Now questions loom from NZ regulators
The Commonwealth Bank faces questions from anti-money laundering regulators in New Zealand, after revelations that CBA’s New Zealand subsidiary ASB Bank is under scrutiny over the use of its smart ATM machines similar to those exploited by criminals in Australia. The CBA-owned ASB Bank rolled out a network of smart ATMs in December 2013 which allow its customers to deposit under $10,000 without any identification. The ATMs operate 24/7 and allow customers to deposit cash instantly into their bank accounts, including on weekends and public holidays. The customers can then transfer funds into other accounts and move them to other financial institutions or remit the funds overseas.
While other banks have used similar ATM technology, money laundering experts said other banks had hard limits and oversights, such as ANZ which had a cap of 50 notes and transaction monitoring systems to prevent repeat transactions. The CBA ATMs had a limit of 200 notes or $20,000 and no daily transaction limit which was exploited by the criminals, AUSTRAC claims in court documents.
CBA CEO Ian Narev has admitted the bank ‘‘made mistakes’’ by failing to report the money laundering. In Australia, $8.9 billion in cash moved through CBA’s smart ATMs before a compulsory risk assessment was undertaken with AUSTRAC alleging 53,700 contraventions of the act.
A spokesman for the Reserve Bank of New Zealand, which supervises banks for money laundering, said ‘‘smart ATMs will be on the agenda for regular anti-money laundering discussions we have with our supervised institutions’’. Organised crime syndicates, particularly from Malaysia, have exploited the so-called smart ATMs because they allow vast sums of money to be deposited without any face-to-face interaction with bank staff, a risk assessment from the RBNZ warned in April.
‘‘The ease of use and anonymity afforded by these services … present a high level of … risk. While RBNZ recognises that this service provides greater customer convenience and quicker deposit of funds the deposit of cash by unidentified persons remains a key vulnerability,’’ the RBNZ update warned.
Leading Australian and New Zealand barrister in financial crime and regulatory cases Gary Hughes said New Zealand’s laws carry a similarly explicit legal requirement to assess the risk of the smart ATMs for money laundering before they are rolled out.
‘‘There is a requirement to give direct consideration to any new or developing technologies or products, especially where they might favour anonymity,’’ Mr Hughes said. ‘‘In New Zealand, this is explicit in our legislation, obliging regulated entities to assess the risk of any such technologies before they introduce them, and to put in place any additional measures if needed to mitigate and manage the risk that the anonymous machine element can be exploited.’’
A spokesperson for ASB bank said its smart ATMs were a different model and used a different operating system to the CBA’s.
‘‘ASB has processes and tools in place to ensure compliance to New Zealand’s AML regime, including the reporting of suspicious transactions to the New Zealand Police Financial Intelligence Unit,’’ an ASB bank spokesperson said.
Money laundering expert Ronald Pol said it was unsurprising the Australian Federal Police had identified professional laundering syndicates from Malaysia exploiting weaknesses in CBA’s controls. ‘‘Criminal enterprises are adept at manipulating gaps in the anti-money laundering regime.When they identify a loophole, they quickly adjust their operations to exploit it,’’Mr Pol said.
Nathan Lynch, Thomson Reuters’ head of financial crime intelligence for Asia-Pacific, said regulators in New Zealand were scrutinising the bank’s anti-money laundering controls as it emerged that ASB Bank’s smart ATMs had similar vulnerabilities.
He claimed New Zealand regulators would now place pressure on CBA to do an internal review on the controls of its smart teller network.
New AUSTRACCEO vital to case outcome
The federal government’s soon-to-be announced replacement for AUSTRAC chief executive Paul Jevtovic will be given the task of negotiating a settlement in the regulator’s landmark case against the Commonwealth Bank.
Mr Jevtovic, a former Australian Federal Police assistant commissioner and Office of Police Integrity and Australian Crime Commission executive, who left AUSTRAC in April to join HSBC, was instrumental in launching the major cases against Tabcorp and the CBA. He is credited with rousing the sleepy regulator which had previously been criticised and ignored.
Insiders claim both the CBA and Tabcorp had become complacent when dealing with AUSTRAC, which had failed to issue a single penalty for years. Former CEO Neil Jensen was rumoured to have resigned suddenly in 2009 after the government instructed the regulator not to issue any civil penalties when the banks came under pressure during the global financial crisis.
Long-time public servant John Schmidt was then appointed AUSTRAC CEO over the next five years and continued to apply what the regulator called a ‘‘graduated approach to supervision’’ to tackle money laundering. Successive Australian governments have subsequently failed to expand the laws to cover lawyers, accountants and real estate agents as promised when the regime was introduced in 2006. By contrast, when AUSTRAC launched its case against CBA last Thursday, New Zealand expanded its laws to cover these financial gatekeepers on the same day.
The Turnbull government appointed Mr Jevtovic in late 2014 with amandate to step-up enforcement.
In his first interview with The Australian Financial Review he warned: ‘‘I will be merciless for those who recklessly or through indifference don’t meet their obligations, because at the end of the day our mandate is to protect Australia and Australians, and we take that responsibility extremely seriously.’’
Money laundering experts said Mr Jevtovic helped to change the culture inside AUSTRAC, including utilising his connections in the police force to leverage the regulator’s investigative work to prepare the Tabcorp and CBA cases. Tabcorp settled AUSTRAC’s case for a $45 million fine and enforceable undertakings earlier this year but claims to have been caught off guard by the legal action.
Tabcorp chair Paul Dwyer said they had ‘‘now built world-class systems to respond, equivalent to any bank in Australia’’.
Insiders claim that Mr Jevtovic also rebuffed advances by CBA to negotiate an enforceable undertaking, frustrated the bank had not responded promptly to the regulator’s requests which date back for over two years.
‘‘Coming hot on the heels of AUSTRAC’s striking $45 million settlement achieved with TabCorp, that is headturning stuff for directors,’’ leading barrister in financial crime and regulatory cases Gary Hughes said. ‘‘For a relatively young regulator, to put into context, Tabcorp was a higher penalty agreed than even anything that, say, the ACCC has achieved in hard-core cartel cases over the years.’’
But just 18 months after a blaze of cultural change, Mr Jevtovic left the regulator to join HSBC in May and become head of financial crime based in Hong Kong.
News Limited reports suggest that in September 2015, AUSTRAC gave HSBC an exemption under ‘‘tipping off’’ rules in relation to transactions to Hong Kong red-flagged by HSBC in Australia concerning CBA accounts.
The Financial Review reported on Monday that around this time CBA realised there might be a problem with its suspicious matter reporting which dated back to late 2012 and beefed up its AML capabilities, poaching at least four staff from AUSTRAC.
Acting AUSTRAC CEO Peter Clark and Mr Jevtovic declined to speak to the Financial Review. However the government is expecting to make an announcement on the new CEO this month which will be instrumental in any settlement with the CBA.