CommBank has stated that it will mount a legal defence against the matter. It has blamed a software error for the breaches. That might be true, but a close reading of the statement of claim filed by Austrac with the Federal Court suggests a much deeper problem than a software glitch.
Many of the deposits were made through Intelligent Deposit Machines, or IDMs, which automatically count cash and instantly credit the account nominated by the depositor, making the funds available for immediate domestic or international transfer. Crucially, they also facilitate automatic deposits.
What could be more perfect for drug syndicates and terrorism financers?
But it seems no one at the bank bothered asking "hang on, will this make it easier for criminals and terrorists?" or if they did, they were presumably ignored.
Austrac is alleging that when CommBank rolled out the new machines in 2012, it did not carry out a money laundering or terrorism financing risk assessment "in response to the exponential rise in cash deposits through IDMs, nor in response to alerts raised by internal transaction monitoring systems, nor did it review its [money laundering/terrorism funding] risk assessment in response to identification by law enforcement of significant instances of money laundering through IDMs".
In fact, it was three years after the introduction of the IDMs before CommBank conducted an assessment of the increased risk. By this time, close to A$9 billion in cash had passed through the machines.
This failure to conduct any risk assessment when it was blindingly obvious that the risks of terror funding and money laundering had increased points to a blithe disregard for doing the right thing.
The Austrac statement of claim outlines other instances where CBA people - not computers - failed to do the right thing.
One way criminals try to get around the law requiring cash transactions of over A$10,000 to be reported is to make lots of transactions for just under A$10,000, known as structured deposits.
Austrac says that despite identifying a pattern of activity on these accounts as suspicious and indicative of money laundering, CommBank "repeatedly failed to comply with its obligations" to report the transactions.
The financial policeman outlines numerous instances where it alleges CommBank allowed customers to continue using their accounts even after law enforcement authorities had alerted it to suspicious activities around those accounts.
Austrac alleged in court that at least four organised crime syndicates used the IDMs to launder at least A$75 million, largely drug money, and get much of it out of the country under CommBank's nose.
Each of the 54,000 or so alleged transgressions carries a potential fine of up to A$18 million - so in theory at least, CBA could face fines of a trillion dollars.
The reality is that the potential total fines would be only a fraction of that amount, but monetary penalties are the least of the bank's worries.
The court case comes as CommBank was trying to rebuild its reputation following scandals in which it was found to be unfairly rejecting life insurance claims in 2016 and providing inappropriate financial advice to clients in 2014.
These latest allegations suggest CommBank has failed to reform its culture and they come as the bank reported a record A$10 billion annual profit.
The bank has cut executive bonuses and director fees, but it will likely be too little too late.
CommBank and the other big banks can expect a major crackdown from the government and regulators, who will not stand by and allow the banks to make record profits while not complying with their legal and societal obligations.
The final words can go to Austrac, which concluded its statement of claim against the Commonwealth Bank thus: "It is essential to the integrity of the Australian financial system that a major bank such as CommBank has compliant and appropriate risk-based systems and controls in place to deter money laundering and terrorism financing. The effect of CommBank's conduct in this matter has exposed the Australian community to serious and ongoing financial crime."Disclaimer: Christopher Niesche has on occasions carried out small amounts of work for CBA.
