icon-clock 5 MINUTES

Commonwealth Bank – The Million Dollar Money Laundering Scandal You’ve Never Hear Of

Australia is known for it’s wildlife and natural wonders, but it’s also a money laundering sanctuary. Here we cover the biggest Australian money laundering scandal to date.

The Commonwealth Bank of Australia (CBA or Commbank) is Australia’s largest bank, founded in 1911. Over the last century, the bank has expanded internationally, opening locations in Asia, North America, New Zealand, and Europe. Throughout CBA’s extensive history, the bank has experienced its fair share of controversy, but nothing tops the money laundering scandal that came to light in 2017.

The glaring lack of anti-money laundering (AML) and counter-terrorist financing (CTF) procedures in place led to hundreds of millions of dollars being laundered by criminals on an international level. Here’s the full story.

How it all began

In May 2012, CBA rolled out intelligent deposit machines (IDMs). These IDMs allowed individuals to deposit cash or checks, and to do so anonymously. The machines would count the money, and instantly credit it to the recipient’s account. The main purpose of IDMs was to make banking more convenient; it wasn’t necessary to wait in line and then speak with a bank teller, which could be a time consuming process. The service was very popular with small businesses.

IDMs began generating a small fortune for CBA. After opening, approximately A$89.1 million in cash was deposited within the first six months. In May and June 2016, over A$1 billion was deposited each month into the CBA IDMs. But the bank was doing very little when it came to the risk assessment of these machines. A total of A$8.91 billion was deposited into the bank’s IDMs before any investigation was conducted regarding the possible money laundering and terrorist financing risks of IDMs.

Any Questions?

Our team is always ready to help you and your business.

Gross incompetence

Naturally, IDMs posed a huge risk for money laundering and terrorist financing, as money could be deposited anonymously and then moved elsewhere within minutes. Additionally, there was no daily limit on how much you could deposit. Individual IDMs had a limit of A$20,000, but one could visit multiple IDMs to deposit more money on the same day. It wasn’t until 2017 that a daily limit of A$20,000 was put on IDMs, which was further limited to A$10,000 in 2018.

CBA was required by law to have AML and CTF procedures in place to prevent criminal activity from happening. The AML/CTF Act was put into law in 2006 in Australia. The Act required that any deposits over A$10,000 were supposed to trigger a threshold transaction report (TTR) to be sent to AUSTRAC, Australia’s financial intelligence unit, within 10 business days. While some TTRs were submitted, a staggering 53,506 transaction reports were not sent to AUSTRAC, and CBA originally placed the blame on a software problem with the IDMs.

Criminals managed to avoid triggering TTRs by depositing amounts just under A$10,000. Most deposits ranged in the A$9,000 range, allowing them to fly under the radar. Ironically, this extra effort made by criminals was not always necessary as CBA was failing to file TTRs in the first place. 

In addition, these multiple, high value deposits and the swift transfer of funds should have triggered other actions at CBA. Once again, CBA was required by the AML/CTF Act to file suspicious matter reports (SMRs) and send them to AUSTRAC within three days. Either no SMRs were filed at CBA or they were passed on to AUSTRAC later than the given time frame, which was a massive breach of the law. In fact, between 2012 and 2017, SMRs were requested by AUSTRAC and law enforcement almost 70 times in relation to criminal investigations. CBA either submitted the reports late, or didn’t submit them at all.

In a show of complete incompetence, in some cases CBA was flagging accounts but not taking any further action due to a breakdown in communication within the company. The bank’s security division noticed suspicious behavior and forwarded information to CBA’s internal fraud team on multiple occasions. However, no accounts were closed and no investigations were conducted. 

The worst part is that the illicit activities were glaringly obvious. While it looks like offenders were making some effort to hide their nefarious dealings, such as moving money around between multiple accounts, most of the time what they were doing was excruciatingly obvious. The worst case being when cash deposits totalling A$27.2 million were deposited into one single account then immediately transferred internationally over the course of one and a half years. If CBA had had adequate AML and CTF procedures in place, the whole scandal could have possibly been avoided completely.

