Westpac Bank issued half-year financial statements recently that included funds set aside to pay for potential regulatory penalties and compliance remediation costs. Westpac is in trouble, and the financial costs for these regulatory and legal failings are huge.

This all started when the police were investigating alleged pedophiles travelling to Asia from Australia and the United States. The police were seeking to protect children who could become victims, and part of the investigation involved following the money. Thus, the police went to the data source into which Australian banks file reports of all “international funds transfer instructions (IFTIs)”—it is a legal requirement for Australian Banks to report all IFTI transactions to the authorities.

When the police went to the IFTI well, it was dry, in that Westpac had not filed IFTIs for the international payments made by the alleged pedophiles. Subsequently, the Australian regulator, AUSTRAC, has issued enforcement proceedings against Westpac. The former CEO and chair of the board of directors have resigned, and the bank has apologized for its failings. The bank has admitted to 23 million IFTI-related breaches. Each breach attracts a civil penalty up to AUD 2 million (U.S. $1.2 million). The bank has set aside AUD 900 million (U.S. $570 million).

Within the published half-year results, the bank revealed that further anti-money laundering (AML) breaches have been identified. Specifically, the bank failed to file 60,000-90,000 threshold transaction reports (TTRs). These are primarily cash transactions that exceed AUD 10,000 (U.S. $6,454). As the saying goes, “You do the math.”  These failings have now been self-reported to AUSTRAC and are being investigated. If a bank cannot get simple cash reporting right, there is little reason to be confident other areas of the financial crime compliance framework are functioning properly.

As if to confirm this, a paragraph within the report states, “As part of the Group’s work to rectify its management of financial crime risks, the Group is also working to remediate gaps and enhance controls to support compliance with its FATCA [Foreign Account Tax Compliance Act] and CRS [common reporting standards] obligations.” Put another way, Westpac is not fully compliant with FATCA and other tax reporting requirements. What does this mean for the bank and for the authorities in Australia, the United States, and elsewhere? And what does it mean to you if you are the compliance officer for a corporate entity who makes payments through Westpac?

It proposes there may be failings within filing requirements. After all, the bank failed to file IFTIs and TTRs. This may indicate there are tax liabilities that will need to be paid. So, who will pay the tax? Will it be Westpac, other banks, or the corporate customers who instructed/received the funds? In the event your firm holds accounts with Westpac, do you need some confirmation from the bank that all transactions have been properly reported?

FATCA incorporates a 30 percent withholding tax for non-compliance. This could prove to be very expensive for Westpac. The bank’s Website states: “The Westpac Group is committed to ensuring we uphold our responsibilities to customers and our regulators. This means we comply with the reporting obligations under [FATCA & CRS] legislation …” Some of their customers were alleged pedophiles, and the bank has since admitted it did not uphold its responsibilities. Some will ponder as to further fiscal implications for the bank, which is already the subject of class-action lawsuits from angry shareholders.

The bigger point here is if a bank or a firm cannot execute on the simple things, such as cash transaction reporting, there is little reason to be confident of compliance in other more complex and challenging areas such as international tax reporting requirements.