Austrac has commenced civil penalty proceedings in the Federal Court against Westpac Banking Corporation (Westpac) for systemic non-compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). AUSTRAC alleges Westpac contravened the AML/CTF Act on over 23 million occasions relating to its banking and designated services provided through its correspondent banking relationships.
Correspondent banking relationships
Westpac has correspondent banking relationships with 16 foreign banks to allow for the international transfer of funds by overseas and domestic customers of the correspondent banks to Australian or New Zealand beneficiaries, as well as to other jurisdictions.
The arrangements detailed in the Statement of Claim vary from bank to bank. They include:
- The Australasian Cash Management (ACM) arrangements allow correspondent banks to use Westpac’s infrastructure to process payments for their overseas and domestic customers through Australian or New Zealand domestic payments systems, avoiding the need for the correspondent bank to itself establish direct access to those domestic payments systems. Instructions sent through the non-SWIFT ACM arrangements do not contain the full information required by the SWIFT Guidelines.
- Two banks have off-system BSB (OSBSB) arrangements with Westpac through which each bank has opened a Westpac settlement account which is allocated an off-system BSB. Each correspondent bank maintains customer accounts on its own ledger using this OSBSB. Each customer account mirrors a virtual account or a sub-account of the correspondent bank’s account with Westpac.
- a low-cost platform known as LitePay which Westpac used to facilitate international transfers up to AUD 3,000 from Australia to other countries.
Austrac alleges:
- Systemic failures in Westpac’s Part A Program reflected its failure to appropriately identify, mitigate and manage the ML/TF risks of the designated services provided through the ACM and OSBSB arrangements.
- Westpac did not have appropriate and timely regard to AUSTRAC and other guidance on child exploitation typologies. Austrac says that at no time has Westpac implemented an appropriate detection scenario to monitor for the known child exploitation typologies involving frequent low value payments to the Philippines and South East Asia via non-LitePay channels and that Westpac failed to identify activity indicative of child exploitation risks through non-LitePay channels.
- Westpac did not retain records for 7 years after each transfer instruction was passed on to Westpac by certain correspondent banks;
- The backup solution in Westpac’s record-keeping system was not correctly configured, resulting in the loss of records.
- Four factors that impacted upon Westpac’s risk management capability were:
- A tendency to federated, division by division, management without a centrally driven, expertise led, Group policy-driven view, resulting in an inconsistent enterprise-wide financial crime risk management view;
- A lack of clear ownership for some capabilities, a lack of standardised process mapping and in turn a lack of an end-to-end view of ML/TF risks and controls;
- Incomplete or inconsistent system architecture and data ownership views;
- The need to sharpen its approach to financial crime risk appetite and risk assessment across business operations (including products, platforms, channels and jurisdictions) and strategic investments.
The specific claims include:
- Westpac failed to carry out regular assessments of the risks it may reasonably face that each of the correspondent banking relationships might (inadvertently or otherwise) involve or facilitate money laundering or financing of terrorism (the preliminary risk assessment), contrary to s 98(1) of the Act.
- Since January 2014, Westpac deposited over $3.1 billion into Westpac accounts to effect international funds transfer instructions received under the ACM arrangements without appropriate monitoring.
- Westpac failed to report both incoming and outgoing international funds transfer instruction to Austrac within 10 business days.
- From 5 November 2013 to 3 September 2018, Westpac was the recipient of 19,427,710 international funds transfer instructions transmitted into Australia totalling over $11 billion under the non-SWIFT ACM arrangements.
- The late IFTls represent 72.12% of all incoming IFTls received by Westpac for the period 5 November 2013 to 3 September 2018.
- The late IFTI reports did not contain all information relating to the matter as was specified by the AML/CTF Rules.
- From 5 November 2013 to 1 February 2019, Westpac was the sender of 10, 771 international funds transfer instructions transmitted out of Australia totalling over $707 million.
- Between February 2017 and June 2019, Westpac was the sender of 2,314 international funds transfer instructions transmitted out of Australia under the LitePay arrangements.
Westpac’s Response
In response Westpac says:
- it is closing LitePay;
- it has closed the Westpac Australasian Cash Management Product;
- it has corrected the IFTI non-reporting issue;
- it is implementing updated child exploitation filters into screening for the SWIFT payment channel to additional jurisdictions;
- it has consolidated different financial crime systems into a single, Group-wide technology system;
- it has doubled the resourcing dedicated to financial crime to around 750 people;
- it is developing a Financial Crime Strategic Plan, shared with AUSTRAC;
- it has made changes to the leadership of Westpac’s risk and financial crime areas, including making a number of external appointments;
- the Board has determined that either all or part of the grant of the 2019 Short Term Variable Reward will be withheld for the full Executive team and several members of the general management team subject to the assessment of accountability.
- Westpac will establish a dedicated Board Financial Crime sub-committee, chaired by a non-executive Director, to oversee the implementation of our enhanced financial crime program.
- The Board Financial Crime sub-committee will commission an external expert to independently review Westpac’s program including a review of accountability, and report back.
- Elevating the financial crime function to report directly to the Chief Risk Officer. This role will review ways in which it can accelerate its ongoing AML / CTF program.
UPDATE 26 November 2019: On 26 November Westpac announced that Brian Hartzer would cease as Managing Director and CEO effective 2 December 2019 (having been given 12 months’ notice), that Director Ewen Crouch (who was Chair of the Risk and Compliance Committee) would not seek re-election at the 2019 AGM and that the Chair would bring forward his retirement to the first half of 2020.