I found this old draft I had submitted for my Stealing the Network chapter. It's essentially a conversation between people talking through what would have to be done to steal a lot of money. Everyone loves to speculate about what they would do with a lot of cash, I was more interested in the logistics of how it would have to actually work. The movies never examine it in this much detail!

I've also uploaded an optional ending that I don't think was used in the book. In any case I hope you enjoy my musings from years gone by, please feel free to comment.

Stealing the Network 3 Chapter “The Conversation”

Both of them were late, as usual. Dan was the only one on-time, and had managed to get a table by the window, looking out onto the busy rush hour streets of the Big Apple. He knew Tom liked watching people. Brian didn’t care one way or the other.

“Hey Dan!” came the familiar greeting from Tom. They had been friends for over 10 years, and while both of their jobs kept them from hanging out much anymore, that’s what email and cell phones were for. It was Tom’s idea to arrange this mid-week get together. He’d emailed everybody yesterday, following it up with a call. So something was up.

“I saw Brian head for the bathroom, so he should be here in a minute.” Tom said as he selected the chair with the best view of the street, leaving the third chair with a view of the interior of the restaurant.

Dan looked over Tom, who looked almost too good in his business suit. He looked more like a fashionably dressed salesman at Prada than an auditor.

They hadn't actually seen each other for about three months. Dan had recently gotten married, and Tom was busy with his new position at work, not only performing IT Security audits, but also acting as a Program Manager supervising consulting contracts. It was pretty stressful for him, seeing how some of his company’s clients were not only financial institutions but State Governments, and some more interesting work for the Feds in D.C.

Dan it was pretty stressed himself, recently married, smashing their combined stuff into one medium sized co-op, but hey, they knew it would be that way going into the marriage. Somehow Tom had pulled off being married with ease. Then again, he was just finishing up his second divorce settlement. Brian remained perpetually single, but always looking. The flame of hope burned eternal.

Finally Brian made an appearance.

“Yes!” he said in a fake Ed McMann voice announcing his arrival. “Am I late?” Taking the last seat facing the other two he asked if he was very late.

“About half an hour as usual.” Dan replied without any sarcasm. Hey, it was the truth.

Brian responded, “Excellent! It seemed a bit last-minute, but I managed to get away from work.”

“Counting all of your money?” Tom fired his way with a smile.

Brian was the best off, financially speaking, of any of them, and also the oldest. Brian had been introduced to Tom through Dan years ago, and they all got along well. All of them orbited the IT world in one way or the other, and all at one time long ago had hacked, or been hacked.

Each had the other’s respect, and though they saw less of each other as they got older, they seemed to value their relationship more.

Brian, looking at the Fruity Pebbles drink in front of Dan, asked if there were drinks on the way, ever hopeful.

“If you snooze, you lose.” Dan replied while waving over the waitress who had taken notice of the groups final arrival.

In a minute drinks were on the way, and they got back to talking.

Dan asked Tom how work was going, and Tom gave a sort of secret smile.

“Well, it just got real interesting Tuesday evening. That’s one of the reasons I wanted to get you guys together. I have a few questions I was hoping you could help me out with.”

“I don’t do too much security at work anymore since I hired Raj for that.” Dan replied. He watched over an IT department that was maybe ten or twelve people and at one time or another done each of their jobs himself. “But I’m up for providing free tech support.”

“Yes!” Brian bellowed while scanning the crowd for someone attractive to look at.

“Well,” Tom continued “I’ve been giving this a lot of thought this last day and a half, and decided I had to talk to someone about it. You are two friends I can trust, and also the two most likely to understand. Plus we hadn’t seen each other for a while. It was a good excuse.”

“Yes!” Brian was hamming it up now, usually a sign that he was feeling relaxed.

“That was fast!” Dan got in just before the round of drinks descended on them from the highly optimized bar staff.

“Another Fruity Pebbles for you,” the hostess called out “and a Kamikaze for you,” directing the drink to Brian, “and a Washington Apple for you. Let me know when you guys are ready to order.” A quick smile, and she was swept up in the hustle of the job.

All three took a ceremonial drink at once, and settled back. The night was young, and Dan had a pass for the evening from the wife, so there was no rush.

Tom looked at the other two to make sure he had their attention, and started in on his tale.

“So there I was, finishing up part of the audit our team is on, when I managed to break into a machine. A very important machine.” He paused letting that sink in for a minute. “And because I was the only person working on this part of the test, I am the only one who currently knows about this vulnerability.”

