das, 2015). Due to easily exploitable laws, cybercriminals use developing
countries in order to evade detection and prosecution from law enforcement. In developing countries, such as the
Philippines, laws against cybercrime are weak or sometimes nonexistent. These weak laws allow cybercriminals to
strike from international borders and remain undetected.

Cyber attack is an emerging threat to Bangladeshi banking industry and economy. Recently, this industry suffered a
sudden shock when $101 million was stolen from Bangladesh Bank’s account at the New York Federal Reserve on
February 4, 2016 (The Daily Sun, 29 March, 2019). The country’s 62 percent banks are said to be at risk of cyber
attacks, a serious concern for the banking sector in the country. Reportedly, fifty per cent banks of the country are
vulnerable to cyber attack risks as these financial institutions have not yet been equipped properly to check those.
Recently Bangladesh government has also declared the vision-2021 i.e. within 2021 this country will become middle
income country and the per capita income will be equal to a middle income country. But the government as well as
other concerns should consider crimes that may be committed in this world with the expansion of internet and other
networks to convert this country into a digital Country (Maruf et al. 2010). The National Cyber Security Index 2018
report points out that while Bangladesh is very invested in fighting cybercrime and building military capability to do the
same, there is zero progress in the area of cyber threats analysis and informing. The index is built by the Estonia-based
e-Gov Academy (The Daily Star, November, 2018).

A recent survey conducted by the Bangladesh Institute of Bank Management (BIBM) finds that the country’s 28 percent
banks have no preparation to handle a large-scale cyber attack while 34 percent of them are partially prepared to face
cyber attack. But 38 percent banks have necessary preparation to face cyber attack. The banking industry suffered a
sudden shock when $101 million was stolen from Bangladesh Bank’s account at the New York Federal Reserve on
February 4, 2016. After analyzing 50 incidents of forgery, BIBM in its latest research found that most of the fraud
activities were completed with the help of electronic delivery channels such as mobile banking, ATMs and plastic card
17
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

transactions etc. (The Daily Sun, 29 March, 2019). Mentioning the causes of increasing cyber crimes, cyber security
expert Tanvir Hassan Zoha opined that cyber criminals get release from their captivity through the loophole of laws as
the authorities fail to prove charges against them due to lack of enough technological support for law enforcement
agencies (Ibid). Therefore, there has been a serious dearth of extensive legal research especially on the cyber crime laws
and policies in this industry. We are hopeful that present study may be beneficial and contributory to the both decision
making authorities like: government policy making bodies, legislative authorities, top level management of banking
industry and the researchers.

The main objective of this study is to evaluate some legal issues of combating cyber crime in the banking sector of
Bangladesh and for accomplishing this main objective, the present study highlights on the following specific objectives
such as i) to discuss a brief overview of cyber crime in general and Bangladesh banking industry in particular, ii) to
evaluate current events, trend and pattern of cyber crime in the same industry, iii) to examine available cyber crime
laws and provisions for safeguarding banking industry, iv) to investigate the problems and challenges associated with
the existing laws and to put forward some provable legal measures and strategies so to combat cyber crime in the
banking industry of Bangladesh.

The issues have been discussed in this paper are organized as follows: following by introductory issues in Section 1,
Section 2 includes an overview of cyber crimes in the banking sector in general and Bangladesh in particular. Section 3
presents trend and pattern of cyber criminal activities in Bangladesh over the years. Section 4, discusses on the existing
laws and regulations regarding cyber crime in the bank and financial sectors and shortcomings of the existing laws and
regulations and finally in Section 5, focus have been made to investigate the problems and challenges associated with
the existing laws and to put forward some legal measures so to combat cyber crime in the banking industry of
Bangladesh.

2. Literature Review

This section discusses literature analysis on cyber crime, its nature, cyber laws and provisions. The literature is
reviewed from journals, reports, periodicals, conference paper and books. Literature review provides basis and insights
into relevant previous research and developing trends (Saunders, Lewis & Hill, 2000). It presents theoretical views and
ideas of the earlier research that has been done in the same field.

The term ‘cyber law’ refers the legal issues related to use of information and communications technologies (ICT). To
combat worldwide cyber crimes including Bangladesh an effective cyber law leads to play vital role so that the cyber
criminals are fairly and successfully judged for their criminal activities. Most of the developing countries of the world
are already equipped with cyber security strategies and laws (Kundu et al., 2018). In the following section some
previous research works are examined to find out the research gap about present study.

(Rahman, 2019), in a research found that neither of the Information and Communication Technology Act 2006 and its
subsequent version promulgated as Digital Security Act 2018 has any provision that says anything about amending the
other existing laws such as the Penal Code 1860, the Evidence Act 1872, the Code of Criminal Procedure 1998 or the
Code of Civil Procedure 1908. He also opined that several articles and reports have been published in newspapers
expressing concern about the absence of such intervention in the laws.

