What are AUSTRAC’s allegations against Westpac?
Anti-money laundering and counter-terrorism financing regulator AUSTRAC has alleged that Westpac’s oversight of its correspondent banking relationships was deficient. Correspondent banking relationships involve domestic banks taking deposits and providing services to offshore banks and their customers. The alleged failures in oversight resulted in serious and systemic non-compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), according to AUSTRAC.
AUSTRAC alleges that the bank failed to appropriately assess and monitor the risks associated with the movement of money into and out of Australia through these relationships, that it failed in its obligation to report more than 19.5 million International Funds Transfer Instructions over nearly five years, and that it did not carry out appropriate due diligence on transactions to the Philippines and elsewhere in South East Asia that carried potential child exploitation risks.
According to AUSTRAC, Westpac was aware of the heightened child exploitation risks since at least 2013 and in June 2016 senior management was specifically briefed on the risks with respect to LitePay, a Westpac product that facilitates low-value international transactions. Westpac did not implement appropriate automated detection scenarios for LitePay until June 2018, AUSTRAC claims.
In total, AUSTRAC alleges over 23 million breaches of the AML/CTF Act. The regulator blames the breaches on systemic failures at the bank, indifference from management and a lack of oversight by the board.
What is the AML/CTF Act?
The AML/CTF Act is legislation aimed at preventing money laundering and the financing of terrorism by imposing obligations on the financial and gambling sectors. These obligations include collecting and verifying ‘know your customer’ information about customer identity.
What penalties is Westpac facing?
AUSTRAC commenced civil proceedings in the Federal Court of Australia on 20 November. “[W]estpac has contravened the [AML/CTF Act] on 23 million occasions, each contravention attracting a civil penalty between $17 million and $21 million,” it says in its concise statement to the court.
ASIC and APRA have also advised that they are investigating the matter.
How has Westpac responded?
The Westpac board has issued an unreserved apology. “As a board, and as individuals, we are devastated by the issues raised by AUSTRAC in its recent statement of claim,” Chairman Lindsay Maxsted FAICD said.
Westpac CEO Brian Hartzer said, “These issues should never have occurred and should have been identified and rectified sooner. It is disappointing that we have not met our own standards as well as regulatory expectations and requirements.”
“The notion that any child has been hurt as a result of any failings by Westpac is deeply distressing and we are truly sorry.”
Westpac has issued a response plan, which includes the establishment of a Board Financial Crime sub-committee and increased financial crime resourcing. It has already closed its Australasian Cash Management product, which enabled the IFTI transactions with foreign banks, and has announced it will close LitePay.
On 26 November, the bank announced that Hartzer would step down with CFO Peter King taking over as acting CEO from 2 December. Westpac also announced that non-executive director and Chair of the Risk & Compliance Committee, Ewen Crouch AM FAICD would not seek re-election at the Westpac AGM on 12 December and Maxsted would bring forward his retirement to the first half of 2020.
What are the implications for directors broadly?
The alleged breaches will be shocking and distressing for all directors. In coming months, Westpac and relevant regulators will investigate these issues and how they occurred. The case has clear implications for governance more broadly including:
Emphasising that compliance with the law is the basic minimum standard of corporate conduct, and must be embedded within an organisation’s culture.
- Highlighting that community and investor expectations of director and senior executive accountability are rising.
- Boards must satisfy themselves internal systems are adequate to detect breaches of the law, and regularly challenge management assurances.
There needs to be co-ordination across the organisation to ensure compliance and to escalate breaches, potential breaches, near misses and lead indicators of compliance breaches to the appropriate level of the organisation.
- Boards and executive teams must develop a sophisticated understanding of the non-financial risks facing their organisation, and how they can be appropriately managed.
- Boards must create a culture where staff throughout the organisation are comfortable raising issues and red flags are called out.
When serious problems are found, the board must insist on swift resolution.
Read our statement on the issue here.