Now that the anti-money laundering debacle appears to have claimed the scalp of the Commonwealth Bank's top executive, investors will be seeking a detailed explanation for the bank's decision not to disclose the alleged breaches during the 2016 financial year.At the annual profit announcement last week CBA chairman Catherine Livingstone confirmed that the bank knew in September 2015 of thousands of potential breaches of anti-money laundering laws caused by a software coding error on Intelligent Deposit Machines.Livingstone said the company embarked on a "program of action" to remediate the software problem and to improve capability in compliance and risk management.There is little doubt that the board and management would have deliberated on the character of the breaches during the 2016 financial year to gauge whether regulatory action was probable, possible or remote.The bank decided at the time that the company's exposure to penalties was remote and therefore elected not to disclose any potential exposure in the notes to the 2016 financial statements.If the bank had believed that the threat of fines or legal penalties was likely or possible then it would have had to make a provision for the exposure or reveal a contingent liability in the notes to the accounts.In light of the hefty penalties meted out to international banks in the last decade for failing to report threshold and suspicious transactions in a timely manner, it will be interesting to learn more of the advice and rationale relied on by the bank to classify the risk of financial penalties as remote.In response to a question from Senator Nick Xenophon last week, ASIC chairman Greg Medcraft told a joint parliamentary committee that his organisation was investigating whether the bank had complied with accounting standard AASB 137 by not disclosing a contingent liability in the 2016 accounts.As previously reported in Banking Day, CBA gave no indication at the 2016 annual meeting that something was awry in compliance systems at the bank.Former CBA chairman David Turner told shareholders in the 2016 annual report that the chair of the board's risk committee, Harrison Young, had done a "tremendous job".CBA's reputation as the country's most accident-prone bank was compounded on Monday after ASIC announced that company had agreed to compensate 65,000 customers who were mis-sold consumer credit insurance.The bank will refund A$10 million to customers, including some who were never entitled to make claims because they were on welfare benefits.It didn't stop there, though.In a media release issued late on Monday, the bank revealed that it had launched an internal investigation into potential mis-handling of insurance policies relating to deceased estates."Today, ASIC was notified about an issue affecting some insurance products, where for a number of accounts, a confirmation of the cancellation of an existing insurance policy may not have been sent to the deceased estate," the bank said. "At this stage, the number of customers impacted is expected to be below 1000. "We are currently undertaking a detailed investigation back to the year 2000 to confirm the number of affected customers and