Auditing and Internal Control

On 20th November 2018, The Guardian newspaper reported the following article with regard to Commonwealth Bank of Australia case of Money Laundering.

“CBA chair says board response to money-laundering failures was inadequate”

The article was one of the shocker to Australian Investor and common people who have accounts in the Australian banks and trusted their funds are in safe hands. But they had face this one of the biggest money laundering scandal.

It refers to the method of developing illegal activity of money transfer and used for various illegal activities like terrorist, drug trafficking etc.

In the period 2012 to 2015, CBA failed to report almost 53000 doubtful transactions using its ATM operations. And this encourages drug mobs to launder money on the loopholes available in the system, there was large unidentified deposits in the accounts of CBA. It affected the whole business practices, as because of this the daily lives Australians suffered and there was threat created as there were criminals like, terrorists, drug mafia were involved in these transactions. It was projected that point of time that money launder scrub approx. $2 trillion per annum which amounts to approx. 5% of GDP of whole world.

Role of Auditors and Internal Control in Commonwealth Bank

E any Y were the Independent Auditors of the CBA for a long time, and surprisingly their role also comes under security because they breached the trust of the common people and Govt agencies. Auditors’ role is to identify the gaps and issues in the system and suggest the solution or recommend. But in case of CBA it seems that both CBA and E Y were working together to protect the interest of money launders instead of common man and investors.

The main objective of audit of financial statement, is to express to and give their opinion on the fairness and completeness of the financial figures provided, in terms of materials aspect. They have the responsibility to perform by planning their audit in such a way to detect any error of omission or submission, any kind of misrepresentation of the information stated in the financial statement, any failure on the compliance part.

Financial Statement are the responsibility of the management, it is not only the responsibility but also the duty of the management to adhere to the compliance and implement internal control to detect the discrepancies in the system to take timely action

The internal controls of the Commonwealth Bank not sufficient and inadequate because they couldn't detect elements of fraud in the 57,000 counts of money laundering transactions. E and Y reviewed and assessed control and risks adequately and found that the main issue was an overreliance on manual controls. They concluded that were weak and had a higher risk of failure due to human errors. Therefore, they were prone to manipulation and override by the management.

The auditor’s professional duty is also there in terms of getting the required and adequate knowledge of the organisation and their related processes, compliance required to conduct such audit. In case of CBA, it seems EY auditors have failed to do so. The independent auditors may suggest about the forms or content of the financial statements based on the information form the management during the performance of the Audit.

ASA315 focusing on audit responsibility with respect to client governance, the responsibility to prevent and detect fraud, as per the Institute of Internal Auditors, following standards are suggested

  • IIA Standard 1200: Proficiency and Due Professional Care 1210.A2- Auditors must have the required knowledge to access and carry the risk of fraud and the manner it can be managed by an organisation. But surely they are not technical experts in many cases but should ensure that technical internal control mechanism is in place in the organisation to detect such error.
  • IIA Standard 2120: Risk Management 2120.A2– The Audit activity should evaluate the potential threats or risks of occurrence of fraud.
  • IIA Standard 2210: Engagement Objectives 2210.A2– Auditors are considered as watch dog who should also have the ability to consider the probability of any significant error, noncompliance exposure etc.

In this case it clearly shows that Auditor E and Y have not done their duties properly, their Auditor should have the ability to detect this kind of massive regulation, and too which was going year on year it is was missed one year it cannot be missed or ignored next year also. Bank are the custodians of public funds so it was the duty of the Auditors to take due diligence while doing the Audit and submitting their report. They are not directly responsible for the Fraud but it is also true that that they had also breached the trust of public and Govt. agencies, who trust these watchdogs to believe that everything is going fine as per law and regulations.

IN CBA case, it is complete failure of Internal control mechanism, it is either not there or it was not followed and ignored completely by CBA management. In any organisation the internal control system will work only management has intention to implement and work on its finding but if management is ignorant about that that do not consider it seriously than it is obvious to such malpractices and frauds.

CBA was not only slow to decide whether or not to continue business with few of its customer but also gave them a proper 30’s days’ notice before their suspending their accounts, which clearly shows the intention of the Management. In spite of getting red flags and signals they didn’t act on time, they were playing customer’s (common public) money and should have been extra cautious but here the approach was very careless in 20 cases AUSTRAC told that even in notice period money laundering continued without enhanced monitoring in place which shows that it was complete failure of Internal Control System.

Even when CBA found out misconduct, it still sometimes not submitted timely SMR (Suspicious matter report) to AUSTRAC, which facilitated further money laundering.

2. The shareholders of Commonwealth Bank of Australia had every right to file a case against the Management and Auditors for loss they suffered, these are irregulars done at different level which required serious actions and reforms, so that such acts are not repeated in future. CBA had to face the legal charges and has to pay a civil penalty of $700 Million. The shareholders of Commonwealth Bank suffered losses as a result of the money laundering allegations against the bank. The bank put the interests of the shareholders in jeopardy by not meeting the legal responsibilities. For instance, a fine of A$700 million imposed on the bank saw a reduction in its profits as well as shareholders' returns. Therefore, the shareholders had a legal right to institute legal action against the Bank for violating their agency and fiduciary obligations for compensation. Primarily, the shareholders instituted an action against the Bank for compensation of the losses they had suffered. The court ordered the Bank to pay damages they had caused to their shareholders in two phases. The bank honoured the law of contract and paid two-thirds of the shareholders for the damages caused.

CBA has been asked to put AUD 1 billion in reserve capital till the time it proves to regulators and govt authorities, that it has good and sufficient governance and control to prevent future violations of this nature. Bank also needs to keep another AUD 200 million in reserve for cost and compliance for the banking financial services royal commission and another AUD 100 million to improvise the AML and CTF systems.

