Westpac has agreed to pay the largest fine in Australian corporate history — a $1.3 billion civil penalty for more than 23 million breaches of anti-money laundering laws.

But what exactly did it do wrong and how does the penalty stack up?

What are the laws Westpac broke?

To help police and security agencies stop international crime and terrorism the Federal Government passed the Anti-Money Laundering and Counter-Terrorism Financing Act (2006).

This law places many requirements on financial institutions and other key groups that handle large or cross-border money movements to report certain transactions.

According to the Federal Government’s Department of Home Affairs, the five major requirements are for organisations to:

• Register with the regulator if they are captured by the laws
• Set up and maintain adequate systems to monitor for money laundering and terrorism financing risks
• Know their customers by verifying their identity
• Report any suspicious transactions to the regulator within specified time periods
• Keep appropriate records of transactions

AUSTRAC — the Australian Transaction Reports and Analysis Centre — is the Government agency charged with enforcing those requirements and analysing the information submitted to detect possible criminal or terrorism activity.

How did the bank break the law?

The biggest breach was Westpac’s failure to properly report more than 19.5 million instructions to transfer money overseas or bring foreign funds into Australia, totalling more than $11 billion.

Financial institutions are required to submit a report to AUSTRAC within 10 days of an instruction to make an international transfer.

In many cases, Westpac also failed to pass on information about the origin of these transfers, or the source of funds to other banks involved in the transactions.

It also failed to keep records about where the money came from in some cases.

Westpac has also admitted it failed to properly assess and monitor the risks associated with some of these foreign transfers, some of which were with banks in “higher risk jurisdictions” including Iraq, Lebanon, Ukraine, Zimbabwe and Democratic Republic of Congo.

The bank also failed to make adequate checks on some customers who were sending regular payments overseas, and also failed to pick up on payment patterns typical of child exploitation activities, despite repeated warnings from AUSTRAC for banks to do this.

Did anyone get hurt?

In its original statement of claim against Westpac, AUSTRAC revealed it had uncovered a dozen customers using the bank’s LitePay service to make suspicious money transfers to the Philippines.

After the regulator launched its action against Westpac, a subsequent review uncovered a further 250 customers who made suspicious transactions to the Philippines, other parts of South-East Asia and Mexico.

All 262 customers exhibited tell-tale signs of engaging in overseas child exploitation.

There were frequent transfers of relatively small amounts to multiple overseas recipients using LitePay and other Westpac services.

In several cases, the customers also travelled to the Philippines, which Westpac should have been aware of due to activity on their accounts.

The clear implication is that these payments were made for child exploitation, such as the live streaming of child sex or procurement of children for sex, while these people were overseas.

The first 12 customers identified alone had transferred almost half a million dollars to the Philippines in more than 3,000 separate transactions.

When AUSTRAC first launched the case, child protection advocate Hetty Johnston from Bravehearts outlined the human effect of the failure to detect and report these transactions earlier.

“Over 3,000 transactions translates to over 3,000 occasions where a child endured unimaginable, yet preventable, sexual and physical trauma while seemingly Westpac didn’t care enough to undertake their regulatory oversight.”

Aside from the likelihood that Westpac services were exploited by paedophiles, the bank’s failure to properly record and report many overseas transactions could have allowed criminals, terrorists and sanctioned individuals or governments to transfer money into or out of Australia without detection.

How does the fine compare?

Westpac’s fine is an Australian record, not only for money laundering breaches, but for corporate misconduct in general.

The previous highest penalty was the Commonwealth Bank’s $700 million fine in 2018, also for money laundering reporting breaches.

The majority of CBA’s roughly 54,000 breaches related to the failure of its “Intelligent Deposit Machines” to record the reports legally required for any transactions of $10,000 or more.

Gambling company Tabcorp was fined $45 million in March 2017 for its own breaches of anti-money laundering requirements by failing to alert AUSTRAC to suspicious behaviour 108 times over a five-year period.

However, Westpac’s fine per breach ($56.52) is relatively modest compared to CBA (around $13,000) and Tabcorp (around $417,000).

UBS bank analyst Jon Mott said, if anything, the fine was a bit smaller than he thought it would be.

“Although all fines are disappointing, this settlement was lower than our expectations for around $1.5 billion.”

AUSTRAC’s concise statement of claim outlined the magnitude of the theoretical maximum fine Westpac could have faced.

“Westpac has contravened the act on over 23 million occasions, each contravention attracting a [maximum] civil penalty between $17 million and $21 million,” the regulator noted.

Assuming 23 million contraventions at the lower end of those maximum penalties, that would have added up to a potential maximum fine of $391 trillion. Westpac’s current share market value is around $60 billion.

What does this mean for Westpac?

While $1.3 billion is a lot of money, it is about the same as the cash profit Westpac reported in its most recent quarterly trading update — so it’s about three months’ worth of the bank’s earnings.

Westpac had already set aside $900 million to cover the potential penalty in this case in its half-year results, so it will have to stump up an extra $400 million out of its full-year profit.

What the penalties for Westpac, CBA and Tabcorp do achieve is making it more expensive for them to be lax on their AUSTRAC reporting obligations than it is to invest the money to do them properly.

AUSTRAC’s chief executive Nicole Rose said she started noticing that effect after the CBA fine.

“Since the Commonwealth Bank action, we’ve had an incredible increase in suspicious matter reporting that’s come in,” she said.

“Businesses have really started to take this very, very seriously.”