Syniavska et al., (2019) in their study focused on the current issue of the counteracting cyber attacks in the banking
sector, in particular in the field of e-banking. The main types of banking fraud, which are carried out in the online

18
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

sphere, are considered. The authors propose a mathematical model that describes the process of counteracting e-banking
fraud.

Joveda et. al. (2019) in their study titled “Cyber Laundering: A Threat to Banking Industries in Bangladesh: In Quest of
Effective Legal Frame work and Cyber Security of Financial Information” highlighted on the issue to increase an
understanding of the nexus of corruption in bank, local economy and money laundering scandals. They also focused on
national control mechanisms to deal with the issues of money laundering in banks.

In Bangladesh Cyber Security and Capacity Review Report 2018, it is pointed out that in 2015, Bangladesh Bank issued
sectorial regulation for cyber security through Guidelines on ICT security for Banks and Non-Bank Financial
Institutions (2015) that are applicable to all banking institutions. However, it is not clear whether these guidelines are
effectively enforced. Cyber incident reporting is voluntary in Bangladesh and there are no legal and regulatory
frameworks for incident reporting obligations and responsible disclosure.

Syadullah (2018) has provided an interesting approach on ASEAN Banking Integration Framework (ABIF) and has also
discussed concluding issues regarding the level of bank efficiency in ASEAN countries.

Kundu et al., (2018), in their paper, “Cyber crime trend in Bangladesh, an analysis and ways out to combat the threat”
identified the causes of cyber heist in the financial sectors. The existing legal framework of Bangladesh for dealing with
the cyber crimes has also been investigated in this paper.

The Bangladesh National Digital Architecture (BNDA) Guideline 2019 advocates for a "whole of government"
approach which would maintain an ecosystem of exchanging digital information in a coordinated and concerted manner
within different government agencies and institutions.

A recent survey conducted by BIBM found that the country’s 28 percent banks have no preparation to handle a large-
scale cyber attack while 34 percent of them are partially prepared to face cyber attack. But 38 percent banks have
necessary preparation to face cyber attack (The Daily Sun, 29 March, 2019).

Toeh and Mahmood (2017) in their paper discussed about the relationship between the cyber strategy and the successful
growth of economy. Goel, (2016) focused on the technical aspects of various types of cybercrimes concerning the
banking and financial sector and their related impacts. Additionally, it identified the threat vectors supporting these
cybercrimes and develops measures to aid in the combating the resulting cyber-attacks so that such attacks can be better
prevented in the future for enhanced security. Mongid (2015) has analyzed important issues regarding cost efficiency of
the ASEAN banking market and has concluded that the cost efficiency scores.

Tanvir Hassan Zoha a prominent cyber security expert of banking industry opined that cyber criminals get release from
their captivity through the loophole of laws as the authorities fail to prove charges against them due to lack of enough
technological support for law enforcement agencies (Ibid).

All the studies we have discussed above mainly focused on the issues of nature of cyber crime, control mechanisms,
existing legal frameworks, cyber security through Guidelines on ICT security for Banks and Non-Bank Financial
Institutions, mathematical model that describes the process of counteracting e-banking fraud, cyber strategy and
economic growth etc. But so far we studied, very few studies done on examining existing laws, provisions and the
19
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

loopholes of those laws and provisions to combat cyber in the banking industry of Bangladesh. So, there is serious
dearth of extensive legal research especially on the cyber crime laws and policies and revision of those provisions in
this industry. In this context, this study is an endeavor by the researchers to examine existing laws and regulation to
investigate the problems and challenges associated with the existing laws and to put forward some probable suggestions
so to combat cyber crime in the banking industry of Bangladesh.

3. Methodology

Present research is a descriptive type of research and secondary data and information have been used in the
study. The purpose of descriptive research is to describe an accurate profile of cyber crimes especially trend and
pattern, events or situations. In addition to, this study has been used quantitative approach, which is data collection
technique (such as a questionnaire) or data analysis procedure (such as graphs or statistics) that generates or uses
numerical data (Saunders et al, 2009). Also, the basic aim of using this research method is to investigate, explain,
analyze and examine a systematic form, facts, principles, provisions, conceptual understanding about the issue, or the
working of certain laws or legal institutions for combating cyber crime in the banking sector. The secondary sources of
data and information have been used in the study are: Data Breach Statistics 2020, Bangladesh Cyber Security and
Capacity Review Report 2018, ICT Act 2006, ICT Act 2013 (amended), Digital Security Policy 2018, The Digital
Security Act 2018, Professional Services Network report (PricewaterhouseCoopers) like PwC’s 2018 Global
Economic Crime and Fraud Survey, and other relevant text, journals, seminar papers and web documents etc. have
been analyzed for having a proper understanding about the issue.

4. Analysis

4.1 A Brief overview of Cyber Crimes in the Banking sector

In this section discussions have been made on the conceptual issues of cyber crime, cyber crime scenario in general and
Bangladesh in particular.