Report produced by EY for the year ending 2018, has not highlighted all discrepancies, as per one of reports published in news“That news led to a Senate vote for the Parliamentary Joint Committee on Corporations and Financial Services to investigate conflicts of interest in auditing firms”.

It was not only a public opinion but also concluded by various experts like FRC chief Executive Stephen Haddrill who claimed in a statement as”

 “At a time when the future of the audit sector is under the microscope, the latest audit quality results are not acceptable,” said FRC chief executive Stephen Haddrill in a statement.”

This investigation comes after all big four audit firms like , KPMG, Pwc, EY and Deloitte repordtly failed in audit test in terms of quality standards set by Financial Reporting Council, second year in a row.

EY provided an appropriate auditors' report for the year ending June 2018 in the light of money laundering allegations. In the report, they mentioned that they had concerns about the bank's remediation programs and compliance systems. More specifically, the auditors identified over-reliance on manual controls as the weakness in the existing internal controls of the bank. As a result, the public was made aware of the allegations and new clients restrained from investing in the Bank until the case was resolved.

There was some shocking revelations came out in the inquiry of the customer service and customer advice of the Australian Banking sector about the customer abuses. It was found in the investigation that four biggest banks of Australia, CBA, National Australian Bank, Westpac, and Australian and New Zeland Banking ltd (ANZ) all were engaged in breaking the rules and rigging the interest rates and money laundering activities. They took customers for granted.

CBA Effects

ASIC is regulator body in Australia, and protects the rights and interest of the Investors and lenders in the country, conducted a thorough audit of CBA transactions and internal control systems. It keeps a check on various financial institutes by doing audit and its role it to curtail the financial frauds and crime including money laundering activities.

Commonwealth Financial Planning Limited (CFPL) a subsidiary of Commonwealth Bank of Australia (CBA) cheated its customers by false commitments and invested their hard earned money in high risk investment for their own personal interest. ASIC also reacted very late, in spite of various signals no one took it seriously. Moreover, there were various constraints which prevented ASIC to function appropriately-

Political Favouritism- Politics plays an important role in every economy and it is misused and it used in favour of a group or people, in case also it worked against the interest of common man and ASIC was not able to act on time to take the right action.

Improper Evidence- ASIC was facing constraint as mere warning signals cannot be termed as enough evidence to start their investigation, against such a reputed brand.

Lack of Authority- ASIC has not the full authority to initiate an enquiry in itself unless granted permission by the top govt authorities. This also delayed the whole process.

After this incident Banking Royal commission in Australia In its ASIC gave its recommendation as follows-

  • Approval of ASIC will be required for the content of relevant codes and governance arrangements
  • Now it will be required for entities to subscribe to approve
  • These codes will be binding by contractual arrangement against subscribers
  • Customers must get the resolution thru an appropriate resolution authority for any dispute or noncompliance.
  • The monitoring body for codes consist of industry experts, consumer forum people and other members to monitor and control the activities and check the industry compliance, their duties also include reporting periodically to ASIC for all these matters.

 Recommendations above were directed towards meeting difficulties of treasury, and effective internal control mechanism will be in place to ensure adherence. ASIC new provisions in the Court Enforceable Undertaking forbids CFPL from accepting new clients as well as charging fees before satisfying it that fees for no service conduct would not be repeated. Additionally, ISA 300 emphasizes effective and comprehensive audit planning before engaging in the audit. The Banking Royal Commission in Australia has stressed the application of the audit risk model to allow auditors to assess the inherent risks that are likely to affect their clients and provide a detailed report concerning the same.

Applicable case : Brighton v Australia and New Zealand Banking Group Ltd [2011] NSWCA 152; Doggett v Commonwealth Bank of Australia (2015) 47 VR 302; National Australia Bank Ltd v Rose [2016] VSCA

Reference for Commonwealth Bank of Australia Case Analysis

Latest Australia news and comment | The Guardian. (2018). The Guardian; The Guardian.

‌ Home. (2019, October 25). Cpaaustralia.Com.Au.

‌creator, E. (n.d.). Chartered Accountants Australia & New Zealand. CAANZ. Retrieved August 6, 2020, from

‌Financial Services Royal Commission - Home. (2019). Royalcommission.Gov.Au.

‌PYMNTS. (2019, August 5). Australia’s Big Banks Defend Outside Auditors. PYMNTS.Com.

‌CBA failures allowed money laundering. (n.d.). SBS News. Retrieved August 6, 2020, from

Remember, at the center of any academic work, lies clarity and evidence. Should you need further assistance, do look up to our Accounting and Finance Assignment Help

Get It Done! Today

Applicable Time Zone is AEST [Sydney, NSW] (GMT+11)
Upload your assignment
  • 1,212,718Orders

  • 4.9/5Rating

  • 5,063Experts


  • 21 Step Quality Check
  • 2000+ Ph.D Experts
  • Live Expert Sessions
  • Dedicated App
  • Earn while you Learn with us
  • Confidentiality Agreement
  • Money Back Guarantee
  • Customer Feedback

Just Pay for your Assignment

  • Turnitin Report

  • Proofreading and Editing

    $9.00Per Page
  • Consultation with Expert

    $35.00Per Hour
  • Live Session 1-on-1

    $40.00Per 30 min.
  • Quality Check

  • Total

  • Let's Start

Browse across 1 Million Assignment Samples for Free

Explore MASS
Order Now

My Assignment Services- Whatsapp Tap to ChatGet instant assignment help