AUSTRAC and CBA agree on A$700 million penalty
Chris Hamblin, Editor, London, 6 June 2018
Australia's financial intelligence unit and the Commonwealth Bank of Australia have settled proceedings begun in a federal court relating to the latter's transgressions against the country's anti-money-laundering laws. If the court sanctions it, it will be the largest ever civil penalty in Australian corporate history.
The parties are planning to approach the federal court to ask for orders to give effect to their agreement, which includes an A$700 million (US$537 million) payment by the bank to the FIU/regulator. The timescale, however, is a matter of months.
AUSTRAC’s enforcement action against CBA is a result of exhaustive investigations at the bank, particularly in relation to its Intelligent Deposit Machines (IDMs). These investigations, which the regulator took alongside the Australian Federal Police, the New South Wales Police and the Western Australia Police, proved that money launderers were using the machines. The Commonwealth Bank has admitted that it broke the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 on no less than 53,750 occasions.
In summary, it accepted the following.
- It had failed to assess the "money-laundering and terrorist-financing risks" (AUSTRAC's phrase) associated with its machines before October 2017 properly.
- It had failed to deal with those risks fully by April 2018.
- It had failed to send 53,506 threshold transaction reports (TTRs) to AUSTRAC on time for cash transactions of A$10,000 or more (having a total value of about A$625 million) that went through its deposit machines between November 2012 and September 2015.
- For a period of three years, it did not comply with its own AML/ATF 'programme' in respect of the monitoring of transactions on 778,370 accounts.
- It failed to report suspicious matters on time, or at all. The sums involved ran into tens of millions.
- Even after it became aware that people might be laundering money or 'structuring' (manipulating the sizes of transactions to push them below detection thresholds) on accounts that it was managing, it did not monitor its customers with "money-laundering and terrorist-financing risks" in mind.
There was always a high chance that launderers would use the machines, because they could deposit cash anonymously at any time at hundreds of locations and transfer it immediately, either domestically or internationally, without any limit being imposed.
CBA, the agreement says, contravened s82(1) AML/CTF Act on 14 occasions by failing to assess the inherent "ML/TF risk" before introducing the machines in 2012; failing to introduce the right risk-based controls to offset such risk before then; failing to undertake a periodic assessment of such risk in early 2014; failing to introduce risk-based controls by introducing daily limits in early 2014; and other things.
It contravened s41(2)(a) of the Act because it did not submit suspicious matter reports (SMRs) to AUSTRAC in the required time-frame of three business days after the formation of each suspicion.
On 40 occasions between 2012 and 2015, according to the agreement, it did not submit SMRs even though it had already submitted an SMR about the same customer within the previous three months about a similar pattern of activity on the same account. In 22 of these cases it did not submit reports at all. The agreement states: "CBA accepts that it ought to have submitted SMRs...regardless of whether they were...qualitatively similar."
On 69 occasions, it did not submit SMRs in time even though the authorities had asked for account details in the context of various criminal investigations. The investigators were on the trail of two general-purpose criminal syndicates, three money-laundering syndicates and two cuckoo smurfing syndicates.
CBA reported a net profit after tax for the full year ending 30 June 2017 of about A$10 billion. Of this, about 75% was returned to shareholders thorugh dividends.