CBA chair says board response to money-laundering failures was inadequate – as it happened

Livingstone has been explaining how the board’s treatment of risk has changed since she became chairwoman.

She says, among other things, that the “rhythm of engagement with the CEO” has changed, and that the board now “challenges” management.

“One of the things we’ve done is really explore what governance is and what it actually means and the frameworks through which the board exercises its governance,” she says.

Orr is still pushing Livingstone on this December 2016 audit committee meeting. The minutes don’t record anything about Austrac money-laundering issues.

Livingstone says the issue would have been discussed at the meeting but she can’t “specifically recall” what those discussions included.

Orr asks whether the board took the money-laundering issues seriously enough.

I think it’s fair to say not seriously enough because there was reliance on management’s assurances about all the work being done, but as is clear, there were many issues still outstanding notwithstanding the amount of money spent and time spent upgrading compliance,” Livingstone says.

Orr asks what the board did to hold management to account over the issue.

Livingstone:

Well the discussion is and would have been how long is it going to take and what’s happening but I think, as is clear from what has happened, these matters were addressed over time and it was taking too long.

I absolutely accept that it was an inadequate response.”

Orr is taking Livingstone to a December 2016 audit committee meeting.

Livingstone did not request a copy of the “red” audit report (remember, red equals not good) related to the CBA’s risk of money laundering.

She says the chairman of the audit committee provided a briefing on the audit reports, but admits that she should have requested a copy of the report.

Livingstone is being asked about the CBA board’s role in the Austrac money laundering scandal.

By November 2016, CBA had received three statutory notices from Austrac requiring the bank to provide information about its anti-money-laundering activities.

Livingstone said she raised concerns about the issue, but was assured by CBA management that Austrac “knew we were working hard” to reach compliance.

I challenged management about, why were we getting these notices, what was behind them, and was Austrac concerned about something,” she said.

“The answer I received was, well, Austrac knew we were working hard and investing in our financial crime platform but that we weren’t fully compliant at that time and that there was significant work and significant investment going on, and that we were maintaining contact with Austrac.

“And in addition the then CEO of Austrac had actually met with the board at the June 2016 meeting at which I was not present but had not raised any issues with the board at that meeting.

“I have to say I was concerned about the fact of the notices and I’d had experience with Austrac in a previous role so it didn’t feel quite right to me that Austrac would be comfortable with where we were but management provided assurances that they were fully informed of the situation in terms of our level of compliance.”

Oh, hold everything. We’re taking a short break because the live transcript has gone down.

Livingstone, Commissioner Hayne says, is privileged to have “all aspects of the system go down around you.”

We’ll be back as soon as the royal commission gremlins have been sorted out.

Livingstone has been on the board since last January.

Since then, Fairfax Media and the ABC have revealed the scandals at CommInsure. Six months later Asic released a report saying CBA had systemic no fee for service issues

In December 2016 shortly after she became the CBA chair the company entered into an enforceable undertaking about CBA’s wholespot FX business, and then the Austrac money-laundering scandal happened.

Later that same month CBA had to refund $10m to customers who were sold dud insurance.

Orr asks Livingstone if she’d like the make any observations about that timeline.

I think it’s a fairly damning chronology of – in some instances the bank’s behaviour, in other instances, the bank’s control over its non-financial risks,” she responds.

Orr agrees that the financial sector has a higher risk of misconduct than other industries in which she has served on board.

OK, we’re back after lunch. Hope you’re all refreshed and ready to go. CBA chairwoman Catherine Livingstone is at the crease, with counsel assisting Rowena Orr QC to resume her spell.

And with that Comyn has completed his evidence. We’ll break for lunch, and then CBA chair Catherine Livingstone will give evidence.

I’ll be back at 2.15pm AEDT, but here’s a quick rundown of what we heard this morning:

• We heard that Comyn had numerous discussions with former CBA chief Ian Narev about its much-criticised credit card insurance products. Comyn supported dropping the products, but was opposed by the bank’s wealth division. He told the commission he was unable to convince Narev of his thinking.
• In around April 2015 the CBA introduced a “knockout question” for in-branch and telephone sales of its CreditCard Plus insurance product to stop the sale of the product to ineligible customers. But the knockout question was not introduced for online sales of the product for another two years, which Comyn says was a mistake.
• He admitted there were a number of examples in recent years where the CBA had prioritised financial objectives over its customers, including the fee-for-no-service scandal, and ComminSure.
• The CBA expects to pay about $15m in remediation to 64,000 customers over its CreditCard Plus Insurance, but an internal report prepared by Ernst and Young identified another 27,000-odd “high risk” customers who had been sold the product.
• On the Austrac scandal, Comyn said he’d asked himself many times how so many had become so complacent over non-financial risk.
• He admitted the CBA had been “arrogant” in its past dealings with regulators such as Asic.

