Back to All Articles

Regional Report: Australia – In game of brinksmanship, Austrac doubles down on hefty AML penalty fight against beleaguered, but not broken, Westpac

Australian Ten Dollar Note with a face mask on Dame Mary Gilmore

The skinny:

  • As some regulators pull back and buckle down during the COVID-19 global pandemic, Australia’s top fincrime compliance enforcement body is taking a different approach.
  • The Australian Transactions Reports and Analysis Centre (Austrac) is currently battling it out in the country’s Federal Court to levy its highest ever penalty against Westpac Banking Corp for a host of compliance failures and failing to adequately report on A$11 billion in international transfers.
  • Austrac in November alleged the bank has engaged in millions of breaches of anti-money laundering (AML) rules, the most heinous of which involved a child exploitation network – with the industry, and world, watching and the future of compliance enforcement in the region hanging in the balance.  
  • Reports say the negotiations behind the scenes have gone back and forth, with Austrac seeking to levy a penalty as high as $1.5 billion – a record and double the second highest ever fincrime fine, A$700 million against Commonwealth Bank of Australia – but Westpac is stating it wont budge from a settlement set aside of A$900 million.
  • In recent months, the pendulum has swung for both, first seemingly in favor of the regulator – as Westpac admitted to many of the allegations amidst a hemorrhaging of top leadership. But more recently, the pendulum appears to have swung in favor of the regulated.
  • The collective spine of Westpac’s current leadership has been buoyed by a just-released internal advisory report concluding that Austrac did not properly communicate the depth, seriousness and key details tied to illicit entities using the bank’s products to exploit minors – with the argument that the C-suite was not asleep at the wheel.

As many country financial sector regulators have pulled back on exams and expensive enforcement actions due to the global COVID-19 pandemic, Australia’s financial intelligence unit is taking a different tack in its most high-profile ever fight against a bank for massive fincrime compliance failures.

The Australian Transactions Reports and Analysis Centre (Austrac) is currently battling it out in the country’s Federal Court to levy its highest ever penalty against Westpac Banking Corp. for millions of breaches of anti-money laundering (AML) rules – with the industry, and world, watching and the future of compliance enforcement in the region hanging in the balance.  

Austrac in November alleged Westpac was involved in “systemic non-compliance” with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) on more than 23 million occasions, seeking a penalty before the country’s Federal Court, potentially more than A$1 billion – which, if achieved – would be the highest ever recorded down under.

In penalty documents, Austrac stated the bank, its board and executive management, had consistently failed to assess and monitor ongoing money laundering and terrorism financing risks, including failing to adequately report on A$11 billion in international transfers.

The allegations include failing to:

  • Report more than 19 million International Funds Transfer Instructions (IFTIs) to Austrac over nearly five years for transfers both into and out of Australia.
  • Pass on information about the source of funds to other banks in the transfer chain.
  • Keep records relating to the origin of some of these international funds transfers.
  • Carry out appropriate customer due diligence on transactions in the Philippines and South East Asia that were related to potential child exploitation risks.

Since Austrac sought the penalty in November with the Federal Court, there have been a series of legal skirmishes that have tilted back and forth.

First in favor of the regulator – as Westpac admitted to many of the allegations amidst a hemorrhaging of top leadership – and more recently, the pendulum appears to have swung in favor of the regulated.

The collective spine of Westpac’s current leadership has been buoyed by a just-released internal advisory report concluding that Austrac did not properly communicate the depth, seriousness and key details tied to illicit entities using the bank’s products to exploit minors.

“The high stakes negotiations between Westpac Banking Corp and the financial intelligence agency Austrac over 23 million anti-money laundering breaches appear to have shifted imperceptibly in favor of the bank,” according to the Australian Financial Review.

The gulf between the opposing sides is “about $600 million, with AUSTRAC demanding a record $1.5 billion penalty and Westpac only willing to pay $900 million – an amount already provisioned in its accounts.”

Arrows pointing up breaking a glass ceiling

In seeking to break billion-dollar barrier, Austrac could set new AML penalty ceiling

Those figures are significant and could set a new precedent for penalty ceilings in Australia for systemic AML program failings.

Austrac has only had a handful of major AML enforcement actions with U.S.-style penalty figures. The U.S. still has the highest ever compliance and sanctions penalty ever handed out at just shy of $9 billion against BNP Paribas in 2015.

In August 2017 Austrac applied for a civil penalty order under the AML/CTF Act against the Commonwealth Bank of Australia (CBA). In June 2018, the Federal Court ordered CBA to pay a penalty of A$700 million.

Prior to that, in 2015, Austrac applied for a civil penalty order under AML regulations against Tab Ltd, Tabcorp Holdings Ltd and Tabcorp Wagering (Vic) Pty Ltd (‘Tabcorp’). In early 2017, the Federal Court ordered Tabcorp to pay a penalty of A$45 million.

