The Commonwealth Bank has set aside $375 million in expectation of a civil penalty resulting from legal action undertaken by AUSTRAC over the bank's alleged aiding of fraud through its intelligent ATMs.
The bank was accused by AUSTRAC last August of enabling $77 million of suspicious transactions over three years to flow through its fleet of intelligent deposit machines (IDMs) thanks to ineffective fraud controls.
The financial regulator claims CBA did not assess the money laundering and terrorism financing risk of the IDMs before they were rolled out in 2012, and only conducted an assessment three years later.
The IDMs instantly credit cash and cheque deposits to the recipient's account, and make the funds immediately available for transfer, including internationally.
They are capable of accepting up to 200 notes per transaction - and a maximum $20,000 deposit per transaction - but had no daily transaction limit.
In its half-year financial results briefing today, CBA said it had provided for a $375 million civil penalty as a result of AUSTRAC's civil action.
This figure does not include expected legal costs.
"The group believes this is a reliable estimate of the level of penalty that a court may impose," CBA said.
"This takes into account currently available information, including legal advice received by the group in relation to AUSTRAC's claims."
Outgoing CEO Ian Narev said the bank 'regretted' that the cost was a result of CBA's "failure to meet some standards that we should have".
"We will continue to work hard to do better," he said.
CBA's net profit fell 1.9 percent for the half to $4.7 billion compared to 1H17 as a result of the $375 million expense provision. Without the provision the bank's net profit was up almost 6 percent.
AUSTRAC expanded its case in December to allege a further 100 contraventions of anti-money laundering and counter-terrorism financing (AML/CTF) laws.
It alleges CBA breached the AML/CTF laws 53,800 times, was either late or failed to report “suspicious matters”, and did not monitor accounts suspected of illegal activity.
CBA has admitted to 53,506 contraventions.
The bank has blamed a coding error in the IDM software for the vast majority of the reporting failures.
Following a software update in late 2012, CBA says an error stopped the IDMs from creating reports for transactions over $10,000, which laws require to be sent to AUSTRAC.
AUSTRAC claims the bank did not fully rectify the "coding error" until two years after it first discovered the problem.
CBA has spent recent months working through a 'program of action' to address the issue.
It has upgraded the financial crime technology platform it uses to monitor accounts and transactions for suspicious activity, and added new controls to help reduce the risk of document fraud.
CBA and AUSTRAC have proposed to the court that the bank file its defence to the expanded AUSTRAC claims by March 16, with a case management hearing to occur on May 8.
The court is yet to agree to the proposal.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
Tech in Gov 2025
Forrester's Technology & Innovation Summit APAC 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