“You are a Ninja!” Brian interjected. “What kind of a company is it?”

“The kind that has money. Lots and lots of money.”

“I am starting to see the problem” Dan replied. “You broke something and now their money is all kinds of fuxored.”

“Not really. Nothing is broken. I don’t need help fixing the problem.” Tom said looking away and taking a sip of his drink.

“Uh huh.” Brian said, tuning in to the situation. “Does this problem let you get access to some of that money you spoke of?”

“Oh yes. Of course you only get to try once before someone catches on. But it is a lot of money. All of it for that day, actually….” Tom trailed off.

“And that would be ?” Dan persisted.

Tom looked right at him “Well, it depends on the day. Tomorrow, for example, will be about four billion dollars.”

Bam! Just like that!

“Holy Fuck!” Dan blurt out.

Brian’s eyes temporarily bulged in his head, like his brain had expanded for a second trying to take that in and had almost pushed his peepers clear out of their sockets.

Tom continued, “They do a manual audit everyday, so someone or something would catch it for sure. That much money gets noticed.” He took another sip of his drink, his alcohol consumption passing that of Brian and moving up on Dan.

“See, last thing every night they batch move money out to an account that then moves it to all the subsidiaries. I found a way into that machine, and can modify the initial account number to which batch gets posted to.”

“Meaning you can direct where that four billion would go to tomorrow night?” Brian asked.

“Theoretically speaking, yes. They would notice the problem very quickly, but the money, as far as I can tell, would be gone. It is quite a problem if someone managed to break into that machine and understand what it does,” Tom said with total understatement.

“This is too good.” Dan observed. “Do tell about how you managed to break into the machine.” Dan was good at getting information out of people.

“Yeah, speak up Ninja!” Brian added to the call for full disclosure.

“I can’t reveal all the details, NDA and all that, but I’ll sketch you a picture. The financial network is closed, only accessible in one part of the building with better than average physical security. The machine in question belongs to a person trusted with overseeing the EFT transactions, making sure the money comes in from the right places in the right amounts, and then goes out again at the end of the day to the right account.”

Leaning forward a little bit to be heard over the other restaurant conversations, Tom continued sketching. “We’ve developed some software, based on work by David Maynor, that allows a potential attack over USB port. Basically, our laptop connects to the target machine over a USB cable. I then run the exploit, which is dependant on the version of OS being run. They were running XP Pro, which I could tell by looking at the log-in screen, and so used that ‘sploit. It takes advantage of the DMA operations available to devices and allows access to arbitrary memory. The exploit really just adds a new administrative level account by inserting shell code into unused memory and overwriting SEH in every privileged process. Sooner or later the Structured Exception Handler will be triggered and execute the shell code that creates a new administrator account. The down side is that the exploit causes a BSoD, but once you reboot you are good to go. The worst thing the user would notice is a reboot or crash in the Event Viewer. We’re working on fixing that side effect, but hey, it was good enough on this job.”

“Then with the new user added to the local system I just logged in.” The picture was almost complete. “I rummaged around in the ‘my documents’ directory and by running Excel I was able to see recent spreadsheets that were accessed. One of them had a user name a password to a system I had not found in my network scans.” Tom leaned forward a millimeter more to make his point both physically and verbally. “It was for a machine that was connected by a serial cable and running TN3270 emulation….” He paused for effect. “The dedicated machine was connected to the EFT network.”

Leaning back again, now that the scene was set, Tom finished up his assessment. “They did almost everything right. Now all they need to do is either disable the USB and FireWire ports in system BIOS or physically disable the ports with glue or something. But before I finish up my reporting this weekend….”

Dan was nodding. “You want to know how much is worth the risk? How much is enough? Because once you hoover up some or all of those beans you know they will catch on quickly and you will have to be on the run.”

“I know. I don’t have a wife like Dan, and there isn’t anything really holding me back besides not wanting to be bubba’s bed mate in jail.” Tom was grinning now. “But it has made me want to explore the question. Like you said, how much is enough? If you could electronically steal ten million dollars, would you? One hundred million? Four billion?”

“For that kind of money everyone would be after you. Not only the feds, the cops, but the company, private investigators, and if there was a bounty on your head you’d have Dog The Bounty Hunter on your ass as well.” Dan summed it up.

