Gone are the days of box-ticking.

The FSCA has imposed penalties on financial services providers for non-compliance with FICA

The Financial Sector Conduct Authority (FSCA) has recently imposed administrative sanctions on two financial services providers (FSPs), in each case for failing to comply with certain provisions of the Financial Intelligence Centre Act (FICA).

The first received a penalty for R400,000 and the second,  a staggering R16 million fine.

The grounds for the fines are largely the same.

1. While Risk Management and Compliance Programmes (RMCP) for Anti-Money Laundering and the Combating of the Financing of Terrorism (AML/CFT) were in place, the first contravention was that the RMCPs were found to be inadequate. The RMCP, in the latter case, failed to set out how the FSP would comply with FICA as it relates to, among other things: (a) examining complex or unusually large transactions and unusual transaction patterns; (b) performing customer due diligence when, during the course of a business relationship, the FSP suspects that a transaction or activity is suspicious or unusual; (c) terminating business relationships; (d) enabling the FSP to determine when a transaction or activity is reportable to the Financial Intelligence Centre (FIC); and (e) the implementation of its RMCP.

2. The second violation was that the FSPs failed to identify and verify the identity of some clients, including the beneficial owners of some clients.

3. The third violation was failing to screen clients, including beneficial owners, against the Targeted Financial Sanctions Lists (TFSL) issued by the United Nations Security Council.

What this reveals is that the expectations of the FSCA on FSPs have increased. It is inadequate that an FSP ticks the box and merely has an RMCP in place. Failure to fully comply carries serious consequences.

SA addressed technical deficiencies in its AML/CFT regime owing to grey listing

South Africa was placed on the grey list by the Financial Action Task Force (FATF) in February 2023. An Action Plan was adopted listing 22 action items. South Africa is required to address all 22 to exit the FATF grey list.

The deadlines for addressing the action items fall between January 2024 to January 2025.

Even before being grey listed, efforts were made to address the technical deficiencies in South Africa’s AML/CFT regime. The hope at that time was to avoid grey listing. For example, the General Laws (Anti-Money Laundering and Combating Terrorism Financing) Amendment Act (GLAA) was adopted. The GLAA amended no fewer than five pieces of legislation, including the Trust Property Control Act and the Companies Act, requiring gathering beneficial ownership information and submitting this beneficial ownership information to the relevant regulators.

Notwithstanding that many of the technical deficiencies had already been addressed, South Africa’s efforts to avoid grey listing were unsuccessful.

Since having been grey listed, various regulators, including the FIC and National Treasury as well as the FSCA, which is responsible for supervising and enforcing FSPs’ compliance with FICA, have been addressing the items in the Action Plan.

South Africa saw a flurry of legislative amendments and regulations to fill remaining technical lacunae in South Africa’s AML/CFT regime. This included expanding the mandate of the FIC under FICA to allow for more effective monitoring and detection capabilities and the fortification of administrative sanctions for non-compliance (which have now been put to good use).

The FSCA shifts its focus to enforcement to leave the FATF’s grey list

Enforcement of FICA and other legislation and regulations, such as the GLAA, appear to now be the prime objective.

This focus on enforcement appears to be much in line with the FATF’s progress review, conducted in October 2023.

The FATF indicates that South Africa should continue to work on implementing its Action Plan to address its strategic deficiencies, which includes (amongst others) (a) improving risk-based supervision and demonstrating that all AML/CFT supervisors apply effective, proportionate, and effective sanctions for noncompliance; (b) ensuring that competent authorities have timely access to accurate and up-to-date beneficial ownership information and apply sanctions for breaches of violation of beneficial ownership obligations; (c) ensuring the effective implementation of targeted financial sanctions.

FSPs should expect more fines from the FSCA

While some have commented that the penalties imposed on the penalised FSPs seem steep in the context of their contraventions, the FSCA has made it plain that they regard the contraventions to be serious. The FSCA has stated that –

“[a]ll accountable institutions are urged to continue reviewing and strengthening their anti-money laundering and terrorist financing risk and control environments. Failure to do so will result in firm regulatory action.”

FSPs should expect firm enforcement action from the FSCA, including more fines being imposed on non-compliant FSPs.

FSPs should guard against enforcement actions by the FSCA: compliance and integration

Given the strong desire for South Africa to be removed from the grey list, the outstanding items in the Action Plan and the FATF’s most recent progress review, not to mention the administrative sanctions already imposed on FSPs by the FSCA, FSPs (and other accountable institutions) should certainly heed these words of warning from the FSCA.

FSPs must ensure not only that they have an RMCP, but that it is up to date with current regulations, that it is complete and that it provides for the means by which it will be implemented within the organisation. The RMCP must then, in fact, be implemented. FSPs must prioritise engendering a culture of widespread AML/CFT awareness within their organisations and meaningful AML/CFT compliance if they wish to avoid undesirable attention from the FSCA.