Tag Archive for: financial crime

Australia should establish a unit dedicated to financial warfare capabilities

In an age of great-power competition, the next major conflict may be waged not in the skies over the Indo-Pacific or in the South China Sea, but through sanctions regimes, targeted financial disruptions and coercive use of trade and capital. Finance has emerged as a sixth domain of warfare.

Economic and financial warfare has become a critical instrument of statecraft, from Iran’s isolation from SWIFT to China’s creation of the Cross-border Interbank Payment System (CIPS). The ability to shape behaviour through financial tools is now a strategic reality. Australia, as a middle power with limited kinetic mass but outsized regulatory and technological clout, must take financial warfare seriously.

Australia’s deterrence measures lie in asymmetric capabilities. Just as cyber and space reshaped operational planning, Canberra can use financial tools to shape adversary behaviour, impose costs and support allies in the grey zone.

Our economic integration with the Indo-Pacific makes us both influential and vulnerable. Australia is deeply embedded in global financial networks and supply chains, with extensive dependencies in sectors like semiconductors, pharmaceuticals and critical minerals. The regulatory reputation of institutions such as AUSTRAC and the Reserve Bank gives Australia credibility, and our intelligence partnerships provide a deep well of financial data. These interconnections create leverage, but also exposure.

Australia should properly mobilise these assets to become a leader in economic and financial statecraft among middle powers offering asymmetric capability to our arsenal. The combined effort would also help to protect our financial vulnerabilities.

From an AUKUS perspective, our institutional architecture has not kept pace. Australia lacks a coherent entity capable of wielding financial power with precision and purpose, like the US Treasury’s Office of Foreign Assets Control or the wartime Ministry of Economic Warfare in Britain. This must change.

Warfare has always been about economics, since Athens and Sparta blockaded each other’s trade routes and the British disrupted Axis supply chains through economic subversion. More recently, US sanctions reduced Iranian oil exports from 2.7 million to under 500,000 barrels per day. These economic tools degraded adversary capacity without firing a shot.

But today, financial intelligence, market manipulation, sanctions enforcement, and cyberattacks on financial infrastructure converge as multidomain tools in warfare. China’s efforts to control rare earths, buy foreign ports and develop a digital yuan are coherent strategies of financial statecraft.

Financial warfare encompasses a wide spectrum of instruments, often deployed in synchronised campaigns to shape the strategic environment before the first shot is fired:

—Sanctions and export controls have constrained Iran’s oil exports and Russia’s defense industrial base.

—Asset freezes and Magnitsky-style laws target kleptocrats and human rights violators, disrupting elite networks.

—Cyber-financial attacks, such as North Korea’s 2016 Bangladesh Bank heist, illustrate the intersection of hacking and financial disruption.

—Currency manipulation and trade coercion, notably by China, undermine fair competition and weaponise market access.

—Supply chain domination, especially in critical minerals, allows adversaries to impose latent costs or influence decision-making through chokepoints.

To develop our own strategies of financial warfare, Australia should establish a Financial Warfare Office. Whether embedded within the Joint Capabilities Group or established as a standalone body reporting to the National Security Committee, its mission must be unambiguous: to use finance to deter aggression, degrade coercion and defend sovereignty.

Core capabilities should include fusion of financial intelligence, in which data is aggregated from AUSTRAC, the Australian Federal Police, private banks and allied intelligence to map financial vulnerabilities and illicit flows. Targeted economic instruments should be developed in collaboration with existing government entities to combine sanctions, investment restrictions and export controls. The dedicated unit should lead in resilience planning to identify weak points in critical financial infrastructure and supply chains. It should run strategic influence operations, leveraging financial narratives and market signals to amplify deterrence.

This unit would also serve as a key interface with AUKUS partners, particularly under Pillar Two, where financial, cyber and technological tools must be integrated for strategic effect.

For example, it could pre-emptively disrupt illicit financing of a hostile proxy group by tracing shell companies across Southeast Asia and triggering coordinated asset freezes with Five Eyes partners. It could also identify and block foreign acquisition of a biotech firm holding sensitive data, using regulatory levers to frustrate strategic land and IP grabs. Such risks are already recurring features of grey-zone competition.

Financial warfare is powerful but double-edged. Ill-considered sanctions can harm civilian populations, erode legitimacy and strain alliances. Cyber-financial campaigns may escalate unpredictably. Australia’s response must therefore be grounded in rule-of-law principles and transparent governance.

For this, we must invest in legal authorities, oversight frameworks and international coordination to ensure that economic tools serve democratic security, not undermine it. Financial warfare must not become a pretext for economic nationalism or short-term political gain.