“With great reward comes great risk, or something like that.” Brian added. “What kind of business are we taking about?”

“It’s a world bank, sort of,” Tom said in a vague sort of way. “They handle a lot of other governments’ money, or loans, or something. We were just hired to test the internal controls and general network and host security. I’m sure I could read about them on their website.”

“O.K. so you would piss off a bunch of national governments as well,” Dan added cheerfully, having added another nail in the coffin.

“So what is it you really want from us?” Brian asked. You could tell he wasn’t too excited to drop everything go on the run tomorrow.

“Well, you guys I know and trust, plus you are pretty logical. I know none of us are professional investigators or law enforcement, but we all keep up on the news and technology.” Tom leaned a little closer. “I’d like us to talk about everything that would have to happen to get away with it. I mean, there are so many angles, and I can only think of so many of them. I want to hear what my smart friends have to say.”

Tom leaned back, having both praised his friends and challenged them. He knew they loved to speculate out loud, so this should be perfect for all of them.

Brian started first. “This will require many drinks. But I think we can guess at most of the problems you, or someone, would have with this. Let’s see…. What comes to mind are a shit load of issues. Are you trying to hide your identity at the company and trigger the transfer remotely or do you not care? For that matter are you going to try and hide your initial movements at all? Can the money actually make it out of the account? Where would you send it? Do you have other accounts set up? How do you get your hands on it, besides electronically? Remember you only have about half a day until they notice the money missing and go to red alert mode. By that time you need to make sure they can’t roll back the transaction. Then if you do get some or all of the money you need to spend the rest of your life on the run.”

Then it was Dan’s turn. “Life on the run would suck. For that much money you would never be able to see your friends and family ever again. They would be watching for a long time. Also you would have to stay away from any country that was friendly to the U.S.A., or for that matter any of the countries that had a big chunk of change taken from them. You never know who might try to make friends with Uncle Sam by turning you in. That might be the hardest part. As a white guy with lots of money you sure would stick out in, say, Jakarta. Have you thought this part through?”

“Nope, that part I didn’t get to yet. I was mostly thinking about how you would have to trigger the transfer and be out of the country by the time the bank realized something was wrong. By then you would have to be someplace where you could check to see if the transfer worked. If it did, you would move to a second location where you could try to access some of the money,” Tom said, draining his drink.

Brian finished his; Dan caught on and took a last sip.

“Time for round two,” Tom announced and waved at the waitress using the universal circling motion to signify another round of drinks.

The conversation went into free form mode, with all three basically thinking out loud.

“You’d want to have the money sent to one bank first, and from there to many second tier banks to make initial tracing slower. Maybe have three tiers?”

“More banks mean more set up time. You’d need weeks or months to get that many set up with the correct routing instructions. Do you set them up in person, or over the net?”

“How do you get a fake identity that will hold up at a country’s border? If you are on the run you will need several IDs you can burn along the way. The fewer people who help you make them or know the identities, the better.”

“Well at some point you need to get your hands on the money. If it stays electronic you risk the chance of someone rolling it back or freezing the account. You’d want to have at least some of it liquid.”

Brian wrapped it up by concluding “Well, the whole point of this exercise is to get away with the money. Now, once you have it it’s time to live it up! Where can you live it up, not be recognized, and not have to rely on bribing people to survive? You would have a hard time spending a billion dollars in your life time, let alone four, especially if you are trying to keep a low profile.”

As if on queue the fresh drinks arrived, and the old ones whisked away.

Dan had been scribbling on a napkin and looked like he was ready to share the results of his note taking.

“OK, I’ve got a rough idea of the problems. Let’s see what you think of this. I’ve sort of arranged it in a time line.”

“First off, you have the problems surrounding moving the money…. Can it be moved, where do you move it to, what accounts have been set up, etc. As soon as you commit to the transfer the clock starts running. Someone might notice your cron job or the changed transfer account number. You might get caught before it even starts.”

“The second issue is really an outgrowth of the first one. Account set ups, locations of the banks, research on what countries they are in and if the countries are friendly to the U.S. Also how do you move that much money without FINCEN or other money laundering systems picking up on it? Do you care if they notice as long as you get away?”

“The third issue is related to the second. Lots of research and recon must be done before anything can happen. Can you find out for sure if the money can be moved? If you open up an account in another country what will they do if they see 100 million dollars appear all at once? If four billion comes in and then is supposed to be sent to forty other accounts all in different countries? Once you have done your research you move on to….”

