CBA admits disparate data contributed to anti-money laundering contravention ZDNet

The Commonwealth Bank of Australia (CBA) has filed its defence in response to the civil proceedings commenced by the Australian Transaction Reports and Analysis Centre (Austrac), admitting that disparate datasets contributed to a contravention of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. Under Section 82(1) of the Act, CBA is required to identify, mitigate, and manage the risk a reporting entity may reasonably face that might involve or facilitate money laundering or the financing of terrorism if it has adopted a standard anti-money laundering and counter-terrorism financing program. "CBA admits that at various times between about 20 October 2012 and 12 October 2015, due to an error in the process of merging data from two systems, its account level automated transaction monitoring did not operate as intended in respect of 778,370 accounts," the bank wrote in its claim. "CBA admits that this deficiency in its automated transaction monitoring over that period constituted a contravention of s82(1) of the Act." Part A of the Act also requires the bank to undertake risk assessments of the inherent risk that new products and services -- including new channels and technologies for delivering those products and services -- might involve or facilitate money laundering or terrorism financing, and keep those risk assessments up to date.