1. Administrative Information
Legal name: Commonwealth Bank of Australia (CBA)
Principal place of business/Registered Office: Ground Floor, Tower 1, 201 Sussex Street Sydney NSW 1155 Australia
Place of incorporation: Sydney, Australia
SWIFT: CTBA AU 2S
Legal status: Public Limited Company
Stock exchange listed: Australian Stock Exchange
Major shareholders: Please refer to the latest copy of the Annual Report under the section ‘Shareholding Information’
- Australian Transaction Reports and Analysis Centre (AUSTRAC) – AUSTRAC is Australia’s Anti-Money Laundering/Counter-Terrorism Financing regulator and the Financial Intelligence Unit.
- Australian Securities and Investment Commission (ASIC) – ASIC is Australia’s corporate, markets and financial services regulator.
- Australian Prudential Regulation Authority (APRA) – APRA is the prudential regulator of the Australian financial services industry.
Australian Financial Services Licence: For the latest version of the Licence, please search for ‘Commonwealth Bank of Australia’ in the ASIC AFS Licensees Register.
External auditors: PriceWaterhouseCoopers
Anti-Money Laundering contact: Head of AML-CTF and Sanctions Officer
Address: Level 14, Darling Park, 201 Sussex Street, Sydney NSW 2000, Australia
Email address: AMLCTF@cba.com.au
2. Senior management – names and backgrounds
Please refer to the links below for details on the Board of Directors and the senior executives of the CBA;
3. Anti-Money Laundering and Counter-Terrorism Financing Measures in CBA
CBA is subject to, and complies with, Australian law. Australian laws applicable to CBA:
- Anti-Money Laundering and Counter-Terrorism Financing Act 2006
- Banking (Foreign Exchange) Regulations 1959
- Autonomous Sanctions Act 2011
- Financial Transaction Reports Act 1988 and associated regulations
- Proceeds of Crime Act 2002 and associated regulations
- Charter of the United Nations Act 1945 as amended by the Suppression of Financing of Terrorism Act 2002 and the International Trade Integrity Act 2007 and their associated regulations
- Criminal Code Act 1995 and associated regulations
The principal piece of legislation is the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). Under the AML/CTF Act, AUSTRAC, the regulatory authority charged with oversight of the legislation, has made Rules relating to AML/CTF obligations. This Act received Royal Assent on 12 December 2006. The Australian Government has stated that the AML/CTF Act will bring Australia into line with international standards, including those set by the Financial Action Task Force (FATF). CBA is progressively implementing the requirements of this Act within the specified timeframes. The legislation has a staggered implementation timeframe with full implementation required by 12 December 2008. For further details, please visit http://www.ag.gov.au/Antimoneylaundering/Pages/default.aspx
Internal policies/procedures: CBA has adopted internal policies, procedures and controls to ensure that it complies with existing legislation. CBA has adopted an AML/CTF Program that reasonably identifies, mitigates and manages the risk of Money Laundering or Terrorism Financing in the provision of services designated by legislation. This program has been approved by CBA’s Board of Directors.
CBA’s AML/CTF Program
- Customer due diligence/Know Your Customer: CBA has policies and procedures in place to comply with the obligation to identify customers as required by legislation. The legislated risk based approach requires the CBA to perform tailored due diligence on customers based on an assessment of the associated Money Laundering/Terrorism Financing (ML/TF) risk. The recently enacted AML/CTF Act 2006 also requires Ongoing and Enhanced Customer Due Diligence for certain higher risk customers. Controls and assurance processes are being enhanced within timeframes specified in the AML/CTF Act 2006. These enhancements include monitoring of customer transactions based on an assessment of the associated ML/TF risk.
- Record retention: Records relating to customer identification are maintained and kept for seven (7) years in Australia after the accounts are closed. Information relating to services provided by CBA is retained for a period of seven (7) years.
- Monitoring of suspicious activities or transactions: Monitoring is carried out through a risk-based approach. Staff receive periodic training and reminders of the requirements to report suspicious transactions and how to identify them.
- Reports of suspicious transactions: CBA is required to report any suspicious customer activities or transactions to the regulatory authority, AUSTRAC. Internal policies and procedures are in place to ensure compliance with the applicable legislation and regulatory requirements.