Orr has completed her questions, but Commissioner Hayne has a big question for Comyn.

How does the commission address culture and governance not at one institution but across the banking sector?

“Is there any role for external supervision, rule-making – I don’t care what form of externality we include [but] is it all internal or is it something that needs to be supported by, enforced by, buttressed by external action?” Hayne asks.

Comyn says change has to be “dependent on the individual institutions”. A bank’s culture, he says, is “complex” and difficult to “measure and manage”.

He says accountability regimes are helpful, but that “there should be consequences associated with repetition” of failures.

Comyn is asked about CBA’s demerger and its plans to spin off its financial planning arms.

Under the plan the CBA will still continue to provide financial advice in-house.

“We want to provide financial advice for customers,” Comyn says.

“We are exploring which would be the best long-term model to provide financial advice and how to best do that.”

Orr has now taken Comyn to the issue of fee for no service.

You might remember that way back in April the royal commission heard about a litany of problems with the CBA’s financial services arm, including advisers charging dead clients for financial advice – in one case for more than a decade.

Orr and commissioner Hayne want to know about the causes, and the consequences for those in charge.

Hayne’s asking about instances where the customer was paying a fee for ongoing service but was not even allocated a financial adviser.

There were cases where there was no assigned adviser and dare I mention it, there were cases where the dead were being charged?” Hayne asks.

“Yes, commissioner.”

He wants to know why no one “grappled” with the fact that money was being received by the financial services entity.

I’m not sure the extent to which they grappled with it ... I agree with both your and Ms Orr’s characterisation of the failure, which is at many levels,” he says.

A little earlier, Comyn agreed with Orr that when the CBA’s associated financial services firms discovered customers were paying fees for no service they did “too little to uncover the full extent of the problem”.

Comyn says he wasn’t fully across the consequences within the financial services area, but that he suspects an “imbalance between the consequences that were applied”.

Another paper that went before the non-financial risk committee in October was an audit of the CBA’s anti-money laundering and counter-terrorism issues.

The audit was rated “red”, which, on first glance, doesn’t sound good.

The review identified 45 new issues, including seven high-rated issues. That’s on top of the 199 issues already known to the CBA’s management.

Comyn says he believes the CBA is making progress, but that he was “not surprised” by the findings.

“The audit was always going to be red ... we already had 199 outstanding issues. So they, they didn’t need to do any work,” he says.

He said the “majority” of the new issues identified by the audit were not of the same scale as those identified previously.

He says three of them relate to user access verification, another relates to “international foreign transfer instructions”.

We’ve been hearing about the CBA’s new “non-financial risk committee” which emerged out of the Austrac scandal.

It was established in about June, and includes members from the bank’s business units. The point, we’re told, is to “raise the visibility and stature” of non-financial risk in the organisation.

We’re taken to a report prepared by Pricewaterhouse Cooper in October this year about the committee, which Comyn says he asked them to prepare.

The PwC report found the committee was viewed as a positive development internally, but it also identified a failure to address a number of “specific requirements” of the committee’s charter, including “overseeing the health of the group’s risk culture”.

“I was not surprised by any of the findings,” Comyn says.

“There was a lot of work that we had taken on [in] the first three months and the purpose of the review was to identify opportunities for improvement quickly.”

He says he’s still not satisfied with “the rate of issue closure” within the organisation.

“I’m certain the board aren’t either,” he says.

Still on Austrac. Comyn says he’s “seen the impact and the harm that our failures did result on to Australians”.

Orr says the “fundamental problem” that underpinned much of the breach was that it was unclear who in the CBA was responsible and accountable for making sure it was compliant.

“Yes, that’s right,” he says.

She asks Comyn whether he agrees that “senior levels of your organisation did not prioritise the identification and management of non-financial risks”.

“Yes. Yes, I do.”

OK, it looks like we’re moving on to accountability and governance issues, specifically in relation to the CBA’s breaches of the Anti-Money Laundering and Counter-Terrorism Financing Act.

In June, the bank agreed to pay $700m to settle civil proceedings relating to breaches of anti-money laundering and counter-terrorism financing laws.

It came after the government’s financial intelligence agency Austrac announced it was suing CBA for 53,700 alleged breaches of money laundering and counter-terrorism financing laws.

The case related to CBA’s use of intelligent deposit machines, a type of ATM launched in 2012, which let customers anonymously deposit and transfer cash.

