Extract from Brad Harris’s article “The Lessons From Citibank’s Mistaken $900 Million Transfer”
I read this story about Citibank’s mistaken transfer—which cost it about half a billion dollars—a while back, and the sheer improbability of the mistake struck me. How could a banking giant make a blunder of such staggering magnitude despite multiple checks and balances? So what exactly went wrong here?
I recently circled back to that story and realized that it was, unsurprisingly, more complicated than it had sounded at first blush. Nevertheless, as software developers and software users, I suspected we could learn quite a bit from this expensive mistake along with our customers.
I want to unpack a few of those lessons—but first, let’s review what happened.
ICYMI: What Happened in the Citibank Wire Transfer Case
The bare-bones version of the story goes like this: Citibank, acting as the administrative agent for Revlon’s loan, meant to process $7.8 million in interest payments to Revlon’s lenders. However, Citibank’s software system required that it set up and execute what was, in effect, a “dummy” transaction to process the interest payment. Citibank would create a transfer of the entire outstanding balance, including both principal and interest, into an internally held “wash account.” Citibank’s staff had to check not just one clearly labeled box but also two other boxes with cryptic and confusing labels to direct the funds to the internal account. Because they only checked the one box, the money, totaling about $900 billion, didn’t go to the wash account—it was wired straight to the creditors. (A rather large oops!)