- Reports of significant account and non-account based cash transactions and all IMTs: CBA is required to report significant account and non-account based cash transactions of AUD 10,000 or more to the regulatory authority, AUSTRAC. Details of all IMTs (wire transfers) eg. sender and beneficiary names, address and account number are retained and reported to AUSTRAC. Internal policies and procedures are in place to ensure compliance with the applicable legislation and regulatory requirements. The requirement of the AML/CTF Act 2006 for additional reporting of transactions that meet certain thresholds is being implemented at CBA within legislated timeframes.
- Employee training program: Training is provided to business units that offer products and services that are subject to the legislative requirements. Staff involved in customer facing areas of CBA receive periodic training and reminders on the detection and reporting process for suspicious activities. Communication of changes to AML/CTF legislation or any emerging risks are communicated to the relevant staff.
- Employee due diligence: CBA has processes in place that provide reasonable assurance of the identity, honesty and integrity of prospective and existing employees. These processes are being enhanced within timeframes specified in the AML/CTF Act 2006.
- Agents of CBA are required to carry out their duties in accordance with agreements entered into with them and includes where applicable any customer identification and know your customer requirements. In complying with the recently enacted AML/CTF Act 2006, controls and assurance processes including training are being enhanced to within timeframes specified in the AML/CTF Act 2006.
- Independent audit and compliance review function: Our auditors and internal compliance departments conduct programs of audits and compliance testing of all CBA’s policies and operational procedures including those applicable to AML. The frequency and scope of the audits and compliance tests are determined through a risk-based approach, where higher risks to CBA are audited and tested more frequently. The audit and compliance programs are approved by senior management.
- Correspondent banks: CBA has implemented risk based due diligence procedures that include, but are not limited to, the following – understanding the nature of the correspondent’s business, its licence to operate, the quality of its management, ownership and effective control, its AML Policies, external oversight and prudential supervision including it’s AML/CTF regime. Additionally, ongoing due diligence of correspondent accounts is performed on a regular basis or when circumstances change. Bank policies also ensure that we do not offer ‘payable through accounts’. All correspondent banking relationships are approved by senior management.
- Assessment of payments against proscribed (TF and Sanctions) Lists: CBA has risk based processes to assess inward and outward payments against proscribed lists. These processes have been implemented to comply with domestic and international obligations.
- Shell banks: CBA does not conduct business with shell banks. Our policies and procedures prohibit offering services to shell banks as defined in the AML/CTF Act.
- Politically Exposed Persons (PEPs): In complying with the recently enacted AML/CTF Act 2006, the risk based approach considers customers or beneficial owners who are PEPs as heightened ML/TF risk. Controls are being enhanced to manage the PEP ML/TF risk within timeframes specified in the AML/CTF Act 2006.
- Anonymous and numbered accounts: CBA does not provide customers with anonymous accounts, or numbered accounts for which customer identification and KYC is not performed.
- Regulatory Action: The CBA has not been the subject of any money laundering or terrorist financing-related proceedings, investigations, sanctions or punitive actions.
4. AML/CTF Measures in International Operations of CBA
View a full list of the international operations of CBA (including branches, subsidiaries, representative offices and joint ventures).
AML/CTF measures in international operations of CBA: In the international operations that CBA has a controlling interest in, policies and procedures are in place which assists the operations to comply with their respective domestic AML/CTF laws. Wholly owned overseas subsidiaries and overseas branches to whom aspects of Australia’s AML/CTF Act 2006 apply, comply with CBA’s AML/CTF program.
5. USA PATRIOT Act Certificate
Under the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act 2001, CBA may be required from time to time to provide Certification Regarding Correspondent Accounts for Foreign Banks. View a copy of this Certificate.
6. Fraud and Corruption Policies
The CBA Group has in place a Group Fraud Risk Management Framework which outlines the Group’s and its employees’ commitment and responsibilities in relation to bribery and corruption. This Framework is underpinned by the Group Fraud and Corruption Policy and related standards and procedures. Together they ensure CBA has adequate controls and procedures in place to comply with bribery and corruption obligations across the various jurisdictions in which it operates.