The investigation, undertaken in partnership with federal police, NSW police and Western Australia police, found that the machines were being used to launder the illicit proceeds of crime.

Orr says failures by the CBA limited the ability of law enforcement to fight financial crime.

“Yes, that’s right,” Comyn replies.

In his statement to the commission Comyn has said at the time the CBA did not “sufficiently understand” its obligations under the legislation.

Orr wants to know how it’s possible that an organisation the “size and sophistication” of the CBA did not understand its responsibilities.

He gives quite an extensive answer:

At a higher level I would say that there wasn’t a sufficient understanding and awareness of exactly what the risks associated with money laundering was. Part of the reason why I don’t think the relationship either with Austrac or as I perhaps mentioned earlier around law enforcement was appropriate. There was a very poor understanding at an individual level about exactly what was required. There’s not a satisfactory answer to why, but in my view, having spent a lot of time on this particular matter, I don’t think it’s clear that we actually understood what was required. How could we ever fall into that sort of sense of complacency? I’ve asked myself that question many times.

Back to culture. Orr just asked Comyn whether he thinks it will be “difficult to shift long-held mindsets within the CBA about how to deal with the regulator?”

“It may prove to be,” he admits.

It came off the back of questioning about a recent case where the CBA took two months to tell Asic that the Financial Ombudsman Service had found “a systematic issue with CBA’s policies and procedures for providing information and general advice on loan protection products”.

“Was that acceptable?” Orr asks.

“Not at all.”

She asks whether he has an explanation for why it took so long.

I have an explanation but it’s not a good one. And that is ... the team that deals with FOS and specifically around individual customer matters or systematic matters, and this is one of the many reasons why it’s not a good one, are in different parts of the organisation.

He goes on until Orr interjects: “They didn’t talk to each other?”

“They didn’t talk to each other,” he agrees.

So we’re hearing about Comyn’s engagement with Asic chairman James Shipton. Comyn says the speak regularly, about “anything that’s on my mind”.

In one instance, Comyn called Shipton to make him aware of media reporting into the Youthsaver scandal.

Fairfax Media reported in May thousands of children’s CBA accounts were fraudulently set up by retail branch staff. It was part of a widespread scam to earn bonuses and meet aggressive performance targets.

Comyn says he called Shipton to give him fair warning.

“I would try not to surprise the regulator,” he says.

But, we now discover that although he told Shipton, the CBA did not make an official breach report within 10 business days, as required under the law.

Orr asks Comyn why the CBA didn’t report the breach.

“Because at that point in time we didn’t understand the significant of that particular matter,” he says.

“We hadn’t specifically turned out mind to whether it was a breach or a likely breach ... I agree that we should have more explicitly.”

But, Comyn still can’t say whether they’ve reported the breach.

Orr describes the CBA’s dealings with Asic over the mis-selling of consumer credit insurance as “problematic”.

Comyn replies: “That’s probably a generous description.”

“Do you accept that CBA wasn’t cooperative or constructive in its dealings with the regulator?” Orr asks.

“Certainly not as cooperative or constructive as we should have been,” he replies.

Comyn says the bank has been “arrogant” in its dealings with Asic, and accepts the CBA had a history of poor engagement with the regulator in relation to the fees for no service and bad advice issues.

“We were narrow, legalistic, defensive and arrogant in our dealings with regulators and often we left it to our lawyers and compliance people in the organisation to deal with our regulators,” he said.

Comyn’s asked about the remediation to customers who were mis-sold CreditCard Plus insurance. It’s still not completed, and he admits the average time to remediate is “well in excess of a year”.

“It’s completely unacceptable,” he says.

He said the company has focused on “precision, comprehensiveness” at the cost of timeliness.

“We had a general complacency and inability to be able to sufficiently prioritise,” he says.

He says the bank is aiming to bring the timeline down to 90 days, but admits “we will have some difficulty”.

We hear that the CBA expects to pay out about $15m to 64,000 customers over the sale of the CreditCard plus insurance.

They’ve already paid about $10.5m of that.

In regard to loan protection products the bank expects to pay about $31m to 90,000 customers.

We’re told that Asic has been “expressing concerns” about the status of those remediations, and has asked the CBA to conduct a review of the sales of its consumer credit insurance.

Comyn says the CBA commissioned Ernst & Young to do that work.

Orr is again pressing Comyn on the culture inside the CBA.

“What, in your mind, is the single most important thing for you to do personally to change the culture within your organisation?” she asks.

“The leaders inside the organisation,” Comyn says.

