Commonwealth Bank chief executive officer Ian Narev has defended the decision not to disclose problems with the bank's anti-money laundering reporting processes after directors were notified of systemic issues in August and September 2015. Less clear are the circumstances surrounding the bank's failure to disclose the creation of a "program of action" in 2015 to address a wider range of deficiencies in its compliance systems.On another gruelling day for the bank since it was hit with civil action by AUSTRAC for more than 53,000 alleged breaches of anti-money laundering laws, Narev fended off suggestions from journalists that the bank had taken too long to disclose shortcomings in its compliance reporting to shareholders."In a highly regulated environment you simply can't make disclosure every time you get a notice from regulators, or you'd be making disclosures every day," he said.His comments came after board chair Catherine Livingstone revealed that the bank launched an internal "program of action" in the second half of 2015 to strengthen compliance policies and processes across the group.The wide-ranging program, which is not yet completed, included the recruitment of more than 50 financial crime compliance professionals and the recoding of Intelligent Deposit Machines in September 2015 so they could generate high value transaction reports required by AUSTRAC.Livingstone also revealed that the program has involved changes to senior leadership roles in the areas of operational risk, regulatory compliance and financial crimes reporting."Significant progress has been made on a program of action focussed on strengthening its (CBA's) policies and processes relating to its obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act," stated Livingstone in an ASX filing.The disclosures confirm that CBA had identified deficiencies in skill-sets and compliance systems in the 2015/16 financial year when the company also embarked on an A$85 million project to improve its Know-Your-Customer capability.By around August 2015, a contingent liability may have become apparent, when the bank realised it had filed more than 50,000 late notifications to AUSTRAC. That created a risk of large civil penalties which might have to be recognised in the future if AUSTRAC decided to take legal actionHowever, even though the risk management failures were judged important enough to require a dedicated, far-reaching and costly overhaul, CBA elected not to disclose details of the "program of action" until yesterday.Curiously, this appears to run counter to an Australian accounting standard referred to in CBA's recent annual reports, where the bank is required to disclose a contingent liability if the exposure depends on the action or non-action of a party outside the company. For instance, CBA's most recent annual reports included contingent liability disclosures for the group's exposure to the exception fees class action brought by Maurice Blackburn against the four major banks. Even though CBA expected to win the case, its accounting policy required it to make disclosure because there was a chance it might have to pay compensation.So, board and management knew in the final months of 2015 that the bank had breached anti-money laundering laws when it was late