CBA has admitted to over 53,000 breaches of disclosure laws.

Australia's biggest bank has admitted it breached the money laundering and counter-terror laws more than 53,000 times between November 2012 and September 2015, in a statement to the ASX.

It comes months after the money laundering regulator, AUSTRAC, launched legal action against the Commonwealth Bank.

After the CBA’s statement came out, AUSTRAC filed a further 100 alleged breaches of Anti-Money Laundering/Counter Terrorism Financing (AML/CTF) as part of the existing Federal Court proceedings.

The regulator alleges the CBA's breaches of AML/CTF laws have continued longer than first thought, and that it was not told about suspicious matter transactions well into this year.

The breaches relate to CBA's “intelligent deposit machines” (IDMs), which allegedly did not have appropriate safeguards to monitor risks and dodgy transactions.

In one case, a client who had been convicted of terrorism charges in Lebanon and had tried to organise funding for terrorist acts in Australia, was given 30 days' notice of the closure of his CBA account before AUSTRAC was alerted.

This allowed him to withdraw funds from the account.

“On 20 July 2017, CommBank erroneously processed a transfer of $5,000 from CommBank Account 184 [the alleged terrorist funder] to an account held by Person 138 [his brother] in Lebanon in spite of suspecting terrorism financing in relation to an identical attempted transfer on 19 June 2017,” AUSTRAC's new court statement alleges.

“Even though this was the second attempted international money transfer to Beirut that was suspected to be linked to terrorism financing, CommBank did not put a stop on CommBank Account 184 at this point.

“In spite of concluding on 26 June 2017, that potential terrorism financing was being conducted on CommBank Account 184, a stop was not put on CommBank Account 184 until 9 August 2017.”

CBA also failed to notify AUSTRAC about a drugs and firearms syndicate that allegedly laundered $42 million through CBA ATMs and IDMs between 9 March 2016 and 8 August 2016.

The 100 new alleged contraventions do not look good for the bank’s claim that it is working to remedy the systemic problem.

“After IDMs were first rolled out in May 2012 there were at least six periods of time within which CommBank should have, but did not, follow the procedures set out [for money laundering/terrorism funding risk management],” AUSTRAC's statement argued.

“The contravention is ongoing.”

The maximum penalty for each individual contravention alleged in the amended statement of claim is $21 million.

AUSTRAC says the new allegations can be distilled down to four key points:

  • CBA failed to report two suspicious matters within 24 hours of forming a suspicion relating to the financing of terrorism.
  • CBA failed to report 54 suspicious matters either on time or at all in relation to accounts and individuals that were the subject of two further law enforcement operations.
  • After CBA became aware of suspected terrorism financing, money laundering and/or structuring on CBA accounts, in 38 instances it did not appropriately monitor its customers to mitigate and manage money laundering and terrorism financing (ML/TF) risk, including the ongoing ML/TF risks of doing business with those customers.
  • In six instances additional to those in the original statement of claim, CBA did not comply with the requirements of its own AML/CTF program to identify, mitigate and manage the ML/TF risks associated with intelligent deposit machines (IDMs).

CBA says it will now look to amend its defence.