Assume the following incidence occurred before the US government had tax treaties or financial information exchange treaties with the Cayman Islands
Agnes, a high net worth customer, banks on-line at First National Bank (FNB) and has agreed to use 3DES in communicating with FNB. One day, Agnes received a statement that shows a debit of $1,000,000 from her account. On inquiring, she was told that the bank manager, Bill, transferred the money out of Agnes's account and into an account of his own in an offshore bank, Cayman Island. When reached via long distance in the Cayman Islands, Bill produced a message from Agnes, properly encrypted with the agreed upon 3DES encryption, saying: "Thanks for your many years of fine service, Bill. Please transfer $1,000,000 from my account to yours as a token of my esteem and appreciation. Signed, Agnes."
Agnes filed suit against Bill, FNB and the government of the Cayman Islands, claiming that the message was a forgery, sent by Bill himself and asking for triple damages for pain and suffering. Bill has responded by claiming that all procedures were followed properly, and that Agnes is filing a nuisance suit. You have been employed by FNB board as consultant to assist in the investigation of this matter and produce a report for the FNB Board of Directors, which will assist them in determining how to proceed in this matter.
Your report to the Board of Directors should address the following issues:
What can be determined from the facts as presented about whether Agnes intended to make Bill a gift of $1,000,000? Conclude and support your conclusion.
Assuming FNB wishes to continue using only 3DES as its cryptographic system, what could FNB and Agnes could do to protect against this controversy arising?
Would this controversy have arisen if FNB had been using AES rather than 3DES?
Should FNB contest the suit?
What is/are the critical issue(s)?