“Problem four. By now we assume you have moved some money and need to get your hands on it. The clock is running, and at any moment money might be frozen or blocked, so you need to get some in cash to further fund your run as well as move or protect the bulk of it. You’ll need that to live on for the rest of your life.”

“Assuming you survive the first 24 hours and get past number four, you now have to live with being a wanted man. Problem five is dealing with the fact everyone is after you. Your face is everywhere and you might be in every newspaper as well. By now you need to hide out and live in a box for a few months, or at least be a master of disguises.”

Finally Dan summarized the last problem. “Once they know who you are, but haven’t caught you yet, it’s time to live it up. This is the whole reason you took all the risks and did all the planning. We face the problems Brian mentioned earlier. At this point you should be settling into the rest of your abnormal life. You have planned or are planning for multiple safe houses, stashes of cash, and are trying to build a network of people that can do stuff for you without asking questions. The long haul.”

Everybody took a drink and let the entire situation sink in for a bit. The place was starting to get full, and with it the noise level increased a bit. If anyone was trying to listen in on their conversation it would be almost impossible by now.

Brian looked thoughtful for a moment and then spoke up. “I propose a further problem. It has less to do with the tech problems and planning and more to do with who you are.”

“How many movies and books have dealt with the myth of the genius criminal escape artist? How many are there actually? Maybe one or two in history. They rest get caught. How many people do you know that have the ‘intestinal fortitude’ to be on the run for the rest of their life? Really on the run with powerful players looking for you, and maybe others trying to steal what you originally stole? My point is you are going to need some skills and to have certain personality traits to pull this off for the long haul.”

Holding up a hand Brian began to tick off skills. “A photographic memory would be excellent. You don’t want to have to write down too much stuff that can be used as evidence or lost. A knack for languages so you can fit in while living in your new country of the month. An ability to handle lots of stress for long periods of time without having to pop xantek 75 for an ulcer every half hour. That leaves me one thumb left.. I’ll think of more skills in a minute, but you get the idea.”

[Note to Editor: This next paragraph may be removed at your discretion]
To illustrate the difficulty of the problem Brian continued. “I seem to remember that in the late 1990’s there was a Russian Organized Crime group that had some insider help at CitiBank, and they managed to move like one hundred million dollars from the bank off shore.” Frowning Brian gave abig ‘thumbs down’ “Then again the insiders got caught going to the airport, and CitiBank recovered all but a quarter million dollars with help from the F.B.I. and by rolling back transactions.”

Brian, who had the most experience with on-line banking and commerce in general, had another valid observation. “Every time I hear about lots of money being successfully stolen, it seems to be because a little of it is taken at a time over months or years. I think the nickel and dime attack might work out better.”

Tom killed that idea dead. “The daily audit would catch it. There are only like fifty transactions a day, so they have some people check them over first thing each morning. With this opportunity it would be all or nothing.”

By this time you could tell the fire was almost dead in Tom’s eyes. Not that he was actually thinking of trying to steal the money, but it would be more exciting if he could -- but decided not to. Not being able to in the first place would be not so cool.

When Tom spoke up he admitted, “OK, so I haven’t done any planning, and the testing phase wraps up on Friday, so I guess it isn’t possible. How depressing! It would make for a good story: ‘There I was with my finger over the button….’”

The flame was only down -- not out. Tom sat up and issued his call to arms for the remainder of the night. “But now that we have brought up these issues let’s think it through over dinner and more drinks. And to add extra incentive, “I’m buying!”

With a grin on his face Dan exclaimed “Sweet! Dan wants a drink and the filet done medium-well.”

Brian just nodded “Thanks” and sat back composing his thoughts.

“Well, let’s take Dan’s rough outline and move through them one at a time, talking about all the problems we see at each stage. If there is something we don’t know about we’ll just note it and move on.” Tom was playing the part of coordinator, or maybe Project Manager would be more appropriate. “But first everyone take a pit break. I’ll order some appetizers and more drinks and water and then hit the head.”

Brian and Dan went in search of the restroom while Tom placed his order. By the time he returned from his break the other two were already seated talking about cars and women. Well, mostly cars.

Tom reached over and snagged Dan’s napkin, and after looking at it for a few seconds started off with:


“In this case access to the loot is easy, at least for two more days.”

