Already it’s becoming clear that the seed for the crisis was a compliance breakdown in the ­financial crime division, although it’s too early to determine who should be held accountable.

Success has many friends but failure is an orphan. The truth, however, will come out — there’s an electronic or paper record of almost everything that’s required for a credible investigation.

ASIC, armed with its compulsory information gathering powers, is just one of the entities sifting through the bank’s most sensitive internal documents.

Law firm Allens, on behalf of Westpac, is also casting a long shadow, as is Promontory Financial Group, the independent expert briefed by the board’s new financial crime committee to conduct a full review of the crisis.

The Australian Prudential Regulation Authority is more than just making up the numbers.

Conscious of not cutting across Austrac’s territory, chairman Wayne Byres told a parliamentary committee on Monday that his focus was any breakdown in culture and governance, including internal red flags that were ignored or any failure to push concerns up the food chain.

Byres said specifically that APRA would be interested in the treatment of the former Westpac compliance manager Amanda Wood, who was described by Labor MP Andrew Leigh as a whistleblower.

“Where warnings were not listened to, it would be of interest to us,” the APRA chief said.

Much has been made of Wood’s account of her two-year period from May 2017 to May 2019 as Westpac’s money-laundering reporting officer (MLRO) — the bank’s focal point for anti-money- laundering and counter-terrorism financing compliance.

Westpac, she said, lacked an ethical culture, and there was a backlash against her after she warned that an Austrac civil penalty action was likely.

After leading the response to the financial intelligence agency’s investigation for 10 months and regularly briefing the board’s compliance committee, Wood was told last May that the bank wanted a MLRO with more international experience. She knocked back a different job on the same pay but with less responsibility, instead accepting a redundancy payment and setting up industry consultancy Waterstone AML.

Ground zero in the Westpac payments scandal is the LitePay product because it links 12 of the bank’s customers to horrific child exploitation in The Philippines.

Promontory is looking at the proximity of the key Westpac players to LitePay. When the product was launched in August 2016, it was equipped with detection monitoring scenarios issued by Austrac at the time.

In the December, the regulator issued Westpac’s financial crime unit with key indicators for the purchase of child exploitation material involving international funds transfers to The Philippines.

Inexplicably, Westpac continued with the same monitoring standards for 18 months until June 2018. The bank already had the 12 customers under monitoring processes before it received Austrac’s statement of claim on November 20, and had filed suspicious matter reports for each of them in response to alerts from the existing detection scenarios and other processes. However, if the updated scenarios had been added, it would have triggered more suspicious matter reports.

The key accountability question is: who failed to implement the new Austrac guidance?

Once that’s answered, the flow-on issue is: were they inept, negligent or just lazy?

While Wood has pledged to co-operate with all regulators, she declined to answer questions from this column about her involvement with LitePay, or any follow-up dealings she might have had in relation to the failed scenario detection update in December 2016.

Any regulator up to the task will ask similar questions of others, including Susie Peacock who was group head of financial crime and fraud from August 2015 to June 2019, which spans the relevant period.

Peacock remains at the bank, having taken on the role of head of product risk in the consumer bank. Wood was one of Peacock’s reports, with a further direct report responsible for the Westpac transaction monitoring program.

The structure was changed in June 2018, when Wood took on some of Peacock’s reporting lines. While The Australian notes the reporting lines there is no suggestion of any wrongdoing by Peacock.

On November 25, five days after Austrac launched its statement of claim, Wood posted a well-informed article on her LinkedIn page under the title: “Austrac, Australia’s triple-threat regulator”.

It warned companies not to treat Austrac like a financial regulator in the same mould as ASIC or APRA.

In contrast to those two agencies — which are part of the Treasury portfolio — Austrac is slotted into the Department of Home ­Affairs.

It’s therefore much closer to a law-enforcement operation, with its last two chief executives coming from the Australian Criminal Intelligence Commission.

Generally, law enforcement did not negotiate with its targets, providing no warning of impending action and taking a strict approach to the law it administered, Wood said.

This helped to explain why Austrac was often seen as “opaque or unpredictable to deal with”.

Second, Austrac had more information about bank customers than the banks themselves.

The regulator existed to collect financial information and pass it on to law enforcement, and information rarely flowed in the other direction to the banks.

“Any information received from Austrac or law-enforcement agencies much be actioned immediately,” Wood said.

Finally, Austrac had the toughest penalty regime in the nation.

Coupled with high-volume breaches in heavily automated processes, this meant there was the potential for very high penalty outcomes.

Doesn’t Westpac know it.

gluyasr@theaustralian.com.au

Twitter: @Gluyasr