On 24 September 2020, Westpac Banking Corporation (Westpac) agreed to pay AU$1.3 billion in penalties for admitted breaches of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) in a proposed settlement with the Australian Transaction Reports and Analysis Centre (AUSTRAC).
The proposed settlement and penalty, awarded to reflect “the serious and systemic nature of Westpac's non-compliance", is subject to approval by the Federal Court of Australia. If approved, the penalty will become the highest civil penalty ever awarded in Australia, almost doubling the AU$700 million civil penalty imposed on the Commonwealth Bank of Australia for AML non-compliance in 2018.
The case is a reminder for all New Zealand financial institutions to ensure that their AML controls – particularly those in relation to correspondent banking, transaction reporting, and customer due diligence – are up to date, well understood, and implemented effectively.
Westpac has correspondent banking relationships with international banks, which allow for the international transfer of funds by customers of those correspondent banks to beneficiaries in Australia and overseas. Correspondent banking involves higher money laundering and terrorism financing risks associated with cross-border movements of funds, foreign jurisdictions and the (lack of) transparency regarding customer identity and source of funds.
AUSTRAC commenced proceedings in the Federal Court of Australia on 20 November 2019, seeking declarations that Westpac breached various provisions of the AML/CTF Act. These claims were based on alleged reporting and monitoring failures relating to transfers of international funds. Specifically:
Failures relating to the reporting of international funds transfer instructions (IFTI): Westpac is required to provide AUSTRAC with a report on IFTI received or sent within 10 business days of the instruction. AUSTRAC claimed that Westpac was in breach of this requirement 23 million times by failing to properly vet and report thousands of international transactions.
Failure to assess the money laundering and terrorism financing risks associated with correspondent banking relationships.
Failure to reasonably monitor customers for transactions related to or fitting the pattern of possible child exploitation.
Westpac undertook its own internal investigation. In its report issued in June 2020, it acknowledged many of AUSTRAC's claims, pointing to technological failures, leadership misjudgements and poor systems for the breaches. In July 2020, Westpac published a further report reassessing its corporate culture, identifying ongoing concerns including that its non-financial risk culture is still immature and reactive.
The AUSTRAC settlement
On 24 September 2020, Westpac and AUSTRAC reached an agreement, filing a Statement of Agreed Facts and Admissions in which Westpac admits to:
Failure to report 19.5 million IFTIs to AUSTRAC within the relevant timeframe, which deprived AUSTRAC and other law enforcement officials of timely information relating to over AU$11 billion in international payments for up to six years.
Failure to provide the required transfer information to other financial institutions in the chain of funds transfers, on 10,540 occasions.
Failure to retain records of required transfer information, on 3.5 million occasions, for seven years.
Failure to conduct adequate risk assessments relating to correspondent banking relationships on 48 occasions.
Failures relating to ongoing due diligence of specific customers, which prevented the identification of suspicions related to child exploitation.
Failures concerning the identification, mitigation and management of money laundering and terrorist financing risks through Westpac's program.
Westpac accepted that a number of factors contributed to these breaches, including technological failures, insufficient post implementation review and an absence of appropriate end-to-end reconciliation, assurance and oversight processes.
The parties have jointly recommended to the Federal Court that Westpac pay a penalty of AU$1.3 billion for the admitted breaches of the AML/CTF Act. The proposed penalty is materially larger than the AU$900 million provision made by Westpac in April 2020 (albeit less than the AU$1.5 billion AUSTRAC was reportedly seeking).
What does this mean for New Zealand financial institutions?
Money laundering is a key focus for regulators in New Zealand, and is a constant subject of major enforcement action by regulators worldwide. Global money laundering fines for 2020 already appear to have surpassed 2019 levels. Substantial investigations are ongoing overseas, such as that into the Danske Bank scandal, reported to involve the laundering of around 200 billion euros through its Estonian branch.
In New Zealand, the three AML supervisors have signalled that any 'grace period' for AML non-compliance has ended:
The Financial Markets Authority has stressed that reporting entities have “had more than five years to familiarise themselves with their obligations in terms of the Act" and it “expected to see more mature policies, procedures and controls in place." In June 2020, it commenced its first civil proceeding for AML failings, against a financial services provider.
The Reserve Bank of New Zealand has said that, “given the maturity of the AML/CFT Act 2009, [its] tolerance for reporting entities missing the mark is reducing and as a result [its] appetite for taking formal enforcement action following breaches is increasing".
The Department of Internal Affairs, meanwhile, has consistently taken civil and criminal enforcement action against money remitters, and their directors, for systemic contraventions of the AML/CFT Act 2009, resulting in multi-million dollar civil penalties, and criminal convictions and fines (for example, Jiaxin Finance.)
It is possible that the Financial Action Task Force's assessment of New Zealand's AML/CFT system (expected to be completed in early 2021) may prompt an uptick in AML enforcement activity.
In this climate, it may be sensible for New Zealand financial institutions to reflect on the lessons from the Westpac settlement. This could involve:
reviewing transaction monitoring systems, in particular procedures and controls regarding the reporting of International Funds Transfers (IFTs),
considering ongoing customer due diligence processes, particularly in the context of identified suspicious transactions, and
ensuring that those accountable for managing AML/CFT risk clearly understand and have sufficient resources and expertise to meet their responsibilities.
We will continue to monitor the progress of the Westpac settlement through the Federal Court of Australia.
If you have any questions about the matters raised in this article, please get in touch with the contacts listed, or your usual Bell Gully adviser.
This publication is necessarily brief and general in nature. You should seek professional advice before taking any action in relation to the matters dealt with in this publication.