The Commonwealth Bank’s decision to admit flaws in efforts to prevent organised criminals and terrorists laundering money through its network of “intelligent ATMs” was inevitable.
- CBA admits to numerous flaws in its systems in deal with money laundering
- No deal has yet been struck with AUSTRAC leaving CBA facing massive penalties
- Tabcorp’s record $45m money laundering penalty likely to be dwarfed by CBA
The original defence that Anti-Money Laundering/Counter Terrorism Financing (AML/CTF) laws were technically breached just once due to the same computer coding error that was not fixed for a couple of years was at best tenuous.
The financial intelligence agency AUSTRAC said it was more like 53,000 breaches.
The CBA’s original logic may have been influenced by the fact that each breach carried a maximum fine of $18 million and being found guilty on each count had a ceiling of close to $1 trillion.
However, CBA’s new defence looks to have borrowed from Tabcorp’s playbook when it was staring down the barrel of a far more modest $1.5 billion fine.
Tabcorp’s defence was humiliating, fronting up to court with words to the effect of, “Sorry your honour, we stuffed up, we were utterly clueless about our legal responsibilities”.
That contrition allowed the gambling giant to cut a deal with AUSTRAC and settle the case without an excruciating and very expensive trial.
Importantly, the penalty was wound back to $45 million with massive discounts being offered on the 84 failures to make timely Suspicious Matter Reports (SMRs) relating to match fixing, credit card fraud and credit betting AUSTRAC identified.
AUSTRAC vs Tabcorp
|Contraventions||Number reported||Maximum penalty||Penalty received|
|SMR failure: match fixing||1||$11m||$1m|
|SMR failure: credit betting||32||$576m||$10m|
|SMR failure: fraud reporting||51||$918m||$15m|
|AML/CTF Section 51||1||$11m||$500,000|
|AML/CTF Section 32||1||$18m||$3m|
|AML/CTF Section 81||1||$18m||$15.5m|
CBA’s defence is to raise the white flag, but only partially. The admissions include:
- It was late in filing 53,506 threshold transaction reports which it blamed on the computer coding error
- It did not adequately adhere to risk assessment requirements for Intelligent Deposit Machines (IDMs), although argues it does not amount to eight separate contraventions
- It accepts it did not adhere to all transaction monitoring requirements
- It accepts 91 allegations relating to SMRs but disputes a further 83
- It accepts 52 allegations relating to customer due diligence requirements but disputes a further 19
Deal or no deal?
While Tabcorp’s case is instructive, the breaches do not line up perfectly with CBA as a model.
As well, given Tabcorp settled rather than went to trial, it does not create a binding legal precedent.
Nonetheless, the CBA hopes to be offered similar discounts.
“For example, the court may consider whether any contraventions arise out of the same course of conduct and will assess the appropriate penalty for that conduct accordingly, as it recently did in the Tabcorp decision,” CBA said optimistically in a statement while filing its defence.
AUSTRAC has not offered any hint of deal. Rather the opposite, adding an additional 100 breaches to an original rap sheet that already ran to 600 pages.
Those extra charges are a big part of why the CBA will be desperate to settle.
“With most enforcement actions, when a bank starts to examine its internal controls it uncovers things it would prefer to have self-disclosed to the regulator,” Thomson Reuter’s regional chief of regulatory intelligence Nathan Lynch recently wrote in a piece on CBA’s woes.
“Identifying problems under the duress of enforcement action is a bad way to report regulatory breaches.
“The uncovering of damaging internal documents is just one reason why financial institutions should do everything they can to prevent compliance failures from escalating to litigation.”
That particularly ugly moggy appears to be at least partially out of the bag now.
Problems with money laundering laws
One thing the Tabcorp case did highlight was the problems with existing AML/CTF laws.
The Federal Court’s Justice Nye Perram noted a strict reading of the law would mean every SMR failure would be judged and fined separately.
“I cannot see how the text of section 81 can be bent so that it can be read as involving only a single infringement when a program is said to be deficient,” Justice Perram said.
Tabcorp’s contrition and AUSTRAC’s openness to a deal meant the “infelicitous” wording of the act, as Justice Nye called it, could be side-stepped and the breaches could be treated as “a single course of conduct”.
Failure to strike a deal could be disastrous for CBA, not only in terms of the ongoing PR nightmare of further revelations in court but also in terms of penalties levied and court costs to be paid.
So what could it cost CBA?
The relatively good news for CBA is the trillion dollar whack is totally far-fetched. Forcing Australia’s biggest bank, one of APRA’s “domestically-systemically important banks”, into insolvency is not going to happen.
Justice Perram waved through Tabcorp’s $45 million settlement as he considered it was of an appropriate scale given the seriousness of the offences and the need to remind other businesses to take their AML/CTF responsibilities seriously and keep their surveillance systems in good working order.
“It is true that the failures were system failures but that is precisely what this statute is about,” Justice Perram wrote.
“It is also true that the penalties could have been much greater had the court not accepted that in several instances courses of conduct were involved.”
As if CBA and its shareholders had not worked it out already, Justice Perram pointed out the case would “demonstrate to those in the industry that failures to comply with the Act have a very real potential to be expensive”.
Thomson Reuters’ Nathan Lynch noted in the Tabcorp case that the final penalty was set around one quarter of annual operating profits.
“In CBA’s case that would amount to around $2.5 billion,” he said.
On top of any penalty, Mr Lynch said there is a lot else at stake, such reputational damage and the cost of class action lawsuits brought by the likes of Maurice Blackburn Lawyers and litigation funder IMF Bentham.
Then there is the potential involvement of US regulators, which Mr Lynch notes “is the big wildcard in this case”.
The amount CBA will be obliged to pay is still very open to question.
The smart money says Tabcorb’s unwanted record for the largest penalty in Australian corporate history is likely to be short-lived.