A ruling released on China Judgments Online by the Supreme People’s Court brought a major financial case that had lain dormant for years back into the public eye. In a corporate account held by a Beijing notary office at the Beijing branch of Bank of Dalian, as much as 180 million yuan in wealth-management funds all but “vanished”; by the time the case came to light, only a little over 440,000 yuan remained on the books.

The bizarre case dated back to December 2013, when the Beijing notary office signed an “RMB Corporate Bank Settlement Account Management Agreement” with the Beijing branch of Bank of Dalian and opened a corporate settlement account to hold fees collected for notarization services.

Over the next nearly three years, the notary office transferred a total of RMB 360 million into the account. After the account was opened, the bank’s relationship manager, surnamed Li, was responsible for liaising with the client. Every quarter, Li visited in person to deliver account statements stamped with the bank’s official seal for the client. On these statements, the account status was consistently shown as “normal,” and the balance and interest calculations appeared accurate to the last cent—creating for the notary office the illusion of “fund safety” that lasted for years.

However, the truth uncovered by the judicial investigation was the complete opposite. As early as January 2014—shortly after the account was opened—the funds began to be transferred out in batches without authorization. By September 2017, the huge sums in the account had been moved to nine affiliated companies as well as to personal accounts belonging to individuals such as Luo and Huo. Notably, Luo was then the business head of Bank of Dalian’s Beijing branch, and Huo was his mother, making the flow of funds closely tied to people inside the bank. As of September 7, 2017, the account’s actual balance had fallen to just over RMB 448,000—essentially an account in name only.

Even after the account had been almost emptied, the deception continued. In June 2018, based on falsified account statements provided by the bank, the notary office confirmed that the account still held principal and interest totaling more than RMB 180 million, and it signed a wealth-management product purchase agreement with Bank of Dalian for that amount. It was not until the product matured and could not be redeemed that this embezzlement case—carefully disguised for nearly five years through falsified account statements—was fully exposed.

After the case entered judicial proceedings, the back-and-forth between the two sides made the bank’s tendency to shirk responsibility even more apparent. In response to the allegations, the Beijing branch of Bank of Dalian, on the one hand, denied the authenticity of the bank seals on the relevant documents; on the other hand, it raised a procedural objection based on the “criminal-first, civil-later” principle, arguing that the case was suspected of involving a criminal offense and should be transferred to the public security authorities, and that the civil trial should be stayed. Even more strikingly, the bank claimed during the hearing that a key person involved in the case—former head Luo—had “become mentally ill and gone missing,” and that the account manager Li had also left the company, attempting to pin all responsibility on individuals who could not be held accountable.

This defense strategy was upheld by the courts at both first and second instance, leading to the notary office’s lawsuit being dismissed and the case falling into a deadlock. It was not until the Supreme People’s Court retrial that the situation turned around. The Supreme People’s Court made it clear in its ruling that the civil dispute in this case (a savings deposit contract dispute) and the criminal offense (suspects forging documents and transferring funds) involved “different parties and different legal facts,” and did not constitute the “same set of facts.” The handling of the criminal case did not affect the independent adjudication of the civil case. The ruling ultimately directed the Beijing Financial Court to conduct a substantive trial of the case, making clear that the bank could not evade its statutory duty to ensure security by invoking “criminal-first, civil-later.”

Systemic Loopholes 

The 180 million yuan missing-funds case at Bank of Dalian was by no means an accidental, isolated “insider” incident. A closer look at the modus operandi reveals systemic failures across multiple core risk-control links.

First, in account and online-banking management, defenses were effectively nonexistent. According to the ruling, just five days after the account was opened—and with only the first tranche of 40 million yuan credited—suspects impersonated the notary office’s accountant and, using a set of application materials bearing genuine official seals but with signatures of questionable authenticity, easily tricked the bank into issuing online-banking encryption devices, and then transferred out almost all of the funds within two days. Over the following four years, the suspects used similar tactics on five additional occasions to process online-banking changes and collect devices, yet the bank’s review mechanisms failed each time to effectively identify the risk of identity impersonation.

