Members of Commonwealth Bank's senior management team were apparently drilled in methods for handling an operational crisis many years before the recent, destabilising AUSTRAC legal action lobbed in the Federal Court this month.
Alden Toevs, the former chief risk officer, shared a colourful account of the experience of the bank's management during an exercise devised by him that blindsided management when put to the test.
In a panel discussion on operational risk at an ASIC conference in March 2014, Toevs said he organised simulated crisis events to test the resilience of senior executives.
Toevs was horrified by the response of the bank's top management in the first trial that was held "several years" before March 2014, describing their performance as "pathetic", "unbelievably bad" and "inept".
"The first attempt was just pathetic, it was unbelievably bad," he said.
"We were pathetic at it because we didn't have the knowledge and the detail and so forth - so we were making stuff up."
The comments triggered an awkward moment for Toevs who must have forgotten that APRA's executive general manager, Keith Chapman, was sitting alongside him on the panel.
Chapman intervened saying he wanted to take notes, but was assured by Toevs that it was "some time ago".
There was humour in the moment, but it was also a remarkable admission from the CRO of Australia's largest bank - that he had once rated his executive peers as inept crisis managers.
"It was a major learning," Toevs told the 2014 audience.
"It took several attempts before we sort of really fully grasped how inept we were in a crisis."
Toevs underlined the importance of operational risk controls throughout his presentation, noting that banks that experience an operational breakdown might be prone to entering a period of chaos.
"A bank after a major operational failure could probably be in a chaotic state," he said.
Watch an excerpt of the Toevs' talk here.Toevs was the chief risk officer at the bank for eight years to June 2016, having come to the bank from First Manhattan Consulting Group. In the role of CBA CRO, Toevs became one of the highest paid bank executives in the country.
During his time as a key executive of the group he was paid more than A$38 million in cash and incentives.
His tenure as CRO covers the period in which a software "coding error" caused CBA's fleet of Intelligent Deposit Machines to rack up more than 50,000 alleged reporting breaches under anti-money laundering laws.
Since retiring from the key management post last year, Toevs has continued to work at the bank as a senior risk adviser to the board and director of ASB Bank.
He has not commented publicly on the alleged risk management failures at the bank highlighted in AUSTRAC's statement of claim.
In a prepared speech given to the ASIC conference in 2014, Toevs highlighted the importance of monitoring human cognitive behaviour in managing operational risk.
He noted how small incremental changes in employee behaviour or bank processes could over time create the pre-conditions for an operational risk failure.
"One of the underappreciated aspects of the source of operational risk events is organisational drift," he said.
"You start out with something that was designed, let's say it was reasonably well designed, it's put into place and it's operationalised," he said.
"But over time small changes around the edges begin to take… and one day you are all of sudden waving for the lifeguard."
The observation is remarkably pertinent to the explanation given by the bank as to how the IDMs stopped generating high value transaction reports in 2012.
A software change to one of the bank's computer platforms triggered the coding error on the IDMs that prevented them from communicating reportable transactions.
The automatic reporting systems had drifted to non-compliance for the next three years under the watch of senior management, which included Toevs.
Watch a second excerpt of the Toevs' talk here.Towards the end of the panel forum, Toevs gave a somewhat unusual answer to a question from corporate governance expert George Gilligan (then working at the University of NSW) on the link between organisational hubris and the financial planning scandal that was enveloping the CBA at the time.
Toevs did not comment on the financial planning scandal directly, but chose to focus on how hubric leaders increased the risk profile of the organisations they lead.
At one point Toevs riffed on a famous take on defining thorny material, in the context of major risk management failures.
"I contend that [it is] sort of like the famous expression about p__rnography 'you don't how to define it but you know it when you see it'; the major failures of financial organisations or any organisation normally come back to being very much aided and abetted by a hubric leader," he said.
Dr Gilligan, who now works at the University of Melbourne, told Banking Day on Tuesday that he was not satisfied by Toevs' answer, "The answer wasn't the most satisfactory I've had to a question that I've asked."
Watch a final excerpt of the Toevs' talk here.* Footage of the operational risk panel discussion in 2014 was provided to Banking Day courtesy of ASIC.