• Specific Year
    Any

Chaikin, David --- "A Critical Examination of How Contract Law Is Used by Financial Institutions Operating in Multiple Jurisdictions" [2010] MelbULawRw 2; (2010) 34(1) Melbourne University Law Review 34

A CRITICAL EXAMINATION OF HOW CONTRACT LAW IS USED BY FINANCIAL INSTITUTIONS OPERATING IN MULTIPLE JURISDICTIONS

DAVID CHAIKIN[*]

[Financial institutions operating in multiple jurisdictions are vulnerable to extraterritorial jurisdictional claims, especially under United States anti-money laundering and economic sanctions laws. A survey shows that banks licensed in Australia have revised their standard form contracts so as to reduce the risks arising from the extraterritorial enforcement of foreign laws. Under the new contracts, customers have purportedly consented ex ante to banks supplying confidential information directly to foreign states and agreed to the freezing of their bank accounts based on a possible breach of foreign law. The contractual provisions are controversial because they circumvent the legal procedures that would otherwise apply in cases of international criminal, civil or regulatory assistance. The legal efficacy and policy implications of the contractual terms are analysed.]

I INTRODUCTION

The extraterritorial application of domestic laws is one of the most important international legal developments in the past 50 years. The extension of local laws to extraterritorial conduct is an inevitable consequence of globalisation. Individuals and businesses are increasingly acting in a global context. The rapid growth of international trade in goods and services and the internationalisation of securities and capital markets continue at breathtaking speed. International banking and multinational banking services are now available not only for wholesale clients but also for retail customers. Technological developments, such as the growth of the internet, have facilitated the globalisation of business. At the same time, crime has become increasingly globalised, particularly the crimes of drug trafficking, money laundering, corruption and fraud. These developments have presented national governments with significant law enforcement and regulatory problems. A legal response to these developments has been the extraterritorial application of domestic laws.

There is a rich resource of academic and practitioner literature on the concept and application of national and international laws governing extraterritorial jurisdiction. David Rivkin, the Chair of the International Bar Association’s Legal Practice Division, pointed out in 2008 that:

Many jurisdictions now apply their laws extraterritorially in a myriad of fields, including antitrust, banking, bribery and corruption, criminal, insolvency, securities, transport, tax, telecommunications, tort, trade sanctions, privacy and human rights.[1]

A local law may be applied to extraterritorial conduct by any of the three branches of government, namely the legislature, the executive or the judiciary.[2] Where states apply or enforce their national laws extraterritorially, two important legal issues are raised: the extent to which international law allows states to assert jurisdiction extraterritorially and the nature of the appropriate legal mechanisms and rules to resolve potential conflicts of jurisdiction.[3] In regard to the latter issue, international bodies, national legislatures and courts have canvassed a range of approaches to dealing with overlapping jurisdiction.

Techniques to reduce jurisdictional conflicts include: imposing a legal hierarchy to determine whether a state has priority in claiming jurisdiction; encouraging states to refrain from exercising jurisdiction because of international comity; establishing systems of mutual recognition and cooperation between multiple states with jurisdiction; and encouraging harmonisation of substantive law.[4] These techniques have been well explored in the academic literature, which has put forward various solutions to the jurisdictional issues under private international law.[5] This article does not deal with these issues, but instead concentrates on a new development — the potential role of private law, such as contract, in minimising the impact of extraterritorial legislation. It does not provide any general solution to the extraterritoriality problem, but instead addresses how contract law has been used by financial institutions operating in multiple jurisdictions to deal with certain extraterritorial risks.

This article in Part II provides a theoretical and conceptual explanation of why multinational financial institutions are vulnerable to competing laws in multiple jurisdictions. It shows the unique vulnerability of banks arising from the complex nature of a bank account and the impact of technology on the location of a bank account. Part III then provides concrete legislative examples of the vulnerability of financial institutions. It deals with the extraterritorial application of United States (‘US’) anti-money laundering (‘AML’) and economic sanctions laws, and in particular how foreign financial institutions may be subject to US investigatory demands for confidential information through subpoenas under the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA Patriot Act) Act of 2001 (‘Patriot Act’)[6] and the freezing and forfeiture of assets through correspondent bank accounts. The extraterritorial enforcement of such laws has resulted in the imposition of hundreds of millions of dollars in fines on financial institutions and generated new legal and reputational risks in conducting international business. Part IV examines how financial institutions operating in multiple jurisdictions have responded to AML and sanctions laws by amending their standard form contracts. The study shows that banks have attempted to reduce their risks by increasing their legal capacity to cooperate with foreign authorities. Under new and revised contracts, customers have purportedly consented ex ante to banks supplying confidential information directly to foreign states and agreed to the freezing of their bank accounts based on a possible breach of foreign law. Financial institutions have also used new indemnity clauses to transfer to their customers the risks of non-compliance with foreign laws. The justification for using private law is that neither the domestic courts nor the legislature has provided adequate legal tools to protect financial institutions when those institutions are faced with extraterritorial demands by law enforcement or regulatory authorities in relation to their customers. Such contractual provisions are controversial because they circumvent the legal procedures that would otherwise apply in cases of international criminal, civil or regulatory assistance. The legal efficacy and policy implications of the new contractual terms are analysed in Part V.

II WHY ARE MULTINATIONAL BANKS VULNERABLE?

Multinational banks may establish a commercial presence in a jurisdiction by various means. A bank may establish a wholly-owned subsidiary in another country, which is treated as a separate legal entity, albeit that the subsidiary may be under the bank’s effective control. Alternatively, a bank may conduct its international operations by establishing an office in a foreign jurisdiction, usually a branch, which is part of the single legal personality of the parent.[7] The expansion of multinational banking through the establishment of branches has given rise to and exacerbated conflict of law problems.[8] The essence of the problem is that a foreign branch may be classified as subject to the laws of the place where it is physically located (‘territorial’ or ‘location’ theory) or the laws of the place where its parent bank has its headquarters (‘registration’, ‘charter’ or ‘incorporation’ theory).[9] Applying the theory that a branch bank is subject to the territorial jurisdiction of the place where it is located, the branch bank is bound to comply with its duty of confidentiality under local law. Support for this theory is reinforced by the notion that the contractual relationship between a bank and its clients is generally governed by the law of the place where the bank account is physically located.[10] On the other hand there is a competing theory that a branch bank is merely an extension of the parent bank with the same legal personality,[11] with the consequence that a foreign branch bank must comply with the legal duties imposed on its parent. If a court in the jurisdiction of the parent bank issues an order for disclosure of information held in its overseas branch, then, applying the ‘registration’ theory, the branch bank is duty-bound to comply with that order.

The local branch of a parent bank headquartered in a foreign jurisdiction faces an acute dilemma where there are conflicting requirements imposed under the laws of the branch bank and of the parent bank. Where the branch bank is ordered by a court in the parent bank’s jurisdiction to disclose confidential information, this may violate its duty of confidentiality imposed under local law. On the other hand by refusing to comply with a foreign court order, the branch bank risks being held in contempt of court. This legal dilemma is further complicated where the local duty of bank confidentiality has a statutory or constitutional basis and in situations where a local court enjoins the branch bank not to comply with a foreign court order of disclosure.

The above analysis of the parent–branch bank relationship is based on an understanding as to the geographical location of a bank account. The guiding legal principle, in the 1921 English Court of Appeal case of N Joachimson v Swiss Bank Corporation,[12] is that a bank account is located at the place where the records of the account are kept. The idea is that in the ordinary case where the bank is a debtor to a customer, the bank is liable to repay the deposit at the branch where the current account is physically located when a demand for repayment is made. In 1921, bank records were in the form of handwritten ledgers that were maintained at a specific branch, since ‘that was the only place where an account could be debited or credited against a simultaneous payment.’[13]

However, dramatic changes in technology have made redundant the traditional notion of the physical location of a bank account. Technological advances in the past 50 years have resulted in financial institutions’ interactions with their customers taking place in cyberspace in preference to a specific geographical location. Electronic technology may be utilised to open bank accounts, receive instructions, transact business, transmit information and maintain records. For example, banking transactions may take place instantaneously through electronic entries over international communications networks, such as the Society for Worldwide Interbank Financial Telecommunication (‘SWIFT’),[14] ‘rather than by physical transfers of financial claims or specie at the place where an account is kept.’[15]

As Dr Dimitris Chorafas has pointed out, ‘electronic funds transfer systems [have] replace[d] branch banking’ and records of banking transactions are made by electronic entries into computer systems that may be processed anywhere in the world.[16] This revolution in the technological infrastructure of banking suggests that multiple jurisdictions may have a legitimate interest in the regulation of a single bank account. Consequently, there may be an issue as to which jurisdiction’s laws apply to the bank account of a particular customer. The matter has been further complicated by the growth of financial services offered outside the bank account system. Indeed, nearly 3 billion people have access to financial services and mobile payment systems without having a bank account in any jurisdiction.[17]

The vulnerabilities of financial institutions operating in multiple jurisdictions are further exacerbated because of their dependence on regulators in various jurisdictions for their continued survival. If a financial institution does business in a jurisdiction, it will usually need a licence, which is issued by a regulator and which can be withdrawn if the circumstances warrant it, such as where a serious breach of local laws has occurred. As will be shown in the next Part, the extraterritorial application of US AML and sanctions laws have imposed increased risks on multinational financial institutions.

III EXTRATERRITORIAL APPLICATION OF AML AND SANCTIONS LAWS

The US has a unique history of applying its domestic laws to extraterritorial conduct. However, the events of 11 September 2001 have resulted in an unprecedented extension of its AML and counter-terrorist financing (‘CTF’) laws. For instance, the US Money Laundering Control Act of 1986 explicitly provides that there is extraterritorial jurisdiction over conduct amounting to a criminal offence of money laundering if:

(1) the conduct is by a United States citizen or, in the case of a non-United States citizen, the conduct occurs in part in the United States; and (2) the transaction or series of related transactions involves funds or monetary instruments of a value exceeding $10 000.[18]

It has been held that ‘conduct occurs in part in the US’ where there is a use of wire, telephone, mail or internet facilities initiated from the US or completed in the US.[19] In a recent case, the US claimed jurisdiction in imposing civil monetary penalties on a foreign multinational bank based on the mere existence of US correspondent bank accounts, even though the accounts were not used in the impugned transactions.[20]

The Patriot Act has provided new instruments for US law enforcement agencies and regulators to obtain confidential information located offshore and to freeze funds located outside the US.[21] The most dramatic extraterritorial application of the Patriot Act has been achieved through the regulation of foreign correspondent accounts. The Patriot Act defines a correspondent account as including any account established for a foreign financial institution to receive deposits from, or to make payments or other disbursements on behalf of, the foreign financial institution, or to handle other financial transactions related to such foreign financial institution.[22] The justification for such regulation is that the US correspondent banking system has provided a ‘conduit for criminal proceeds and money laundering for both high risk foreign banks and their criminal clients’.[23] Indeed, a 2001 US Senate Report documented how correspondent banking provided a gateway to the US financial system for drug trafficking, financial fraud, tax evasion and illicit gambling.[24]

There is a wide range of services typically settled through correspondent banking relationships, such as:

payments, including telegraphic or electronic transfers and drafts; foreign exchange, including wholesale note clearances; payable through and nested accounts; cash letters and collections; managed investments and mortgage schemes; custodian account arrangements; trade finance transactions; [and] syndicated loans.[25]

The significance of correspondent banking regulation is that it is not possible for a foreign bank to do business in the US without having a correspondent bank account. Moreover, settlement of financial transactions involving US dollars also requires the use of correspondent banking facilities. Consequently, as a matter of business necessity, all non-US multinational banks have correspondent banking relationships with US financial institutions.

