Anti-Money Laundering and Counter-Terrorism Financing Disclosure Statement


1. Administrative Information

Legal name: Commonwealth Bank of Australia (CommBank) Principal place of business/Registered Office: Ground Floor, Tower 1, 201 Sussex Street Sydney NSW 1155 Australia Place of incorporation: Sydney, Australia SWIFT: CTBA AU 2S Legal status: Public Limited Company Stock exchange listed: Australian Stock Exchange  Major shareholders: Please refer to the latest copy of the Annual Report under the section ‘Shareholding Information’ Regulators: 

  • Australian Transaction Reports and Analysis Centre (AUSTRAC) – AUSTRAC is Australia’s Anti-Money Laundering/Counter-Terrorism Financing regulator and the    Financial Intelligence Unit. 
  • Australian Securities and Investment Commission (ASIC) – ASIC is Australia’s corporate, markets and financial services regulator.
  • Australian Prudential Regulation Authority (APRA) – APRA is the prudential regulator of the Australian financial services industry.

Australian Financial Services Licence: For the latest version of the Licence, please search for ‘Commonwealth Bank of Australia’ in the ASIC AFS Licensees Register.

2. Senior management – names and backgrounds Please refer to the links below for details on the Board of Directors and the senior executives of the CommBank;

3. Anti-Money Laundering and Counter-Terrorism Financing Measures in CommBank Commbank is subject to, and complies with, Australian law. Australian laws applicable to CommBank:

  • Anti-Money Laundering and Counter-Terrorism Financing Act 2006
  • Banking (Foreign Exchange) Regulations 1959
  • Autonomous Sanctions Act 2011
  • Financial Transaction Reports Act 1988 and associated regulations
  • Proceeds of Crime Act 2002 and associated regulations
  • Charter of the United Nations Act 1945 as amended by the Suppression of Financing of Terrorism Act 2002 and the International Trade Integrity Act 2007 and their associated regulations
  • Criminal Code Act 1995 and associated regulations

The principal piece of legislation is the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). Under the AML/CTF Act, AUSTRAC, the regulatory authority charged with oversight of the legislation, has made Rules relating to AML/CTF obligations. This Act received Royal Assent on 12 December 2006. The Australian Government has stated that the AML/CTF Act will bring Australia into line with international standards, including those set by the Financial Action Task Force (FATF). CommBank has implemented the requirements of this Act within the specified timeframes.

Internal policies/procedures: CommBank has adopted internal policies, procedures and controls to ensure that it complies with existing legislation. CommBank has adopted an AML/CTF Program that reasonably identifies, mitigates and manages the risk of Money Laundering or Terrorism Financing in the provision of services designated by legislation. This program has been approved by CommBank’s Board of Directors.