But it may be that Westpac, facing a penalty that would make prior actions seem paltry, will not to wilt, and choose to jump into the imbroglio emboldened, given a second wind by the advisory panel report.

The advisory panel – Ziggy Switkowski, Kerry Schott and Colin Carter – concluded they could find no evidence that Austrac relayed to the bank’s then-chief executive, Brian Hartzer, or the board of directors about criminal activity by a child sexual exploitation network using the bank’s funds transfer systems, according to the report.

“Austrac’s allegations against the bank include matters that were unknown at the time to the bank’s leadership,” the advisory panel said, according to the Review.

Did compliance control failures concretely link C-suite, board?

The finding sheds new light on the claim by Austrac Chief Executive Nicole Rose that the AML failures at Westpac showed “systemic failures in its control environment, indifference by senior management and inadequate oversight by the board,” according to the report.

Austrac’s failure to adequately inform management or the board about the exploitation network activity is “significant because Switkowski, Schott and Carter found that 99.95 percent” of Westpac’s international funds transfers forming the foundation of the current Austrac case were “legitimate and uncontroversial transactions.”

In short: the fewer failings Austrac can point to – whether they be from a litany of errors in human decision-making or a cascade of failures from improperly tuned transaction monitoring systems – gives more ammunition for Westpac to chip away at the final penalty figure, saving them hundreds of millions of dollars and, further for the industry, knocking down the regulator’s fierce countenance a few pegs.

Even so, Austrac is not backing down.

Compliance Standards Drawings Chart

Did compliance control failures concretely link C-suite, board?

In fact, Austrac is “digging in over its massive anti-money laundering case against Westpac,” according to the Sydney Morning Herald.

Last week, Austrac filed its response to the bank’s latest defensive maneuver, with the regulator “locked in disagreement with Westpac on a technical but important point,” according to the Herald.

When Austrac last year accused Westpac of breaching AML rules in an egregious manner, “one argument it made was that Westpac’s compliance program did not have the primary purpose of managing and mitigating laundering risks.”

Westpac has already relented to many of the AML failures, admitting to more than 23 million breaches, including to not adequately monitoring a dozen customers who allegedly “made suspicious transactions fitting the pattern of payments for child exploitation.”

However, more recently, the bank has reversed its conciliatory stance related to a critical point, stating in its defense last month that it denied the specific claim that its AML program was not designed to manage, mitigate and report on money laundering and other financial crime risks, referring to policies and procedures detailed in its AML program documents, noted the Herald.

On Friday, AUSTRAC’s reply in the Federal Court “signaled it was sticking with the allegation on the bank’s AML program,” according to the report, as the court set down the next case management hearing for mid-June.

Regardless of final penalty, Austrac has already exacted pound of flesh

Even as sabers continue to clash with legal thrusts and parries in court, Austrac has already exacted a pound of flesh, causing executive upheaval at the highest levels of Westpac.

In November, in the wake of Austrac’s penalty order, Westpac stated its chief executive and chairman would be stepping down in response to the scandal.

Bowing to shareholder pressure, the bank stated at the time that Brian Hartzer would leave Dec. 2 after more than four years as CEO and managing director.

At the same time, Lindsay Maxsted, the chairman of almost eight years, agreed to voluntary retire in the first half of 2020.

The managerial bloodletting was clearly done by Westpac in hopes of proving to regulators the bank has changed its tune on compliance – a potential hard sell, however, reviewing how it recently treated a top compliance professional working to rectify the issues.

“As CEO I accept that I am ultimately accountable for everything that happens at the bank. And it is clear that we have fallen well short of what the community expects of us, and we expect of ourselves,” Hartzer said at the time of his departure.

A highly touted compliance ‘response plan’ tinged with irony

The news is tinged with irony as other media reports highlighted that Westpac in its initial response to compliance problems didn’t support the person who brought them to the bank’s attention, but removed her from the position.

Westpac also laid out a four-page Austrac and overall compliance remediation “Response Plan,” which details some of the more immediate and long terms plans the bank has to address issues uncovered internally and externally, including:

  • Immediate fixes, including closing LitePay, a remittance arm that allowed wires of thousands of dollars for a flat fee, but failed in user oversight and transaction monitoring.
  • Lifting our standards, including priority screening and improving cross-industry data sharing, a move done as a mea culpa to help better identify larger, interconnected crimes.
  • Protecting people, including investments to reduce the human impact of financial crime, in the form of spending more than $30 million on various initiatives to better spotlight and protect children and convene with experts to better be part of the solution and not the problem.