Australia must now make economic and financial statecraft a core pillar of our national defense strategy. Doctrine, investment, institutions and alliances must be calibrated for this new domain of warfare.

Iran running out of time to meet financial watchdog’s demands

Iran’s economy minister, Farhad Dejpasand, has called on the multilateral Financial Action Task Force (FATF) to discipline the US over its use of budget funds to finance the assassination of General Qassem Soleimani at Baghdad airport.

‘The FATF which claims to confront financing terrorism should notice that now the president of a country [the US] has declared that they will allocate a budget for terrorist acts and they want to use it’, Dejpasand said in Tehran earlier this month.

He said the assassination of Soleimani while the general was on a formal visit to Iraq broke international law and that the FATF ‘should protest and confront it’.

Iran is sensitive about the FATF because it is confronting a February deadline to enact legislation curbing the financing of terrorism or face a financial freeze from the country’s few remaining international friends.

The FATF threat has divided Iran’s secular government, which is desperate to avoid further financial hardship, and its religious leadership, which sees the FATF as an arm of the Western conspiracy against it.

The FATF was established by the G7 nations in 1989 to combat money laundering. Its mission expanded to include action to curb the financing of terrorism following 9/11.

FATF membership has grown to 39 nations, including all members of the G20 (with the exception of Indonesia, which has observer status). More than 200 jurisdictions have signed up to the FATF recommendations. The FATF secretariat is based at the OECD in Paris. Its current president is Xiangmin Liu, who is head of the legal department at the People’s Bank of China.

Member nations submit to formal evaluations of the adequacy of their regulatory frameworks to combat money laundering and terrorism finance. Australia’s defences were found wanting in its last full review in 2016, and the subsequent Commonwealth Bank and Westpac money-laundering and child-pornography scandals suggest that there’s more work to be done.

Australia is considered to be ‘largely compliant’, but Iran is on the FATF’s blacklist alongside North Korea, having been deemed to ‘pose a risk to the international financial system’.

Following Iran’s initial 2015 deal with the US and Europe accepting limits on its nuclear program, its government sought to reintegrate the nation into the world economy by agreeing to an action plan with the FATF to comply with its recommendations.

Iran has made progress with a new law requiring cash transactions to be declared and strengthening anti-money-laundering and terrorism finance laws. However, the FATF has two major areas of continuing concern.

Iran’s legislation criminalising terrorism financing contains an exemption for organisations ‘attempting to end foreign occupation, colonialism and racism’. Iran’s sponsorship of such organisations, led by the Lebanon-based Hezbollah, is the main reason the Trump administration withdrew from the nuclear agreement and was also the rationale for the assassination of Soleimani, who coordinated Iran’s support for militias across the Middle East. The FATF insists the exemption must be removed.

The FATF also highlights the lack of controls over Iran’s international financial transfers, which facilitate both the financing of militia groups and the country’s efforts to evade the US’s financial sanctions.

Iran’s parliament passed legislation designed to meet FATF concerns and to ratify the UN Convention for the Suppression of the Financing of Terrorism in October 2018, but the legislation was initially rejected by Iran’s ‘Guardian Council’, which represents its religious leadership. The formal body to resolve disputes between the two arms of the Iranian state is dominated by religious conservatives and has so far declined to make a ruling, leaving the legislation in limbo.

The issue has been subject to fierce lobbying. Iran’s president, Hassan Rouhani, pressed for the legislation to be implemented. ‘It is our pride that we fight terrorists and counter corruption, therefore we should not allow allegations of money laundering against our banking system’, he said.

The head of Iran’s chamber of commerce, Pedram Soltani, has revealed that Russia’s central bank governor, Elvira Nabiullina, told her Iranian counterpart, Abdolnasser Hemmati, that Russian banks would be unable to work with Iranian banks if Iran fails to enact the FATF reforms. The same is presumably the case for China and Turkey, which, along with Russia, have continued to support economic relations with Iran in the face of US sanctions.

However, a senior cleric, Hojjatoleslam Seddiqi, put the views of the religious leadership in an end-of-year sermon, declaring, ‘The FATF is one of the enemy’s rings of sedition which it insists upon’, adding that Iran’s enemies were seeking to undermine the nation’s independence.

But in a last-minute move, the religious leadership returned the legislation to cabinet on Saturday with some amendments and it has been approved. Instructions have gone out to customs offices with new guidelines for verifying import and export documentation and financial transactions.

Whether it satisfies the FATF that its concerns have been met remains to be seen. The FATF’s official warning said that in the absence of full compliance, its members were to take ‘countermeasures’ against Iran, including requiring financial institutions to terminate correspondent banking relationships and limit financial relationships.