CommBank’s AML/CTF Program

  • Customer due diligence/Know Your Customer: CommBank has policies and procedures in place to comply with the obligation to identify customers and beneficial owners as required by legislation. The legislated risk based approach requires the CommBank to perform tailored due diligence on customers based on an assessment of the associated Money Laundering/Terrorism Financing (ML/TF) risk. The AML/CTF Act 2006 also requires Ongoing and Enhanced Customer Due Diligence for certain higher risk customers.
  • Record retention: Records relating to customer identification are maintained and kept for seven (7) years in Australia after the accounts are closed. Information relating to services provided by CommBank is retained for a period of seven (7) years.
  • Monitoring of suspicious activities or transactions: Monitoring is carried out through a risk-based approach. Staff receive periodic training and reminders of the requirements to report suspicious transactions and how to identify them.
  • Reports of suspicious transactions: CommBank is required to report any suspicious customer activities or transactions to the regulatory authority, AUSTRAC. Internal policies and procedures are in place to ensure compliance with the applicable legislation and regulatory requirements.
  • Reports of significant account and non-account based cash transactions and all IMTs: CommBank is required to report significant account and non-account based cash transactions of AUD 10,000 or more to the regulatory authority, AUSTRAC. Details of all IMTs (wire transfers) eg. sender and beneficiary names, address and account number are retained and reported to AUSTRAC. Internal policies and procedures are in place to ensure compliance with the applicable legislation and regulatory requirements.
  • Employee training program: Training is provided to business units that offer products and services that are subject to the legislative requirements. Staff involved in customer facing areas of CommBank receive periodic training and reminders on the detection and reporting process for suspicious activities. Communication of changes to AML/CTF legislation or any emerging risks are communicated to the relevant staff. 
  • Employee due diligence: CommBank has processes in place that provide reasonable assurance of the identity, honesty and integrity of prospective and existing employees.
  • Agents of CommBank are required to carry out their duties in accordance with agreements entered into with them and includes where applicable any customer identification and know your customer requirements.
  • Independent audit and compliance review function: Our auditors and internal compliance departments conduct programs of audits and compliance testing of all CommBank’s policies and operational procedures including those applicable to AML. The frequency and scope of the audits and compliance tests are determined through a risk-based approach, where higher risks to CommBank are audited and tested more frequently. The audit and compliance programs are approved by senior management.
  • Correspondent banks: CommBank has implemented risk based due diligence procedures that include, but are not limited to, the following – understanding the nature of the correspondent’s business, its licence to operate, the quality of its management, ownership and effective control, its AML Policies, external oversight and prudential supervision including it’s AML/CTF regime. Additionally, ongoing due diligence of correspondent accounts is performed on a regular basis or when circumstances change. Bank policies also ensure that we do not offer ‘payable through accounts’. All correspondent banking relationships are approved by senior management.
  • Assessment of payments against proscribed (TF and Sanctions) Lists: CommBank has risk based processes to assess inward and outward payments against proscribed lists. These processes have been implemented to comply with domestic and international obligations.  
  • Shell banks: CommBank does not conduct business with shell banks. Our policies and procedures prohibit offering services to shell banks as defined in the AML/CTF Act. 
  • Politically Exposed Persons (PEPs): In complying with the AML/CTF Act 2006, the risk based approach considers customers or beneficial owners who are PEPs as heightened ML/TF risk.
  • Anonymous and numbered accounts: CommBank does not provide customers with anonymous accounts, or numbered accounts for which customer identification and KYC is not performed.
  • Regulatory Action: Please refer here

4. AML/CTF Measures in International Operations of Commbank View a full list of the international operations of CommBank (including branches, subsidiaries, representative offices and joint ventures). AML/CTF measures in international operations of CommBank: In the international operations that CommBank has a controlling interest in, policies and procedures are in place which assists the operations to comply with their respective domestic AML/CTF laws. Wholly owned overseas subsidiaries and overseas branches to whom aspects of Australia’s AML/CTF Act 2006 apply, comply with CommBank’s AML/CTF program.

5. USA PATRIOT Act Certificate
Under the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act 2001, CommBank may be required from time to time to provide Certification Regarding Correspondent Accounts for Foreign Banks. View a copy of this Certificate.

6. U.S. Procedures for New Account Openings for CommBank Americas Mandated by the USA PATRIOT Act and FinCEN CDD Rule

Customer due diligence rules have historically required banks to obtain from customers their names, addresses, dates of birth and SSNs (or passport numbers, etc. for foreign persons) (“Verifying Information”) when accounts are opened, so customer identities can be verified and recorded. Because legal entities can be used to disguise individuals’ involvement in terrorist financing, money laundering, tax evasion, corruption, fraud and other financial crimes, the FinCEN CDD Rule (compliance date May 11, 2018) requires certain financial institutions to classify key individuals who own and/or control legal entities (“beneficial owners”) as “customers” when an associated legal entity opens an account, which triggers the requirement to obtain Verifying Information for these beneficial owners. This allows financial institutions to help investigate and prosecute financial crimes more thoroughly. Beneficial owners are identified using a two-part test based on ownership and control of the relevant entity (it is permissible for the same individual to be identified under both parts of the test): 
(i) Each individual, if any, who owns directly or indirectly, 25%* or more of the equity interest of a legal entity customer (*percentage may lower depending upon bank policies); and 
(ii) An individual with significant responsibility for managing or controlling a legal entity customer (e.g. a Chief Executive Officer, Chief Financial Officer, Chief Operating Officer, Managing Member, General Partner, President, Vice President, or Treasurer). 

7. Fraud and Corruption Policies

The CommBank Group has in place a Group Fraud Risk Management Framework which outlines the Group’s and its employees’ commitment and responsibilities in relation to bribery and corruption. This Framework is underpinned by the Group Anti-Bribery and Corruption policy,and related standards and procedures. Together they ensure CommBank has adequate controls and procedures in place to comply with bribery and corruption obligations across the various jurisdictions in which it operates.