Westpac sued for 23 million breaches of anti-money laundering laws

Australia’s financial intelligence agency has launched legal action against Westpac Banking Corporation (ASX: WBC) for failing to report over $11 billion in international funds transfer transactions completed through its foreign correspondent banking network.

The Australian Transaction Reports and Analysis Centre (AUSTRAC) has also accused the bank of foregoing appropriate due diligence on customers sending money to known child exploitation regions in South East Asia.

In documents filed today with the federal court, AUSTRAC said it would apply for a civil penalty order against Westpac’s contravention of the Anti-Money Laundering and Counter-Terrorism Financing Act on over 23 million occasions.

Each contravention could attract a penalty of up to $21 million.

AUSTRAC said the failures exposed Westpac and the Australian payments system to “unacceptable and long-standing” risks, and placed the blame squarely on the lender’s internal inadequacies.

“These contraventions are the result of systemic failures in [Westpac’s] control environment, indifference by senior management and inadequate oversight by the board,” the agency said.

“Westpac has failed to properly resource the [anti-money laundering and counter-terrorism] function, to invest in appropriate IT systems and automated solutions, and to remediate known compliance issues in a timely manner … because Westpac adopted an ad hoc approach to risk management and compliance.”

Correspondent risks

Correspondent banks are financial institutions which conduct activities and business in countries other than Australia.

They are most often used by domestic banks to service transactions which originate or are completed in foreign countries, and act as a domestic bank’s agent abroad.

Correspondent banking relationships present higher money laundering and terrorism financing risks due to cross-border movement of funds, the possibility of dealing with correspondents in high-risk jurisdictions, and the often limited information about the identity and source of funds connected with customers of a correspondent bank.

AUSTRAC criticised the management of Westpac’s correspondent network.

“These relationships involved higher money laundering and terrorism financing risks and should have been subject to appropriate risk-based due diligence, monitoring and oversight,” it said.

“Westpac’s failure to follow appropriate risk-based procedures has exposed the Australian financial system to unacceptable risks, including with respect to possible child exploitation, tax offences, money laundering and terrorism financing.”

Funds transfer failures

Westpac is also alleged to have contravened the rules relating to reporting requirements for international funds transfer instructions (or IFTIs).

From November 2013 to September 2018, the bank failed to provide AUSTRAC with a timely report of 19 million incoming IFTIs – representing more than 72% of all IFTIs received by Westpac during the period.

It failed to do the same on three other occasions involving a total of more than 72,000 incoming and outgoing IFTIs valued at over $800 million.

Under the Act, banks are required to report IFTIs to AUSTRAC within 10 business days of their receipt; however, Westpac provided its reports nearly a year after each order.

The IT system which generated the reports was also deemed “not fit for purpose”.

“Westpac had inadequate end-to-end understanding, documentation and monitoring over IFTI reporting … it failed to identify all source systems that create payment instructions that required reporting [under the Act],” AUSTRAC said.

“[Its] assurance processes failed to identify significant and long-standing non-compliance … and failed to detect that 72% of incoming IFTIs had not been reported.”

Child exploitation

Among more serious allegations was Westpac’s failure to respond satisfactorily to the gross misuse of its international funds transfer platform LitePay, specifically regarding crimes against children.

From as early as 2013, the bank had been aware of up to 12 customers making repeated low-value payments through LitePay to the Philippines and South East Asia, some of which were made to alleged or suspected child exploitation facilitators.

AUSTRAC said the accounts had been established by the bank without appropriate and ongoing customer due diligence.

One customer in particular, had been allowed to open a number of Westpac accounts after serving a custodial sentence for child exploitation offences.

“The customer was able to send frequent low-value payments to the Philippines through channels that were not being monitored properly,” AUSTRAC said.

In June 2016, senior managers were briefed on the risks but it was not until two years later that the bank implemented an “automated detection scenario” to monitor LitePay for known child exploitation risks.

“Financial service providers play an important role in combating financial crime – through transaction monitoring programs and ongoing due diligence, [they] are able to target, identify and stop financial transactions associated with [crimes such as] the sexual exploitation of children,” AUSTRAC said.

“Had Westpac been applying appropriate scenarios across all channels, this highly suspicious activity would have been identified sooner.”

Bank’s response

Westpac chief executive officer Brian Hartzer acknowledged the seriousness of AUSTRAC’s proceedings.

“These issues should never have occurred and should have been identified and rectified sooner,” he said.

“It is disappointing that we have not met our own standards as well as regulatory expectations and requirements.”

The bank has been “heavily investing” in strategies to improve and bolster the management of financial crime risks including strengthening its policies, data feeding systems, processes and controls.

“We have implemented a range of additional steps in our processes including enhanced automatic detection systems and we continue to proactively engage with AUSTRAC to close any remaining gaps to meet their requirements as well as our own expectations,” he said.

“We are also taking very seriously AUSTRAC’s concerns around appropriate customer due diligence on transactions to the Philippines and South East Asia, including reviewing relevant processes.”

Westpac is a member of the Fintel Alliance – a world-first, private-public partnership established by AUSTRAC in 2017 to tackle serious financial crime.

Alliance partners include major banks, remittance service providers and gambling operators, as well as law enforcement and security agencies here and overseas.

Mr Hartzer said Westpac would “work constructively” with AUSTRAC to resolve the concerns.

CBA agreement

Westpac has found itself in the hot seat previously occupied by Commonwealth Bank of Australia (ASX: CBA), which was placed under AUSTRAC’s microscope in 2017 for failure to report suspicious deposits, transfers and accounts.

By June 2018, the bank had agreed to pay a penalty of $700 million plus legal costs – the largest ever penalty in Australian corporate history – to resolve the proceedings.

AUSTRAC’s action against CBA followed detailed investigations into the bank’s compliance and risk management practices on anti-money laundering and counter-terrorism financing, particularly in relation to its Intelligent Deposit Machines first rolled out in 2012.

IDMs enable users to anonymously deposit cash and other forms of payment, with the proceeds immediately showing up in the receiver’s account.

AUSTRAC’s investigations – conducted with the federal, NSW and WA police forces – identified that CBA’s IDMs were being used to launder the illicit proceeds of crime.

Clean record

Meanwhile, Australia & New Zealand Banking Group (ASX: ANZ) confirmed around the time of the CBA investigation that AUSTRAC had found no evidence of breaches within the bank, and gave assurances that it only holds accounts “for people we know and trust”.

Chief executive officer Shayne Elliott told a committee review of the big four banks that ANZ had a clean record, with systems in place to report cash transactions of $10,000 or more, all international funds transfers and any other financial matters that raise concern.

Possible breaches

Earlier this month, National Australia Bank (ASX: NAB) proved it may follow in Westpac’s footsteps and face the prospect of hefty fines after revealing in its annual report that it “might have been involved” in a breach of AUSTRAC laws.

The bank has provided documents and information to the agency for investigation.

It said the outcome and total costs associated with the remediation process remain uncertain.