4.1.1 Understanding Cyber Crime and its Nature

Cybercrime generally refers to criminal activity where a computer or network is the source, tool, target, or place of a
crime. It also includes traditional crimes, such as fraud, theft, blackmail etc., in which computer or networks are used ().
It is a technological and mostly a property related crime. It is also known as computer broad range of potentially illegal
activities conducted by the misuse of computers and different types of communication networks. Additionally, cyber
crime also includes traditional crimes conducted through the internet. It has no direct contact with the victims and
involves less visible and intangible kinds of property such as information, data and computer networks. Victims come to
know about their losses long after the actual commission of crimes. Profits from high-tech crimes are vast. Hackers are
able to steal greater amounts with greater comfort; a single act can victimize many people in many places at once
(Maruf et al, 2010). It may be divided into two types: i) crimes that target computer networks or resources directly, ii)
crimes facilitated by computer networks or devices. Crimes that primarily target computer networks or devices would
include malware and malicious code, denial-of-service attacks and computing viruses. Examples of crimes that merely
use computer networks or devices would include, among others, cyber stalking, fraud and identity theft and information
warfare. It is further subdivided into the following four categories: a) Cyber crime against individuals; b) Cyber crime

20
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

against property; c) Cyber crime against organization; and d) Cyber crime against society at large. However, as our
main concentration is organizational issue (banking industry) so, we mainly concentrate on such issues. From
organizational view point criminal issues includes (Ibid):

i. Unauthorized control/access over the network resources and websites

ii. Exposing indecent/obscene materials over the web pages
iii. Virus attack
iv. E-mail bombing
v. Salami attack
vi. Logic bomb
vii. Trojan horse
viii. Data diddling
ix. Blocking from access
x. Theft of important possessions
xi. Terrorism against government organizations

While Analyzing the reason of cyber crime Hart in his work “The Concept of Law” mentioned that ‘human beings are
vulnerable so rule of law required protecting them’. Applying this to the cyberspace we may say that computers are
vulnerable, so rule of law is required to protect and safeguard them against cybercrime
(http://www.asianlaws.orgiccyberlawlibrary/cc/what_cc.htm).

4.1.2 Impact of Cyber Crime on the bank and Financial Institutions

Cyber crime is a bi-product of the ever-increasing development in the areas of information and communication
technology (ICT). The most targeted organizations are hospitals, government offices, police stations, financial
institutions, Research and Development (R&D) organizations and other telecommunication firms etc. In recent times,
the banking sector has received a lot of flak for its rising non-performing loans (NPL), the lack of good governances,
political influence in banking procedures, money laundering and malpractices by some bankers. This has inevitably
affected the efficiency and productivity of the sector, as well as constraining businesses and industries that truly have
the potential to grow and become a pillar of strength for the economy's long-term growth (Hossen, 2019). However, in
the following sections we shall focus on especially cyber crime scenario of financial sector in the world in general and
Bangladesh in particular.

Some important highlights on World Cyber crime in the financial institutions:

 PwC’s 2018 Global Economic Crime and Fraud Survey find that 49% of global organizations say they’ve
experienced economic crime in the past two years.
 PwC’s latest business crime survey has revealed a steep rise in financial crime in the Middle East during the past
two years, with nearly half of all local companies reporting at least one occurrence over that period. Together, the
surveyed companies reported $42 billion in losses over the past 24 months due to financial crime.

 In 2018, the finance industry experienced 19% of all cyber attacks and incidents, making it the most targeted
industry in the world.

21
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

 Since 2016, there have been growing concerns about cyber security risks to the financial system prompting the
G20 finance ministers and central bank governors to warn in March 2017 that “the malicious use of Information
and Communication Technologies’’ could undermine security and confidence and endanger financial stability.

4.1.3 According to Statistics on Data Breaches and US Department of Justice

 67% of financial institutions reported an increase in cyber attacks in 2018. According to a recent report, cyber
attacks are 300 times as likely to hit financial institutions as companies from other industries.
 The cost of cyber attacks in the banking industry reached $18.3 million annually per company.
 The United States suffered 1,473 cyber attacks over the last year, leading to 164.6 million successful data breaches.
 It’s estimated that spending on cyber security training will reach $10 billion by 2027.
 8 out of 10 US citizens fear that businesses are not able to secure their financial information. According to FBI, the
amount paid to ransom ware scammers has reached nearly $1 billion per year (Data Breach Statistics 2020).
 92% of ATMs are vulnerable to hacks (https://fortunly.com/statistics/data-breach-statistics/#gref). The following
Table-1 shows the scenario of worldwide cyber attack (Sector wise) over the Years (2012-2017).