While the US sanctions regime has so far shown no signs of bringing Iran’s leaders to the negotiating table, it has deepened the wedge between the country’s civil and religious leadership.

Iran’s oil exports have more than halved, slashing government revenue and bringing a sharp fall in the exchange rate. The government has responded by cutting fuel and energy subsidies, generating widespread protests. The fall in the exchange rate helped push up the cost of imported goods and brought inflation to a peak of more than 50% in mid-2019. Wages have fallen far behind. Although inflation has since stabilised to around 30%, many staples, such as babies’ nappies, are in short supply because of US sanctions.

The US followed Soleimani’s assassination with a fresh round of economic sanctions targeting Iran’s iron and steel exports and businesses that buy them, including several Chinese companies.

Dejpasand’s wish that the FATF would hold the US to the same standard it is imposing on Iran remains fanciful, although the killing of Soleimani could be considered an act of terrorism. The Terrorism Financing Convention, which the FATF wants Iran to ratify, includes in its definition of terrorism actions intended to cause the death of any person not actively taking part in hostilities in an armed conflict, with the purpose of intimidating or compelling a government to a particular course of action.

Editors’ note: This post was updated at 1715 AEDT on the day of publication.

Lessons from the CBA money-laundering scandal

The recent Commonwealth Bank money-laundering and terrorism-financing scandal provides a couple of important lessons. It highlights the vital role that the private sector plays in fighting crime and terrorism and protecting national security, and it provides a lesson to businesses about the serious consequences of not fulfilling their anti-money-laundering and counter-terrorism-financing (AML/CTF) obligations.

AUSTRAC’s allegations are about as bad as it gets, short of wilful breaches or actual collusion in the alleged crimes. In May 2012, CBA rolled out intelligent deposit machines (IDMs)—ATMs that accept cash deposits of up to $20,000 with no daily limit on the number of transactions a customer can make.

Australia’s AML/CTF laws require regulated entities to report cash deposits of $10,000 or more to AUSTRAC—Australia’s financial intelligence unit and AML/CTF regulator. These reports, known as threshold transaction reports or TTRs, require entities to provide details of the customer, the institution and the transaction. However, for almost three years, CBA failed to report 53,506 cash deposits of $10,000 or more through its IDMs to AUSTRAC.

Furthermore, CBA’s machines allowed anonymous cash deposits. If a customer used a non-CBA card to deposit funds, the IDM didn’t record any information about the card owner making the transaction.

Unsurprisingly, the IDMs were a magnet for criminals and potentially for terrorism financers. AUSTRAC alleges that at least four organised crime syndicates used CBA IDMs to launder at least $75 million of mainly drug money within two years. And CBA itself held concerns that further transactions related to customers who posed a risk of terrorism or terrorism financing.

The number and combined value of suspicious transactions were large, and the criminal syndicates used well-known money-laundering techniques: structuring and ‘cuckoo smurfing’. Yet, AUSTRAC alleges that CBA failed to report many of those suspicious matters to AUSTRAC on time, if at all.

CBA chief executive Ian Narev blamed the problem on a single coding error. However, that doesn’t explain AUSTRAC’s other allegations. They include CBA’s failure to undertake a risk assessment until three years after the IDMs were introduced, its failure to monitor and undertake enhanced due diligence on high-risk customers, its inadequate transaction monitoring, and its failure to lodge suspicious matter reports in some cases. And Narev hasn’t explained the slow and inadequate response when law enforcement and his own staff raised concerns.

These breaches suggest some bigger problems. Clearly, there’s been a breakdown of internal systems. The coding error should have been picked up during testing before implementation.

The other failures are basic legal requirements that the bank would be well aware of from other parts of its operations. Were the bank’s AML/CTF experts engaged when the IDM functions were designed and before they were rolled out? The slow response to alerts and law enforcement information suggests insufficient staffing. And CBA’s culture has come into question following a number of other scandals. What role did culture play in this failure?

Businesses’ AML/CTF obligations are important. The private sector plays a vital frontline role in the fight against criminality and terrorism, preventing criminal funds entering the financial system, minimising the funds available to terrorists and providing crucial intelligence. These breaches bring into clear focus just how important that role is.

As AUSTRAC noted, CBA’s conduct has delayed and hindered law enforcement efforts through lost intelligence and evidence, enabled further money laundering and caused the loss of proceeds of crime. This has ‘exposed the Australian community to serious and ongoing financial crime’.