“An insider has the advantage, initially, of staying hidden, doing more recon and gaining intelligence to see if there are any ACH blocks or controls that would prevent the transfer from going to another account besides the intended one. He may try to make it look like other employees were to blame, or have the transfer take place while they were on vacation. If the attack did not work they could try and weather the audit storm.”

Brian cut in, “Well, whoever it is has the core problem of moving the loot. Let’s assume you have access, and move on to the movement problems. If the transfer happens at the end of the day, and the audit happen first thing in the morning you have only like.. let’s see.. 5pm to 8am or so. Fifteen hours to be safe, assuming no one gets a call in the middle of the night. To maximize that you might transfer the money backwards in time so when it is 8am EDT it is like 7pm at the target bank. That might give you some more time.”

“In the best case, by the time the bank realizes the theft the money has already been moved to the primary, and from there to the secondary accounts. If you could set up a sweep account that would automatically forward the balance from the primary to the secondary accounts at the end of the day you could already have a web spun by the time they wake up.”

Dan spoke up with his take of things. “It seems that the only way you can get the money out is to change the transfer account number. That gets noticed almost immediately. So the answer to the first problem is: You have access to the account, and movement is by the existing wire transfer system – just to a different account you control. To me the more interesting problem is the second one. Solving this problem implies that you have already solved the second problem. Let’s talk about that.”

“Account location and set up?” Tom looked around to see if everyone was ready to move on. “Yes? OK. That was quick.”


Dan continued his original train of thought. “I think that in order to move the money, the first step, you need to have created the accounts that it will flow to. The more accounts you create the greater your effort and time commitment. You might get noticed by some automated system if it looks suspicious. If Tom spends three months opening up fifty international bank accounts and keeps the minimum balance in them, is that suspicious? Who would notice?”

“Also, if Tom opens up four accounts instead of fifty it will take less time for the Bank to respond. I don’t know if the difference between four and fifty means anything, but I doubt you have the money to open up a thousand accounts.”

Brian picked up where Dan left off. “You would want to open your accounts in countries that are not friendly to the U.S.A., the U.K., or any allies. I don’t know how you open up an account in North Korea, but that might be a good place to start. Then again, that would definitely attract attention.”

Butting, in Tom interjected, “I was thinking about that. Do you fly to each country and open each account? I mean there would be a record of your travel to all of these countries, you would be on the surveillance videos of all the banks, and in the end you only have time to get the money out of one or two of them.”

Brian responded, “After you snag four billion they will figure out it is you very quickly. You open up the initial account under some legitimate foreign corporation you create, and from there you move the money to all of your secondary locations. The first one doesn’t really matter. The investigators know it is you anyway when you don’t show up for work or whatever. For that matter the second ones don’t really matter either. Those will be given up by your bank pretty quick. Your chance to hide your trail is with the third level of banks. If the second level banks are not friendly or are slow to respond, then that gives you more time to get at the money in the third level banks.”

While Brian was speaking the new round of drinks and appetizers arrived. Listening to Brian, Tom and Dan started to dig in.

“You could have other people open the accounts for you to speed things up or to help hide them from the investigators, but every time you involve someone else you are increasing your risk, and giving up a slice of the pie. It may be a slice you couldn’t get to or didn’t need, but the more people involved, the riskier it is. I mean, who else do you trust to go on a crime spree with you? You could somehow trick or hire people to open accounts for you, but because they are not a partner in crime they won’t be willing to take any risks either. I’d say take a smaller slice of the pie and involve the fewest number of people possible.”

“Also I don’t know enough about all the banking laws and policies of each country that could be considered for an account, but I would think that a bank that gets a hundred million or more one night might want to hold on to it for a day or two before letting it go out again. If that is true it will be too late for you, and the account will get frozen before you can get to it. Unless you cut a deal with some professional money launderers, organized crime groups or rogue governments that just don’t care, I think this is the largest problem you will face. Oh, and if you can somehow make contact with those groups and cut a deal with them there is no guarantee that they will give you a cut of your money if you successfully move some of it through them.”

With this contribution to the conversation, Brian took a breather and his turn at the dwindling appetizer selection.

“The less people involved the better, and involving some crime groups will be difficult at best,” Dan nodded his agreement observing, “and you still may end up with no money or with a bullet in your head,” Dan grinned “I add that last part to spice it up. The characters in the movies are always getting shot in the head by the Russian Mafia.”

