In the world of financial crime, this was to be a month of reckoning. A team of assessors from the Paris-based Financial Action Task Force (FATF) was due to touch down in Australia to review how the country has been complying with global money-laundering and terror-financing standards.

For 13 years, Australia had dilly-dallied. A first tranche of anti-money laundering and counterterrorism financing laws was introduced in 2006. Yet it only applied to the likes of banks, casinos and bullion dealers. There was to be a second tranche enacted in 2008 – covering accountants, lawyers and real estate agents – but successive governments have failed to legislate it.

The FA Task Force findings were going to be ugly, according to Nathan Lynch, regulatory intelligence manager for Thomson Reuters in the Asia-Pacific.

“Australia will have to explain to the international community why it has failed to pass laws to deal with gatekeeper professions five long years after an excoriating FATF assessment,” he said ahead of the taskforce’s slated arrival. “This would be the first country to face a follow-up visit from FATF while being in breach of all three recommendations on the gatekeepers.”

Pakistan beats Australia

When we spoke, Lynch had just returned from a conference in Pakistan, where the country’s leadership has taken a whole-of-government approach over the past six months to manage the risk of money laundering and terrorism funding.

“Pakistan will be attempting to convince the global body to keep it off the blacklist, where countries like North Korea and Iran languish in the financial crime equivalent of solitary confinement,” Lynch said, pointing to the risk a FA Task Force downgrade would mean for Pakistan.

The stakes are high. The Task Force can pull levers, and Pakistan needs loans from the International Monetary Fund to feed its people. Australia, meanwhile, has taken little action.

Dutton dodges a bullet

On November 14, the FA Task Force trip was suddenly called off; there would be no more review. “Peter Dutton dodged a bullet,” said Lynch. Austrac, Australia’s anti-money laundering and counterterrorism financing regulator, sits within the Home Affairs minister’s portfolio.

With bushfires raging across the east coast, a scathing Task Force review would have likely been brushed off. But less than a week later, a story broke that knocked even the fires off the front page.

Austrac filed a lawsuit against Westpac alleging the bank had breached the Anti-Money Laundering and Counter-Terrorism Financing Act on more than 23 million occasions.

The numbers were mind-boggling. Still reeling from a royal commission that exposed how Australia’s blue-chip banking institutions perpetrated systemic fraud against their own customers, now Westpac had been outed for $11 billion of anti-money laundering breaches, transactions concealed from the regulators.

Facilitating paedophiles

But it was allegations Westpac had been facilitating the activities of paedophiles which sent the story into orbit. “I’m absolutely appalled,” Scott Morrison told reporters in Brisbane last week. “They’ve just got to lift their game on this stuff”.

The irony is that the FA Task Force was ready to hit Australia for failing to capture the gatekeepers and property sectors in its anti-money laundering legislation – and yet here was Australia’s oldest bank, Westpac, which is subject to the legislation, facing nearly a decade of alleged breaches.

Commonwealth Bank’s 53,000 breaches of the anti-money laundering code, for which the bank settled with Austrac in a historic $700 million fine last year, now look like chicken feed.

Five days before the Westpac story broke, the bank’s hitherto well-regarded chief executive, Brian Hartzer, got the news from Austrac that it would be pursuing action through the courts. Westpac’s PR machine has attempted to frame this as the moment of awakening and an oversight. Austrac’s court filings, however, suggest that negotiations had been going on for quite some time and this was no computer “coding error”.

And in the bank’s own annual report, released on November 4, it made clear that legal action from Austrac was a possibility.

“Austrac has issued a number of detailed statutory notices over the last year requiring information relating to the Group’s processes, procedures and oversight,” it read.

“Any enforcement action against Westpac may include civil penalty proceedings and result in the payment of a significant financial penalty, which Westpac is currently unable to reliably estimate. Previous enforcement action by Austrac against other institutions has resulted in a range of outcomes, depending on the nature and severity of the relevant conduct and its consequences.”

Elsewhere, the annual report painted a bleak picture for the bank – both revenue and profit were down. Hartzer was upfront, calling 2019 a “disappointing year”.

The big capital raising

Soon after dropping its annual report, Westpac announced it would seek to raise $2.5 billion in capital from institutional investors and shareholders.

Asked on Tuesday during a conference call with media and investors whether the bank had adequately disclosed its anti-money laundering issues ahead of the capital raising, chairman Lindsay Maxsted replied: “Absolutely.”

“You can imagine the amount of attention those disclosures got by the board, assisted by internal legal counsel, external legal counsel, very, very conscious of that, both in the context … of the annual report and the annual results,” he said. “And in terms of the equity raising.”

On Thursday, the bank announced that investors who bought shares as part of the capital raising have the option to withdraw.