Table 1 : Worldwide Cyber attack (Sector wise) over the Years

Year Name of Organization Sector

2012 VISA and Master Card Financial
2014 JPMorgan Chase data breach Financial
2016 Bangladesh Bank Government Financial
2017 Indian Banks data breach Financial
2017 United Kingdom National Health Service Medical
Source
Quoted 2017 National Bank of Ukraine Government Govt. Financial in Kundu
et al., (2018)

Cyber attacks penetrated absolutely all areas of business. The Chart-1 below shows 5 areas of business that
have suffered the greatest costs due to cyber fraud in August 2018. The statistics presented in chart-1 reveals that
the most unprofitable cyber attacks were for the financial sector. At the same time, about 90% of the attacks fall on the
banking sector. Especially active frauds are held in the field of electronic banking.

Chart 1: Shows Area wise Business Sectors that have suffered the greatest costs due to cyber fraud in August
2018

Source: Quoted in Syniavska et al. (2019)

22
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

In the specific case of banking, Asia has arguably been the most vulnerable region to date. In addition to Bangladesh, a
few of high-profile attacks of financial institutions have recently occurred in Japan, the Philippines, Taiwan, Thailand
and Vietnam, which in turn has resulted in billions of dollars in lost banking revenue across the continent. One estimate
suggests that cybercrime cost Asian companies a massive $81 billion last year alone—a figure that constitutes more
than a quarter of the global total of $315 billion, and which exceeds the US and European Union figures by about $20
billion (https://internationalbanker.com/banking/cybercrime-growing-threat-global-banking/).

4.1.4 Current Trend and Pattern of Cyber Crime in the Banking Industry of Bangladesh

Banking sector is considered to be the heart of a healthy economy. This is especially true for a developing country like
Bangladesh. Since independence, this sector has kept the wheel of the economy moving forward. So it's natural that any
disruption in the sector will lead to effects in the economy of the country (Hossen, 2019). However, this sector has
many times been tarnished by several unwanted malpractices. Incidents like the Hallmark scandal, Crescent Group
incident, AnonTex Group loan, Bangladesh Bank cyber heist and others have impacted the image of the banking sector
both within and outside the country (ibid). In this context, cyber security in the banking sector is a crying issue in recent
times especially after the Bangladesh bank Heist in 2016 (Kundu et al., 2018). In the last couple of years, several
security breaches had happened in the banking sector of Bangladesh and some of those are shown in the following table
-2
Table -2 : Showing Security Breaches in Bangladesh over the years (2013-2016)

Time of Occurrences Incident

January 06, 2013 Islami Bank Bangladesh site was hacked by Human Mind Cracker

2015 Accounts of a private bank were hacked and money was withdrawn

December 02, 2015 Sonali Bank’s network security was broken and control was taken

by the hacker for several hours

February, 2016 Attacks in six ATM booths of three commercial banks

February, 2016 Hackers stole $101 million from Bangladesh Bank

Source: Quoted in Kundu et al., 2018

Besides, following Table -3 presents recently occurred major embezzlement and cyber-attacks for the last few years in
Bangladeshi banks.

23
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31
Table-3: Major Scams, Irregularities and Heists in Banks of Bangladesh over the years
Bank / Institution Involved
Sonali,Janata,NCC, Mercantile
and Dhaka Bank(2008-2011)
BASIC Bank(2009-2013)
Sonali Bank (2010-2012)
Janata Bank (2010-2015 & 2013
to present Janata Bank, Prime
Bank ,Jamuna Bank, Shahjalal
Islami Bank Ltd and Premier
Bank (June2011-July2012)
AB Bank(2013-2014)
NRB Commercial Bank (2013-
2016)
Janata Bank (2013-16)
Farmers Bank (2013-2017)
24
Scam
A bank loan of BDT 4.89
crores with fake land
documents. Dhaka Tribune,
28th August2013
Misappropriation of BDT
4,500crores through forged
companies and doubtful
accounts.(TheDailyStar,28th
June2013
Hall Mark and some other
businesses stolen BDT
3,547 crores. (The Daily
Star,14th August, 2012)
Deceit by Crescent and
Anon Tex involving
BDT10, 000crores.
(DhakaTribune,3rdNovemb
er 2018)
Concealing of BDT1,174.46
by Bismillah Group and its
fake sister
concerns.(TheDailyStar,7th
October2016)
Gross anomalies over
distributing loans of BDT
701crores. New Age
th
Bangladesh,10 December
2017)
Loan scam involving BDT
1,230crores (The New
Nation,22nd October 2018)
Fund theft of by 11
companies e.g.: NAR
Sweaters Ltd, Advanced
Development Technologies,
etc. involving BDT 500
crores.(The Daily Star, 24th
Measures
The ACC submitted cases against Sonali Bank, Fahim
Attire Limited and some people on 1st August 2013;
returned to Sonali Bank after the inquiry BDT 1 crore
(making the complete BDT 4.89 from the original
5.89 crores).(Dhaka Tribune, August 2,
2013;NewAge, August 2, 2013; Daily Star, August 2,
2013)
The ACC lodged 56 case in September 2015 against
120 individuals charged with swindling.(Bangladesh
New Age,13th August 2018)
The ACC lodged 11 cases against 27 individuals in
October 2012, including the Chairman of the
Hallmark Group and the 20 former and present
representatives of Sonali
Bank.(TribuneDhaka,11July2018)
A panel of investigation, headed by a BB Executive
Director, presented a report on the scam to the BB on
30 October 2018. (Tribune Dhaka, 3 November 2018).
The ACC lodged 12 cases over the
Scam on November 3, 2013, against 54 individuals.
(TheIndependent,September11
2018).
The central bank assigned an observer to restore
discipline and corporate governance at the bank on
December 29, 2016.(Tribune Dhaka,7 th December
2017)
Thermax demanded that the entire loan be rescheduled
again in October 2018 (earlier restructured in
2015).The board of Janata Bank-supported The rmax's
suggestion and sent it for approval to the BB.(Daily
Star, October 21,2018
In January 2018,the BB directed Farmers Bank to
perform a functional audit on loan accounts in its
Motijheel branch with an exceptional sum of at least
BDT1crore.(Daily Star,24 March 2018) In April
2018,four suspects were detained by the Anti-
Corruption Commission (ACC), including the former
Chairman of the Audit Committee of the Farmers
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

