Business account wire fraud is at the center of a growing dispute between a Los Angeles clothing wholesaler and a Korean American bank after nearly $300,000 was allegedly transferred out of a business account without the owner’s authorization.
Lee Ho-ryeong, owner of apparel company Mens Town in LAโs fashion district, claims unauthorized wire transfers drained funds from his business account in February.
According to Lee, he first discovered that $45,200 had been withdrawn from the account on Feb. 21. Because the transaction occurred over a weekend, he said he was unable to immediately contact customer service or the bankโs fraud department.
When he visited a Downtown Los Angeles branch on Feb. 23, Lee said he learned that four additional wire transfers had already been initiated.
Bank and Customer Disagree Over Responsibility
Lee said one $100,000 transfer was canceled on the spot, while investigations by receiving banks later helped recover roughly $150,000 of the total amount.
However, he claims the original $45,200 transfer was never returned.
After waiting nearly 90 days for the bank’s investigation to conclude, Lee said he received notice on May 20 that the disputed funds would not be reimbursed.
The bank maintains that the transactions were properly authorized under the accountโs security settings.
According to written statements provided by the institution, the account was operated under a “single-control” authorization structure and the wire transfers were approved using one-time passcodes (OTPs) sent via email.
Because the required authentication process was completed, the bank argues it bears no liability for the loss.
Security Experts Warn About Email-Based Authentication
The business account wire fraud case highlights growing concerns among cybersecurity professionals about the risks associated with email-based authentication.
Experts note that if criminals gain access to a customer’s email account, they may be able to intercept OTP codes, reset credentials, and approve transactions without the account holder’s knowledge.
Security professionals generally recommend stronger safeguards for business accounts, including multi-factor authentication (MFA), dual-control approval systems, and dedicated fraud-monitoring tools.
Lee argues the transfers were unauthorized regardless of how authentication was completed and questions whether email-based verification provides sufficient protection for high-value commercial accounts.
A bank spokesperson said the institution takes financial fraud seriously and continues investing in enhanced security measures to protect customers.
โBased on our investigation, we found no evidence of a security breach within the bankโs systems or any internal operational failure,โ the spokesperson said. โOur response was handled in accordance with established policies and procedures.โ
Lee, meanwhile, said he is preparing legal action.
โAs an immigrant business owner, I trusted a community bank with my business savings,โ he said. โSeeing that money disappear and feeling unsupported afterward has been extremely disappointing.โ
The dispute underscores a growing challenge facing small businesses nationwide: determining who bears responsibility when cybercriminals exploit weaknesses in the digital banking system.
