The trouble with looking for transactions ‘consistent’ with ‘known’ patterns ‘indicative’ of child exploitation payments to countries with ‘known’ risks is that countless legitimate payments exhibit similar features. www.shutterstock.com

Westpac ticking every anti-money-laundering box wouldn’t make much difference to criminals

The charges surrounding Westpac’s alleged 23 million breaches of anti-money laundering laws have been called “about as serious as it gets”. They include, in the words of Home Affairs Minister Peter Dutton, giving “a free pass to paedophiles”.

But the Westpac case obscures another serious issue: the anti-money laundering system’s compliance focus has a puny impact on crime, including child sex trafficking.

Compliance culture

Symptomatic of a compliance culture measuring activity rather than results is the sheer number of Westpac’s alleged breaches.


Read more: How Westpac is alleged to have broken anti-money laundering laws 23 million times


The 23 million figure really involves a handful of different types of breach.

About 19.5 million alleged breaches involve what are known as “international funds transfer instructions” (IFTIs). These are arrangements between Westpac and overseas banks (known as correspondent banks) to process each others’ customer transactions. These must be reported to AUSTRAC within ten days, with funds origin details included in data passed on to other banks for processing.

AUSTRAC’s claim says Westpac reported 19,489,427 incoming and 10,771 outgoing transfer instructions late (often very late). It says another 10,521 were given to correspondent banks without information about the money’s origin.

Westpac also allegedly didn’t report 2,314 outgoing transfer instructions sent through its “LitePay” international funds transfer system.


Read more: Westpac's panicked response to its money-laundering scandal looks ill-considered


A further 3,516,238 alleged breaches involved the bank’s data retention system deleting records of incoming transactions before the seven years required.

Many reports, few arrests

Westpac’s alleged “free pass to paedophiles” isn’t about these millions of transactions. It’s about 3,057 transactions with 12 customers.

AUSTRAC expects transactions matching patterns known to have been used by criminals to be reported as “suspicious” (not necessarily criminal). AUSTRAC says the relevant transfers were made to countries with known risks, consistent with known patterns indicative of child exploitation. Average payments for the 12 customers were between A$43 and A$333. One customer, with ten payments totalling A$2,612, had a prior conviction.

Westpac shirking its reporting responsibilities is bad, obviously. But the context is also important. Consider the sheer number of reports banks are expected to file automatically with the number of reports involving suspicious transactions, and the number leading to actual arrests and convictions.

In 2018, according to AUSTRACs annual report, 155 million transfer instructions and 246,458 suspicious matter reports were filed (the latter is a fraction of millions of alerts initially raised by banks’ systems and staff).

According to its annual report, this led AUSTRAC’s joint taskforce with Australian law-enforcement agencies to arrest ten people over alleged criminal activities relating to 163 bank transactions.

AUSTRAC’s Fintel Alliance with public and private sector agencies (including Westpac) also contributed to 73 arrests, with 35 victims saved or protected from child exploitation.

This is not an exhaustive account of AUSTRAC’s successes, because it also helps investigations by other agencies in Australia and overseas, but it indicates the tiny proportion of reported transactions leading to arrests.

Needles in haystacks

Don’t get me wrong. The system catches some criminals. That’s a good thing. But very little of the vast amounts of data generated points to crime. Sure, it can be said that if Westpac reported on time, more crime might have been found. (And hindsight and a multi-million litigation budget makes it easier afterwards). But it’s a big ‘might’. If Westpac had filed everything on time, it would still have been like searching for a proverbial needle in a continent of haystacks.


Read more: The global war on money laundering is a failed experiment


Overall, there’s almost no impact on crime. As I’ve noted previously, in 2011 the United Nations estimated just 0.2% of the global proceeds of crime were seized by anti-money laundering efforts. My update of the UN’s estimate (not yet published) suggests the figure might be 0.1% or less. Other research, albeit with poor data, suggests Australia’s recovery rate might be 0.38%.

The bottom line is simple, if stark. The modern anti-money laundering experiment finds some criminals but is terrible at finding enough to have any real impact on crime. Banks are a much easier target for regulators.

Knowing the unknowns

The trouble with looking for transactions that can be ticked off against regulatory checklists is that countless legitimate payments exhibit similar features.

It also means banks have little incentive to figure out better ways to find the “needles”, because they still must deliver the whole field of haystacks or face serious consequences not reporting everything “consistent” with “known” patterns “indicative” of payment to “known” risk countries.

Law enforcement has always been focused on crime, but the overlay of modern anti-money laundering regulations rewards compliance, and punishes non-compliance. Catching criminals features more in well-meaning intent and rhetoric than system design.


Read more: Westpac's scandal highlights a system failing to deter corporate wrongdoing


My specialty is policy effectiveness and outcomes. This means not just asking if we have rules, or if firms comply. We need to ask if the rules work. When “success” is measured by compliance activity and notching up record penalties against banks, we’re stuck with lousy results.

We might see justice for some people and discomfit for banks, but the real tragedy is the harm we fail to stop: almost all of it.

Right now the system penalises banks for not ticking boxes that scarcely prevent crime. We need to stop mostly focusing on the “known” patterns of crime and think more about the 99.9% “unknown” zone where most criminals actually operate.