Phishing attack swipes bond payments, a Texas school district reports

Register now

A Texas school district missed payments on three bond issues after what school officials called a "business email compromise scheme" sent the payments to a fraudulent account.

The late debt service payments from San Felipe-Del Rio Consolidated Independent School District are viewed by Moody's Investors Service as an administrative default, not a payment default, given the district’s ability and willingness to pay, according to the rating agency.

The district learned on Feb. 18 that funds intended as payments to a bank for the district’s debt service were electronically transferred via an automatic clearing house to a fraudulent account, according to a statement from Carlos Rios, superintendent of San Felipe Del Rio CISD.

The district immediately contacted authorities, including the Federal Bureau of Investigation, and began an internal review, Rio said.

“Unfortunately, business email compromise schemes like this have become common with other organizations and school districts targeted across the state and the nation,” Rios said in the statement. “I want to assure our community that the San Felipe Del Rio CISD remains financially strong and is working to prevent future fraud schemes by reviewing our systems and putting additional safeguards in place.”

The school district approved allocating $2.14 million from the general fund to cover bond payments at special meeting Monday night, Amy Childress, the school district's interim chief financial officer, said.

Rios plans to hand deliver the payment to BOK Financial, the escrow agent, when he is in Dallas for a meeting tomorrow, Childress said, adding that the school district has suspended electronic fund transfers for the time being.

Childress, the school district's budget director, was named interim CFO Thursday after CFO Henry Arredondo was placed on administrative leave.

She wouldn't comment on why Arredondo had been placed on leave, because "it is still under investigation."

Moody’s expects cyber attacks to become more sophisticated and impact more municipal issuers, said Heather Guss, a Moody’s analyst.

The attacks have the potential to negatively impact issuers’ finances, reducing liquidity, increasing exposure to litigation, and damaging reputations, Guss said.

Based on information currently available, Moody’s said it appears this situation will not have an impact on the district's ratings, but the rating agency will continue to monitor developments. The district has $27.8 million in unassigned general fund balance, equal to 29.8% of revenue, as August 31, 2019, Moody’s said.

The bonds affected comprise $25.1 million of the district’s $49.2 million in outstanding debt, according to its most recent comprehensive annual financial report for year-end Aug. 31, 2018.

The district's GO bond have an Aa3 underlying rating from Moody's while S&P Global Ratings assigns its A-plus issuer rating. The GO ratings are enhanced to triple-A through the Texas Permanent School Fund Guarantee Program.

The debt service payments were due for three series of unlimited tax refunding bonds: a $1.76 million payment for the 2013 series, a $159,000 payment for the 2016 series and $90,700 for the 2017 series. The permanent school fund was not called upon to make the debt service payment because the default was not due to the district's unwillingness or inability to pay, Moody’s said.

The district, about 150 miles west of San Antonio on the U.S./Mexico border, serves the city of Del Rio and surrounding communities within Val Verde County as well as the children of Laughlin Air Force Base staffers, according to a Moody’s report. It had an enrollment of 10,579 students as of the 2017-18 school year.

“The school district will continue to work closely with authorities to bring justice to our community and recover the stolen funds,” Rios said.

For reprint and licensing requests for this article, click here.
Cyber attacks Bond defaults Texas School bonds Fraud losses