A perfect storm is gathering over the Australian regulatory landscape. Record fines to financial institutions, increased regulator enforcement efforts, new corporate crime legislation and yesterday’s arrest of a former Leighton Holdings senior executive on foreign bribery charges are emblematic of this sea change. Now more so than ever, it is vital organisations have robust governance, reporting, and compliance programs in place, or face stern regulatory action.


Financial Crime Regulator – AUSTRAC The month of September saw Westpac agree to a deal with the Australian Transaction Reports and Analysis Centre (AUSTRAC) – Australia’s financial crime watchdog – to pay a A$1.3 billion penalty to settle over 23 million alleged breaches of anti-money laundering laws. Westpac admitted it failed to properly report international transactions, keep records of where money came from, assess and monitor the risks associated with foreign transfers, and carry out appropriate due diligence on customers concerning suspicious transactions. The record penalty is nearly double the previous highest penalty awarded against Commonwealth Bank in 2018 of A$700 million for breaches of money laundering reporting obligations.

The respective fines point towards AUSTRAC’s growing willingness to fully investigate and prosecute misconduct. AUSTRAC has been encouraged by organisations’ response to these fines. According to AUSTRAC chief executive Nicole Rose, “[s]ince the Commonwealth Bank action, [AUSTRAC has] had an incredible increase in suspicious matter reporting that's come in…”. The numbers bear this out. Last year, AUSTRAC received approximately 265,000 suspicious matter reports – more than double the amount received in 2018.

The fines issued to Commonwealth Bank and now Westpac have set an example, and we are likely to see AUSTRAC become more proactive as public awareness of financial misconduct amplifies. In September 2020, several Australian financial institutions and individuals were implicated in the FinCEN Files – an enormous tranche of leaked top-secret US Treasury documents which revealed illegal money flows through financial organisations around the world. At this stage there is no suggestion any of the named Australian banks engaged in wrongdoing, however, the links drawn in the FinCEN Files between Australia and dirty money highlights the inherent risks involved in certain financial services.

The FinCEN Files leak builds on the pressure exerted by the Financial Services Royal Commission and will only increase the scrutiny on financial institutions (and Australian corporates more broadly). AUSTRAC’s preparedness to pursue fines in turn serves to underscore the importance for institutions to ensure they have robust reporting and compliance programs in place.

Corporate Regulator – ASIC AUSTRAC is not alone in its reinvigorated enforcement efforts either. Over the last two years, the Australian Securities and Investments Commission (ASIC) – Australia’s corporate, markets, financial services, and consumer credit regulator – has also become more active.

In response to the findings in the Financial Services Royal Commission, in October 2018, ASIC adopted a “Why Not Litigate?” approach to its investigations which it has committed to going forward. Simply put, if:

  • ASIC is satisfied breaches of the law are more likely to have occurred than not; and
  • the facts of the case show pursuing the matter would be in the public interest; then
  • ASIC will actively ask itself: why not litigate the matter?

The change in approach is stark. In the reporting period from January 2020 to June 2020, notwithstanding adapting its focus and restructuring its resources due to Covid-19, ASIC laid 233 criminal charges and commenced 99 new investigations. This can be contrasted against the same reporting period in 2017 where ASIC laid only 32 criminal charges and commenced just 57 new investigations. So far this year, ASIC has also had significant civil penalties imposed against large financial institutions including Commonwealth Bank and AMP.

Modern Slavery Organisations should also be aware of their modern slavery mandatory reporting obligations under respective Commonwealth and State legislation.

At Commonwealth level, any entity with a consolidated revenue of over A$100 million is required to lodge a modern slavery statement under the Modern Slavery Act 2018 (Cth) (Commonwealth Act). Although there is no penalty for non-compliance, the government plans to operate a “name and shame” policy. Therefore, failure to implement modern slavery programmes can have significant reputational risks. Increasingly, we are seeing counterparties and new customers (particularly government entities) expect organisations to have these programmes in place.