March 2018) Bank.(TheIndependent,April11,2018)

Bangladesh Bank (February 5, The heist of BDT The government created a 3-member inquiry
2016) 679.6crores (USD81million) committee on March 19, 2016, led by former Central
by international cyber Bank governor Dr. Farashuddin. (Daily Star, August
hackers from reserves 5,2017)
account of Bangladesh Bank
with the New York's US
Federal Reserve Bank.(The
DailyStar,5th August 2017)

Dutch Bangla Bank Limited
(May-June,2019
Tk16 lakh stolen by the Six Ukrainian s were detained on 1st June 2019.This
members of the problem is being investigated jointly by the Detective
international hacker group. Branch, Counter- Terrorism and Transnational Crime
They used Tyupkin Cyber crime Unit (CTTC) and CID.
Malware to make the ATM
infected and to stop all
network connections and
there is no record of the
transactions.(The Daily Star,

June11,2019)

Source: Report on Banking Sector in Bangladesh, Centre for Policy Dialogue, 2018, quoted in Joveda et al., 2019

The above table -3 reveals that major embezzlement and cyber-attacks for the last few years occurred in public owned
banks and few occurrences related to private sector banks. As measures: cases submission against the banks, report
submission by the panel of investigation team, inquiry committee created by government and appointing observer to
restore discipline and corporate governance etc. have been presented in the above table.

2.3 Existing Laws and Provisions for Cyber Security in the Banking Industry

As we know that laws are being developed and amended to deal with as many current and future offences relating to
technology as possible. In this regard, the existing legal system to combat cyber criminal activities in the banking
industries of Bangladesh has been stated below:

 The ICT Act, 2006

In 2006, the Bangladesh parliament enacted a legislation, namely the Information and Communication Technology Act
2006 (amended in 2009 and 2013), to control cyber crime by mandating rigorous punishment. In order to facilitate e-
commerce and encourage growth of information technology, The ICT Act, 2006 was enacted making provisions with a
maximum punishment of 10 years imprisonment or fine upto taka 10 million or with both. It was the first and the only
door open for the lawful remedy of numerous cyber crimes in Bangladesh. Later, former information and
communications technology minister, Mostafa Faruque Mohammad, moved the Information and Communication
Technology (Amendment) Bill 2013 proposing ten amendments to the ICT Act 2006. The bill made offences under
Section 54, 56, 57 and 61 of the 2006 Act cognizable and non-bailable, empowering law enforcers to arrest anyone
accused of violating the law without a warrant, by invoking Section 54 of the Code of Criminal Procedure. In the 2006
act, all such offences were non-cognizable.
25
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

 Digital Security Act 2018

Bangladesh enacted the Digital Security Act in September 2018 passed with the objective of curbing cyber-crime and
ensuring digital security. This Act 2018 enacts laws regarding Digital Crime Identification, Prevention, Suppression,
Trial and other related matters. The relevant sections of this Act regarding cyber criminal issues as well as hackings in
the banking industries discussed below (https://www.cirt.gov.bd/wp-content/uploads/2018/12/Digital-Security-Act-
2018-English-version.pdf):

Section 22: Digital or Electronic Forgeries and Punishment:-

(1) If any person commits forgery by means of any digital or electronic medium then that activity of that particular
person will be an offense under the Act.

(2) If any person commits any offense mentioned within sub section (1), the person will be penalized with
imprisonment for a term not exceeding 5 (five) years or with a fine not exceeding 5 (five) lacs taka or with both

(3) If any person commits the offense mentioned in sub-section (1) for the second time or recurrently commits it then,
he will be punished with imprisonment for a term not exceeding 7 (seven) years or with fine not exceeding 10 (ten) lacs
taka or with both .