A Subpoenas over Correspondent Bank Accounts

The Patriot Act provides new powers to subpoena foreign banks where they have correspondent accounts with US banks. Section 319 empowers regulatory authorities, the Department of Justice and the Department of Treasury to request US banks to supply records and documents that may be located in a foreign jurisdiction. In particular, under § 319(b) the US Attorney-General or the Secretary of the Treasury (in each case after consultation with the other) may issue a summons or subpoena to any foreign bank that has a correspondent account in the US. The subpoena power applies to records of the foreign bank relating to its correspondent account ‘including records maintained outside of the United States relating to the deposit of funds into the foreign bank.’[26] If a foreign bank fails to comply with the administrative subpoena and fails to initiate proceedings to contest that subpoena, the Attorney-General or the Secretary of the Treasury may, by written notice, direct the US bank to terminate its relationship with the foreign bank. If the US bank fails to terminate the correspondent relationship within 10 days of receipt of the notice, it may be subject to a civil monetary penalty of up to USD10 000 per day until that correspondent relationship is terminated.[27]

The potential impact of the Patriot Act subpoena power was recognised at the meeting of Law Ministers and Attorneys General of Small Commonwealth Jurisdictions in 2002 where it was observed that the new power

could place a bank in a situation of conflicting legal obligations: disclosure of the information sought might be prohibited under national law, while failure to disclose could result under United States law in substantial financial penalties and the loss of the correspondent account relationship. The loss of such relationships can have a significant effect on national economies of small jurisdictions.[28]

The significance of this observation is that a foreign bank will not be able to have a US correspondent banking relationship unless it is in a position to supply the US authorities with information concerning a customer who is the target of a US investigation. A foreign bank that does not arm itself with the legal capacity to supply US authorities with confidential banking information runs the risk that it will be barred from doing business in the US on its own behalf or on behalf of its customers. Indeed, since 2001 a number of foreign banks have had their US correspondent banking relationships terminated as a direct result of the implementation of the Patriot Act. This has occurred where the US Treasury has designated a foreign bank as a person of ‘primary money laundering concern’ under § 311 of the Patriot Act.[29] Given this development, financial institutions operating in multiple jurisdictions have sought to protect themselves by drafting new bank–customer contracts which permit them to supply confidential information directly to US authorities. This is discussed in Parts IV and V below.

B Forfeiture of Monies in Correspondent Bank Accounts

The extraterritorial reach of the Patriot Act is also illustrated by § 319, which empowers US courts to seize funds deposited by a foreign bank at a US bank where it is alleged that the foreign bank holds illicit funds for a customer in accounts outside the US. Section 319(a) states:

For the purpose of forfeiture under this section … if funds are deposited into an account at a foreign bank, and that foreign bank has an interbank account in the United States with a covered financial institution … the funds shall be deemed to have been deposited into the interbank account in the United States, and any restraining order, seizure warrant, or arrest warrant in rem regarding the funds may be served on the covered financial institution, and funds in the interbank account, up to the value of the funds deposited into the account at the foreign bank, may be restrained, seized, or arrested.[30]

Section 319 provides the US government with extraordinary powers to seize and forfeit funds deposited in a foreign bank account by deeming such funds to be funds deposited in an interbank account in the US. It is not necessary to show that the funds in the US account are connected or traceable to a crime. That is, § 319 removes what has been considered to be the essential requirement for civil forfeiture — that there must be a connection between the funds and a crime.[31] The foreign bank’s funds deposited with a US financial institution may be perfectly legitimate and held for the purpose of assisting its customers wishing to do business in the US. However, such funds are vulnerable to seizure and forfeiture because of a fictional deeming that the funds are not owned by the US bank or the foreign bank. The foreign bank cannot rely on an ‘innocent owner’s’ defence and indeed has no locus standi to contest the seizure order in a US court. Only the customer of the foreign bank, who is the target of the US investigation and the ‘deemed owner’ of the funds, may contest the civil forfeiture action in the US legal system.[32] The assumption of the Patriot Act is that the foreign bank will recover its forfeited money in the correspondent account by debiting the actual account of its customer in its home jurisdiction. This is problematical because debiting an account requires authorisation by the customer, which is highly unlikely.[33] There exists the possibility of a foreign bank challenging the forfeiture under the Patriot Act on the ground that it violates the United States Constitution Fifth Amendment prohibition against takings without compensation[34] or the Eighth Amendment prohibition against excessive punishment. However, in United States v Union Bank for Savings & Investment (Jordan) the US Court of Appeals for the First Circuit rejected a foreign financial institution’s claim that the application of the Patriot Act resulting in the forfeiture of funds in a New York correspondent bank account was unconstitutional.[35] Given this legal precedent, a foreign bank faces the significant risk of losing its money in the correspondent account without being able to contest the forfeiture order in a US court or to recover the money from its customer. The foreign bank may apply to the US Attorney-General, who, in consultation with the Secretary of the Treasury, may suspend or terminate a forfeiture action in the national interest of the US. However, relying on political lobbying to protect the interests of a foreign bank is too uncertain, so banks have revised their standard form contracts to deal with this new legal risk.[36] In particular, banks have inserted new indemnity clauses in their bank–customer contracts so as to provide protection from claims that their customers have violated foreign AML or sanctions laws. The nature and efficacy of these indemnity clauses are analysed below in Part V.

C Australian AML Rules on Correspondent Banking

Australian banks have enacted new correspondent banking due diligence policies to implement their obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (‘AML/CTF Act’)[37] and to comply with the new US correspondent banking requirements. The obligations under the AML/CTF Act include: the prohibition on entering into a correspondent banking relationship with a shell bank[38] (ss 95–6); the requirements to conduct risk and due diligence assessments of correspondent banking relationships (s 97); the requirement of regular risk assessments (s 98); the requirement for senior officer approval of a correspondent banking relationship (s 99(1)); and the requirement of documenting each party’s Anti-Money Laundering and Counter-Terrorism Financing (‘AML/CTF’) responsibilities under their correspondent banking relationships (s 99(2)). Although the new Australian rules on correspondent banking are extensive, none of these rules address the problems created by the extraterritorial subpoena and forfeiture powers under the Patriot Act.

D Extraterritorial Application of Sanctions Laws

US law provides for targeted sanctions directed at specific individuals, non-state actors and state officials who have allegedly engaged in drug trafficking, international terrorism or money laundering, or facilitated the proliferation of weapons of mass destruction.[39] It also imposes financial sanctions against specific countries (such as Burma, Cuba, Iran, North Korea and the Sudan) that have been accused of state-sponsored crimes, regional aggression and/or gross violations of human rights.[40] The range of persons and countries and the types of measures that are the subject of US sanctions are far greater than those imposed by other countries or by the United Nations or the European Union (‘EU’). This can give rise to difficulties when US sanctions laws are applied extraterritorially,[41] with the EU contending that they breach international law. Under EU Council Regulations, persons affected by the extraterritorial application of certain US sanctions are required to notify the European Commission within 30 days and are further required not to comply with any requirement or prohibition, including requests by US courts.[42] This may place European multinational banks in an unenviable position of being required to comply with conflicting legal obligations.

An illustration of the potential reach of US sanctions is the case of Lloyds TSB Bank plc (‘Lloyds TSB’), which in February 2007 agreed to pay a USD350 million fine to the US under a deferred prosecution agreement[43] in connection with violations of the International Emergency Economic Powers Act of 1977 (‘IEEPA’).[44] Under the IEEPA it is a criminal offence for a ‘US person’ to wilfully violate any regulation issued under the Act — for example, the prohibition on the exporting of services from the US to Iran.[45] According to the stipulated facts, between the mid-1970s and January 2007, Lloyds TSB systematically violated New York and US law by omitting to disclose information from US dollar payment messages that involved countries, banks or persons that were subject to US sanctions.[46] By removing material payment information (customers’ names, bank names and addresses) from SWIFT messages that would identify that the payment sources as being Iran, the Sudan and/or Libya, Lloyds TSB was able to assist sanctioned financial institutions to avoid detection by filters employed by its US correspondent banks. The fact that Lloyds TSB was incorporated in the United Kingdom and that none of its US branches were involved in the processing of the payment transactions did not prevent the applicability of US laws. Extraterritoriality was premised on the ‘effects doctrine’,[47]

namely that Lloyds TSB’s extraterritorial conduct had caused substantial damage to US national interests. This was evidenced by the fact that Lloyds TSB’s conduct deceived its US correspondent banks by ‘preventing them from detecting and blocking or rejecting wire transfers proceeds on behalf of sanctioned entities and preventing them from making and keeping accurate records of their transactions’.[48] The significance of the Lloyds TSB sanctions case is that it shows the legal and reputational risks that multinational banks face because of the system of correspondent banking.[49]

IV STANDARD BANK–CUSTOMER CONTRACT TERMS

This Part introduces the concept of standard form contracts in bank–customer relationships and outlines the complexity, disadvantages and advantages of such contracts. It provides an overview of a study that has been carried out into standard bank–customer contracts and sets out the context for the next sections, which will examine how standard contracts between banks and their customers have been redrafted to minimise the impact of extraterritorial AML and sanctions legislation.

Contracts between banks and individual or small business customers are invariably drafted by banks in standard formats. They are typically described as ‘standard form contracts’ in Australia and the United Kingdom, or ‘boilerplate contracts’ in the US. The express terms of standard form contracts are generally drafted to protect the interests of banks. From the perspective of a customer of a bank (particularly where the customer is a retail consumer of a financial service), the disadvantages of standard form contracts are well-known.[50] There is a lack of meaningful negotiation between banks and customers, and so the resulting express terms of the contract frequently advantage the bank. The express terms of the contract are usually contained in lengthy documents that few bank customers will read or understand. Further, even if customers fully comprehend the meaning of the contractual terms, they may believe that the terms will not be invoked, that they have been officially endorsed, and/or that there is little choice but to accept the contract.[51]

It should not be assumed, however, that standard form contracts between banks and customers are invariably against the interests of the customer. Without standard form contracts, the cost of negotiating individual contracts would be substantial and would be passed on to customers. Standard form contracts also facilitate compliance with applicable legislation and codes of conduct in that standardisation reflects the regulatory regime.[52] For example, standard form contracts will typically state that banks are required, as a condition for obtaining a financial services licence, to provide financial services ‘efficiently, honestly and fairly’.[53] The standard terms also refer to the applicable code of conduct imposing a commitment on banks to act fairly and reasonably. Further, the express terms inform customers of their right to appeal to the Financial Ombudsman Service, which provides a dispute resolution facility for bank customers and is required to take into account fairness and good banking practice in dealing with bank–customer disputes.[54]

The standard bank–customer contract is made up of various documents, including account opening application forms and documents attached to those forms, such as those pertaining to fees and charges. Other types of standard form contract are used for special banking facilities. In the case of financial services, such as deposit products, derivatives, insurance products, managed investments, retirement savings accounts and superannuation products, banks are required under the Corporations Act 2001 (Cth) (‘Corporations Act’)[55] to provide customers with a product disclosure statement (‘PDS’). A PDS will contain detailed account terms and conditions in compliance with Corporations Act pt 7.9 div 2. Usually drafted by a lawyer acting for the bank, PDSs are tailored to individual products and services, such as current accounts, term deposits, corporate accounts, credit cards, mortgage accounts, electronic banking and share and investment brokerage accounts.

The complexity of the bank–customer contract arises from the multiple sources of documents that form the contract, the legal terminology used in the contract, and the ability of banks to vary the terms of the contract. During the course of the relationship between the bank and the customer, it is frequently the case that the terms and conditions of the contract are unilaterally altered by the bank so as to deal with new financial circumstances (such as changes in interest rates), new legal obligations, or where new legislation has been enacted affecting the bank–customer relationship.[56] It is a statutory requirement that a new replacement PDS be created so as to correct a misleading or deceptive statement in an earlier PDS, to correct an omission from an earlier PDS, to update or add to the information contained in an earlier PDS or to make changes to a statement in an earlier PDS.[57]

A Survey of Standard Contract Terms

The enactment of AML and sanctions laws has led banks to revise their standard contractual terms with customers. This has been a time-consuming, expensive and piecemeal process, given the large number of deposit products that are issued by banks and the variety of contractual documents that are applicable to the bank–customer relationship. In order to determine the nature and extent of the banks’ contractual response to the AML and sanctions laws, I have carried out a survey of the Australian websites of banks that provide online copies of PDSs and other contractual documents. The focus has been on PDSs that have been issued by banks operating in Australia since the enactment of the AML/CTF Act in 2006.[58] I have examined standard form bank–customer contracts from 20 financial institutions operating in Australia, including Australian owned banks, foreign subsidiary banks and branches of foreign banks.[59] The sample is large enough to illustrate the range and similarity of the responses of banks to their new AML/CTF obligations.

Examples of standard form contracts protecting the interests of banks are analysed by reference to the twin issues of the divulging of confidential information by banks to foreign authorities and the freezing of bank accounts where there is a possible breach of foreign law.[60] The survey shows that some banks have radically curtailed the financial privacy of their customers by obtaining ex ante authorisation to disclose confidential customer-related information to governmental authorities anywhere in the world.[61] The survey also shows that banks have established a contractual basis to freeze a bank account in circumstances where there is no breach of domestic law. The obtaining of customer consent to the disclosure of confidential information through standard form contracts is questionable given that few customers would be aware of what they have consented to.[62]

Various bases for challenging the validity of customer waiver of confidentiality are discussed. The efficacy of freezing clauses and indemnity provisions are also assessed.

