Revolut reportedly loses $20m to thieves in payment flaw

Criminals are said to have exploited a flaw in Revolut’s payment system in the US to steal more than $20m. 

As reported by the Financial Times citing multiple sources with knowledge of the incident, the money was stolen over a number of months and arose because of differences between its US and European payment systems.

This discrepancy meant that some transactions that were declined were then erroneously refunded with Revolut’s own money.

The funds were taken directly from the fintech and not from customer desposits, according to the sources, and despite recouping around $23m in funds it still lost around $20m overall.

Criminal gangs reportedly started to exploit the payments issue in early 2022 after it was first identified towards the end of 2021.

Individuals were encouraged to try to make expensive purchases that would be declined and then cashed out through ATMs.

The issue supposedly came to light when a partner bank in the US alerted the fintech that it had less cash than expected, and the flaw was eventually closed around last spring.

Meanwhile, in the UK, the bank is still waiting to win a banking licence.

It might also be looking to come out with its 2022 results to recover from its 2021 results, which were both long overdue and qualified, as auditor BDO said it was unable to satisfy itself concerning the “completeness and occurrence of certain revenues” for 2021.

Revolut declined to comment.