Regional bank pinged over money laundering guardrails

Australia's fifth-largest retail bank has been pinged by regulators after a review found it had deficient safeguards against money laundering.

Bendigo and Adelaide Bank hired Deloitte to conduct the review after suspicious activity at one of its branches apparently went undetected for six years, until August 1.

The Deloitte review, revealed in November, found the deficiencies extended beyond just one branch and identified weaknesses in many key aspects of money laundering and counter-terrorism financing risk management.

Now, the banking and anti-terrorism and counter-terrorism financing regulators are taking action to address those weaknesses.

Australian Prudential Regulation Authority is concerned the weaknesses identified by Deloitte may be occurring across its broader operations.

The Australian Transaction Reports and Analysis Centre, or AUSTRAC, shares the authority's concerns.

As a result, the regulators have told the bank it must hold additional risk capital of $50 million and investigate the extent of the issues in its operations.

AUSTRAC has also commenced an enforcement investigation to examine whether Bendigo has complied with its obligations under anti-money laundering and counter-terrorism laws.

"Our investigation will examine Bendigo Bank's compliance with the ... act and inform any further AUSTRAC action," AUSTRAC Acting CEO Katie Miller said.

APRA noted the bank is financially sound and sits comfortably above its core capital and liquidity requirements.

But it's concerned that there may be significant gaps in its risk management framework that need to be addressed urgently.

"The measures we are announcing today alongside AUSTRAC aim to ensure that fundamental deficiencies in Bendigo Bank's risk management framework are identified and addressed and those responsible are held to account as appropriate," chair John Lonsdale said.

Bendigo, which had self-reported the initial issues, said it acknowledged the need to intensify its efforts and that it had already taken steps improve its risk culture.

"The bank recognises robust risk management practices are critically important to ensure the bank can continue to protect its customers," chair Vicki Carter said.