Second, in reconciliation and signature/seal management, internal oversight failed completely. Dozens of interest receipts and account statements that account manager Li delivered over a long period were later authenticated as having been stamped with forged bank imprints. The fact that counterfeit bank seals could be used for years in routine reconciliations with an important client without being detected points to major loopholes in the bank’s processes for the printing, custody, and use of key vouchers.

Notably, Bank of Dalian’s internal control problems show a certain degree of pervasiveness. In September 2025, the Chongqing branch of the National Financial Regulatory Administration (NFRA) disclosed administrative penalty information: Bank of Dalian’s Chongqing branch was fined RMB 2.6 million for eight illegal and non-compliant acts, including inadequate pre-loan due diligence, misappropriation of credit funds, and the improper issuance of working-capital loans. The client managers and managerial personnel involved at the time were given warning sanctions. One of the core issues behind the penalty imposed on the Chongqing branch was “misappropriation of credit funds,” a shortcoming in internal controls similar to the RMB 180 million fund-misappropriation case at the Beijing branch. This suggests that the bank’s problems in areas such as fund oversight and personnel management are widespread, rather than isolated issues confined to a single branch.

Pressure on performance may have been an important factor prompting Bank of Dalian to relax its compliance management. According to the bank’s information disclosure report for the third quarter of 2025, from January to September 2025 it generated operating income of RMB 3.266 billion, down 17.66% year on year; net profit came in at RMB 481 million, down 4.81% year on year—clear signs of mounting pressure on profitability. As of the end of September 2025, the bank’s Common Equity Tier 1 (CET1) capital adequacy ratio was 8.28%, while its Tier 1 capital adequacy ratio and overall capital adequacy ratio were both 10.67%. Although these still met the regulatory minimum requirements, they had declined by 30 basis points and 68 basis points, respectively, from the beginning of the year. The capital buffer was narrowing, and its ability to withstand risk remained limited compared with large banks.

A deeper breakdown of its financial metrics shows that Bank of Dalian’s “blood-making” capacity is being severely squeezed. Net interest margin—an indicator of banks’ core competitiveness—fell steadily from 1.64% in 2020 to 0.53% in the third quarter of 2025, while net interest spread was down to just 0.47%, meaning the profit space of traditional spread-based business had almost dried up. Meanwhile, the bank’s cost-to-income ratio was as high as 50.95%: for every RMB 100 of operating income it generated, more than RMB 50 was eaten up by operating costs, indirectly underscoring low internal management efficiency.

Yu Fenghui believes that Bank of Dalian’s performance decline and recurring compliance risks are precisely what demonstrate the harm of “prioritizing business while neglecting compliance,” something small and mid-sized banks must take as a warning. In his view, the root causes lie in an imperfect risk management system, insufficient internal audit and oversight, and weak compliance awareness among employees. He suggests strengthening the bank’s internal controls in a systematic way to prevent crimes committed by “insiders.” The key is to establish and improve a sound risk management system, tighten internal audit and oversight, raise employees’ compliance awareness, and use technological measures to enhance transaction transparency and security. “Performance growth is certainly important, but compliant operations are the lifeline of a bank. If you neglect compliance management, you will ultimately pay an even heavier price.”

Depositors' Misplaced Trust

The Bank of Dalian case involving the misappropriation of customer funds is shocking, but cases in which people abuse their positions at banks to infringe on depositors’ interests are not uncommon in the financial sector.

In April 2025, after Wang Moushan, a wealth management manager at a branch of a major state-owned bank in Shangqiu, died by suicide, multiple depositors discovered that their deposits had vanished. A business owner, Lili, found that her 780,000 yuan deposit had shrunk to just 4,519 yuan; an elderly couple, Chen Mouzhi and Shang Mouxing, had their 1.67 million yuan in “life-sustaining savings” transferred out, leaving only a small balance in their account. The 71-year-old Shang Mouxing suffered a sudden cerebral infarction after learning the truth and died four months later—still preoccupied, on his deathbed, with whether the money could be recovered. Investigators found that Wang had manipulated depositors’ accounts to transfer funds and purchase wealth management products, involving tens of millions of yuan. She allegedly used tactics such as accompanying customers throughout the entire process of handling transactions, stalling withdrawals, and asking for passwords so she could “operate on their behalf.” Before the case came to light, she spent lavishly; after the case was filed, her husband died by suicide as well, leaving behind two young daughters.