B Disclosure of Confidential Information to Foreign Authorities

Since the decision in Tournier v National Provincial and Union Bank of England (‘Tournier’),[63] it has been well-accepted in England, Australia and other common law jurisdictions that a bank owes a customer a contractual duty of confidentiality in relation to both information supplied by the customer to the bank, as well as information gathered by the bank in the course of banking business. It is also settled that there are four exceptions to the duty of confidentiality: (a) where disclosure is made under compulsion by law, for example, under court order or through a statutory requirement; (b) where there is a duty to the public to disclose, for example, in cases of public emergency; (c) where the interests of the bank require disclosure, for example, in litigation for the recovery of debts; or (d) where disclosure is made with the express or implied consent of the customer.[64]

Apart from (d), none of the above qualifications to the duty of confidentiality would appear to be of direct assistance to a multinational bank that is subject to the extraterritorial investigatory demands of foreign law enforcement authorities. For example, it has always been assumed that the ‘compulsion by law’ qualification to the duty of confidentiality means compulsion under local law, not foreign law.[65] However, disclosure by compulsion of law may encompass situations where a local regulator or law enforcement agency obtains confidential bank information and is permitted under local law to transmit the information to a foreign authority.[66] There are few judicial decisions on the scope of the public duty qualification, but it was stated by the High Court of England and Wales, albeit in obiter dicta, in Libyan Arab Foreign Bank v Bankers Trust Co (‘Libyan Arab Foreign Bank’) that the duty of confidentiality may be relaxed in cases of public duty under foreign law.[67] The authority of this statement may be questioned, especially because Tournier did not envisage English public interests to include US public interests. Moreover, the applicability of the statement may be limited because disclosure in the Libyan Arab Foreign Bank case involved a US parent bank informing its US regulator about the identity and transactions of the customers of its London branch that were subject to a US extraterritorial sanctions prohibition. In contrast to the Libyan Arab Foreign Bank view, there are many decisions in common law jurisdictions where the courts have expressed the view that banks may not directly disclose confidential bank information to foreign regulators because this would violate the contractual duty of confidentiality.[68]

It is well-settled that a customer may impliedly or expressly consent to the disclosure of confidential information.[69] Financial institutions should not readily assume that their customers have impliedly consented to disclosure of confidential information in circumstances where disclosure of that information may be adverse to the interests of the customer. For example, in Turner v Royal Bank of Scotland plc, the English Court of Appeal held that a customer had not impliedly consented to the common banking practice of answering enquiries from other banks about the financial standing of customers.[70] The Court pointed out that the customer was not aware of this banking practice and concluded that the customer had not consented to the communication of confidential information.[71] Applying this decision, it would seem that a bank cannot rely on any implied customer waiver where a foreign regulator demands confidential information about its customer. On the other hand, the express consent of a customer may provide a possible avenue for the disclosure of confidential information to foreign authorities.

Given the uncertain scope of the qualifications to the Tournier duty of confidentiality, it is surprising that banks have not until very recently sought to provide additional protection against legal risks arising from operating in multiple jurisdictions. In their PDSs and/or privacy statements, banks have frequently referred to their contractual duty of confidentiality as provided by the decision in Tournier.[72] Such statements are merely a repetition of the common law position. Since the AML/CTF Act has made further inroads into the principle of confidentiality of customer information (for example, by requiring the reporting of suspect matters, significant cash transactions and international funds transfer instructions[73]), it would be expected that there would be contractual amendments to reflect this development. Typically banks have inserted a clause in their standard form contracts that states that the customer acknowledges that the bank is subject to the AML/CTF Act and that the customer consents to the bank disclosing information as required by the laws of Australia.[74]

There is an ambiguity in the language of some PDSs, privacy statements and general statements on money laundering as to whether banks consider that they may disclose confidential information about their customers to foreign authorities. Sometimes banks state that they will disclose confidential information ‘as required or authorised by law’, without making any precise statement as to whether this means Australian law only. For example, CBA, which is one of the four major Australian-owned banks, has stated in one of its public documents concerning business customers that it ‘may be required to disclose customer information by law, eg under Court Order or Statutory Notices pursuant to taxation or social security laws, or under laws relating to sanctions, anti-money laundering or counter-terrorism financing.’[75] It notes that it ‘may also be permitted, as distinct from required, to disclose information, in other circumstances.’[76] Similarly, in a PDS pertaining to deposit accounts, Westpac states that it will gather information for AML/CTF compliance purposes (including for sanctions laws of countries other than Australia) and ‘where legally obliged to do so, [Westpac] will disclose the information gathered to regulatory and/or law enforcement agencies, other banks, other members of the Westpac Group, service providers or to other third parties.’[77] In both the CBA and the Westpac examples, it is not clear whether the banks are claiming the right to disclose confidential information about their customers who are suspected of breaching sanctions laws in foreign countries. The basis for such a claim may be the public duty exception to confidentiality as formulated in the Libyan Arab Foreign Bank case that was referred to above. Neither CBA nor Westpac has stated whether they have adopted this view of the public duty exception to confidentiality.

Some banking contracts contain clauses that expressly permit disclosure of confidential information to foreign authorities for AML purposes. For instance, Macquarie Bank, which has sought to build a major wealth management business in Australia to complement its investment banking activities, has stated in a 2009 supplementary PDS that it

may in its absolute discretion, with or without notice to you, disclose or otherwise report the details of any transaction or activity, or proposed transaction or activity in relation to [your account] (including any personal information (as defined in the Privacy Act 1988 (Cth) …) to any reporting body authorised to accept reports under any laws relating to the AML/CTF Act applicable in Australia or elsewhere.[78]

Under this clause Macquarie Bank asserts its unqualified contractual right to disclose confidential information about its customers to the Australian Transaction Reports and Analysis Centre (‘AUSTRAC’) (the Australian financial intelligence unit and AML regulator), as well as equivalent governmental bodies in other jurisdictions. There are more than 122 jurisdictions with financial intelligence units (‘FIUs’) for AML purposes.[79] Macquarie Bank also states that it may disclose confidential information without notice to the customer. This is not merely a contractual right but a statutory obligation in that, under the AML/CTF Act, a reporting entity is prohibited from tipping off its customer that it has made a suspicious matter report.[80]

A category of bank–customer contract that permits disclosure on a wider basis — that is, when required by foreign law generally — is foreign currency contracts. For example, in a PDS concerning foreign currency accounts, ANZ states that customers agree that ANZ ‘may disclose information which you provide to ANZ where required by any law in Australia or any other country.’[81]

In another ANZ PDS concerning international telegraphic transfers, customers purportedly consent to disclosure of customer-related information in payment instructions to ‘any law enforcement, regulatory agency or court where required by any such law or regulation in Australia or elsewhere’.[82]

Similarly, Bank West’s telegraphic transfer form provides that

personal information relating to individuals named in this form may be processed for the purposes of (a) complying with applicable laws; and (b) fighting crime and terrorism, including disclosure to any government entity, regulatory authority or to any other person we reasonably think necessary for those purposes. This may mean that financial information may be transferred to countries that are not subject to privacy obligations equivalent to those which apply in Australia.[83]

The clause in Bank West’s telegraphic transfer contract is wider than the clause in the ANZ contract in that disclosure of confidential customer information may be based on Bank West’s opinion of what it ‘reasonably thinks necessary’. Further, Bank West asserts that its customers’ privacy rights in Australia are subservient to its wider obligation to fight crime in Australia or elsewhere.

There is a tendency among some foreign banks with subsidiaries and branches in Australia to have the widest disclosure mandate. The approach of the Arab Bank, which is a subsidiary of a major bank headquartered in Amman, Jordan, is revealing.[84] In a PDS concerning bank deposits, the Arab Bank states that it ‘operates under the provisions of various laws, including the Privacy Act. The Privacy Act governs what the Bank can and cannot disclose.’[85] In cl 6.2 the duty of confidentiality is restated together with an explicit acknowledgement of the four qualifications to that duty, including its right to disclose confidential information to ‘regulatory bodies, government agencies, law enforcement bodies and Courts’. There is an ambiguity as to whether these bodies are limited to Australian bodies or whether they also apply to foreign bodies. This ambiguity is dealt with in cl 7, which provides that customers agree

to provide all information to us which we reasonably require in order to meet our legal and regulatory obligations. You also agree that we may disclose any information concerning you, where required to by any laws in Australia or any other country.[86]

Under cl 7, customers of the Arab Bank have consented to the disclosure of any information where this is required by the law of any country. The wording of cl 7 does not restrict the disclosure of information to foreign regulators or law enforcement agencies in money-laundering or terrorist-financing cases, but in any matter where ‘required by any laws of any other country’.

The PDS of Bank of Cyprus (Australia), in a section relating to AML/CTF, has a similar clause to the Arab Bank’s PDS. It provides that its customers

must provide us with all information which we reasonably require to comply with any Australian law or any foreign law. We may disclose information which you provide to us where we are required to under any Australian law or any foreign law.[87]

This disclosure clause would allow the Bank of Cyprus (Australia), which has been licensed as a retail bank in Australia since November 2000, to supply confidential information concerning its clients to the US authorities when requested under the Patriot Act.[88]

The business case for such a clause is emphasised by the example of the Bank of Cyprus (Australia), whose parent is currently contesting a USD162 million civil forfeiture action, in circumstances where the Bank objects to the extraordinary US jurisdictional claim.[89]

A more detailed and precise clause dealing with the disclosure of information to foreign authorities is found in the PDSs of HSBC, a large multinational financial institution that is incorporated in the United Kingdom and operates in 88 countries and territories.[90] In Australia, HSBC (Australia) is licensed to operate as a foreign subsidiary and as a branch of a foreign bank. The PDSs of HSBC (Australia) that govern personal and savings deposits, small business deposits, and corporate banking deposits have similar clauses dealing with money laundering and terrorist financing.[91]

In a section dealing with ‘Confidential and Personal Information’, HSBC (Australia) states that:

As permitted by law, all Customer Information will (whether within or outside Australia) be used, stored, disclosed, transferred, obtained and/or exchanged with all such persons as we may consider necessary, including without limitation: a) any member of the HSBC Group or third parties; … g) and compliance by us, or a member of the Group, with anti-money laundering and terrorist financing laws in Australia or any other country or with disclosure requirements under any law binding on us.[92]

Customers also acknowledge and agree that HSBC (Australia) and other members of the HSBC Group may take ‘any action which it or such other member, in its sole and absolute discretion, considers appropriate to comply with the Relevant Laws, and group policies relating to the Relevant Laws’ including:

giving any information about any transaction or activity to any person authorised under a Relevant Law or group policy relating to the Relevant Laws to receive that information …[93]

Under the PDSs of HSBC (Australia), ‘Relevant Laws’ are defined as laws relating to

the prevention of money laundering, terrorist financing, tax evasion and the provision of financial and other services to persons or entities which may be subject to sanctions; or the investigation or prosecution of, or the enforcement against, any person for an offence against any laws or regulations.[94]

A number of observations may be made about these contractual clauses. First, any implied contractual limitation on transmitting confidential information between members of the HSBC Group is removed by this contractual clause. This overcomes the difficulty raised by the obiter dicta of the English Court of Appeal in Bank of Tokyo Ltd v Karoon that the disclosure of information about a customer’s account by a subsidiary to its parent company would amount to a breach of confidentiality.[95] In effect, the organisational structure of the HSBC Group is considered legally irrelevant for the purposes of transmitting confidential information concerning its customers. Given that HSBC has thousands of corporate entities within its corporate group,[96] the group disclosure clause permits the widespread communication of confidential information. This group disclosure clause is legally justified by the purported consent of the customer. It is efficacious from a business perspective because AML/CTF policies of multinational banks are increasingly being created at a group level,[97] thereby necessitating an exchange of information between constituent members of the group.