Section 23: Digital or Electronic Fraud and Punishment:-

(1) If any person commits fraud by means of any digital or electronic medium then that activity of that particular
person will be an offense under the Act.
(2) If any person commits any offense mentioned within sub section (1), the person will be penalized with
imprisonment for a term not exceeding 5 (five) years or by fine not exceeding 5 (five) lacs taka or with both
(3) If any person commits the offense mentioned in sub-section (1) for the second time or recurrently commits it then,
he will be punished with imprisonment for a term not exceeding 7 (seven) years or with fine not exceeding 10 (ten)
lacs taka or with both

Section 30: E-Transaction without legal authority Offence and Punishment:-

(1) If any person-

a. Does e-transaction through electronic and digital medium of any bank, insurance, or any other
financial institution or any mobile money service providing organization without legal authority,

b. Or. b. Does e-transaction that has been declared illegal by the Government or Bangladesh Bank, Then
such activity will be considered as an offence?

(2) If any person commits offence mentioned in sub section (1), the person will be penalized with either maximum of
5(five) years of imprisonment or fine of Tk. 5 (five) lac or will be punished with both.
(3) If any person commits the offence mentioned in sub-section (1) for the second time or repeatedly, he will be
punished with a maximum of 7(seven) years imprisonment or with maximum fine of Tk. 10 (ten) lac or both.

26
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

Section 33: Illegal Transferring, Saving etc. of Data-Information and Punishment:-

(1) If any person enters any computer or digital system illegally and does any addition or subtraction, transfer or with
the aim of transfer save or aid in saving any data-information belonging to government, semi-government, autonomous
or statutory organization or any financial or commercial organization , then the activity of that person will be considered
an offence.

(2) If any person commits an offence mentioned in sub section (1), he will be sentenced to a term of imprisonment not
exceeding 5(Five) years or with fine not exceeding Tk.10 (Ten) lac or with both.

(3) If any person commits the offence mentioned in sub-section (1) second time or recurrently commits it then, he will
be sentenced to a term of imprisonment not exceeding 7(Seven) years or with fine not exceeding Tk.15 (Fifteen) lac or
with both.

Section 34: Hacking Related Offence and Punishment:-

(1) If a person commits hacking then it will be considered an offence and for this, he will be sentenced to a term of
imprisonment not exceeding 14 (Fourteen) years or with fine not exceeding Tk.1 (One) Crore or with both.
(2) If any person commits the offence mentioned in sub-section (1) second time or repeatedly then, he will be penalized
with life imprisonment or with fine not exceeding Tk.5 (Five) Crore or both.

The above stated sections: 22, 23, 30, 32, 33, and 34 mainly include issues like: Electronic Forgeries, Electronic Fraud,
E-Transaction without legal authority, Illegal Transferring, Saving etc. of Data-Information, Hacking Related Offence
and Punishments provisions of those offences.

 The Bangladesh National Digital Architecture (BNDA) Guideline 2019

It advocates for a "whole of government" approach which would maintain an ecosystem of exchanging digital
information in a coordinated and concerted manner within different government agencies and institutions.

 The National Cyber Security Strategy 2014

This strategy prioritizes on developing a unified national multi-stakeholder strategy for international cooperation,
dialogue and coordination in dealing with cyber threats.

 National ICT Policy 2018 and thus creates scope for compromising national cyber security.

Some observations on the above stated Cyber Crime Laws:

 Cyber-Crimes are mostly committed against any individuals with a criminal motive to harm the reputation
intentionally by using the internet or computer network system. Such problems can be disclosed lawfully.
However, neither of the Information and Communication Technology Act 2006 and its subsequent version
promulgated as Digital Security Act 2018 has any provision that says anything about amending the other existing
laws such as the Penal Code 1860, the Evidence Act 1872, the Code of Criminal Procedure 1998 or the Code of
Civil Procedure 1908 (Rahman, 2019).

27
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

 Laws such as the 'Information and Communication Technology (ICT) Act, 2006' (amended in 2013) and the Digital
Security Act 2018 etc., have been passed to redress wrongdoings in digital electronic media but no amendment has
been done on the main law for evidence procedure, the Evidence Act, 1872, to incorporate provision of digital
evidence despite the fact that Bangladesh is no longer less advanced in technology (Islam, 2019).

The Telecommunication and Information Technology minister Mustafa Jabbar, commented that “many cybercrimes or
digital crimes did not fall under the purview of the law”. For example, the law did not address any crime committed
through using mobile phones. The law also considers e-mails as evidence, which conflicts with the country`s
Evidence Act 1872 which does not recognize e-mails as evidence, but the amendments did not address these issues.
Bangladesh is reportedly the most cyber-attacked country, according to a cyber threat map developed by Kaspersky
Lab which runs in real time. SWIFT has advised Banks using SWIFT Alliance access system to strengthen their
cyber security posture and ensure they are following SWIFT security guidelines
(https://www.academia.edu/25668378/Cyber_crime_in_Bangladesh_A_growing_threat_in_Banking_Business).

