Citigroup Erroneously Credited Client Account With $81 Trillion in 'Near Miss'

Citigroup credited a client's account with $81 trillion when it meant to send only $280, an error that could hinder the bank's attempt to persuade regulators that it has fixed long-standing operational issues. Financial Times: The erroneous internal transfer, which occurred last April and has not been previously reported, was missed by both a payments employee and a second official assigned to check the transaction before it was approved to be processed at the start of business the following day.

A third employee detected a problem with the bank's account balances, catching the payment 90 minutes after it was posted. The payment was reversed several hours later, according to an internal account of the event seen by the Financial Times and two people familiar with the event. No funds left Citi, which disclosed the "near miss" to the Federal Reserve and Office of the Comptroller of the Currency, according to another person with knowledge of the matter.

Re:

[clovis]

Doesn't this ever happen to me?

I was just wondering how many people opened an account with Citigroup after seeing this news.

Re:Why

[themightythor]

I was just wondering how many people opened an account with Citigroup after seeing this news.

Just understand that the "bank error in your favor" could just have easily been a "bank error in their favor". And which of the two do you think the bank is more motivated to fix quickly? Which of the two is going to cause a bunch of "payment denied" errors when, say, your power bill auto drafts on the 5th of the month? And, when that payment denial happens, of course the power company is going to report that to credit agencies. Where will Citi be then? My prediction is that after dragging their feet for a bit, they'll reverse the mistake from their end, consider their obligation complete, and leave you to deal with the aftermath.

tl;dr - run, as fast as you can away, not towards institutions that demonstrate this level of incompetence.

Re:

[groobly]

Well, in fairness to some other bank, I recently received a few bucks from a bank account I had closed a year earlier, them having found they miscalculated interest. Of course, this caused a big problem with 1099s. And, it's not the first time I have had this happen, with various banks. Don't assume they know how to calculate interest!

Re:

[clovis]

I was just wondering how many people opened an account with Citigroup after seeing this news.

Just understand that the "bank error in your favor" could just have easily been a "bank error in their favor". And which of the two do you think the bank is more motivated to fix quickly? Which of the two is going to cause a bunch of "payment denied" errors when, say, your power bill auto drafts on the 5th of the month? And, when that payment denial happens, of course the power company is going to report that to credit agencies. Where will Citi be then? My prediction is that after dragging their feet for a bit, they'll reverse the mistake from their end, consider their obligation complete, and leave you to deal with the aftermath.

tl;dr - run, as fast as you can away, not towards institutions that demonstrate this level of incompetence.

More to the point, I wasn't recommending anyone do that.
I was wondering if anyone would.
It's like the lottery. Their mentality would be to put up a small amount that they'll probably lose while hoping to be one of those who get a huge payoff.

Re:

[mysidia]

And risk Citigroup mistakenly sending you a bill for $81 trillion then adding that as a delinquent debt to your credit?

HOLMES FOUR

[Roger_Wilco]

...That's what you get when you overburden the neuristors of your High-Optional, Logical, Multi-Evaluating Supervisor, Mark IV, Mod. L. Better watch out, cobber. There might be revolution in Tycho Under and Hong Kong in Luna soon.

Re:

[rossdee]

Was it $81 trillion plus $280 ?

Re:

[Archtech]

It looks rather like the work of an LLM to me.

Re:

[Archtech]

And Wye Knott? (Since she can't reach me at present).

not sure how this is a "near miss"?

[v1]

I was under the impression that banks tend to work together to "fix mistakes" like this, and even if the account holder had tried to transfer out some of the money, the receiving bank would have just let them yoink it back after the mistake was discovered, even if technically they weren't allowed to do so?

Re:not sure how this is a "near miss"?

