Commonwealth Bank has confirmed the existence of an explosive internal review of the bank’s compliance with Australian and global anti-money laundering and terrorism financing laws, which revealed widespread failures across numerous divisions within the lender.
CBA today responded to revelations by Sky News Business last night and reported in The Australian today that billions of dollars worth of transactions in the US, Europe and Asia had not been properly monitored, which could expose the bank to investigation by global regulators.
The document also confirms senior executives at the bank were aware of large-scale gaps in the bank’s compliance frameworks, well before Austrac filed its explosive 600-page statement of claim alleging against the bank in August, which alleged more than 50,000 breaches of anti-money laundering rules.
“The document referred to in those media reports was a working document, proposing technology enhancements as part of our ongoing program of action, including the automation of tasks currently undertaken manually,” CBA said in a statement today. “A combination of automated and manual monitoring is common practice across the industry.”
Responding to the reports, Finance Minister Mathias Cormann said CBA has some “serious work to do” and that these were the latest “very serious” allegations in a series of serious compliance issues and allegations that have emerged from the bank.
“In an Australian context we’re taking action,” Senator Cormann said.
“This is now a further dimension and what it shows is that clearly the board and the management at CBA has got some serious work to do.”
Senator Cormann said the CBA situation could not be sugar-coated.
“This is a very serious issue and it goes to the heart, obviously, of the credibility of a very important financial institution in Australia, and that is why the government has welcomed the independent review initiated by APRA to look very closely at the governance culture and accountability frameworks and practices of the CBA,” he said.
The bank today reiterated that more than $230 million had been spent in a program to “strengthen policies and processes related to financial crimes compliance.”
“The program includes investment in systems to enhance transaction monitoring currently performed in Australia and offshore jurisdictions. The Commonwealth Bank maintains proactive relationships with all relevant global regulators on these and other matters.”
Obtained by Sky News Business, the confidential review of the bank’s compliance was presented to senior bank executives in February and showed non-existent or minimal transaction monitoring across almost two thirds of the CBA’s Institutional Banking & Markets division.
It also found that “product financial crime risk assessments” across the group “have not been updated since 2013”.
Institutional Banking & Markets manages global corporate, government and institutional clients, and according to CBA’s 2017 annual report was worth $1.63 billion to the bank.
The CBA has been reeling since revelations that anti-money laundering and counter-terrorism regulator Austrac took Federal Court action against the bank, alleging more than 53,000 breaches of anti-money laundering and counter-terrorism laws.
The Australian Securities & Investment Commission is understood to be aware of the report as part of its investigation following the Austrac claims.
CBA is already in talks with financial regulators around the world, including in the US and Hong Kong, and the prospect of the CBA’s institutional banking arm being non-compliant with transaction monitoring laws in America, Europe and Asia could threaten billions of dollars in business for the bank.
CBA businesses found to have no transaction monitoring include debt capital markets, leasing, and institutional lending in Australia and international locations such as Singapore, Hong Kong, Shanghai, Tokyo, London and New York.
Only two of the 10 businesses — foreign exchange and money markets — were found to have fully automated and compliant transaction monitoring standards, while several others were either manually monitored or non-applicable.
CBA chair Catherine Livingstone. Pic: Britta Campion
In a statement yesterday, CBA said it “routinely engages with Austrac and all relevant offshore regulators responsible for anti-money laundering and counter-terrorism financing compliance … We are not aware of any enforcement action or formal investigation by any overseas regulator, and we have been keeping relevant offshore regulators informed of our work in this area”.
The report says it would cost the bank $6 million to make the businesses fully compliant with global transaction monitoring standards. Implementation was due to begin in July, but Sky News Business understands the plan has been delayed because of concerns over costs.
The report — “IB & M transaction monitoring: Solution ¬Options” — was written by three of the bank’s most senior general managers of financial crime-monitoring and found “there is no end-to-end view of products across IB & M international in ¬relation to transaction monitoring across its global businesses”.
The report was commissioned by the bank’s institutional arm under the direction of Kelly Bayer Rosmarin, head of IB & M on the CBA’s executive committee, after it became aware of problems with the transaction monitoring of its intelligent deposit machines.
ASIC chairman Greg Medcraft is running an investigation into CBA’s level of compliance with transaction monitoring and what its management knew about failures at the bank.
This week the Australian Prudential Regulation Authority took the unusual step of announcing it too would conduct an investigation into CBA culture and governance.
Austrac allegations centre on the failure of CBA’s retail division to report $624m worth of cash deposits through their IDMs between November 2012 and September 2015.
The confidential report also shows that risk assessors at the IB & M arm engaged auditors KPMG as far back as early 2014 to “conduct a full gap analysis of its transaction-monitoring model” to bring the bank up to industry standard.
According to the CBA’s own confidential review it “highlighted weaknesses in (the) current state” which were yet to be rectified by this year.This article was first published by http://www.theaustralian.com.auAuthor: Michael Roddan