To support reporting entities impacted by the COVID-19 pandemic to meet their obligations under the Commonwealth Act, the government has extended the legislated deadline for submission of modern slavery statements by an additional three months for all entities whose reporting periods end on or before 30 June 2020. Companies that operate in NSW must also be alert to their potential reporting obligations under the Modern Slavery Act 2018 (NSW) (NSW Act). It is expected that the NSW Act will commence in early 2021 and compared to the Commonwealth Act, is more stringent and punitive. The reporting obligations threshold under the NSW Act is A$50 million and in contrast to the “name and shame” approach, non-compliance will carry a financial penalty of up to $1.1 million. Note, however, that it unclear whether the NSW Act will commence in its current form as there are impending discussions between Federal and State governments as to how it can be harmonised with the Commonwealth Act to reach a national standard (discussed here).

Criminal Code – Bribery and Corruption Most recently, this month the Australian Federal Police (AFP) arrested former senior executive of construction company Leighton Holdings (now CIMIC Group Limited), Russell Waugh on foreign bribery charges under the Criminal Code Act 1995 (Cth). Mr Waugh now has the unwanted accolade of being the most senior executive from an ASX-listed company to be charged with foreign bribery offences.

The charges relate to the widely reported Unaoil corruption scandal which has already seen Rolls Royce fined $1.1 billion and implicates at least 25 multinational firms that allegedly used Unaoil to pay bribes on their behalf. Specifically, the AFP allege that Mr Waugh was involved in a plan between 2010 and 2012 to bribe Iraqi officials (including a former deputy prime minister of Iraq and) in return for the award of oil pipeline contracts with a combined value of approximately USD$1.46 billion. Arrest warrants have also been issued for two other former executives of Leighton Holdings (both overseas).

While the charges underscore the AFP’s commitment to tackle corruption, they also highlight the difficulties faced in doing so. The investigation into Leighton Holdings has costed millions of dollars and although it is only one of approximately 17 active AFP investigations, it has consumed much of the last decade. Despite these efforts, the charges laid were ultimately only made possible by the FBI’s arrest of two senior executives of Unaoil and their decision to cooperate with the Australian government. It is not surprising therefore that legislative changes are in the pipeline and additional recommendations have been made to revitalise the Australian corporate criminal regime (discussed below).

In October, in less dramatic news, Australian organisations from across business, civil society, academia and government launched a public-private partnership with the objective of supporting Australian business to prevent, detect and address bribery and corruption and promote a culture of compliance. The Bribery Prevention Network is an online portal that offers free resources to help Australian business manage bribery and corruption risks in both domestic and international markets. Contributing organisations include the AFP, the Attorney-General’s Department, Transparency International Australia, and Australia’s big four banks.

Legislative Change

In addition to the strengthened enforcement activities, significant changes to the regulatory regime lay on the horizon. Over the next few years, there is no question this reinforced regulatory regime will impact organisations’ regulatory compliance burden.

The Crimes Legislation Amendment (Combating Corporate Crime) Bill 2019 (Corporate Crime Bill) (discussed here) remains likely to be passed and would see the introduction of a failure to prevent bribery offence, and a Commonwealth deferred prosecution agreement (DPA) scheme. The British and American experience with similar provisions (especially in relation to the Unaoil conspiracy discussed above) suggests that this will be the way forward in prosecuting corporate crime.

The Government has also expressed its intention to table legislation before the end of 2020 to replace the Banking Executive Accountability Regime (BEAR) with the new Financial Accountability Regime (FAR). Although similar in many ways, the FAR will ultimately see an amplified focus on governance so as to hold individual executives more accountable. FAR will, amongst other things, incorporate end-to-end executive product responsibility requirements and increase civil penalties for breach of obligations under the legislation.

Supplementing the above legislative changes, the Australian Law Reform Commission has recently issued 20 recommendations to amend Australia’s corporate criminal responsibility regime (discussed here). The recommendations call for the complete overhaul of the regulation and prosecution of corporate offences, and include an entirely new corporate sentencing regime. Although these changes sit in the mid to long term (if ever implemented), they nonetheless are representative of the trajectory of a strengthening Australian regulatory landscape.

A new era of regulation

Between empowered regulators, increased public scrutiny and expectations, and legislative reform, Australia is entering a new era of corporate regulation. To navigate these unchartered waters, organisations must be proactive in implementing robust governance, reporting, and compliance programs. The risk of failing to do so may be significant.

Sound corporate governance is an essential pillar of any successful business.