On the other hand, the HSBC Group disclosure contractual clause may have the unintended consequence of exacerbating potential conflicts of interest/duty among different legal entities of the group as well as between different customers.[98] The mere fact that the disclosure of confidential information among different corporate entities is authorised under group policy and sanctioned by a broad customer consent clause may not necessarily protect a bank against a customer litigant who claims that the bank has breached its fiduciary or equitable obligation by disclosing confidential information.[99] However, the bank–customer relationship is not a recognised fiduciary relationship, so that except in special circumstances banks do not generally owe a fiduciary duty to their customers.[100] Further, it is well-established that if there is no pre-existing fiduciary relationship between a bank and its customer, there is no requirement that the bank obtain ‘fully informed consent’ from the customer in relation to its commercial transactions or business relationships.[101]

Second, the contractual provisions in its PDSs permit HSBC (Australia) to disclose information about its customers ‘to any person authorised under a Relevant Law … to receive that information’.[102]

Whether the disclosure is required under a foreign law is determined by HSBC (Australia) in its ‘sole and absolute discretion [and as it] considers appropriate’.[103] This contractual clause is wider in ambit than the Bank of Cyprus and the Arab Bank contractual clauses discussed above in that HSBC (Australia) claims an exclusive right to determine whether disclosure is appropriate. Confidential information may be disclosed not only in the context of money-laundering, but in relation to any offence, including tax evasion. Disclosure is also permitted for the purpose of enforcement of financial services laws in other jurisdictions. For example, if the US Securities and Exchange Commission subpoenaed HSBC in the US to produce information about a customer who held an account at HSBC (Australia), these contractual clauses may provide a legal justification for allowing HSBC (Australia) to supply customer information to its US parent for the purpose of complying with the US subpoena. Further, there is no restriction on the supply of confidential information, such as a requirement that the Australian-based customer be informed of the subpoena,[104] or that the Australian authorities be notified of the US request.

C Freezing of Bank Accounts to Assist Foreign Authorities

It is trite law that a bank that refuses to act on its customer’s instructions and/or freezes a customer’s bank account may be liable for breach of contract. The circumstances in which a bank may have legal justification for freezing a bank account are limited. Where there is a court order, such as a Mareva injunction, or where there is a statutory requirement for freezing,[105] the bank may rely on this external legal authority as the basis for freezing an account. But what is the position where there is no legal compulsion to freeze an account? There is considerable uncertainty as to the legal bases that a bank may rely on to internally freeze an account of its customer where there is no external legal requirement to do so. The leading banking law textbooks provide little, if any, guidance as to when a bank may internally freeze an account.[106] One possible legal justification for freezing an account is to avoid criminal liability. A bank may commit a money laundering offence under Criminal Code Act 1995 (Cth) pt 10.2 where it acts on its customer’s instructions to transfer money out of an account in circumstances where that money is the proceeds of crime, and where the bank has the relevant fault element.[107] A bank that freezes an account containing the actual proceeds of crime so as to avoid participating in a criminal act would not breach its contract with a customer. However, the bank faces the risk that its actions will amount to a breach of contract if the money is judged not to be the proceeds of crime or if the customer is not prosecuted for money laundering.[108]

Another possible legal justification for freezing an account is where the bank believes that the money in the account is not that of the customer but that it is subject to a constructive trust. The dilemma for the bank is that ‘banks do not become constructive trustees merely because they entertain suspicions as to the provenance of money deposited with them’;[109] the bank runs the risk that a court may hold that it is not a constructive trustee and therefore not justified in freezing an account.

Given the uncertainty in the application of the law with regard to internally freezing an account and the risk of banks unwittingly participating in money laundering transactions, banks have sought to protect their interests by creating new contractual terms with their customers.[110]

PDSs of banks operating in Australia now provide standard contract terms that allow for freezing of bank accounts under certain conditions. Many of these PDSs provide for the suspension of the operation of an account, the refusal to follow instructions concerning a proposed transaction, and/or the freezing and blocking of an account of a customer in the context of money laundering. For example, banks will frequently require customers to acknowledge that they must, when required, supply the bank with additional information relating to the customer’s ‘identity, personal affairs, business dealings and/or the purpose of [their] relationship [with the bank]’.[111]

This may be for anti-fraud or AML purposes. The customer is also required to acknowledge that the failure to supply such information may lead to a series of actions, including refusing to act on the customer’s instructions and/or blocking the customer’s account.[112]

It is not uncommon for banks to expressly state in their standard contracts that an inability to confirm the identity of the customer may result in the refusal to act on instructions or the freezing of an account.[113] The requirement that the bank have reliable and verifiable information about all of its customers is fundamental to the AML regime.[114] More generally, some banks, such as ANZ, the Bank of Queensland and the Arab Bank, will explicitly state that the bank may ‘delay, block or refuse to make a payment if [it] believes on reasonable grounds that making the payment may breach any law in Australia or any other country’.[115]

The language of ‘reasonable grounds’ as a basis for freezing an account is common in many of the standard form bank–customer contracts. Although there is little jurisprudence on the issue, ‘reasonable grounds’ may include the situation where the bank has concerns about the legitimacy of the customer, the proposed transaction, or the country or entity which is to receive the payment.

CBA provides in the terms and conditions for its First Home Saver Accounts that it may freeze an account if it appears to the bank that the customer may:

(a) be a proscribed person or entity under the Charter of the United Nations Act 1945 (Cth);

(b) be in breach of the laws of any jurisdiction relating to money laundering or counter-terrorism;

(c) appear in a list of persons with whom dealings are proscribed by the government or a regulatory authority of any jurisdiction; or

(d) act on behalf, or for the benefit of, a person listed in subclauses (a) to (c) …[116]

A similar contractual clause is found in the PDS of the Margin Loan Account of Commonwealth Securities Ltd (a wholly-owned subsidiary of CBA).[117]

It may seem remarkable that an Australian-based bank is arrogating to itself the power to freeze a customer’s account based on a breach of a foreign sanctions law. However, the contractual clause may be viewed as a commercial response to the legal risks associated with violating the sanctions laws of powerful jurisdictions, such as the US.

D Indemnifying Banks for Customers’ Violations of Foreign Law

Another mechanism that a bank may rely on to minimise the legal risks arising from the extraterritorial application and enforcement of AML laws is to obtain a contractual indemnity from its customers. As the High Court of Australia has observed, ‘an indemnity is a promise by the promisor that he [or she] will keep the promisee harmless against loss as a result of entering into a transaction with a third party’,[118] and is ‘designed to satisfy a liability owed by someone other than the guarantor or indemnifier to a third person.’[119]

Many of the bank–customer contracts contain indemnity clauses to protect the banks from liabilities arising from money-laundering by and illegal activities of their customers. For instance, the PDS of Westpac, a major Australian-owned bank, requires its customers to give undertakings and an indemnity against losses arising from

any breach by [the customer] of such undertakings [relating to money laundering]:

• [the customer] will not initiate, engage in or effect a transaction that may be in breach of Australian law or sanctions (or the law or sanctions of any other country); and

• the underlying activity for which [the customer’s account] is being provided does not breach any Australian law or sanctions (or the law or sanctions of any other country).[120]

The Westpac indemnity clause is designed to protect the bank from liabilities to third parties, which may include governments and/or private parties, in circumstances where the bank becomes embroiled in a money laundering or sanctions scandal because of its customer’s financial activities.

The indemnity clause is very broad. It purports to provide an indemnity from the customer in favour of the bank in a range of circumstances, including breach of contract relating to money laundering undertakings, breach of Australian and foreign law in relation to sanctions, or breach of any law of Australia or of a foreign country in relation to customers’ activities or transactions that may constitute predicate crimes.

The efficacy of an indemnity clause is determined according to the principles outlined by the High Court of Australia in Andar Transport Pty Ltd v Brambles Ltd:[121] the approach in interpreting an indemnity clause is to ‘construe the clause strictly in the context of the contract as a whole and, to the extent that there remained any ambiguity, to construe the indemnity in favour of [the party granting indemnity]’, that is, the customer of the bank.[122] This approach to contractual interpretation may limit the effectiveness of Westpac’s indemnity clause. For example, there is no reference in the Westpac indemnity clause to a situation where the bank has failed to comply with its obligations under AML or sanctions laws. Nor does the indemnity clause make any reference to negligence on the part of the bank in a money laundering context, for example, failures in its AML systems and controls.[123]

The clause also makes no provision for the situation where the bank has acted recklessly in facilitating a money laundering transaction, which may give rise to a claim of constructive trust against the bank. There is a reasonable argument that the contractual indemnity clause is not intended to apply in any of these circumstances.

V LEGAL AND POLICY EFFICACY OF NEW STANDARD CONTRACT TERMS

This Part examines the legal and policy efficacy of contractual terms that purport to allow the transmission of confidential information to foreign authorities and the freezing of the accounts of bank customers for the purpose of complying with foreign laws. The first issue is how these purported contractual terms are to be characterised. A contractual clause may be characterised as an exclusion clause where it reduces, limits or modifies the rights of a customer of a bank that would otherwise be applicable. It would appear that the disclosure of a customer’s financial affairs on the basis that this is required by the law of another country modifies the customers’ rights if not their normal expectations. Similarly, freezing a bank account because of a foreign law requirement is not likely to be within the parameters of expectation of a customer of a bank. If such exclusion clauses form part of the contract, they are subject to specific rules of contractual interpretation. Second, and this is perhaps a fundamental issue, the terms may only bind the customer if they are in fact part of the contract. The question is whether the terms are part of a signed contract between the customer and the bank or whether they were incorporated into the contract by notice. Moreover, even if the terms are part of the contract and thereby binding on the customer, there is a residual issue as to whether the customer actually consented to the disclosure of confidential information. Third, may the terms be vitiated under any of the general law and statutory doctrines, such as where they amount to misleading or deceptive conduct, or where they are unfair terms within a statutory regime? Finally, are the contractual terms enforceable under private international law doctrines, or public policy or legislative prescriptions?

A Are the Purported Terms Part of the Bank–Customer Contract?

The legal efficacy of a contractual document signed by a customer of a bank is clear: under the principle in L’Estrange v Graucob[124] (as reaffirmed by the High Court of Australia in Toll (FGCT) Pty Ltd v Alphapharm Pty Ltd)[125] the customer is bound by the terms contained in the contractual document, including exclusion clauses, even if the customer has not read or fully understood the document. Although there are some limits to this principle (for example, where the signature is obtained by fraud or misrepresentation), the importance that the courts have ascribed to a signature appears now to have been settled.

An examination of the PDSs and other contractual-type documents in the bank–customer relationship does not always yield an obvious answer as to whether such documents have in fact been signed by the customer. As a matter of bank practice, customers sign account application forms, some of which contain terms and conditions that expressly refer to the customer’s AML obligations. Indeed, as the AML/CTF Act is being implemented in Australia, banks and other financial institutions are changing account application forms that are signed by new customers to deal with AML issues. This has already occurred in the case of account application forms in relation to telegraphic transfers,[126] overseas drafts[127] and share brokerage accounts.[128] The terms in these account application forms usually concern the identity obligations of customers under the AML/CTF Act, rather than any waiver of the customer’s confidentiality rights. In some of these customer application forms, customers are required to acknowledge that they have read and understood the terms and conditions in PDSs, usually by ticking a box in the document. Although the incorporation of a PDS into a contract by a tick of a box is an illusory form of consent, this does not undermine the applicability of the L’Estrange v Graucob doctrine.

A purported term or condition may also be incorporated into a contract under the doctrine of notice. It is a well-accepted principle that terms and conditions found in an unsigned document will not form part of a contract until reasonable notice of their existence is brought to the attention of the parties to that contract.[129] It has been further held that what is reasonable notice will depend on all the circumstances of the case. For example, where an exclusion clause is particularly onerous or unusual, in that it would not reasonably be expected to be a term of a contract, then it can only be enforceable if it is specifically and fairly brought to the attention of the other party.[130]

The existence of a waiver of confidentiality clause in a PDS would usually be brought to the attention of customers through correspondence by the bank notifying customers of changes in the terms and conditions of their contracts.[131]

The content of the PDSs could also be accessed by customers either by requesting a copy from the bank or by visiting the bank’s website on the internet. However, it is unlikely that a customer would read or understand the implications of a contractual term allowing the bank to transmit confidential information concerning the customers’ financial affairs to a foreign authority in a foreign country without that customer’s prior knowledge and consent. Further, it would be a significant change in the bank–customer relationship for customers of banks operating in Australia to waive all rights of privacy and confidentiality that may exist under the laws of any jurisdiction that the bank may operate in. Arguably, such a contractual clause would not form part of the contract because the requirement of reasonable notice would not have been complied with. Factors that support this argument include the unusual nature of the clause and the fact that the clause is found ‘hidden’ in a detailed document that the customer is unlikely to read.

B Are the Terms Misleading or Deceptive and/or Unfair Terms?