CBA now faces enormous financial penalties, further regulatory scrutiny here and overseas, increased business costs from remediation work, a falling share price, a possible shareholder class action, reputational damage, the premature departure of its CEO, and the increased chance of a banking royal commission.

The fallout for CBA is a good lesson to all company boards and senior executives. Your company plays an important role in preventing crime and terrorism and protecting national security. The community finds it unacceptable if you don’t play your part.

 

Correction: an earlier version of this post incorrectly attributed authorship to Andrew Davies. The error was caused by an oversight in uploading. 

A risk assessment for financing terror: an important first step

Image courtesy of Flickr user Reynermedia

Last week the second Southeast Asian regional Counter-Terrorism Financing Summit, co-hosted by Australia’s financial intelligence unit AUSTRAC and PPATK, its Indonesian counterpart, convened in Bali. Delivering on the commitments from last November’s Sydney Summit, the release of the world’s first regional risk assessment (RRA) on terrorism financing was an important achievement.

As the RRA notes (PDF), our region hasn’t yet been exposed to the full range of terrorism financing risks experienced globally. Rather, risks depend on each country’s domestic situation and geographical location. Understanding those risks is an important first step towards tackling the most pressing threats and vulnerabilities.

Australia, Indonesia, Malaysia, the Philippines, Singapore and Thailand assessed two methods of terrorism funding as high risk.

The first is self-funding through legitimate sources—including personal income, welfare and pension payments, credit cards and other loans—and the sale of personal items. Relatively small amounts of money are required to travel to conflict zones or pay for unsophisticated attacks which may simply involve hiring a truck. On its own, such activity is indistinguishable from ordinary financial behaviour, making it difficult to detect.

The second method is the misuse of non-profit organisations (NPOs). Insiders can divert legitimate funds to terrorist groups, or NPOs can be set up as fronts. The recent allegations against Dar al Quran wa Sunnah, a Sydney-based charity established to raise money for Syrian refugees, and the Israeli arrest of World Vision’s Gaza manager for allegedly diverting funds to Hamas are examples of that method. While not all NPOs are high risk, these cases show how large amounts of money can be raised and moved undetected over time.

The RRA found that cross-border movement of cash is the predominant method used to move terrorist funds across the region. It highlighted in particular the region’s many porous land borders and close maritime boundaries as factors, with authorities having poor visibility over cash smuggling routes. While regional countries require departing travellers to declare cash over a certain threshold (AU$10,000 for Australia), border authorities can’t check everyone and detecting hidden cash is difficult. Compounding this problem, there are multiple ways to move financial assets across borders that don’t involve cash, and many don’t need to be declared. An increasingly popular method is the use of stored value cards which have been used by foreign terrorist fighters.

Now that the priority areas for focus have been determined, what should Australia do?

The Australian government is already considering answers to that question, thanks to the review (PDF) of the Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Act released in April. In Bali last week, Justice Minister Michael Keenan announced that ‘reforms arising from the review will be progressed in two stages’: a short-term package and longer-term reforms.

An important measure to address the cross-border movement of funds is broadening the definition of what constitutes cash (over the existing threshold of AU$10,000) to include gaming chips, letters of credit, and bullion. The government is also investigating the feasibility of including stored value cards. These are much needed reforms to help detect the cross border movement of assets other than cash.

The regional study of cross-border cash movements announced at Bali will usefully improve visibility over smuggling routes. Regional financial intelligence units should build on this work to enhance collaboration and information sharing on threats and suspect targets.

The Australian government is also investigating a simplified model for sharing information between AUSTRAC and the private sector. This is an area requiring urgent reform to reduce restrictions on the sharing of information about terrorism financing threats generally. It’s particularly crucial in helping detect self-funding through legitimate sources. Private sector companies, such as banks, are in the front line of detecting and reporting such activity. But they need greater information from government on who and what to look for.

Not mentioned in the AML/CTF Act review, however, were actions to counter the misuse of NPOs. Minister Keenan did note at the Summit that work to better understand the sector in Australia is underway. The Bali Summit communiqué (PDF) declared that a second RRA, focussed on NPOs, will be undertaken to inform targeted oversight and outreach to the sector. That should be of the utmost priority. NPOs need urgent information on how their respective organisations can be misused and what governance practices and mitigation strategies should be put in place. The region needs to build on the Bali momentum and get behind these next steps.

The release of the RRA is an important development, allowing counterterrorism financing measures to be targeted and prioritised. However, as AUSTRAC CEO Paul Jevtovic stated at Bali, regional countries will be judged on what actions they take in response to the risks and threats outlined in the RRA. The hard work has only just begun.