[Captain Segfault]

While that is largely true, there are definitely scenarios that get more complicated notably if the account holder is actually owed money. There's an extremely relevant issue (mentioned in TFA) with Revlon loans back in 2020 [reuters.com]. Citi was acting as the agent for a loan to bankrupt Revlon and accidentally credited the creditors accounts for the full value of the lown with the bank's own money, which started a two year legal dispute which would have been entirely avoided if Citi had just not accidentally credited the accounts.

unfortunately

[Anonymous Coward]

Unfortunately the lenders didn't get to keep the money. This was a situation where the law got muddied unnecessarily by finding a twisted reason to come to the "right" answer. The way to make the world a better place is to brutally punish the stupid.

Re:

[DarkOx]

Indeed "Bank error in your favor" is something that open happens in popular Parker Bros game.

Re:

[rossdee]

However when you get that card, you only get the $200, not the 81 trillion.

Re: not sure how this is a "near miss"?

[Ronin Developer]

But, still short $80. Screwed again.

Re:

[v1]

I can say I've had it happen to me once. I had my utilities on auto-pay when my bank migrated to a new auto-payment system. The one payment that was made during the migration never debited my account. I presume they finally found it but decided to eat a few keyhole charges rather than tell all their customers they were incompetent and debiting me weeks late.

Re:

[omnichad]

I had something similar happen during a bank backend system migration. Except it was a $5,000 deposit that they completely lost track of. Luckily I was able to prove it existed.

Re:

[transporter_ii]

I paid my property taxes online and got a receipt for it. They never took it out of my account, nor did they send the money to the county. I never noticed it. The county sent me a bill with a late fee. I finally got the late fee removed, but it was a pain in the butt.

Let me tell you, nobody at certifiedpayments.net had a single care about that late fee. It was only because the county was "nice" that the late fee was removed, and they made it clear that they didn't think they had to, they just thought it kin

Re:

[Archtech]

I understand that, in Britain at least, all deposited money immediately becomes the property of the bank. All the customer gets is an IOU - and he's not necessarily even first in line to be paid.

Re:

[Big Hairy Gorilla]

Yes, it's like Visa/MasterCard, if you read the Terms of Service, it says somewhere buried in the legalese, that they can put money into your account and they can take it out... anytime they want, at their discretion. They can reverse any transaction. So the chartered banks work the same way, they keep most large transactions in suspense, until all checks and balances are applied, then credit the customer's account. If they make a "mistake", they can reverse the credit.

Re:

[Roger W Moore]

I was under the impression that banks tend to work together to "fix mistakes" like this

Sure, but the interest on $81 trillion, even for just a few hours until they do fix it would be substantial. At 1% interest rate you earn $92M/hour!

Re:

[vinnak]

The ability to keep accurate lists in triplicate is one of very few things that are non-negotiable for a bank. Yes other banks will help undo it but I think it's a near miss in the sense that "Citi can't keep lists" -> "Citi should not have access to interbank payments"

Re:Good programmers check for out-of-bounds inputs

[AvitarX]

Some reasonable limits, like perhaps cap the size of a transfer to being the entire dollar money supply.

Re:

[quenda]

Arbitrary limits are never good. Not 8.3 filenames, not 255 byte strings, 2TB partitions, 160 char SMS.

A trillion dollars might seem a lot now, but after a few years of tax-cut induced hyperinflation, such a limit might stop the welfare checks getting through.

Re:

[Joe_Dragon]

the UI sucks.
https://arstechnica.com/tech-p... [arstechnica.com]

Re:

[toxonix]

That looks like a Java Swing desktop app. Which makes sense for an internal app built in the 90's.
It might be ugly for todays standards. But it was just as ugly for yesterday's standards too.

Re:Good programmers check for out-of-bounds inputs

[Comboman]

There are supposed to be additional checks on large transactions which are meant to catch money-laundering, funding terrorism, drug cartels, etc. The fact that this enormous transfer went through even briefly tells you that these aren't working.

Re:

[Archtech]

Or that their purpose is not what we are told.

Re:Good programmers check for out-of-bounds inputs

[Archtech]

The problem seems to have been precisely that no one noticed it was a huge transaction. What I can't understand is what sort of finger trouble would cause $280 to change into $81 trillion.