A possible ground for invalidating a contractual term is that it amounts to misleading or deceptive conduct under s 52 of the Trade Practices Act 1974 (Cth), or, in relation to financial services, under s 12DA of the Australian Securities and Investments Commission Act 2001 (Cth).[132] The conduct of a bank, which may include the insertion of an express term in a contract, is misleading or deceptive if it leads a customer into error.[133] The intention of the bank in inserting a confidentiality clause is not relevant if the effect of the clause in the context of the overall conduct of the bank is misleading or deceptive.[134] Silence may also constitute misleading or deceptive conduct where there is an expectation that the bank will reveal relevant facts to the customer.[135]

The usual case for misleading or deceptive conduct that may be alleged against a bank is where the bank has failed to disclose relevant facts to the customer because of its duty of confidentiality to a third party. However, the misleading or deceptive conduct that may be alleged against banks in the context of a contractual clause waiving confidentiality is of a different nature.[136] Instead, the misleading or deceptive conduct arises from the inconsistencies and confusion caused by multiple public and private statements of the bank that mask the nature and scope of the waiver of confidentiality clause. There are various reasons why a broad ex ante contractual clause waiving confidentiality may be considered misleading or deceptive. First, the clause may be inconsistent with the confidentiality provision in the Australian Bankers Association Code of Banking Practice (‘ABA Code’)[137] which is incorporated into contracts between customers and banks that subscribe to the it. The ABA Code provides that a bank may disclose confidential information concerning a customer when required to do so by law but makes no reference to disclosure under foreign law.[138] Second, the clause may be inconsistent with the privacy policy statements of banks that form part of the bank–customer contract. The privacy policy statements published on various banks’ websites do not expressly refer to the disclosure of information to foreign governments under foreign law.[139]

Further, the National Privacy Principles (‘NPP’) under Privacy Act 1988 (Cth) sch 3 that apply to banks do not recognise foreign legal obligations as a basis for the disclosure of confidential information.[140] It is arguable that an ex ante generalised customer consent clause in a standard form bank–customer contract would not satisfy the requirements of NPP cll 1.3 and 9, which apply to organisations that transfer personal information to persons in a foreign country.[141] Finally, most banks have provided AML/CTF disclosure statements on their websites to inform customers and the general public as to their policies in this area.[142] None of these statements refers to the extraordinary power found in the PDSs to transmit confidential information concerning customers to foreign authorities.

There may be other grounds for objection to the one-sided contractual clauses that purport to waive a customer’s right of privacy in such a comprehensive fashion. May such a contractual term be considered an ‘unfair term’ in a consumer contract under commonwealth or state legislation? The Victorian legislation, for example, provides that:

A term in a consumer contract is to be regarded as unfair if, contrary to the requirements of good faith and in all the circumstances, it causes a significant imbalance in the parties’ rights and obligations arising under the contract to the detriment of the consumer.[143]

It would be difficult to establish that the waiver of privacy rights is contrary to the requirements of good faith because the bank’s conduct in devising the contractual clause may be viewed as reasonable in all the circumstances.[144] Indeed, the term may be regarded as ‘reasonably necessary for the legitimate interests’ of the bank[145] in that it is a necessary response to the extraterritorial AML and sanctions legislation of foreign countries. That the contractual term has been devised in response to government legislation of a foreign country cloaks the term with a sense of legitimacy and eschews any notion of bad faith or exploitation of a customer’s rights.

C Are the Terms Enforceable under Private International Law Doctrines?

The enforceability of a contractual clause permitting the disclosure of confidential information to a foreign authority may also raise issues under private international law. There is a general principle that Australian courts will not entertain any action directly or indirectly to enforce a foreign penal, revenue or other public law.[146] A customer litigant may argue that its bank should not be able to rely on a contractual clause authorising the disclosure of confidential information as a defence to a breach of contract claim because this would amount to the enforcement of a foreign penal or public law, such as the Patriot Act. However, there is a lack of precedent as to the meaning of ‘indirect enforcement’ of a penal or public law or ‘governmental interests’ (the High Court of Australia’s language in Attorney-General (UK) v Heinemann Publishers Australia Pty Ltd (‘Spycatcher Case’)[147]), and it is difficult to predict whether Australian courts would refuse to enforce a contractual provision merely on the ground that it was motivated by compliance with the Patriot Act.

A related but separate issue is the justiciability of contractual clauses that purport to comply with foreign legal requirements. The issue may arise if a customer litigant contended that the preconditions for relying on the contractual clause had not arisen — for example, that in the particular circumstances the bank’s disclosure of confidential information was not required by the foreign law. In resolving this issue, an Australian court may be asked to adjudicate the scope and propriety of the US government’s enforcement of US law, such as the Patriot Act, in relation to an Australian bank vis-a-vis its customers. If the Australian court wished to eschew jurisdiction, it may rely on the principle of non-justiciability.[148] However, it is difficult to envisage how the underlying criteria for the application of this principle — the absence of judicial ‘manageable standards’ to resolve the dispute, ‘embarrassment to the forum’s executive’ or ‘the highly politicised nature of the case’[149] — would apply to instances of disclosure of confidential information about a customer of a bank to a foreign authority. It may be that in the vast majority of cases an Australian court would consider that the matter is justiciable and resolve the matter through the application of Australian law and, where appropriate, expert evidence of foreign law.

D Are the Terms Objectionable on Grounds of Public Policy?[150]

There are complex public policy implications arising from the new standard contractual terms dealing with AML and economic sanctions matters, particularly in relation to the disclosure of confidential information.[151] On the one hand, governments have sought to expand the role of the private sector in the detection of financial crime by imposing a range of AML obligations on financial institutions to facilitate the flow of information to law enforcement authorities. Indeed, more than 180 governments, including the Australian government, have subscribed to internationally-agreed AML standards and applied those standards to banks and financial institutions operating within their jurisdiction. However, national AML laws are premised on a territorial nexus that may not be appropriate for a financial institution operating in multiple jurisdictions — for example, a multinational bank in Australia may be required to report a suspicious transaction to a number of financial intelligence units in different countries.[152]

Few, if any, jurisdictions have grappled with the possibility that mandatory disclosure of information in one jurisdiction may offend the law of another jurisdiction. In particular, under the AML/CTF Act it is a criminal offence for a financial institution to ‘tip-off’ any third party (including a foreign authority) concerning a suspicious matter report.[153] There are similar anti-tipping laws found in all jurisdictions that comply with the international AML standards.[154] This raises the possibility that a financial institution that operates in multiple jurisdictions may breach the AML/CTF Act if it reports a suspicious transaction concerning a customer to several AML regulators in different countries.

There are other public policy considerations. Over the past 20 years Australia has enacted comprehensive legislation allowing foreign criminal law enforcement and regulatory agencies access to banking information through mutual legal assistance treaties, exchange of information regulatory agreements and anti-money laundering arrangements.[155] For instance, AUSTRAC has the power to transmit confidential banking information to foreign agencies under agreements with foreign regulators.[156] AUSTRAC has entered into exchange of information instruments with FIUs in 57 jurisdictions and is negotiating agreements with other jurisdictions that form part of the Egmont Group. Under these arrangements, ‘AUSTRAC may reply to a request for information from another FIU in relation to investigations’ of foreign criminal offences. A major limitation is that information which is supplied by AUSTRAC to a foreign law enforcement agency for a specific purpose may not be transmitted to another agency without the consent of AUSTRAC.[157] The strict international AML arrangements concerning the use of confidential information may suggest that Australian regulators would be concerned with contractual arrangements that allow the direct communication of confidential bank information to foreign regulators. This raises the question of whether the transmission of confidential bank information for AML purposes outside the parameters of the AML/CTF Act violates the spirit of the legislation.

Foreign law enforcement agencies and prosecutors have also had increased access to banking information and bank evidence in Australia through bilateral and multilateral mutual legal assistance treaties and domestic legislation.[158] Similarly, and as a matter of reciprocity, the Australian authorities have taken advantage of the new avenues for disclosure of information through their international arrangements so as to obtain confidential bank information located in foreign countries. The significance of international cooperation in law enforcement matters is that there is now a well-developed international system for transmitting confidential information and documents across borders. This system provides safeguards that are in the interests of governments and private parties. Under international arrangements, governments must refuse to provide assistance to a foreign country on certain grounds, such as where the request offends the ‘sovereignty, security or national interests’ of a requested state, or where the request was made for the purpose of prosecuting a person ‘on account of the person’s race, sex, religion, nationality or political opinions.’[159] These safeguards are undermined if a bank is empowered to directly transfer confidential information to a foreign authority on the basis of an ex ante customer consent clause in a standard form contract. Further, the contractual provision circumvents the important safeguards embedded in these international arrangements that may include judicial supervision of the disclosure process.

VI CONCLUSION

The extraterritorial expansion of US AML and sanctions laws has imposed significant risks on multinational banks. Through the regulation of correspondent bank accounts, US authorities have created new enforcement levers for obtaining confidential bank information and seizing funds located outside the US. This article has explored how banks operating in Australia have responded to the extraterritorial jurisdictional claims of the US authorities by amending their standard form bank–customer contracts. A study has been possible because banks in Australia publish some of their contracts in the form of PDSs on their websites. A review of bank–customer contracts in other jurisdictions would provide insights as to whether the Australian response is part of a general trend in international banking practice.

The justification for the imposition of extraordinary customer consent clauses in bank–customer contracts is that they reduce the potential legal risks arising from the increased investigatory demands of foreign states. It is also arguable that the terms are justified on the basis of the autonomy of parties in contracts to mould their rights and obligations. However, the changes in standard contractual terms have been made in Australia without any consultation with customers, governments, privacy commissioners or other stakeholders. There has been little publicity about these important contractual terms, which appear to have been made on an ad hoc basis. There is some confusion as to whether the new clauses are incorporated into bank–customer contracts. A further problem is that banks may have engaged in misleading or deceptive conduct in that the purported contractual terms are inconsistent with other statements made by those banks in various documents, such as Privacy and AML Policies published on bank websites. To clarify the legal position, it is suggested that banks review the PDSs of all their products and other statements so that they are internally and externally consistent. More transparent disclosure is required so that customers are aware that their financial transactions may be disclosed to foreign authorities and that their accounts may be frozen because of possible breaches of foreign law.

Finally, the commercial justification for the new contractual terms should be balanced against public policy considerations. Through the device of a contract, banks may have circumvented the legal protections that are otherwise available when foreign states demand confidential documents held by banks that relate to their customers. Indeed, through contract, banks have given themselves the legal capacity to cooperate with foreign authorities without complying with the system of international legal assistance in civil, criminal and/or regulatory matters. The new contractual clauses in standard form contracts may undermine public policy interests in financial privacy and in some cases may undermine national interests. It is recommended that in all cases banks consult closely with the relevant domestic authorities before transmitting confidential information about their customers to foreign authorities. Consideration should also be given to amending the AML/CTF Act so as to clarify the legal obligations of financial institutions that are obliged to report suspicious transactions in multiple jurisdictions. By clarifying the law and policy in this area, governments will bring greater certainty to the private sector, which has been subject to increased regulatory demands in a globalised world.


[*] PhD (Cambridge), LLM (Yale), BCom (with Merit), LLB (UNSW); Barrister of the Supreme Court of New South Wales; Senior Lecturer, Faculty of Economics and Business, The University of Sydney. The author gratefully acknowledges the financial support from Australian Research Council Discovery Grant DP0986608 and the anonymous referees for their suggestions.

[1] David W Rivkin, ‘Foreword by David W Rivkin: The Importance of Extraterritorial Jurisdiction’ in International Bar Association, Report of the Task Force on Extraterritorial Jurisdiction (2008) 33 <http://www.ibanet.org> .

[2] International Bar Association, Report of the Task Force on Extraterritorial Jurisdiction (2008) 5–6 <http://www.ibanet.org> (‘Report on Extraterritorial Jurisdiction’).

[3] Ibid 6.

[4] Ibid 22–31.

[5] See generally Harold Hongju Koh, Transnational Litigation in United States Courts (Foundation Press, 2008) 51–83.

[6] Patriot Act, Pub L No 107-56, 115 Stat 272 (2001).

[7] ‘[A] bank may [also] establish a foreign presence through correspondent banking, representative offices and agencies. However, these forms of foreign entry are subject to strong limitations on allowable banking activities, including not being allowed to accept deposits or make consumer loans’: James R Barth, Gerard Caprio Jr and Ross Levine, Rethinking Bank Regulation: Till Angels Govern (Cambridge University Press, 2006) 113.

[8] See generally Andreas F Lowenfeld, International Litigation and the Quest for Reasonableness: Essays in Private International Law (Clarendon Press, 1996) 166–74; J G Collier, Conflict of Laws (Cambridge University Press, 3rd ed, 2001) 147–9; Mary Keyes, Jurisdiction in International Litigation (Federation Press, 2005) 63–6.

[9] See, eg, Richard Dale, The Regulation of International Banking (Woodhead-Faulkner, 1984) 3.

