Thieves stole US$20 million via Revolut US payment flaw

ORGANISED criminals exploited a flaw in Revolut’s payment systems to steal more than US$20 million of the fintech’s money, the Financial Times (FT) reported, citing multiple sources with knowledge of the incident who were not identified.  

The issue arose due to differences between Revolut’s US and European systems which meant that some transactions were declined and then erroneously refunded, the newspaper reported. Criminal gangs began exploiting the issue early in 2022 after it was identified in late 2021. They would encourage individuals to make large transactions that would be declined, then withdraw the refunded sums via ATMs. 

The problem came to light when a partner bank in the US notified the UK-based company that it was holding less cash than anticipated. The US subsidiary then requested cash injections from its parent and the flaw was closed in spring 2022, FT reported. 

About US$23 million was stolen in total, with some funds recovered by pursuing those that had withdrawn cash, resulting in a net loss of about US$20 million, the newspaper added.

Revolut declined to comment when contacted by Bloomberg News. BLOOMBERG