Some probable Legal Measures to ensure Cyber Security in the banking industry

As per present study findings and findings from other previous researches, the following measures may be considered
by the both government and legislative authorities to combat cyber crimes especially in the banking industries of
Bangladesh:

 As the Digital Security Act 2018 has any provision that says anything about amending the other existing laws such
as the Penal Code 1860, the Evidence Act 1872, and the Code of Criminal Procedure 1998 or the Code of Civil
Procedure 1908. So, amendment regarding these laws is a demand of time and should be included in the proposed
The Bangladesh National Digital Architecture (BNDA) Guideline 2019.

 Law making authority should introduce ‘digital evidence’ in the Evidence Act, 1872,
The amendment to the Evidence Act, the Bangladesh Penal Code, the Code of Criminal Procedure or other minor special
laws may be proposed by the ICT Division as it is the focal point of the government’s information technology
issues.

 The ICT Division may advise the ministries concerned to propose amendment to related acts to bring about the
changes so that modern society can feel comfortable with them after the digital issues have been well addressed.

 Seminars, conferences, workshops may be arranged at college, university and institution level to make people
aware about the cyber crime issues occurred worldwide.

 Study finding shows that there is only one court to settle cyber criminal activities. So, numbers of courts should be
increased so to settle cyber criminal cases in the fastest time.

 Bank and financial institutions should ensure continuous research and development to develop new security system
to handle cyber crimes. All banks must introduce unique firewall system.

 Organizations especially banking industry should have culture of complying with Code of ethics by their
employees which can play important role to combat cyber crime (Kundu et al., 2018). Bangladesh Bank heist in
2016 is the crying example of this issue.

28
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

 There must be a linkage between banks and government law prosecution agencies. The banking authority should
monitor and report to the concerned authority about any suspicious transactions (Joveda et al., 2019).

 Observing the cyber crime trend in Bangladesh it is needless to mention that both private and public sector need to
invest substantial amount of their budget for enhancing cyber security measures (Kundu et al., 2018)

 Strengthened national and international communication between government, law enforcement and the private
sector with increased public knowledge of cybercrime risks (https://www.unodc.org/unodc/en/cybercrime/global-
programme-cybercrime.html)

5. Conclusion

The present government has declared the visions-2021 and 2030 that Bangladesh will become Digital Country and the
per capita income will be equal to a middle income country. But the government as well as other concerns should
consider crimes that may be committed in this world with the expansion of internet and other networks to convert this
country into a middle income economy. The research findings of the present study demand to revise our existing law
and order system with necessary amendments. There must be a linkage between banks and government law prosecution
agencies so to expedite the cyber criminal activities in just time. Most of the developed countries are already equipped
with cyber security strategies and laws. Like cyber security strategy in Singapore 2016, Finland’s Cyber Security
Strategy, National Strategy for the Protection of the Switzerland against Cyber Risk etc. So, there is no alternative
rather urgent establishment of effective legal framework including some revision of laws as stated in the findings
section and good corporate governance to combat cyber criminal activities in the banking industries of Bangladesh.
Finally, the study suggests the follows issues as revision of laws and others : i) Amendment of Penal Code 1860, the
Evidence Act 1872, and the Code of Criminal Procedure 1998 or the Code of Civil Procedure 1908 etc., is a demand of
time and should be included in the proposed The Bangladesh National Digital Architecture (BNDA) Guideline 2019;
ii) Law making authority should introduce ‘digital evidence’ in the Evidence Act, 1872. The amendment to the
Evidence Act, the Bangladesh Penal Code, the Code of Criminal Procedure or other minor special laws may be
proposed by the ICT Division as it is the focal point of the government’s information technology issues; iii) There must
be a linkage between banks and government law prosecution agencies. The banking authority should monitor and report
to the concerned authority about any suspicious transactions; iv) Number of courts should be increased so to settle cyber
criminal cases in the fastest time; v) Bank and financial institutions should ensure continuous research and development
to develop new security system to handle cyber crimes and banks must introduce unique farewell system to combat
cyber crime.