[10] See Philip R Wood, Conflict of Laws and International Finance (Sweet & Maxwell, 2007) ch 2, for an analysis of the governing law of financial contracts generally.

[11] See generally Salomon v Salomon & Co Ltd [1897] AC 22; Janet Dine, The Governance of Corporate Groups (Cambridge University Press, 2000), 42–3, 67–8.

[12] [1921] 3 KB 110, 127, 129–30 (Atkin LJ). See also Libyan Arab Foreign Bank v Bankers Trust Co [1989] 1 QB 728, 746 (Staughton J); Laing v Bank of New South Wales (1952) 54 SR (NSW) 41; Bank of New South Wales v Laing [1954] AC 135; Croton v The Queen [1967] HCA 48; (1967) 117 CLR 326; Grant v The Queen [1981] HCA 32; (1981) 147 CLR 503.

[13] Richard J Herring and Friedrich Kübler, ‘The Allocation of Risk in Cross-Border Deposit Transactions’ (Working Paper No 94-09, The Wharton School, University of Pennsylvania, February 1994) 6 <http://fic.wharton.upenn.edu/fic/papers/94/9409part1.pdf> .

[14] SWIFT is the vehicle for its over 9000 banking members to exchange standardised financial messages internationally between 209 countries. See SWIFT, Company Information (2010) <http://www.swift.com/about_swift/company_information/index.page> .

[15] Herring and Kübler, above n 13, 6.

[16] Dimitris N Chorafas, Electronic Funds Transfer (Butterworths, 1988) 19, 30–2, 87.

[17] Pierre-Laurent Chatain et al, ‘Integrity in Mobile Phone Financial Services: Measures for Mitigating Risks from Money Laundering and Terrorist Financing’ (Working Paper No 146, World Bank, May 2008) vii, xiii, 8.

[18] Money Laundering Control Act of 1986, 18 USC § 1956(f) (1986). For the definition of a money laundering offence, see sub-s (a); for jurisdiction to impose civil penalties over foreign persons, see sub-s (b)(2).

[19] See Leasco Data Processing Equipment Corporation v Maxwell[1972] USCA2 470; , 468 F 2d 1326, 1335 (Friendly J) (2nd Cir, 1972); United States v Monroe[1991] USCA9 793; , 943 F 2d 1007, 1015 (Hall J) (9th Cir, 1991); Pasquantino v United States[2005] USSC 3474; , 544 US 349, 371 (Thomas J) (2005).

[20] Lloyd’s TSB Bank plc, ‘Memorandum of Law in Support of Defendant Lloyd’s TSB Bank plc’s Motion to Dismiss the Complaint’, Submission in United States v Lloyds TSB Bank plc, No 07 Civ 9235 (SD NY, 2009), 25 January 2008, 8–9. See also Lasala v Lloyds TSB Bank plc, 514 F Supp 2d 447, 458–9 (Haight J) (SD NY, 2007).

[21] Patriot Act § 319. See also Federal Financial Institutions Examination Council, Bank Secrecy Act/Anti-Money Laundering Examinations Manual (24 August 2007) 87, 137.

[22] Patriot Act § 311, amending 31 USC § 5318A (1994).

[23] Minority Staff of the Permanent Subcommittee on Investigation, United States Senate, Report on Correspondent Banking: A Gateway for Money Laundering (5 February 2001) 4.

[24] Ibid. This report contains 10 case studies on the abuse of the correspondent banking system.

[25] Australian Transaction Reports and Analysis Centre, Regulatory Guide: Correspondent Banking (24 February 2009) 72 <http://www.austrac.gov.au/files/rg_ch6.pdf> .

[26] Patriot Act § 319(b).

[27] Ibid.

[28] See Commonwealth Secretariat, ‘Communiqué of the Meeting of Law Ministers and Attorneys General of Small Commonwealth Jurisdictions’ (News Release, 02/87, 22 November 2002) [7].

[29] Financial Crimes Enforcement Network, United States Department of the Treasury, Section 311: Special Measures for Jurisdictions, Financial Institutions, or International Transactions of Primary Money Laundering Concern <http://www.fincen.gov/statutes_regs/patriot/section

311.html>.

[30] Patriot Act § 319(a), amending 18 USC § 981 (2000).

[31] See generally Stefan D Cassella, ‘The Case for Civil Forfeiture: Why In Rem Proceedings Are an Essential Tool for Recovering the Proceeds of Crime’ (Paper presented at the 25th Cambridge International Symposium on Economic Crime, Jesus College, University of Cambridge, 7 September 2007) 2.

[32] Patriot Act § 319(a).

[33] It is a general principle that a bank may debit the account of its customer by relying on its mandate, or where it is expressly authorised under its contract with a customer: Ross Cranston, Principles of Banking Law (Clarendon Press, 1997) 149–51.

[34] See Michael Gruson, ‘The US Jurisdiction over Transfers of US Dollars between Foreigners and over Ownership of US Dollar Accounts in Foreign Banks’ [2004] Columbia Business Law Review 721, 755–6.

[35] [2007] USCA11 23; 487 F 3d 8, 23 (1st Cir, 2007) (Lynch J).

[36] Another option for a foreign bank is to implement additional AML compliance measures (beyond the requirements of their own domestic legislation) or a policy designed to ‘limit contact with US financial institutions’: see generally Iyandra Smith, ‘The USA — No Longer a Haven for the Foreign Bank’ (2008) 11 Journal of Money Laundering Control 199. See also Stefan D Cassella, ‘Recovering the Proceeds of Crime from the Correspondent Account of a Foreign Bank’ (2006) 9 Journal of Money Laundering Control 401 for a discussion of the purposes and legislative history of 18 USC § 981(k) (2006).

[37] See also Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No 1) (Cth) ch 3, which deals with correspondent banking.

[38] Section 15 of the AML/CTF Act defines a shell bank as a corporation that is incorporated in a foreign country and authorised to carry on business banking, but does not have a physical presence in its country of incorporation.

[39] United States Department of the Treasury, Office of Foreign Asset Control: Mission <http://www.ustreas.gov/offices/enforcement/ofac> .

[40] Ibid.

[41] See generally Kern Alexander, Economic Sanctions: Law and Public Policy (Palgrave Macmillan, 2009) 25–9; Natalie Reid et al, ‘Targeted Financial Sanctions: Harmonizing National Legislation and Regulatory Practices’ in David Cortright and George A Lopez (eds), Smart Sanctions: Targeting Economic Statecraft (Rowman & Littlefield, 2002) 65, 69–72.

[42] Council Regulation (EC) No 2271/96 of 22 November 1996, Protecting against the Effects of the Extra-Territorial Application of Legislation Adopted by a Third Country, and Actions Based Thereon or Resulting Therefrom [1996] OJ L 309/1, arts 2, 5. See also Select Committee on Economic Affairs, The Impact of Economic Sanctions Volume I: Report, House of Lords Paper No 96-1, Session 2006–07 (2007) 26–7 [71]–[75].

[43] A deferred prosecution agreement is an arrangement whereby the US government agrees not to proceed with a criminal charge against a financial institution, provided the institution acknowledges its wrongdoing, undertakes a series of remedial actions, implements a compliance program and makes restitutionary payment. For a list of recent deferred prosecution agreements in the US, see University of Virginia School of Law, Prosecution Agreements (Sorted by Company) (2010) <http://www.law.virginia.edu/html/librarysite/garrett_bycompany.htm> .

[44] IEEPA, Pub L No 95-223, 91 Stat 1626.

[45] Ibid § 1702b(4).

[46] United States, ‘Complaint’, Submission in United States v Lloyds Bank TSB plc, No 07 Civ 9235 (SD NY, 2009) 15 October 2007, 10–27.

[47] Effects-based jurisdiction contemplates conduct that occurs outside the territory yet causes a substantial, direct and foreseeable effect within the territory. The scope of this doctrine is controversial, with US regulators applying it in an expansionary manner. See Report on Extraterritorial Jurisdiction, above n 2, 11–13.

[48] The deception amounted to an offence under the business records provisions of NY Penal Law §§ 175.05–175.10 (McKinney 1967).

[49] It should be noted that on the facts, Lloyds TSB may not have been able to address the risks through contract because it was an active participant in the fraud and not merely an innocent conduit of its customers’ instructions. See United States, ‘Complaint’, Submission in United States v Lloyds Bank TSB plc, No 07 Civ 9235 (SD NY, 2009) 15 October 2007.

[50] See generally David Gilo and Ariel Porat, ‘The Unconventional Uses of Transaction Costs’ in Omri Ben-Shahar (ed), Boilerplate: The Foundation of Market Contracts (Cambridge University Press, 2007) 66; Ewoud H Hondius, ‘Unfair Contract Terms: New Control Systems’ (1978) 26 American Journal of Comparative Law 525. See also Andrew Robertson, ‘The Limits of Voluntariness in Contract’ [2005] MelbULawRw 5; (2005) 29 Melbourne University Law Review 179, for a discussion of the implications of standard form contracts for the development of contract doctrine.

[51] S Sothi Rachagan, ‘Procedures for the Resolution of Consumer Grievances with Banking Services’ (Paper presented at the 4th Brazilian Conference on Consumer Law, Gramado, Brazil, 8–11 March 1998) 9–10.

[52] See Australian Bankers Association, Submission to Director of Consumer Affairs Victoria, Unfair Contract Terms Taskforce, 5 July 2007, 4.

[53] Corporations Act 2001 (Cth) s 912A(1)(a), as amended by Financial Services Reform Act 2001 (Cth) sch 1 item 1. See also Paul Latimer, ‘Providing Financial Services “Efficiently, Honestly and Fairly”’ (2006) 24 Company and Securities Law Journal 362.

[54] The Ombudsman operates a dispute resolution service, with jurisdiction over claims of AUD500 000 or less, in connection with alleged violations of the Code of Banking Practice: Financial Ombudsman Service, Terms of Reference (1 January 2010) [5.1(o)] <http://www.bfso.org.au/ ABIOWeb/abiowebsite.nsf> .

[55] Corporations Act ss 1012A (personal advice recommending a particular financial product), 1012B (situations related to issue of financial products), 1012C (offers related to sale of financial products), 1012I (certain superannuation products and retirement savings account products).

[56] See, eg, HSBC Bank Australia Ltd (‘HSBC (Australia)’), Notice of Change to HSBC Small Business Deposit Accounts: Product Disclosure Statement (24 August 2008) <http://www.hsbcinvestments.com.au/1/PA_1_2_S5/content/australia/common/pdf/personal/noc_smallbusiness.pdf> .

[57] Corporations Act s 1014H.

[58] Some banks changed their contractual terms prior to the enactment of the AML/CTF Act because the banks were subject to AML obligations under the Financial Transaction Reports Act 1988 (Cth): see, eg, Australia and New Zealand Banking Group Ltd (‘ANZ’), Foreign Currency Accounts (‘FCAs’) and Foreign Currency Interest Bearing Term Deposits (‘FCIBTDs’): Terms and Conditions (February 2007) 5 <http://www.anz.com/australia/support/general/fca-tc-feb-07.pdf> ANZ, Institutional Financial Services (‘IFS’) and Corporate Product Disclosure Statement: Terms and Conditions (May 2006) cl 1.17, <http://www.anz.com/australia/

support/general/IFS&CorpPDS_T&Cs_May06.pdf>.

[59] The websites of the following Authorised Deposit-Taking Institutions (‘ADIs’) were examined. Australian-owned banks: AMP Ltd, ANZ, Bank of Queensland Ltd, Bank of Western Australia Ltd (a subsidiary of Commonwealth Bank of Australia, trading as Bankwest) (‘Bankwest’), Bendigo and Adelaide Bank Ltd (‘Bendigo Bank’), Commonwealth Bank of Australia (‘CBA’); Macquarie Bank Ltd (‘Macquarie Bank’), National Australia Bank Ltd (‘NAB’), Westpac Banking Corporation (‘Westpac’). Foreign subsidiary banks: Arab Bank Australia Ltd (‘Arab Bank’), Bank of China (Australia) Ltd, Bank of Cyprus Australia Ltd (‘Bank of Cyprus (Australia)’); HSBC (Australia), Investec Bank (Australia) Ltd. Branches of foreign banks: Credit Suisse AG, Deutsche Bank AG, The Hong Kong and Shanghai Banking Corporation Ltd (‘HSBC’), Société Générale, UBS AG, United Overseas Bank Ltd, WestLB AG. For a list of licensed ADIs, see Australian Prudential Regulation Authority, List of Authorised Deposit-Taking Institutions (21 April 2010) <http://www.apra.gov.au/ADI/ADIList.cfm> .

