The Commonwealth Bank of Australia said on Monday a software "coding error" was responsible for the "vast majority" of the anti-money laundering law breaches it was accused of last week.
The federal government last week accused the country's biggest mortgage lender of widespread breaches of money-laundering and counter-terrorism financing rules, sending the bank's shares sliding.
The issue centres on the use of automatic teller machines that accept deposits instantly by both cash and cheque, facilitating anonymous deposits, and whether the bank failed to identify, monitor and report transfers of more than the limit of $10,000.
Financial intelligence agency AUSTRAC said the bank made 53,700 contraventions of the anti-money laundering and counter-terrorism financing Act, particularly with regards to so-called intelligent deposit machines, or IDMs, rolled out in 2012.
CBA is defending against the charges.
The bank said on Monday that a software update installed late in 2012 caused a "coding error" which meant the machines did not create required transaction reports, called threshold transaction reports (TTRs). The error went unnoticed until 2015, the bank said.
"Within a month of discovering it, we notified AUSTRAC, delivered the missing TTRs and fixed the coding issue," Commonwealth Bank said in a statement.
"The vast majority of the reporting failures alleged in the statement of claim (approximately 53,000) relate specifically to this coding error. We recognise that there are other serious allegations in the claim unrelated to the TTRs."
The AUSTRAC case is the biggest of its kind in Australia and the first against a major lender.
Cash was deposited using fake names with proceeds going to drug importation syndicates, AUSTRAC alleges in its court filings.
CBA chief executive Ian Narev told the Australian Financial Review he would work through the "difficult matters", adding that it was for the company's board to decide whether his job was on the line.
CBA could face fines of tens of billions of dollars if convicted, with the maximum penalty for contravening the anti-money laundering and counter terrorism financing law at $18 million per breach.
CBA said the IDMs have been working correctly since September 2015. In a release to the stock exchange on Monday morning, the bank said the more than 53,000 contraventions arose "from the same systems error" and that penalties should be just and appropriate.
Shares in the bank tumbled 3.9 percent to $80.70 on Friday, the lowest since June 13 and the biggest one-day decline in 18 months.
Reporting by Paulina Duran and Tom Westbrook. Editing by Susan Fenton and Christopher Cushing
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
