In its response CBA contests a number of allegations but admits others, including the allegations relating to the late submission of 53,506 threshold transaction reports (TTRs), which it says were all caused by the same single systems-related error.
CBA says the late TTRs represented 2.3% of TTRs reported by CBA to AUSTRAC between 2012 and 2015.
- concedes that it did not adequately adhere to risk assessment requirements for Intelligent Deposit Machines (IDMs) – but does not accept that this amounted to eight separate contraventions;
- agrees it did not adhere to all its transaction monitoring requirements in relation to certain affected accounts;
- admits 91 (in whole or in part) allegations concerning suspicious matter reports (SMRs);
- admits 52 (in whole or in part) allegations concerning ongoing customer due diligence requirements.
AUSTRAC has subsequently announced that it has amended its statement of claim to include a further 100 alleged contraventions against CBA.
In summary, the additional allegations are:
- CBA failed to report two suspicious matters within 24 hours of forming a suspicion relating to the financing of terrorism;
- CBA failed to report 54 suspicious matters either on time or at all in relation to accounts and individuals that were the subject of two further law enforcement operations;
- Even after CBA became aware of suspected terrorism financing, money laundering and/or structuring on CBA accounts, in 38 instances it did not appropriately monitor its customers to mitigate and manage money laundering and terrorism financing (ML/TF) risk, including the ongoing ML/TF risks of doing business with those customers;
- In six instances additional to those in the original statement of claim, CBA did not comply with the requirements of its own AML/CTF program to identify, mitigate and manage the ML/TF risks associated with IDMs.