Where did the money go?

So who was benefiting from the massive oversight? Crime syndicates. According to AUSTRAC, at least five crime syndicates (many of them involved with weapons and narcotics) used the IDMs at CBA to launder their money. The majority of the gangs are believed to be located in Hong Kong, but the crimes spanned the globe.

The money laundering at CBA also led to one of the biggest methamphetamine busts in Australia, where police seized A$315 million worth of “ice”. A Hong Kong-based syndicate used CBA to launder more than A$21 million on behalf of drug smugglers. During the CBA case, it came to light that the syndicate used underlings who needed extra cash to make deposits on their behalf. 

It also appears that terrorist financing was taking place as well. Two men, Arlsan Shaffi and Salman Khan, were arrested in 2015 and charged with money laundering. Both men were suspected to be linked to radical terror figures. Police found more than A$3 million in banking receipts, and just over half of that money had been laundered through 101 different CBA accounts. 

Australia’s largest penalty

Legal action began in 2017, and CBA initially played coy with admitting their wrongdoings. At first they claimed they were guilty of nothing, before confessing to some of the charges, then finally admitting to all of them. Originally, it was rumored that CBA would have to pay one trillion dollars for its crimes, which would have ended the bank and taken the world record for the biggest fine to date. AUSTRAC sued CBA, and the bank agreed to pay a whopping A$700 million plus AUSTRAC’s A$2.5 million in legal feels to settle civil proceedings.

Senior leadership was completely changed, the most notable being the bank’s CEO Ian Narev, who was asked to step down. CBA apparently also cut A$100 million in incentives for its staff in an effort to make amends. Many were disappointed, but not surprised, that senior management was not held accountable for the extensive crimes.

CBA’s other scandals

Unfortunately for CBA, this is not the bank’s only scandal, although it certainly is the biggest. In 2018, CBA came under fire for charging service fees to customers when no service was actually provided. Between 2007 and 2015, clients were routinely charged for advice that they never received. The bank had to pay back A$118.5 million to its customers. Earlier in 2019, CBA was banned from charging ongoing service fees by the banking Royal Commission. 

CBA has also had problems with continuing to charge clients who are deceased. In one case, a financial advisor was aware that the client had died but continued to charge the account for a decade. Over 2,000 accounts were affected, and CBA was not the only bank that was doing it.

Also in 2018, it was revealed that CBA lost the financial statements of nearly 20 million accounts in 2016 and didn’t tell customers about it until Buzzfeed broke the news. The information was stored on magnetic tapes, and CBA was unable to confirm that the tapes had been destroyed like they were supposed to be. Not long after, CBA was given a court-enforceable undertaking by the Office of the Australian Information Commissioner to improve it privacy practices.

In 2016, two members of CBA staff were alleged to be complicit in a A$76 million Ponzi scheme. In exchange for using forged documents to take out large loans to fund non-existent property developments, the pair received a cut of the funds. The two men responsible for the scam pled guilty, meaning we will never know if CBA knew what was going on and if the bank’s staff were actually involved. However, what is clear is that CBA was aware that something illegal was happening in 2007, and didn’t bring it to the police until 2011.


It’s very clear that CBA completely failed to enact sufficient AML and CTF procedures, and the money laundering case is just one of the bank’s many problems. The case has also brought to light the fact that Australia is a popular hub for money laundering due to its lack of regulations. Current AML/CTF laws in Australia do not cover real estate agents, accountants, and lawyers, which is a big loophole. The Financial Action Task Force has criticized the lack of regulations taken by banks and the government in the country.

It’s clear that Australia’s banks and government need to work together to create stronger AML and CTF procedures, and make sure that they are adequately enforced. Otherwise, a scandal like this one is very likely to happen again.