Westpac picks IBM subsidiary to conduct post-AUSTRAC inquiry review


Westpac has appointed an IBM subsidiary to undertake an independent review into the bank’s technology systems and governance processes following an AUSTRAC investigation which exposed an alleged 23 million breaches of Australia’s AML/CTF Act.

The review, commissioned by the newly appointed Westpac Board Financial Crime Committee, will investigate IT systems and governance failures at the centre of the anti-money laundering and counterterrorism financing (AML/CTF) breaches.

With all eyes on Westpac in the wake of the AUSTRAC investigation, the selection of Promontory, a global consultancy and risk management firm wholly owned by IBM, remains a curious choice for the big four bank. 

Questions will no doubt be raised around a potential conflict of interest arising from the deal, with Westpac maintaining a nearly three-decade relationship with the tech powerhouse.

While long depending on IBM to power its core transaction processing systems, Westpac just last year announced it had adopted IBM’s hybrid private cloud platform-as-a-service (HPaaS), which saw a significant portion of the bank’s disaster recovery and service continuity services shift to two IBM cloud sites in Sydney.

Nevertheless, Westpac chair Lindsay Maxsted said he was “pleased” Promontory had agreed to undertake the external review “given their background and global expertise on this matter.”

“They will be provided all the resources they need to ensure a thorough, rapid and independent analysis is undertaken,” he said in a statement.

“We are genuinely remorseful for any hurt caused by the shortcomings in our systems and processes and understand we need to find the root causes and ensure accountability.”

“Westpac is determined to urgently address the issues that have given rise to the AUSTRAC statement of claim.”

One of only big four banks to come out relatively unscathed from the 2018 Hayne Royal Commission, Westpac will no doubt see 2019 as its annus horribilis.

After disappointing profit results, with the bank reporting a 16 per cent drop in year-on-year profits in its 2019 Annual Report, Westpac now faces the prospect of more than $1 billion in fines as a result of the AML breaches. The AUSTRAC-led inquiry has also claimed the scalps of Westpac’s chief executive Brian Hartzer and chair Lindsay Maxsted, who announced he will depart from the role early next year.

Westpac drew the ire of regulators and the public for its failure to report 23 million international transfer notifications (IFTIs) to the financial intelligence agency AUSTRAC – a legal obligation under the AML/CTF Act – including a number of transactions between known child exploiters.

The bank blamed the IFTI reporting mishaps on the middleware between batch systems and monitoring software which failed to link up with overseas correspondent institutions.