FICA compliance: Why the time for accountability is now
By Sameer Kumandan, MD of SearchWorks
What do Old Mutual and HSBC Johannesburg have in common? No, it’s not that they’re both financial services providers or that the pair are big players in South Africa’s financial services landscape. Each of these institutions has recently been penalised for non-compliance with the Financial Intelligence Centre Act (FICA).
In September, the South African Reserve Bank (SARB) imposed sanctions on Old Mutual for failing to meet customer due diligence (CDD) obligations, for not timeously reporting suspicious and unusual transactions and for neglecting to adequately develop and implement a Risk Management and Compliance Programme (RMCP), among other offences. Old Mutual faces a penalty of R15.9 million for non-compliance. In October, SARB announced that HSBC had failed to comply with certain provisions of FICA and would be charged a financial penalty totalling R9.5 million. HSBC’s offences also related to CDD and RMCP, as well as failing to attend to automated transaction monitoring system (ATMS) alerts within the required timeframe.
In September, the South African Reserve Bank (SARB) imposed sanctions on Old Mutual for failing to meet customer due diligence (CDD) obligations, for not timeously reporting suspicious and unusual transactions, and for neglecting to adequately develop and implement a Risk Management and Compliance Programme (RMCP), among other offences. Old Mutual faces a penalty of R15.9 million for non-compliance. In October, SARB announced that HSBC had failed to comply with certain provisions of FICA and would be charged a financial penalty totaling R9.5 million. HSBC’s offences also related to CDD and RMCP, as well as failing to attend to automated transaction monitoring system (ATMS) alerts within the required timeframe.
Similarly, Kunene Ramapala Incorporated, a law firm, was penalised R7.7 million for gross negligence and multiple FICA compliance failures, including not implementing an RMCP, failing to scrutinise clients against the targeted financial sanctions (TFS) list, and sharing login credentials on the goAML system. This case marked the first appeal of its kind, where the FIC’s decision to enforce penalties was upheld by the Appeal Board.
If anything, these sanctions showcase the consequences of non-compliance and indicate that the era of leniency is well and truly over. They also demonstrate SARB’s commitment to upholding robust financial practices and preventing financial crime. FICA is not a suggestion – it’s the law and the law is coming for those who fail to meet their obligations.
And let’s not forget that the cost of non-compliance extends far beyond penalties. The impact of the reputational damage, operational disruption and potential loss in trust, which can negatively affect established business partnerships, can often be far worse than the financial implications. Even a small lapse in compliance can lead to devastating consequences. This puts additional pressure on all accountable institutions to prioritise compliance, especially given recent amendments, which have expanded the definition of what constitutes an ‘accountable institution’. The new definition now includes crypto-asset providers and high-value goods dealers, among others. The changes are intended to close gaps in existing anti-money laundering (AML) and counter-terrorist financing (CFT) prevention measures and better align South Africa’s regulations with international standards.
Beyond greylisting
These obligations have become even more critical, and there has been greater regulatory scrutiny, since South Africa was greylisted by the Financial Action Task Force (FAFT) in February last year. Being placed on FAFT’s grey list means that our country has various shortcomings when it comes to preventing money laundering, fraud and terrorist financing. At the time, the FAFT provided a breakdown of where we were falling short and gave us a strict deadline to address these 22 strategic deficiencies. And that deadline is looming.
At present, there are about six outstanding items on the list that must be remedied before February 2025. One of the outstanding action items, which should have already been “ticked off”, was delayed because of low compliance by companies and trusts; like the financial services brands mentioned above.
If we want to be removed from the grey list next year, all accountable institutions must recognise their role in safeguarding South Africa’s financial system. Compliance is not only a legal requirement, it is also a strategic asset in a business landscape where trust and transparency are becoming ever more important. In addition, having the right compliance strategy and infrastructure in place future-proofs businesses against ever evolving regulatory demands. Tools like VOCA, powered by SearchWorks, streamline compliance processes for accountable institutions.