$280
$81,000,000,000,000

Not much resemblance. Certainly not a 1-digit typo. More as if the zero key got stuck down.

Account Number?

[Roger W Moore]

Perhaps they put in the account number as the amount since it may not have been exactly $81 trillion.

My dad had something similar happen with a bank back in the days when you had to submit paper transactions where, instead of the usual weekly salary withdrawal for the receptionist staff they removed well over 100k pounds causing the account to go overdrawn and charges to be applied. When he called them they absolutely refused to accept that it was an error on their part until he pointed out that the amount they had removed was equal to the date and since they entered the amount into the system it could not have been him. They refunded the money.

Re:

[locofungus]

Perhaps they put in the account number as the amount since it may not have been exactly $81 trillion.

Indeed! I got a "text" to my voice number that got read out in the text->speech thing that (I think) BT had that started (something like):

"Your eighty three million, three hundred and fifty nine thousand, two hundred and seventy seven mortgage is ..."

Initially I assumed it was a scam - but it was my account number!

Re:

[hsthompson69]

So...what I'm understanding here is that they are willing to transfer money that nobody has. Nobody is actually checking if there are funds there at all.

The whole transaction should have failed as soon as the -81,000,000,000,000 tried to hit the source account for the transfer, and found insufficient funds.

I'm not sure if any of their numbers are real, if they don't actually do this kind of basic ledger balancing.

Re:

[Tony Isaac]

I would argue that "good programmers" check for out-of-bounds inputs in situations where the consequences are serious enough to do so. If somebody types a birthday of 1/1/1700 into greeting card software, who cares, nothing significant breaks.

This bank situation certainly qualifies as serious consequences.

They should get the interest

[altembedded]

If it was an interest bearing account they should at least get the interest for a few minutes.

interest?

[diaz]

Did the account holder at least get to keep the interest? At 0.5%, that's about US$46,000 per hour.

Re:

[dj245]

Did the account holder at least get to keep the interest? At 0.5%, that's about US$46,000 per hour.

Even if banks paid interest on such a short time period, that would be the equivalent of taking back the ice cream but letting the accountholder keep the sprinkles. They wouldn't be able to keep the interest.

Re:

[quenda]

Even if banks paid interest on such a short time period, that would be the equivalent of taking back the ice cream but letting the accountholder keep the sprinkles. They wouldn't be able to keep the interest.

It would be more like letting the account holder keep the sprinkles that fell off while he was holding it.
Banks can easily calculate continuous interest, using natural logs IIRC.

Re:

[quenda]

At 0.5%, that's about US$46,000 per hour.

Try again. It is $46 million per hour.

Bank Error in Your Favor.

[mjwx]

Wait, no you're too working class to collect £100.

How on earth

[Retired Chemist]

How on earth do you enter 81 trillion dollars when you mean to enter 280. I could understand 1280, of 380, or something like that, but 81 trillion dollars seems ridiculous in every way. Also, why didn't the system automatically reject it. On top of that it passed two levels of human review. Their internal controls must be non-existent, and their staff is either incompetent or so overworked that they cannot carry out their basic tasks.

Re:

[rbenson]

Since the link is pay-walled, I'll hazard a guess.
Perhaps somebody entered a negative number into a field designed for positive numbers only.
If such a thing happened, it could "wrap around" and count down from the largest value available for that datatype.
Things like that should be accounted for (and prevented) by any developer who has ever had users.

Re:

[RobinH]

Over-worked, LOL. It's a desk job. They're not breaking a sweat.

It's the Banker Keyboards

[turp182]

With dedicated keys for Million, Billion, and more recently Trillion, it's an honest mistake.

Re:

[piojo]

How on earth do you enter 81 trillion dollars when you mean to enter 280.

That reminds me of an old joke:

> A patient says, "Doctor, last night I made a Freudian slip, I was having dinner with my mother-in-law and wanted to say: 'Could you please pass the butter?'
"But instead I said: 'You silly cow, you have completely ruined my life."'

It's not particularly funny, but it's appropriate. Well, it's not particularly appropriate either, but what can you do.

