Masthead hosted its first Masterclass of the year, titled Finding Opportunity in a Changing World, on 29 March at the Atterbury Theatre in Pretoria. During the event, industry experts gave attendees greater insights into important developments affecting the financial services industry – and shared advice on how they can navigate, and even benefit, from the changing financial services landscape.
“The future is unfolding daily, and growth can sometimes be quite uncomfortable, and gaining the correct knowledge and leveraging that knowledge for your growth is essential going forward,” Joleen John, Group Managing Director at Masthead, said in her opening address. “Learning and adapting, and how we look for opportunities in a changing world, are key to our success.”
From the Financial Sector Conduct Authority (FSCA) stating that they’ll start audits again this month – and giving advice on how accountable institutions (AIs) can prepare for these inspections – to why upskilling is crucial in today’s service economy, here are some of the main takeaways from the day.
FSCA talks customer due diligence, crypto assets and cybersecurity:
Michele Fourie, Senior Specialist in FSCA’s FICA Supervision Department, discussed the challenges facing the industry in a digitalised world, and offered five steps that can help resolve these threats as it relates to customer due diligence (CDD). The steps include employing a risk-based approach, obtaining additional information on your customers, analysing the source of funds and ultimate beneficial ownership, implementing transaction monitoring, and additional screening requirements for customers, as well as employees.
Michele stressed that when it comes to updating Risk Management and Compliance Programmes (RMCP), AIs need to review their programmes honestly and critically to determine what worked, what didn’t and how it can be improved.
She added that last year’s FICA amendments require AIs to review their RMCPs. “We’re starting inspections now afresh in April. If we knock on your door, I can tell you that we’re going to ask for two RMCPs. I’m going to ask you for the one you have now, and I’m going to ask you for the previous one because I want to see whether you are reviewing. I want to see what you’ve changed. I want to see in terms of the FATF [Financial Action Task Force] standards whether your RMCP and business risk assessments are dynamic.”
Johann van der Lith, Regulatory Specialist in FSCA’s Regulatory Frameworks Department, gave insights into last year’s declaration of crypto assets as a financial product, plus how it will be dealt with when the Conduct of Financial Institutions (COFI) Bill repeals the FAIS Act. Currently, what FSPs need to be aware of is the fact that if they provide advice and/or intermediary services in relation to crypto assets, they will have to add it as a sub-category on their existing licence before 30 November 2023.
Johann warned that the definition of crypto assets is quite wide in the current FAIS framework. “That’s where the complexities come in,” he added. Some FSPs may incorrectly believe that their services fall outside the scope of the definition, which is why they need to really understand the definition and how it relates to the advice or services they offer.
Andile Mjadu, Senior Manager at FSCA’s Regulatory Frameworks Department, covered cybersecurity risks faced by the financial industry, as well as what cybersecurity regulatory developments are expected to come into effect soon. A greater regulatory emphasis on cybersecurity has become necessary due to the increase in cyberattacks in the financial sector and the growing sophistication of tactics used by cybercriminals. “If it’s not managed properly, it can create a lot of risk … It can actually lead to the breakdown of the financial system.”
He explained that are two interlinked standards – the Joint Standard on Cyber Risks and Cyber Resilience and the Joint Standard on IT Risk Management – and both put great emphasis on governance and oversight. “Whether it’s your board or your senior management, they’ve got to take responsibility for cybersecurity, as well as IT risk management, and there must be clearly defined roles and responsibilities in an entity.” Organisations must have robust cybersecurity and IT risk management frameworks that they can implement and maintain. In addition, cybersecurity frameworks must comply with an organisation’s operating procedures and be approved by its governing body or management.
He added that the FSCA hopes that a standard on cybersecurity will come into effect by end of this year, however, there will be a 12-month transitional period from the effected date.
How South Africa got on the greylist – and how we can get off it:
Christopher Malan, Executive Manager for Compliance and Prevention at the Financial Intelligence Centre (FIC), gave an account of how the country went from being a respected member of the FATF to being greylisted by this intergovernmental organisation. He also shone light on what steps the country is taking to get off the greylist, as well as what role FSPs specifically can play in helping this process along.
According to Christopher, the financial sector is doing remarkably well when it comes to reporting suspicious activities that may be related to money laundering and terror financing but there is room for improvement. “There is a huge amount for you to do to improve on your current systems,” he said, adding that FSPs can do more to understand their business risk, and that they should maintain and increase their FICA compliance. “Improve your RMCPs – and then implement it and ensure that you detect and report. If you can do all of that seamlessly on a risk-based approach collectively, we’ll all be better in your area.”
An area of concern is the registration of new AIs, for example high-value good dealers, who were added to the FIC Act on 19 December 2022. “The registration update is still not what it should be. If you still haven’t registered with us, please know that you’re non-compliant,” he said. “We’re going to have a problem where we’ll have to explain why all these new sectors have not yet registered with the FIC. We’ve given them 90 days grace … and the numbers are not where they should be.” The registration deadline was 20 March 2023, however, a recent press release by the FIC urged new AIs to continue registering with the Centre.
Invest in yourself:
Economist Dawie Roodt explained that most economic activities are taking place in the service part of the economy, including the financial services industry, and that modern economies are more digitised and technologically driven. “[You] need to make sure you have the necessary skills – not qualifications; it’s skills that matter – to participate in this wonderful service industry.” And with a proper computer and internet connection, you can be part of the modern economy and work from anywhere in the world.
Dawie also listed four growth industries, namely agriculture, education, personalised medicine and wearable devices, and the financial industry. “The world of finance is going to change, and it will be based on blockchain technology.” Because of this, it’s important to understand how cryptocurrencies and the underlying blockchain technology work.
“I’m very excited about the future because it’s going to be a future of plenty. It’s going to be a future of peace, despite what we see every now and then, and it’s going to be a future of real prosperity, but you need to make sure that you can participate in all these amazing things happening in the world,” he concluded.
Compliance is key:
Keith Engel, the CEO of the South African Institute of Tax, gave a very technical discussion about tax considerations on emigration – an issue many advisors are asked about by their clients. He explained that as in the financial services sector, compliance is playing an increasingly important role in the tax industry, and people who emigrate – or those who return after working abroad for a couple of years – will need a tax practitioner to help them get their paperwork in order.
“I don’t believe that if you emigrate, you can work it out on your own,” he said. This is because many people don’t keep files or documents, and they’ll need these for when SARS and the revenue service in their new country of residence do a verification audit. “When I say you need a tax preparer, you’re not going there to file a return. You’re going there for the tax pack – all the documentation.”
Be optimistic – despite the challenges:
In her closing address, Masthead’s Head of Compliance, Anri Dippenaar, encouraged those in the audience to be positive about the future. “As we go into this phase of change, have an optimism bias as Michele suggested in her talk. To protect yourself, it’s critical to better understand your risks and data . There is a lot of opportunity for you and your business if you understand your data, and here I’m talking specifically about COFI and Omni-CBR,” she explained. “Those business data sets are incredibly valuable. If you understand what the regulation is trying to achieve in terms of those data sets, and you bring that together with your business understanding – and no one knows your business better than you do – combined with artificial intelligence tools and efficiencies that make your business run better, I don’t think there is a future where you will not excel.”
Watch the MasterClass presentations here.
Masthead’s next MasterClass will take place in Bloemfontein on 22 June 2023. Gqeberha, Cape Town, Johannesburg and Durban will also play host to Masterclass events later in the year, so keep a look out for date announcements.