Things are unfolding quickly. Big investors in the $2 billion placement are asking serious questions of the board and management of Westpac.

Hartzer stepped down this week, and Maxsted announced he would retire early from his chairmanship. Non-executive director Ewen Crouch, chairman of the Board Risk and Compliance Committee and member of ASIC’s Director Advisory Panel has decided not to stand for re-election.

Statement of Claim thick with jargon … and clues

The Austrac claim is a tough read. The discussion of child exploitation risks starts at the foot of page 34. Ahead of this, in dense banking jargon, are the clues to the bigger target for regulators – descriptions of “batching”, “nesting”, “payable-through services”, and “funds transfer chains”. Beyond the stunned shareholders and public outcry over paedophile financing, the Australian Tax Office will be watching with interest.

What we know from Austrac’s court filing is that in recent years $11 billion has moved into Australia without being reported, unseen by regulators. Some of the foreign “correspondent” banks, which had a relationship with Westpac, also had connections with high-risk or sanctioned countries, such as Congo, Iraq, Lebanon, Libya, Ukraine and Zimbabwe.

Austrac describes that one bank “maintained two accounts with Westpac, in its own name, each of which was used exclusively to facilitate payments for two large multinationals and their related companies … each multinational accessed the accounts through the banking logon provided by the correspondent bank”.

Which multinationals are involved has not been publicly disclosed – it isn’t even clear whether Westpac knows who they are, or if they have operations in any sanctioned country.

According to the statement of claim by Austrac, nearly all the unreported transfers came from just one bank, which the agency refers to as “Bank A”. These were largely low-value transfers.

The big transactions and the mysterious Bank B

Far more intriguing are the 36,000 incoming transfers from “Bank B”, and the 13,000 incoming transfers from Banks “C” and “D” combined. These covered the rest of the incoming $11 billion – each transaction worth about $200,000, on average.

Bank B is particularly interesting.

Westpac had set up special arrangements for Bank B and another bank, known as Bank J. Austrac knows that both banks had a “Working Capital Account” with Westpac, wherein “the underlying source of proceeds and beneficial owners are partially concealed” and “funds may be transferred to unidentified third parties”, making the whole process invisible.

The terror financing risk

In 2014, Bank B disclosed to Westpac that it had relationships with other banks in high-risk or sanctioned countries, including the Congo, Iraq, Lebanon, Libya, Ukraine and Zimbabwe. Westpac discontinued dealings involving these countries in 2017.

In two places elsewhere in the statement of claim it also says that Westpac’s relationship with Bank B “possibly involved payable-through services”. Austrac describes these services as an arrangement between Westpac and another bank “that is used directly by a third party to transact business on its own behalf”.

Multinationals infiltrate the banking system

The effect of all this seems to be that Westpac has relinquished significant control and knowledge of some aspect of the flow of funds. In other words, someone other than the two banks have substantial influence on this flow.

Austrac says the “risks include the inherent risks with cross-border movements of funds, jurisdictional risk and limited transparency as to the identity and source of funds of customers of the correspondent banks”.

While the far larger transactions of the Bank B variety are where there is scope for big transfers and big-ticket tax avoidance, the tiny transactions of the Bank A type will also be of interest to the tax authorities.

In light of the granular data-matching technology now deployed by the ATO and other agencies, the government has the capacity to match banking transactions with other data. This means that thanks to Westpac’s invisible banking regime, millions of transactions of interest to the analytics programs of the tax office and other authorities are simply invisible.

Clearly, Westpac’s troubles haven’t ended with the departure of its chief executive. In less than two weeks, the bank will have to face concerned shareholders at its annual general meeting.

The breaches are rising

Confidential correspondence between Westpac and Austrac, leaked to The Australian Financial Review on Thursday, revealed the scale of the problem was larger than first estimated – with 29 million international transactions not disclosed to the regulator. The additional six million breaches are beyond the statute of limitations. The correspondence also lays out a stark time line of human error, dating back to 2016.

The questions now is which bank is next? Bank of Queensland, Bendigo, Macquarie, Suncorp and Adelaide Bank all faced the house economics committee on Friday. National Australia Bank, whose share price tracked the fall in Westpac shares after the news, is rumoured to be vulnerable, a likely target for Austrac.

The offshore ramifications are yet to come. Any large institution which deals in financial markets in the US and breaks the law is a target for the US Department of Justice, and potentially heavy penalties. Overseas regulators are watching closely.

How regulators here will deal with what may render the infamous Bottom of the Harbour scam of the 1970s small and quaint also remains unknown. A large settlement is the most obvious outcome. Already, sections of the media are calling for system stability to prevail over punishment. Given its global reach though this is surely the Bottom of the Ocean scheme.