Re:

[SteelCamel]

The obvious answer is by entering an account number, or some other sort of reference number, in the "value" field. This wouldn't stand out as an obvious error, as that number is supposed to be on screen, it's just in the wrong place. Of course this would require that something is also entered in the place that number should have gone. And it's somewhat surprising that the value field accepts values that large.

Re:

[Tony Isaac]

The employee was sleep-typing.

Re:

[serviscope_minor]

How on earth do you enter 81 trillion dollars when you mean to enter 280.

Cat on the keyboard. I mean sure it's a lot of money but it's not yours and the kitty is SO CUTE.

Two people to verify $280?

[damn_registrars]

The summary says that the transaction was verified by two people. Why would two people need to verify a transaction of $280? That seems like a pointless consumption of time, especially for a bank of that size.

If the IRS paid that much attention to a tax return of $280 we'd see it all over the front page news and the MAGA party would be celebrating its discovery.

Re:Two people to verify $280?

[AvitarX]

I assume the fact that it was $81 trillion being entered that caused it to be reviewed by 2 people.

Re:

[bill_mcgonigle]

> If the IRS paid that much attention to a tax return of $280 we'd see it all over the front page news and the MAGA party would be celebrating its discovery.

You seem to be confused on the factions' economic positions.

The MAGA people have been railing against the government surveillance of $600+ transactions and are advocating to downsize the 87000 additional auditors Biden hired.

They just passed No-Tax-on-Tips and No-Tax-on-Social-Security and every single Progressive voted against it. Of the "moderates"

Spotted a a problem with the balance

[DarkOx]

A third employee detected a problem with the bank's account balances - I should say

Citi has a market cap of something like 150B, now that does not include value of assets held but if you mistakenly credit 81T the other side of the entry has to go someplace, that debit is going to put one heck of dent in any account belonging to the bank or even some other client, even if that client is a sovereign wealth fund of some kind. That is likely to be a big old red number with a lot of zeros after.

Re:

[swm]

Perhaps the credit was entered with no corresponding debit, which led to an out-of-balance condition.
A double-entry system shouldn't permit that, but we already know that things happen at Citi that shouldn't.

Re:

[omnichad]

Well and this would be why you would need actual double entry in the code instead of faking it in frontend display code. On paper, this prevents human error. Computers don't make mistakes the normal way so you'd think it's redundant. But it's exactly the sort of bug catching thing you'd need. But again, it required human intervention to see it. So they probably never put any post-transaction sanity checks in the code.

How did this happen?

[hcs_$reboot]

Citigroup credited a client's account with $81 trillion when it meant to send only $280

How is that even possible? Most "input" fields would not accept a 14 digit $ figure.

Re:

[GlobalEcho]

Citigroup credited a client's account with $81 trillion when it meant to send only $280

How is that even possible? Most "input" fields would not accept a 14 digit $ figure.

Citi operates internationally, and so their software likely is set up to handle a broad range of currencies. Including ones like the Indonesian rupiah which is over 10,000 per dollar.

I'm not defending their software, which obviously needs to be revamped, but I think the decision to allow that many digits in the field is defensible.

That buys a lot

[zawarski]

Of weed.

Good old Citigroup...

[gweihir]

Always has been the idiot-child of the banking-world regarding IT security, and it seems they will not grow up.

Re:

[slipped_bit]

Citigroup has been the idiot-child of the banking world, period. Back in college I was in a work program (similar to a co-op), making good money as an engineering student, I thought it would be a good idea to start to build some credit. Citibank sent me a "pre-approved" application which I filled out... and was denied. They said I had to call back between certain hours. Working and going to school full time meant it was hard to make that call (this was the era were the only portable phones were expensiv

I don't see the problem

[wakeboarder]

They caught the error with the checks in place. Banks can't review every transaction, they saw it in their checks. The money doesn't clear if it's going to unbalance the branches books. Most banks have a limit on how much one branch or account can send and any amount over requires clearance. So what?