National Australia Bank enters into enforceable undertaking with AUSTRAC for AML failings

On May 2 2022, Australian Transaction Reports and Analysis Centre (AUSTRAC) accepted an enforceable undertaking (EU) from National Australia Bank Limited (NAB) to improve the bank’s compliance program and bring it into line with Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) laws. 

The settlement comes after an investigation managed by AUSTRAC in June 2021, which brought concerns about NAB’s AML/CTF program, systems, and controls to the surface – including issues related to customer identification procedures and due diligence. 

NAB has avoided a major financial penalty for its non-compliance – unlike other Australian financial institutions, including Westpac and Commonwealth Bank of Australia (CBA) which received fines and penalties totaling $2 billion for failing to report customers’ suspicious transactions in 2020 and 2018 respectively. 

In 2021, AUSTRAC chief executive Nicole Rose indicated that work by NAB to fix its shortcomings may see it avoid the severe penalties imposed on Westpac and CBA. “Some of these legacy systems are taking a couple of years to fix which we get and are sympathetic to as long as we’re seeing the progress, and they’re sincere about it,” she said. 

Implementing a comprehensive remedial action plan

Under the terms of the EU, NAB has agreed to complete a remedial action plan (RAP) to uplift the following key areas of its AML program: applicable customer identification procedures; customer risk assessment, and enhanced customer due diligence; transaction monitoring; and governance and assurance. 

Rose has said the investigative work completed thus far has been collaborative and that AUSTRAC will continue to monitor NAB’s progress to ensure actions are taken within the defined timeframes and maintain regular, ongoing discussions throughout the remediation process.

According to the conditions of the EU, NAB is required to:

• Finalize a RAP approved by AUSTRAC by December 31 2024;
• See to any deficiencies or concerns identified by AUSTRAC regarding the activities in the RAP; and
• Assign an External Auditor to provide a final independent auditors report by March 31 2025.

Responding to the EU’s public announcement, NAB CEO Ross McEwan said, “We take our AML/CTF obligations very seriously. We acknowledge the concerns that led to AUSTRAC’s investigation. We will continue to work closely with AUSTRAC as we deliver the agreed further actions.”

Reviewing AUSTRAC guidance

In addition to reflecting on NAB’s compliance shortcomings and the large fines received by other Australian financial institutions for similar failings, compliance teams should pay particular attention to the wide-ranging guidance issued by AUSTRAC in the last 12 months. 

Some of the most recent AUSTRAC guidance include:

• Common reporting errors from compliance teams
• Detecting and stopping forced sexual servitude 
• Preventing misuse and criminal communication through payment text fields
• Source of funds and wealth guidance

The NAB announcement from AUSTRAC also demonstrates that while the regulator has said it is trying to focus more on high-risk industries – including crypto, casinos, and clubs – they are still monitoring the banking sector, and are placing a lot of emphasis on a culture of compliance, and self-disclosure of any deficiencies.