Citi has made an erroneous payment for the second time in the span of five years — and this time it was a whopper.

The $1.7 trillion bank credited a client’s bank account for $81 trillion instead of $280 last April, but reversed the mistake quickly, according to a Feb. 27 report by the Financial Times. 

“According to the [Office of the Comptroller of the Currency] and the FDIC, Citibank lacks the sufficient enterprise risk management control system, and this is evidence of that,” James McCarthy, founder and chairman of financial consulting agency McCarthy Hatch and a founding member of the Consumer Financial Protection Bureau, told Bank Automation News. “Citi needs better technical controls around their payment authorization policies.” Those policies and technology can be developed in-house. 

Better tech 

Citi’s systems should “have never allowed that number to be typed in” because the payment amount exceeds the bank’s total asset value, James White, general manager of banking industry at software company Total Expert, told BAN. 

“Large transfers should have a validation and approval process,” White said. “An employee should not be able to transfer over $100,000 without a second review. … The existing tech should have controls in place and approval routing workflows.” 

The bank might have workflows internally developed and did not build it out properly, White said, adding that the bank can also look toward third-party vendors like payments company Melio or Formstack to develop such complex workflows. 

Repeat performance 

This is the second time Citi has made a significant payment mistake.  

The bank made a $900 million interest payment to creditors of cosmetic company Revlon instead of the correct amount of $7.8 million in August 2020, according to the U.S. District Court for the Southern District of New York. 

Ten of creditors refused to return a total of $504 million to Citi for its mistake but the court ruled in October 2022 that the money had to be returned, saving Citi from a big financial loss, according to law firm Loeb and Loeb LLP. 

Impact on goodwill 

Repeated mistakes will likely hurt the bank’s credibility in the long run, McCarthy said, adding that they are bound to give regulators concerns about Citi’s risk management. 

Regulators might fine the bank after the mistake, McCarthy said, adding that Citi is already on thin ice.  

The OCC fined Citi $75 million due to deficiencies in enterprisewide risk management, compliance risk management, data governance and internal controls for the Revlon payment blunder and warned the bank about improving its processes to avoid the situation again. 

The Citi $81 trillion payment blunder is going to be a wakeup call for banks to evaluate their internal payments controls, McCarthy said. 

Use of agentic AI 

Human error can be mitigated through agentic AI deployment, Ronak Doshi, partner at consulting firm Everest Group, told BAN. 

“Agentic AI can perform multiple validations and review client work and flag unusual activity that is not previously observed,” Doshi said. “The combination of agents and employees performing these operations can avoid these massive errors.”  

While large banks may be reluctant to deploy agentic AI at scale due to its associated risks of hallucinations, as the technology continues to evolve, it’s becoming safer to use, Doshi said.  

Providence, R.I.-based Citizens and London-based ClearBank are both exploring agentic AI to boost internal efficiency, the banks shared with BAN this week. 

Register here for Bank Automation Summit 2025, taking place March 3-4 in Nashville, Tenn. View the full event agenda here.