[60] The banks have also amended their standard form bank–customer contracts to deal with other issues, such as terminating a bank–customer relationship.

[61] See, eg, HSBC (Australia), Personal Savings and Deposit Accounts: Product Disclosure Statement (1 March 2010) 73–4 <http://www.hsbc.com.au/1/PA_1_2_S5/content/australia/

common/pdf/personal/savings-pds.pdf> (‘Personal Savings PDS’).

[62] Robertson, above n 50, 188.

[63] [1924] 1 KB 461, 473–5 (Bankes LJ), 480–1 (Scrutton LJ).

[64] Ibid 473 (Bankes LJ).

[65] Sir Lawrence Collins, ‘Choice of Law and Choice of Jurisdiction in International Securities Transactions’ (2001) 5 Singapore Journal of International & Comparative Law 618, 635.

[66] For example, under AML/CTF Act s 132, AUSTRAC may communicate information such as suspicious matters reports, international currency transactions reports, international funds transfer instructions as well as other information collected under the Act to a foreign country, under certain conditions.

[67] [1989] 1 QB 728, 770–1 (Staughton J).

[68] See, eg, R v Grossman (1981) 73 Cr App R 302, 309–10 (Lord Denning, Shaw LJ and Oliver MR); X AG v A Bank [1983] 2 All ER 464, 479 (Leggatt J); FDC Co Ltd v Chase Manhattan Bank NA [1990] 1 HKLR 277, 283–4 (Huggins V-P), 291 (Silke JA); Bank of Ireland Holdings (IOM) Ltd v A-G (Isle of Man) (Unreported, High Court of Justice of the Isle of Man, Deemster Kerruish, 27 October 2006) [23], [39].

[69] Tournier [1924] 1 KB 461, 473 (Bankes LJ); Turner v Royal Bank of Scotland plc [1999] 2 All ER (Comm) 664, 671–2 (Judge LJ).

[70] [1999] 2 All ER (Comm) 664, 670 (Sir Richard Scott V-C). See also Alan L Tyree, ‘Implied Consent’ (2000) 11 Journal of Banking and Finance Law and Practice 35.

[71] Turner [1999] 2 All ER (Comm) 664, 670 (Sir Richard Scott V-C), 672 (Judge LJ).

[72] See, eg, Bendigo Bank, Bendigo Term Deposit Accounts and Facilities: Terms & Conditions (29 January 2010) cl 19.2(d) <http://www.bendigobank.com.au/public/fsra/pds/pdf/BBL_TDeposit_

PDS.pdf>. But see Tournier [1924] 1 KB 461, 473 (Bankes LJ).

[73] AML/CTF Act ss 41, 43, 45.

[74] See, eg, Macquarie Bank, Macquarie Bank Term Deposit: Product Information Statement (15 December 2008) cll 11.1, 11.3 <http://www.macquarie.com.au/retail/acrobat_td_package.pdf> .

[75] CBA, What You Need to Know about CommBiz (10 January 2010) cl 15.3 <https://myapplication.commbiz.commbank.com.au/Registration/Registration.Web/StaticPDF/CommBiz%20Terms%20and%20Conditions%20Printer%20Version.pdf>.

[76] Ibid.

[77] Westpac, Deposit Accounts for Personal Customers: Terms and Conditions (8 February 2010) cl 40 <http://www.westpac.com.au/docs/pdf/pb/PersonalAccountsPDS.pdf> .

[78] Macquarie Bank, Macquarie Deposit plus Access 200: Supplementary Product Disclosure Statement (12 March 2009) 39 <http://www.macquarie.com.au/au/mfg/acrobat/macquarie_

dpa200_pds.pdf>.

[79] There are 122 jurisdictions with FIUs for AML purposes: The Egmont Group, List of Members (2009) <http://www.egmontgroup.org/about/list-of-members> . The Egmont Group is an international government body which provides a vehicle for cooperation between FIUs.

[80] AML/CTF Act s 123(1). See also David Chaikin and Joy Geary, ‘Hypothetical: Legal, Ethical and Compliance Dimensions’ in David Chaikin (ed), Money Laundering, Tax Evasion & Tax Havens (Australian Scholarly Publishing, 2009) 109, especially at 134–7 for circumstances which constitute a tipping-off.

[81] ANZ, Foreign Currency Accounts (‘FCAs’) and Foreign Currency Interest Bearing Term Deposits (‘FCIBTDs’): Terms and Conditions, above n 58, 5.

[82] See ANZ, International Money Transfer (Telegraphic Transfer): Terms and Conditions (November 2009) cl 6.3 <http://www.anz.com/documents/au/feecharge/TelTranTC.pdf> .

[83] Bank West, Telegraphic Transfer Application: Terms and Conditions (30 November 2009) cl 10 <http://www.bankwest.com.au/library/pdf/52/39.pdf> .

[84] The Arab Bank Group is the largest Arab banking branch network in the world, operating in 27 countries, including China, France, Germany, Hong Kong, Singapore, Switzerland, the United Arab Emirates, the United Kingdom, the US and Switzerland: Arab Bank, Arab Bank plc (2010) <http://www.arabbank.com.au/about-arab-bank-australia/arab-bank-plc> .

[85] Arab Bank, Product Disclosure Statement (3 May 2010) cl 6.2 <http://www.arabbank.

com.au/images/accounts/pds.1.pdf>.

[86] Ibid cl 7.

[87] Bank of Cyprus (Australia), Product Disclosure Statement for Foreign Currency Savings Accounts and Foreign Currency Fixed Term Deposit Accounts (8 September 2008) 11 <http://www.bankofcyprus.com.au/boc/content/downloads/pdsfcda.pdf> Bank of Cyprus (Australia), Product Disclosure Statement for Savings and Investment Accounts (16 June 2008) 22 <http://www.bankofcyprus.com.au/boc/content/downloads/BOCA_PDSPartAJune2008.pdf> .

[88] See above n 26 and accompanying text.

[89] United States, ‘Memorandum of Law in Opposition to Motion to Dismiss Complaint Filed by Defendant Bank of Cyprus plc’, Submission in United States of America v Bank of Cyprus plc, No 07 Civ 9235 (SD NY, 2009), 23 April 2008, 4–11. The bank allegedly facilitated money-laundering generated by the AremisSoft securities fraud.

[90] HSBC Holdings plc, Welcome to Our Global Site (2010) <http://www.hsbc.com/1/2/> .

[91] See HSBC (Australia), Corporate Banking Deposit Accounts: Product Disclosure Statement (1 July 2008) 39–40 <http://www.hsbc.com.au/1/PA_1_2_S5/content/australia/common/pdf/

commercial/corp-deposit-pds.pdf> (‘Corporate Banking PDS’); HSBC (Australia), HSBC Small Business Deposit Accounts: Product Disclosure Statement (1 March 2010) 53–4 <http://www.hsbc.com.au/1/PA_1_2_S5/content/australia/common/pdf/personal/sb-deposit-pds.

pdf>. See also, with different wording, HSBC (Australia), Personal Savings PDS, above n 61, 73–4.

[92] HSBC (Australia), Personal Savings PDS, above n 61, 71–2.

[93] HSBC (Australia), Corporate Banking PDS, above n 91, 39–40.

[94] Ibid 39.

[95] [1987] 1 AC 45, 64 (Robert Goff LJ). See also Bhogal v Punjab National Bank [1988] 2 All ER 296, 305 (Bingham LJ).

[96] HSBC Holdings plc, About HSBC (2010) <http://www.hsbc.com/1/2/about> .

[97] See, eg, David Chaikin and Jason C Sharman, Corruption and Money Laundering: A Symbiotic Relationship (Palgrave Macmillan, 2009) 99.

[98] The problem is acute because of the criminal and civil laws prohibiting insider dealing: see Harry McVea, Financial Conglomerates and the Chinese Wall: Regulating Conflicts of Interest (Clarendon Press, 1993); Barry Rider and Michael Ashe (eds) The Fiduciary, the Insider and the Conflict (Brehon Sweet & Maxwell, 1995) 7–9, 119–22, 155–6. See also Christoph Kumpan and Patrick C Leyens, ‘Conflicts of Interest of Financial Intermediaries: Towards a Global Common Core in Conflicts of Interest Regulation’ (2008) 5 European Company and Financial Law Review 72.

[99] But see Australian Securities and Investments Commission v Citigroup Global Markets Australia Pty Ltd [No 4] [2007] FCA 963; (2007) 160 FCR 35, 84 [335], [337], 112 [600] (Jacobson J) (‘ASIC v Citigroup’), where the Court found that Citigroup had contracted out of its potential fiduciary relationship with its customer.

[100] Ibid 80 [305]–[306], 85 [345] (Jacobson J); Commonwealth Bank of Australia v Finding [2001] 1 Qd R 168, 172 [9] (Davies and Pincus JJA and Derrington J). See also Commonwealth Bank of Australia v Smith (1991) 102 FCR 390, 391 (Davies, Sheppard and Gummow JJ).

[101] Joshua Getzler, ‘ASIC v Citigroup: Bankers’ Conflict of Interest and the Contractual Exclusion of Fiduciary Duties’ (2007) 2 Journal of Equity 62, 66; Pamela F Hanrahan, ‘ASIC v Citigroup: Investment Banks, Conflicts of Interest, and Chinese Walls’ in Justin O’Brien (ed), Private Equity, Corporate Governance and the Dynamics of Capital Market Regulation (Imperial College Press, 2007) 117, 132–4.

[102] HSBC, Corporate Banking PDS, above n 91, 39–40.

[103] Ibid 40.

[104] It may be argued that a bank is under no implied duty to give notice to a customer that it has received a foreign subpoena because the customer has already given its ex ante consent to disclosure, thereby preventing any duty from arising: El Jawhary v Bank of Credit and Commerce International SA [1993] BCLC 396, 400 (Sir Donald Nicholls V-C); Barclays Bank plc v Taylor [1989] 1 WLR 1066, 1070, 1074–5 (Lord Donaldson MR). Cf Robertson v Canadian Imperial Bank of Commerce [1995] 1 All ER 824, 830 (Lord Nolan) where the Privy Council held that a bank is under a duty ‘to use its best endeavours to inform [its customer] of the receipt of [a] subpoena.’

[105] For example, freezing an account may be justified by virtue of AML/CTF Act s 35 in circumstances where a financial institution is carrying out its statutory obligation to re-verify the identity of a customer.

[106] See, eg, Alan L Tyree, Banking Law in Australia (LexisNexis Butterworths, 6th ed, 2008); Sheelagh McCracken and Anna Everett, Everett and McCracken’s Banking and Financial Institutions Law (Lawbook, 7th ed, 2009); Ross Cranston (ed), Banks and Remedies (Lloyd’s of London Press, 1992).

[107] It may also commit a money laundering offence under state and territory AML legislation: see, eg, Crimes Act 1958 (Vic) ss 1945; Crimes Act 1900 (NSW) ss 193C193D.

[108] Customers with standard deposit accounts have a general right to withdraw funds: see, eg, ANZ, ANZ Online Saver Terms and Conditions, above n 58, cl 2.15; ANZ, Institutional Financial Services (‘IFS’) and Corporate Product Disclosure Statement (‘PDS’): Terms & Conditions (May 2006) cl 1.7 <http://www.anz.com/australia/support/general/IFS&CorpPDS_T&Cs_

May06.pdf>; Bendigo Bank, Bendigo Term Deposit Accounts and Facilities: Terms and Conditions (29 January 2010) 7 <http://www.bendigobank.com.au/public/fsra/pds/pdf/BBL_TDeposit

_PDS.pdf>.

[109] Bank of Scotland v A Ltd (Serious Fraud Office, Interested Party) (Unreported, England and Wales High Court, Laddie J, 23 June 2000) [42].

[110] See below n 115 and accompanying text.

[111] See, eg, Bendigo Bank, Bendigo Term Deposits Accounts and Facilities, above n 108, cl 2.12.

[112] Ibid cl 2.11.

[113] See, eg, Westpac, Exchange Traded Options: Product Disclosure Statement (August 2007) cll 7.14–7.15 (on file with the author).

[114] See the identification procedures under AML/CTF Act ss 27–39.

[115] See ANZ, IFS PDS, above n 108, cl 1.17; Bank of Queensland, Bank of Queensland Bonds: Product Disclosure Statement Terms and Conditions (April 2008) cl 4.2 <http://www.boq.

com.au/uploadedFiles/G484_BOQ_Bonds_PDS.pdf>; Arab Bank, Arab Bank Australia Limited Product Disclosure Statement (3 May 2010) cl 7 <http://www.arabbank.com.au/images/

accounts/pds.1.pdf>.