The news of executive upheaval roughly coincides with Westpac stating it will invest $25 million Australian dollars to improve cross-border and cross-industry data sharing and analysis as one of the “immediate fixes” as part of its response plan, following issues raised by Austrac, according to media reports.

Parallels with Danske Bank scandal?

The Westpac saga is turning into Australia’s version of the Danske Bank scandal, with an institution taking the rare step of jettisoning executives as a show of faith and force to regulators.

The scandal against Danske, Denmark’s biggest bank, originated after it failed to properly screen about 200 billion euros in non-resident flows through its Estonian operations, much of which was subsequently deemed suspicious.

Since the money laundering case erupted, Danske has replaced a number of executives and board members to bring in people who aren’t tainted by the scandal.

The money laundering scandal and related investigations have resulted in Estonia booting Danske out of the country and has spawned aggressive investigations into banks in the Nordic and Baltic regions and the United States, particularly Swedbank and Deutsche Bank, among others.

At the supranational level, the Danske scandal has caused European Union regulators, at the country and bloc level, to engage in a game of naming, blaming and shaming, with accusations and recriminations at all levels – the tacit meaning that Austrac also has its name and reputation as a top enforcement body on the line.

In recent months, the EU has pushed to create a dedicated pan-bloc AML oversight and enforcement body that would put regional regulators in the hot seat and better attempt to see fincrime vulnerabilities happening across multiple member states.

The future similarly looks costly for Westpac when it comes to compliance.

What is clear reading these stories is that the bank also had a failure of what U.S. regulators call a “culture of compliance” where a financial crime compliance officer is valued, their concerns addressed and suggestions taken seriously and implemented.

In the case of Westpac, it appears the compliance officer who first found the problems and was working for months to get to the root of the issue, was given the sacrificial lamb treatment, most likely as a way for the bank to quickly and immediately show Austrac it “did something.”

If that culture doesn’t change, along with setting a compliance “tone at the top,” all the technology improvements and investments to various child protection organizations in the world won’t make the changes needed to turn Westpac from a failing entity from a compliance perspective to a law enforcement ally.

Austrac Financial Penalty Document

Will Austrac get a statement-making penalty?

What is still unclear is if Austrac will get its high-profile, statement-making penalty on par with many of the largest enforcement actions achieved by U.S. regulators and investigators.

If prior graft cases in Australia are any indication, Austrac may end up disappointed.

Historically, AUSTRAC’s “ambitious claim for $1.5 billion from Westpac sits at odds with high profile cases involving bribery and corruption,” according to the Financial Review.

In late 2018, the Reserve Bank of Australia stated that in 2011, Note Printing Australia (NPA) and Securency had pleaded guilty to charges of conspiracy to bribe foreign officials tied to its banknote-related business. The actions took place between December 1999 to September 2004.

NPA paid fines of $450,000 and a pecuniary penalty under the Proceeds of Crime Act of $1.8 million. Securency paid fines of $480,000 and a pecuniary penalty of $19.8 million.

Part of the penalty, similar to more recent cases in the U.S., required individuals to plead to certain charges. Four former employees of Securency pleaded guilty to charges of conspiring to bribe and/or false accounting, according to the report.

So how might a judge reason in the Austrac vs. Westpac case?

One recent ruling, not tied to AML failures but related to a “false and misleading product,” seems to favor Westpac, according to the report.

“The latest legal thinking on financial penalties for breaches of the law were laid out in an erudite fashion by judge Jonathan Beach in a Federal Court judgment published last Friday involving false and misleading conduct by the CBA in its sale of a business loan product,” according to the Review.

Beach imposed a $5 million civil penalty, “but it was theoretically possible for him to make the fine $7.5 billion.”

See What Certified Financial Crime Specialists Are Saying

"The CFCS tests the skills necessary to fight financial crime. It's comprehensive. Passing it should be considered a mark of high achievement, distinguishing qualified experts in this growing specialty area."


(JD, Washington)

"It's a vigorous exam. Anyone passing it should have a great sense of achievement."


(CFCS, Official Superior

de Cumplimiento Cidel

Bank & Trust Inc. Nueva York)

"The exam tests one's ability to apply concepts in practical scenarios. Passing it can be a great asset for professionals in the converging disciplines of financial crime."


(CFCS, Royal Band of

Canada, Montreal)

"The Exam is far-reaching. I love that the questions are scenario based. I recommend it to anyone in the financial crime detection and prevention profession."


(CFCS, CAMS Lead Compliance

Trainer, FINRA, Member Regulation

Training, Washington, DC)

"This certification comes at a very ripe time. Professionals can no longer get away with having siloed knowledge. Compliance is all-encompassing and enterprise-driven."

Director, Global Risk
& Investigation Practice
FTI Consulting, Los Angeles