6. Acknowledgments : NA

29
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

References

Bangladesh: analysis of the Digital Security Act, https://www.article19.org/resources/bangladesh-analysis-of-the-

digital-security-act/

Bangladesh Cyber Security and Capacity Review, August 2018, retrieved from https://www.cirt.gov.bd/wp-
content/uploads/2020/01/CMM_Bangladesh_Report_FINAL.pdf, p49

Centre For Policy Dialogue (CPD). (2018), Banking Sector in Bangladesh: Moving from Diagnosis to Action. Available at:
https://cpd.org.bd/wp-content/uploads/2018/12/Banking-Sector-in-Bangladesh-Moving-from-Diagnosis-to-Action.pdf

Das, D. (2015), Cyber crime in Bangladesh: A growing threat in digital marketplace, available in
https://www.risingbd.com/english/cyber-crime-in-bangladesh-a-growing-threat-in-digital-marketplace/28940

Data Breach Statistics 2020, available at: Cyber crime articles -2020/25 Financial Data Breach Statistics (2020 Update
Fortunly.htm

Eresh Omar Jamal 2018, Addressing cyber security risks in the financial sector, The Daily Star, 2018, available at :
https://www.thedailystar.net/star-weekend/cyber-security/news/addressing-cyber-security-risks-the-financial-sector-
1636582

Global Economic Crime and Fraud Survey 2018, available at: https://www.slideshare.net/Paperjam_redaction/global-
economic-crime-and-fraude-survey-2018

Goel, S. (2016), Cyber – Crime : A growing Threat to Indian banking Sector. Third International Conference on
Recent Innovations in Science, Technology , Management and Environment, Indian Federation of United Nations

Hossen, N. (2019), Challenges the banking sector faces. The Financial Express, April, 2019 available at:
https://thefinancialexpress.com.bd/views/challenges-the-banking-sector-faces-1556379991.ece

Association, New Delhi , India. 18th December, 2016.

Bangladesh Development Updates Towards Regulatory Predictability, World Bank, April 2019

International Journal of Economics and Finance; Vol. 11, No. 10; 2019 ISSN 1916-971X E-ISSN 1916-9728 Published
by Canadian Center of Science and Education. Available at:

https://www.researchgate.net/publication/333652962

Joveda N. Md. Khan T. & Pathak A. (2019), Cyber Laundering: A Threat to Banking Industries in Bang
ladesh: In Quest of Effective Legal Frame work and Cyber Security of Financial Information.

Khuda B. (2019), Economic growth in Bangladesh and the role of banking sector , The Financial Express, June9, 2020,
available at: https://thefinancialexpress.com.bd/views/views/economic-growth-in-bangladesh-and-the-role-of-banking-
sector-1547220114

Kundu S. Islam K.A. Tania T. Rafi S. Hossain M. A. Ishraq (2018), Cyber crime trend in Bangladesh, an analysis and
ways out to combat the threat, 20th International Conference on Advanced Communication Technology (ICACT),
2018.

30
 Md. A. Kabir / International Journal of Multidisciplinary Sciences and Advanced Technology Vol 1 No 10 (2020) 16–31

Maruf A. M., Islam M.R., Ahamed B. (2010) , Emerging Cyber Threats in Bangladesh: In Quest of Effective Legal
Remedies, The Northern University Journal of Law, Vol I , ISSN 2218-2578

Rahman G.M (2019), Legal shortcoming in addressing electronic issues, The New Age, November 18, 2019, available
at: https://www.newagebd.net/article/90911/legal-shortcoming-in-addressing-electronic-issues.

Saunders, M., Lewis, P., & Thornhill, A. (2009). Research methods for business students (5 th ed.). Edinburgh Gate:
Pearson Education Limited.
Syniavska O., Dekhtyar N., Deyneka O., Zhukova T., and Syniavska O. (2019), Security of e-banking systems:
modelling the process of counteracting e-banking fraud, available at:
https://www.researchgate.net/publication/333448668_Security_of_ebanking_systems_modelling_the_process_of_count
eracting_e-banking_fraud#pf2
Sustainable Development Goals: Bangladesh Progress Report 2018

The Daily Sun, 29 March, 2019, “62pc banks at risk of cyber attacks”, https://www.daily-
sun.com/printversion/details/381059/62pc-banks-at-risk-of-cyber-attacks”.

The Digital Security Act 2018, available at: https://www.cirt.gov.bd/wp-content/uploads/2018/12/Digital-Security-Act-

2018-English-version.pdf

The National Cyber Security Strategy 2014

“Safeguarding banks from cyber attacks”, available at: https://bangladeshpost.net/posts/safeguarding-banks-from-

cyberattacks-4962

The Bangladesh National Digital Architecture (BNDA) Guideline 2019

Website Docs

Information on http://www.asianlaws.orgiccyberlawlibrary/cc/what_cc.htm
“Cybercrime: The Growing Threat to Global Banking”
(https://internationalbanker.com/banking/cybercrime-growing-threat-global-banking/).

Information on http://www.asianlaws.orgiccyberlawlibrary/cc/what_cc.htm
Information on https://swivelsecure.com/solutions/banking-finance/5-cybersecurity-weaknesses-threats-in-
banking-and-finance-industry/).
Information on https://www.unodc.org/unodc/en/cybercrime/global-programme-cybercrime.html).
Information on http://www.asianlaws.orgiccyberlawlibrary/cc/what_cc.htm
Information on http://worldofscience.com.my/aboutchemistry.html
Information on www.computingbasic.com.html

31

View publication stats