“O.K., as a project manager I’d say just dealing with the second problem would be a full time job for three to six months. You don’t want to appear in to great of a rush when dealing with banks, and you would want to pick them carefully.” Tom finally got into the act. “So just like problem one depends on the answers to problem two, your can’t complete the account set up phase without dealing with problem three: Account Recon. Let’s talk about that next.”


Tom continued, “We have brushed up against this earlier, but let’s talk it through. I would think you would do all of the research possible before committing yourself to any crime. Opening a bank account under your real name in a foreign country is not against the law, but using a fake identity is. So before you commit yourself you need to figure out what is what. Where do you start?” The question was not directed to anyone in particular, and Dan and Brian took their time thinking about it before answering. Brian spoke first.

“Are you asking about why you would do account recon, how you would do it, or about who would do it? This is a difficult problem because every country has different regulations. Now granted that the States and Europe are ‘harmonizing’ their banking regulations. I’m guessing you wouldn’t move the money there in the first place.”

“I had to create a foreign company recently. Because everyone is so nervous about terrorists and money laundering, there was a fair bit of paperwork dealing with my identity. Once you have your foreign entity created you need to open a bank account for it. This takes some time, maybe three weeks or more, because your company is brand new and banks seem to be a bit slower when you are doing everything by remote control. Once you have your bank account in place you can manage it over the web, or by phone. Phone is a pain in the ass because of time differences and language barriers. All in all, it takes a couple thousand dollars to set up and about a month to get it working.”

“Oh, and there are tax consequences as well, depending on how you set it up.” Brian looked around as if this was a slightly humorous non-issue. “But if you are stealing four billion I don’t think you are worrying about breaking some tax laws.”

“Now, if you could get the right person involved on the bank’s side who is not too strict you could fake your identity with a bogus passport and get the company and the account created under fake names. Then your account would be active. As long as you covered your tracks as to where the account set-up documents were initially mailed and were careful not to leave fingerprints on a document or any voicemail, then the only thing to worry about is having your real voice recorded or your real handwriting analyzed. Those you can obfuscate. When it comes to managing your account you would use TOR or some other system to hide your real IP address.”

Brian was all wound up, and looked like he could talk for hours. Leaning forward on the table to make sure he had the attention of Tom and Dan he continued.

“This kind of set up would work well if you were trying to hide some money from a business partner or your wife. True, you committed some crimes to set it all up, but you aren’t continuing to break new laws.”

“In the current situation it would only make sense to try to hide the identity of the account if it was one of the end point accounts, the third tier accounts we were talking about earlier. The authorities will freeze the first and second tier accounts very quickly….”

Dan interrupted, pointing out, “Hey, if you have the time, why not make every account as anonymous as possible? It won’t slow down the accounts getting frozen, but it might keep them off your trail for an extra day or two -- at least until the weekend is over. By then you could be in another country trying to retrieve your ill-gotten gains.”

“I guess it depends on how much risk you willing to take.” Brian took back control “If something goes wrong while setting up the accounts, you could draw unwanted attention. If your planning is long-term enough it wouldn’t take time away from other elements. But sooner or later when you don’t show up for work they will know it is you. If you could do this remotely then you could have a slight chance of getting away, but I didn’t think that was possible.”

“Nope, you have to be at a console to modify the account information. You could do it as a cron job, maybe even try and cover your tracks by changing the account number back, but there are lots of logs,” Tom confirmed.

“OK, so let’s get back on track, and work on Tom’s question. What is what? I’d want to know the banking laws of various countries, and figure out which ones are the most protective of the account holder. I’d look at different countries and which ones are not real friendly with the US. If I had my anonymous foreign company set up I’d use it to set up some accounts and test moving money through them to see how fast it goes, what the procedures are like, etc. Basically do a dry run with a smaller number of accounts.”

“I’d take all the information, put it in a grid, and select the best countries and banks and go from there. At some point you would need to get the money out, and the fastest way would be to do it in person the second it arrives….”

Dan cut in again, “Hey, that’s the next problem. How to get your hands on the money.”

“I think we could talk about account recon forever. Let’s come back to it if we have to. Move on,” Tom said.

Brian deflated a little bit. “Just when I was peaking!”

Dan looked at his notes and explained. “We are assuming that all has gone well so far, and you have managed to get some money to an account someplace.” Switching to an announcer style voice, “Now our hero needs to get money out of the bank and make a getaway.”