This case resembles the Bank of Dalian case: because of information asymmetry, depositors are in a disadvantaged position, and the trust they place in bank relationship managers becomes a vulnerability that can be exploited. Because the suspect had died, police dropped the case, leaving depositors to defend their rights only through drawn-out civil litigation. Together, the two cases underscore a harsh reality: when wrongdoing is committed by bank insiders, depositors have limited ability to protect themselves. Relying solely on personal vigilance is rarely enough to withstand the risks that arise when a bank’s internal defenses fail.

How can depositors protect themselves? Financial commentator Zhang Xuefeng advised adopting relatively prudent measures—such as cross-checking information through multiple channels (online banking, the counter, and customer service), properly safeguarding vouchers and receipts, and staying alert to anything abnormal. “Depositors’ ability to protect themselves is limited, especially when there is information asymmetry. As a professional institution, banks should shoulder corresponding obligations in customer education and in making processes more transparent.”

Yu Fenghui, meanwhile, suggested that depositors choose reputable financial institutions, develop a thorough understanding of product risks, and, when necessary, seek advice from an independent third party. At the same time, banks should strengthen customer education and ensure information transparency, thereby enhancing customers’ ability to protect themselves.

Bank Primarily Responsible 

Safeguarding customers’ funds is not only a bank’s inescapable legal duty, but also a social responsibility it must fulfill. Industry insiders believe that when flaws in internal management and failures in risk controls lead to depositor losses, banks should, as a matter of principle, bear primary liability for compensation—rather than shifting the risks and costs of recovery onto innocent depositors. In related cases, the Supreme People’s Court rejected banks’ defense of “criminal proceedings first, civil proceedings later,” which constitutes a clear judicial affirmation of this core principle and strengthens the legal shield for depositors seeking redress.

Bank internal control frameworks urgently need to move beyond “check-the-box compliance” and undergo a deep transformation toward “substantive effectiveness.” At present, many banks’ internal control rules still exist largely on paper—seemingly comprehensive, yet lacking the operational rigidity needed for real execution—making it difficult to build a truly effective, unified risk-prevention force. Specifically, internal control should be upgraded in a systematic way: in institutional design, strictly implement core requirements such as segregation of duties for key positions, mandatory job rotation, and hardening reconciliation procedures; in technological tools, fully roll out employee conduct monitoring systems and real-time abnormal transaction surveillance platforms to enable earlier detection, earlier alerts, and earlier response to hidden risks; in personnel management, tightly link compliance performance with business performance, strengthen the binding force of compliance assessments, and at the same time establish and improve effective internal reporting and whistleblower protection mechanisms to encourage internal oversight.

At the same time, financial regulation needs to further enhance its penetrative oversight and deterrent power, building a full-chain supervisory system of “pre-incident early warning, in-process control, and post-incident severe punishment.” Economist Yu Fenghui suggests making full use of advanced regtech tools such as big data analytics and artificial intelligence to build intelligent risk early-warning models, improving the precision and timeliness of supervision; meanwhile, improve reporting mechanisms for misconduct and keep supervision channels open for both internal employees and the general public, creating a healthy pattern of coordinated, multi-party oversight. In addition, regulatory penalties must be strong enough to create a powerful deterrent. For financial institutions with seriously failed internal controls and repeated violations, regulators should apply a combination of measures—hefty fines, business restrictions, accountability for senior executives, and even market exit—so that violators pay a heavy price, forcing banks to respect the rules and hold the line. (Reporting by Sun Cheng, Editing by Liu Yangxue)