[116] CBA, Commonwealth Bank First Home Saver Account: General Information and Terms and Conditions (28 November 2008) 7 <http://www.commbank.com.au/personal/apply-online/download-printed-forms/FHS-ADV12021-terms-conditions.pdf> .

[117] Commonwealth Securities Ltd, CommSec Margin Loan (March 2009) 16, 20, 28, 38, 40 <http://www.comsec.com.au/Shared/PDF/MarginLending.pdf> .

[118] Sunbird Plaza Pty Ltd v Maloney (1988) 166 CLR 245, 254 (Mason CJ) (citations omitted).

[119] Andar Transport Pty Ltd v Brambles Ltd (2004) 217 CLR 424, 437 [23] (Gleeson CJ, McHugh, Gummow, Hayne and Heydon JJ).

[120] Westpac, Direct Entry Facility: Product Disclosure Statement (September 2009) cl 1.5 <http://

www.westpac.com.au/docs/pdf/pb/FSR_DirectEntryPDS.pdf>.

[121] (2004) 217 CLR 424.

[122] BI (Contracting) Pty Ltd v AW Baulderstone Holdings Pty Ltd [2007] NSWCA 173; [2008] Aust Contract Reports 90-267, 90 157 [25] (Beazley JA), citing ibid 437–8 [24]–[29] (Gleeson CJ, McHugh, Gummow, Hayne and Heydon JJ).

[123] See Westpac, Direct Entry Facility: Product Disclosure Statement, above n 120, cl 1.5 for an example of where such a provision would otherwise likely have been found.

[124] [1934] 2 KB 394, 403 (Scrutton LJ).

[125] (2004) 219 CLR 165. See Barbara McDonald, ‘Contractual Exclusions and Indemnities of Liability for Negligence’ in Greg Tolhurst and Elisabeth Peden (eds), Commercial Issues in Contract Law (Ross Parsons Centre of Commercial, Corporate and Taxation Law, 2008) 7, 7–25.

[126] See, eg, ANZ, International Telegraphic Transfer Application Form (May 2009) cl 6 <http://www.anz.com/resources/9/d/9db6d0804e4a38fca192ab93c5571dd1/CO-International-Telegraphic-Transfer-Application-Form.pdf> Bendigo Bank, E-Banking Telegraphic Transfer: Terms & Conditions (23 January 2009) cl 13 <http://www.bendigobank.com.au/public/

fsra/pds/pdf/BBL_e-banking_Telegraphic_Transfer_TC.pdf>; BankWest, Telegraphic Transfer Application (24 September 2009) cll 8–10 <http://www.bankwest.com.au/library/

pdf/52/39.pdf>.

[127] See, eg, ANZ, Overseas Draft Application Form (December 2008) cl 4 <http://www.anz.

com/australia/support/general/81851_OverseasT&C_50791FINAL.pdf>.

[128] See share broker application forms required by Bennet & Co Financial Services Pty Ltd: Bennet & Co Financial Services Pty Ltd, Application Form (December 2008) cl 16 <http://www.

bennettfinancial.com.au/docs/Account%20Opening%20Document.pdf>.

[129] Parker v South Eastern Railway Co [1877] UKLawRpCP 28; (1877) 2 CPD 416, 421 (Mellish LJ), 428 (Bramwell LJ); Thornton v Shoe Lane Parking Ltd [1970] EWCA Civ 2; [1971] 2 QB 163, 169 (Lord Denning MR); MacRobertson Miller Airline Services v Commissioner of State Taxation (WA) [1975] HCA 55; (1975) 133 CLR 125, 137–8 (Stephen J).

[130] J Spurling Ltd v Bradshaw [1956] EWCA Civ 3; [1956] 2 All ER 121, 125 (Denning LJ); Interfoto Picture Library Ltd v Stiletto Visual Programmes Ltd [1989] 1 QB 433, 439, 442 (Bingham LJ).

[131] See, eg, HSBC (Australia), Notice of Change to HSBC Small Business Deposit Accounts Product Disclosure Statement, above n 56, 4, which amends entirely the previous PDS in relation to the section on ‘Anti-Money Laundering, terrorist financing, sanctions, etc’.

[132] Section 12DA(1) provides that ‘a person must not in trade or commerce, engage in conduct in relation to financial services that is misleading or deceptive, or is likely to mislead or deceive.’

[133] Henjo Investments Pty Ltd v Collins Marrickville Pty Ltd [No 1] [1988] FCA 40; (1988) 39 FCR 546, 554–5 (Lockhart J) (‘Henjo’).

[134] See Hornsby Building Information Centre Pty Ltd v Sydney Building Information Centre Ltd [1978] HCA 11; (1978) 140 CLR 216, 234 (Murphy J); Brown v Jam Factory Pty Ltd (1981) 35 ALR 79, 86 (Fox J).

[135] Henjo [1988] FCA 40; (1988) 39 FCR 546, 555, 557 (Lockhart J); Demagogue Pty Ltd v Ramensky [1992] FCA 557; (1992) 39 FCR 31, 32 (Black CJ); Kimberley NZI Finance Ltd v Torero Pty Ltd [1989] FCA 400; [1989] ATPR (Digest) 46-054, 53 195 (French J).

[136] See Leanne Trouton, ‘Is Silence Golden? The Application of Section 52 of the Trade Practices Act to Commercial Negotiations’ (Paper presented at the Queensland Law Society Continuing Legal Education Seminar, Brisbane, 22 July 2003) 2, 5 <http://www.qls.com.au/content/

lwp/wcm/resources/file/eb9c0c4c4630b7d/applying-s52tpa-comm-negotiations-22jul03.pdf>.

[137] Australian Bankers Association, Code of Banking Practice (2004) [22].

[138] Ibid [22(a)].

[139] See, eg, HSBC (Australia), HSBC Privacy Policy (2010) <http://www.hsbc.com.au/1/2/footer/

privacy-and-security>, which states: ‘We may be required from time to time to disclose your information to Governmental or judicial bodies or agencies or our regulators, but we will only do so under proper authority.’ Cf Bank West, Telegraphic Transfer Application, above n 126.

[140] Privacy Act 1988 (Cth) sch 3 cl 2.

[141] Under NPP cl 9(b) the consent form must state the purpose(s) of the disclosure, while under NPP cl 1.3(d) organisations are required to take reasonable steps to ensure that an individual is aware of the types of organisations to which personal information is being disclosed. See Australian Law Reform Commission, For Your Information: Australian Privacy Law and Practice, Report No 108 (2008) vol 1, 605–14 for a discussion of the relationship between the AML/CTF Act and the Privacy Act 1988 (Cth).

[142] See, eg, Westpac, Corporate Governance: Anti-Money Laundering and Counter-Terrorism Financing (2010) <http://www.westpac.com.au/about-westpac/the-westpac-group/corporate-governance/aml-counter-terrorism/> .

[143] Fair Trading Act 1999 (Vic) s 32W, as amended by Fair Trading (Amendment) Act 2003 (Vic) s 12. The definition is modelled after Unfair Terms in Consumer Contracts Regulations 1999 (UK) SI 1999/2083, reg 5(1), which in turn is based on Council Directive 93/13/EEC of 5 April 1993 on Unfair Terms in Consumer Contracts [1993] OJ L 95/29, art 3(1).

[144] See Renard Constructions (ME) Pty Ltd v Minister for Public Works (1992) 26 NSWLR 234, 258, 268 (Priestley JA), who held that the idea of good faith meant that a termination clause could only be exercised subject to a requirement of reasonableness. See also J W Carter and Elisabeth Peden, ‘Good Faith in Australian Contract Law’ (2003) 19 Journal of Contract Law 155.

[145] See the definition of ‘unfair term’ in the Australian Consumer Law: Trade Practices Act 1974 (Cth) sch 2 pt 2 s 3. An unfair term is one which ‘would cause a significant imbalance in the parties’ rights and obligations arising under the contract’, ‘is not reasonably necessary in order to protect the legitimate interests of the party who would be advantaged by the term’ and ‘would cause detriment (whether financial or otherwise) to a party if it were to be applied or relied on.’ In determining whether a term of a consumer contract is ‘unfair’, a court must take into account the extent to which the term is transparent, and the contract as a whole.

[146] See Lawrence Collins (ed), Dicey and Morris on the Conflict of Laws (Sweet & Maxwell, 13th ed, 2000) 89–106. But note that there is a body of legislative and judicial authority tending to dilute the original doctrine: see, eg, Mutual Assistance in Criminal Matters Act 1987 (Cth) pt VI div 2; Andrew Grossman, Conflicts in Cross-Border Enforcement of Tax Claims (2007) Selected Works <http://works.bepress.com/cgi/viewcontent.cgi?article=1000&context=andrew_

grossman>.

[147] [1988] HCA 25; (1988) 165 CLR 30, 47 (Mason CJ, Wilson, Deane, Dawson, Toohey and Gaudron JJ) where the High Court held that Australian courts will not enforce ‘the governmental interests of a foreign state’, such as the Official Secrets Act 1911 (UK) c 28. See also Robb Evans of Robb Evans & Associates v European Bank Ltd [2004] NSWCA 82; (2004) 61 NSWLR 75, 80 [1], 86–7 [37] (Spigelman CJ); Schnabel v Lui [2002] NSWSC 15 [161]–[177] (Bergin J); Mbasogo v Logo Ltd [2006] EWCA Civ 185; [2007] 1 QB 846, 866, 873 (Sir Anthony Clarke MR); A-G (NZ) v Ortiz [1984] 1 AC 1, 20–1 (Lord Denning MR). For an example of courts refusing to recognise extraterritorial assertions of authority, see Jamieson v Commissioner for Internal Revenue (2007) 210 FLR 210, 214 [28]–[29] (Gzell J).

[148] See Cameron Sim, ‘Non-Justiciability in Australian Private International Law: A Lack of “Judicial Restraint”?’ [2009] MelbJlIntLaw 9; (2009) 10 Melbourne Journal of International Law 102. See also Habib v Commonwealth [2010] FCAFC 12; (2010) 183 FCR 62.

[149] Buttes Gas & Oil Co v Hammer [No 3] [1982] 1 AC 888, 938 (Lord Wilberforce).

[150] This article does not deal with the public policy issue of how the Australian government has responded to foreign extraterritorial legislation by enacting blocking legislation. For such discussion, see Deborah Senz and Hilary Charlesworth, ‘Building Blocks: Australia’s Response to Foreign Extraterritorial Legislation’ [2001] MelbJlIntLaw 3; (2001) 2 Melbourne Journal of International Law 69.

[151] There is a less powerful public policy objection to a contractual clause permitting the freezing of funds in relation to foreign matters, as any freezing will come to the notice of the customer who can take appropriate legal action in the domestic jurisdiction. See, eg, Nanus Asia Co Inc v Standard Chartered Bank [1990] 1 HKLR 396, 405 (Cruden J).

[152] See, eg, Arab Bank, Arab Bank Australia Ltd: Product Disclosure Statement, above n 85, cl 6.2.

[153] AML/CTF Act s 123.

[154] See recommendation 14 in Financial Action Task Force, FATF 40 Recommendations (20 June 2003, as amended 22 October 2004) 5; Council Directive 2005/60/EC of the European Parliament and of the Council of 26 October 2005 on the Prevention of the Use of the Financial System for the Purpose of Money Laundering and Terrorist Financing [2005] OJ L 305/15, art 28(1).

[155] See ADB/OECD Anti-Corruption Initiative for Asia and the Pacific, Mutual Legal Assistance, Extradition and Recovery of Proceeds of Corruption in Asia and the Pacific (Asian Development Bank, Organisation for Economic Co-Operation and Development, 2007) 95–105.

[156] AML/CTF Act s 132.

[157] See David Chaikin and Jason C Sharman, ‘APG/FATF Anti-Corruption/AML/CFT’ (Research Paper, FATF/Plen (2007) 37, FATF Plenary Meeting, September 2007) [386].

[158] See Attorney-General’s Department, A Better Mutual Assistance System: A Review of Australia’s Mutual Assistance Law and Practice (2006) 8, 22, 39; Extradition and Mutual Assistance in Criminal Matters Legislation Amendment Bill 2009 (Cth).

[159] Mutual Assistance in Criminal Matters Act 1987 (Cth) ss 8(1)(c), (e). These mandatory grounds for refusing assistance are found in nearly all of Australia’s treaties and arrangements regarding mutual assistance in criminal matters. See, eg, Treaty between the Government of Australia and the Government of the United States of America on Mutual Assistance in Criminal Matters, signed 30 April 1997, 2117 UNTS 185 (entered into force 30 September 1999) art 3(1).