How to Recover A Wire Transfer

What to do if you’re a victim of wire fraud?

Being the victim of wire fraud is extremely traumatic.  You will immediately worry about if you will ever see the money again, if any of your other transfers are at risk, and whether or not your systems are compromised.  These feelings of worry will be quickly followed by anger and disbelief around your attempts to recover your assets.  Navigating this event is stressful and complicated. Coordinating between banking, insurance, and law enforcement is both difficult and frustrating.  We’ve condensed our best practices so you can move quickly and confidently to try and recover your wire transfer.

Recovering a wire transfer is difficult

Steps to follow

  1. Set your expectations appropriately – recovering 100% of the funds in a timely fashion almost never occurs.  These criminals have a vast network of “money mules” to move and hide funds.  Attempting to recover a wire transfer may take months, and can be very difficult depending on when you discovered the crime.
  2. Collect the details about the transfer
    • Payee account details (typically routing number and account number for US-based institutions)
    • Originating account information (your bank account details)
    • Date of transfer and amount sent
  3. Make sure any recent wires or other wires that are in process are secure, cancelling them if necessary, until you are able to identify the root of the problem.
  4. Contact (Call, don’t email!) your bank and ask for the fraud department
    • Request that they initiate a recall on the transfer, frequently called a “SWIFT recall.” 
    • Also ask for the “Fed Reference Number” of the transfer
    • Ask your bank to contact the receiving bank immediately and request a freeze on the receiving account.  You can also call the receiving bank and speak to the fraud department and request a freeze, although these efforts are often unsuccessful. If the funds have been moved to a third bank, request the account details and a freeze on those accounts as well.
  5. File a compliant with FBI Internet Complaint Center (IC3) and record your compliant number.  Report the fraud, and IC3 complaint number, to your local FBI field office and your local police department.  It is best practice to provide a police report to your Insurance company.
  6. Engage your insurance provider.  This type of fraud is rarely covered; however, you may be able to leverage resources available from your insurance provider. The insurance company will focus on whether the crime occurred due to tech intrusion or social engineering. Many insurance policies will not cover claims resulting from social engineering.
  7. Engage an attorney to evaluate possible legal remedies
  8. Inform your IT department or IT provider of the event and have them review the email(s) to determine if there is a security breach.  In most instances, the crime has occurred due to social engineering (being tricked) or a breached account OUTSIDE of your network.  Still, you should verify that your system was not the cause.  In any case, we recommend changing your login credentials for your systems and turning on multi-factor authentication.

Most of all, be patient.  Your frustration and fear is completely understandable, use it to create urgency around the above steps. 

Lastly, you need to review your internal processes and systems to ensure this type of crime does not occur again.  The criminals make repeated attempts on previous victims.  Understand that this not entirely an IT or Cybersecurity problem – your finance organization needs a policy and system that is secure and repeatable while allowing them to move at the pace of businesses.