“And do you feel that CBA has had the right leaders in the past?”

“No,” he says.

“Do you feel that they have the right leaders now?”

“We will see. I hope so. Yes.”

We’re hearing a lot about Comyn’s attempts to convince Narev to quit the sale of so-called junk credit card insurance products, and the difficulty in the face of opposition from the bank’s wealth division.

We’re told that in April 2016 Narev agreed to an internal review of the products, but it never went ahead. Later, Comyn suggested in an email that both he and the head of the wealth division mount arguments in an attempt to convince Narev of their position.

But, he says, Narev never responded to his email.

“Did you discuss these matters again?” Orr asks.

“Not in as structured a way after this point in time, no. I think they continued to be a topic but I had ... in my view I couldn’t think of too many other options,” he says.

Orr asks if he “gave up”.

“I wouldn’t say I gave up, but I was struggling to find another path,” Comyn replies.

He says he was “insufficiently persuasive” in convincing Narev to drop the products.

Comyn admits there were “insufficient consequences” for employees at CBA who did not sell the consumer credit insurance appropriately.

He said there had been “reductions to short-term variable awards”, but says he couldn’t recall anyone losing their job over the issue.

Orr is asking Comyn to reflect on the impact of these decisions, the fact that it took two years to fix the problem, and what it says about the CBA’s culture.

“Well, we dealt with this matter very poorly,” he says.

We’re told that around April 2015 the CBA introduced a “knockout question” for in-branch and telephone sales of its CreditCard Plus insurance product. The point was to stop the sale of the product to ineligible customers.

But the knockout question was not introduced for online sales of the product for another two years, until May 2017, which Comyn says was a mistake.

“Well, I think the rationale at the time, which is clearly inadequate, was that the online channel was different and we were, again, overreliant on disclosure. It was a very poor decision,” he says.

The commissioner, Kenneth Hayne, asks what he means by that.

“I think the assumption at the time, commissioner, was the channel was quite different and, therefore, customers would read the disclosure and the information that was available to them online,” Comyn says.

He said that was “clearly not the case for the majority of customers”.

“It was a very poor decision,” Comyn says.

We’re told the CBA didn’t introduce any knockout question into the sale of any other consumer credit card insurance at the time either. Comyn says the decision was “flawed”. He says the knockout questions should have been introduced more widely back in 2015.

We’re now taken Comyn’s notes of a meeting between he, Narev and, weirdly, grand chess master Garry Kasparov.

Comyn says Kasparov attended a client meting. He was a fascinating dinner guest, we’re told.

According to Comyn’s notes of the meeting, Narev gave him feedback to “temper your sense of justice”.

Comyn tells Orr he took this to mean he needed to “calm down” and “focus more on my personal conviction”, “better manage competing agendas” and “to pick which battles”.

OK, so things have picked up pretty much where they left off yesterday.

Counsel assisting Rowena Orr is asking Comyn about the CBA’s sale of junk credit card insurance, and his advice to the bank’s former chief executive, Ian Narev, to cease the sale of the products.

Comyn says he had a “robust discussion” with Narev over the products, but that he did not take up his recommendation to suspend the sale of the junk products. They had three other meetings in April, May and June 2016 to discuss this topic, but the recommendation wasn’t taken up.

He said he believed Narev was getting “different views from a different part of the organisation” and took the view the CBA product was deficient compared with other similar products in the market.

Good morning! Welcome to our live coverage of the final week of the banking royal commission. I’ll be taking you through today’s hearing. We expect to hear from we’ll hear more from the Commonwealth Bank’s chief executive, Matt Comyn, as well the chairwoman, Catherine Livingstone.

First though, here’s a quick wrap of what we learned on what turned out to be quite an eventful Monday:

• Comyn admitted there was little, if any, ongoing service provided by mortgage brokers to customers, despite them charging trail commissions.
  
• CBA balked at removing perverse incentives for mortgage brokers to sell larger loans. The bank had come extremely close to introducing a flat-fee model for brokers, instead of commissions. This would have delinked payments to brokers from the size of the loans. CBA was a week out from announcing the change in 2017. But it suddenly decided that it couldn’t make the change without being certain the rest of the industry would follow suit.
  
• Much of the morning session yesterday was devoted to the role bonuses played in misconduct. Comyn said he had considered removing bonuses, but decided against it. He said such a move would have significant impacts on parts of the business, particularly in home lending. Comyn said they were necessary to “uncover the unserved financial needs of our customers and ensure we always provide good customer outcomes”.
  
• The inquiry heard CBA removed bonuses for its teller staff last year. The change had no impact on their performance.