The Financial Intelligence Centre Act (FICA) was introduced to fight financial crime, such as money laundering, tax evasion, and terrorist financing activities by making it more difficult for criminals to benefit from the proceeds of crime. The FIC Amendment Act (FICAA) brings South Africa closer to international standards and best practices recommended by the Financial Action Task Force (FATF).
The key obligations in terms of the FICAA are:
1. Register with the FIC
Accountable and Reporting Institutions are required to register with the Financial Intelligence Centre (FIC). Registration can take place on the FIC’s goAML EE online system which can be accessed via the FIC’s website www.fic.gov.za
2. Appoint an Anti Money-Laundering (AML) / Combating the Financing of Terrorism (CFT) Compliance Officer
The senior management or board of directors of an Accountable Institution need to formally appoint a Compliance Officer to ensure compliance with FICAA. Ideally, the person appointed should have the competence and seniority to ensure the effectiveness of the Accountable Institution’s compliance function.
3. Develop an RMCP
Accountable Institutions are required to apply a risk-based approach when establishing a business relationship and/or conducting a single transaction with a client. Part of this risk-based approach includes developing controls which mitigate and manage the businesses anti-money laundering risks, and fulfil the FICAA requirements. All the controls developed and implemented should be documented to form part of their risk management and compliance programme (RMCP). The RMCP should be reviewed and continuously updated (where necessary) to ensure that they are effective and sufficient.
4. Perform Customer Due Diligence
An important part of mitigating risk to your business is performing customer due diligence. Customer due diligence refers to the process of analysing information about an individual or legal person from multiple sources. This means that to adequately perform due diligence you will need to collect and evaluate specific information to truly know your client and ultimately ensure that your client is who they say they are.
Not only does this include collecting and analysing documentation but it should also include:
● Verifying the identity of an individual or the registration of a legal person and their address or location
● Obtaining information regarding the economic sector or occupation of your client
● Obtaining information regarding the nature and purpose of your client’s relationship with you
● Monitoring transactions
● Developing a risk rating scheme to categorise your clients
● Checking data against third party data sources
● Identifying source of funds
● Identify whether your client, a related party, authorised person or Ultimate Beneficial Owner (UBO) is on a sanctions list or has appeared in any adverse media
● Identify whether your client, a related party, authorised person or UBO is a Domestic Prominent Influential Person (DPIP) or Foreign Prominent Public Official (FPPO) and then carry out enhanced due diligence on them.
5. Submit reports to the FIC
Both Accountable and Reporting Institutions are obligated to report any suspicious behaviour or transactions to the FIC. This includes reporting any cash transaction in excess of R24 999.99. This is known as a cash threshold report (CTR). Other types of reports that can be submitted are known as a suspicious transaction or suspicious activity reports (STRs/SARs). These reports should be submitted when there is either a transaction or activity by the client that appears to be suspicious or unusual. Lastly the fourth type of report that can be submitted is a terrorist property report (TPR). A TPR should be submitted when you think your client may possess or control property belonging to a client that could be linked to terrorism.
To offer you further guidance we have put together a handy guide to identifying and reporting suspicious behaviours and transactions. In the guide, we unpack each of the above reporting duties set out in Part 3 of the FICAA.
6. Record Keeping
FICAA requires Accountable Institutions to keep records of not only the due diligence that was carried out, but also details of any transactions that took place – including any counter-parties to those transactions. This is to ensure that evidence is available should the FIC or the authorities require it for an investigation or a prosecution.
These must be kept for a minimum of five years from the later of either; when a client last transacts, when they cease being a client, when a report about them is submitted to the FIC or an active investigation is closed. The key here is to keep records for at least 5 years. It can be in paper or electronic form – it doesn’t matter as long as it is kept securely, safely, in confidence and is accessible by the FICAA Compliance Officer.
7. Ongoing Training
According to section 43 of the FICAA Accountable Institutions must provide ongoing training relating to AML/CFT to its employees with the purpose of complying with the provisions set out by FICAA and their internal RMCP.
Accountable Institutions should bear in mind that the FICAA training requirement is not optional and businesses that fail to provide their employees with the required training, are regarded as non-compliant with the Act and could face potential administrative sanctions.
As you can see there are several requirements that need to be met in order to be fully FICA compliant. It is important to remember that all these requirements are set out for a reason and ultimately serve to minimise the risk of money laundering and reduce the risk of your business working with criminals.
DocFox, FICA Compliance Experts, offer end-to-end software that ensures that your firm’s FICA policies are implemented right the first time. Read more here about the DocFox software and how you can easily become (and remain) FICA compliant within days.