How to Rob a Bank

It’s easy! Almost.

There was absolutely an adrenaline rush, and that part, I just wanted it. I could not think of anything more exciting than doing something that might get you killed. — Clay Tumey

In August 2005, a team of burglars tunneled into the Fortaleza branch of Banco Central, the Brazilian central bank. The audacious raid was the culmination of months of meticulous preparation. Over the course of three months, the 25-strong gang dug a 256-foot tunnel from their base over the road, using a fake landscaping company as a front. After disabling the alarms, they took their time— moving three and a half tons of physical cash is slow work. The robbery wasn’t discovered until the following Monday morning. When astonished staff tallied up the losses, it came to around US$70 million. The money wasn’t insured, and the bills weren’t numbered sequentially, making them almost impossible to trace. To this day, it remains one of the biggest heists in history.

For as long as there have been banks, there have been more than enough people happy enough to rob them. Despite history throwing up the occasional Robin Hood-style bandit, the motive is usually pretty straightforward— good old-fashioned greed.

In July 2021, a man in California was convicted of stealing $2,500 from surveillance footage of his distinctive T-shirt. Sixty-one-year-old Edwin Herold had lost his job during the pandemic and was, he told authorities, frankly sick of being homeless. Despite the miserable motive, he was still sentenced to over three years in prison. Then there’s the rare cases that don’t seem to fit into any particular mold. Clay Tumey certainly resists neat categorization.

I thought to myself, if I can just walk in here and not be recognized by anybody, I could probably just rob the place.

In 2005, the then 26-year-old Texan went on an unusual solo bank robbing spree.

That was the gateway drug into bank robbery for me when I realized bank security is terrible.
No violence or accomplices, just an envelope politely asking the teller to hand over their fifties and hundreds. I had a note that said three very plainly, succinctly written lines,
“Give me your fifties and hundreds. This is not a joke. I’m not going to hurt you.”

It sounds simple. It sounds like there’s got to be more to it than that. But there’s really not anything else to it.
Tumey’s story speaks to a wider truth about bank robbery— it is in some ways an equal opportunities profession. All you really need is a cast-iron self-belief. And there’s another crucial thing to remember— it doesn’t seem to matter how ballsy or experienced you are, the likelihood of getting caught remains pretty high. Take the infamous Hatton Gardens heist in April 2015, when a team of geriatric cons got away with an estimated 14 million pounds in cash and jewelry from London’s diamond district. The heist itself was expertly planned and executed. After all, these were career robbers. Their downfall wasn’t the job itself. Though they didn’t leave any fingerprints at the scene, their digital footprint was laughably well-defined.

On arrest, one of the robbers was found to have googled “drilling” online and even had a copy of Forensics for Dummies at home. The old ways are inevitably changing. Naturally, there are still plenty of people the world over who are up for chancing an old-fashioned. bricks-and-mortar heist. But a younger generation of criminals are attempting to take bank robbery online with varying success.

Bank robbery will eventually not even be a thing in terms of walking into a bank and taking money. In 2016, a shadowy group of North Korean hackers known as the Lazarus Group came within minutes of a spectacular $1 billion windfall from the Bangladeshi National Bank without a single boot on the ground. This hacking group is not just hacking and stealing money, but stealing money on behalf of the North Korean regime.

It later transpired the group had been lurking inside the bank’s computer systems for a year prior to the big day. The way they got into the Bangladesh Bank system was depressingly the way that most computer hackers get into most systems— it was a dodgy email. From there, the computer hackers managed to pivot around the bank and hop from computer to computer, a process that took months.

On the morning of February 5th, staff at the bank noticed a malfunctioning printer on the 10th floor. Little attention was paid to what seemed like a routine annoyance. But this was the first sign that something was going seriously wrong. When transfers are made from Bangladesh Bank to another bank they’re made using a system called SWIFT.
And there’s a printout of those SWIFT transfers on a computer printer. So the printer prints out a thing that says, “Bangladesh Bank has just sent X amount of money.” And they discovered the printer was broken.

As they got the printer fixed a couple of days later, suddenly the printout started appearing on the printer, which revealed that the hackers had tried to transfer about $1 billion. When they finally cottoned on to what was happening, they eventually managed to halt most of the money draining out of their accounts, save for $81 million. But the reputational damage was huge, even forcing the resignation of the bank’s governor.

Not that much is known about the gang, aside from a detailed FBI portrait of one suspect named Park Jin Hyok, who is also charged with hacking Sony and the WannaCry cyberattack on the NHS. It’s thought that he fled to North Korea not long after the heist, though he faces up to 20 years in prison if he puts his head above the parapet.

Besides simple greed, there’s something else that unites the elusive North Korean hackers, villainous London geezers, and Brazilian master criminals— in all three instances law enforcement has never been able to recover the full amount of plunder.
On the surface, that might even sound like a success story. Yet the Hatton Gardens ringleaders are dead or in prison, Park Jin Hyok is a fugitive, and even the architects of the Banco Central heist have experienced decidedly mixed fortunes. Of the 25 alleged gang members, several remain unaccounted for, having disappeared into the shadows to enjoy their ill-gotten gains. Others are serving lengthy jail sentences or have been kidnapped, murdered, and tortured.

Bank robbery is not a profitable industry. Don’t do it. If that’s what your motivation is, it’s not going to work. The fun fact: you have to pay all that money back. Whatever the cash windfall, it doesn’t seem like much of a reward for a lifetime of looking over your shoulder.