The Financial Sector Conduct Authority (FSCA) has recently published a series of administrative sanctions imposed on FSPs, that are accountable institutions, that were found to be non-compliant with the Financial Intelligence Centre Act (FICA).
The administrative sanctions are a result of specific areas of non-compliance that the FSCA had identified during inspections that it had conducted. Below we look at some of the areas of non-compliance that were identified and offer guidance to avoid making similar mistakes:
Risk Management and Compliance Programme (RMCP)
Accountable institutions are required to develop, maintain, and implement an RMCP that incorporates the requirements of FICA that is applicable to its business entity. During its inspections, the FSCA found that while some FSPs had an RMCP in place – the RMCP was a generic document that had not been customised to the accountable institution’s business model.
- Accountable institutions must ensure that its RMCP is customised and is relevant to its business operations. The RMCP should also be maintained by reviewing it at regular intervals to ensure that it remains relevant to the institution’s operations and the achievement of the requirements of FICA.
Third-party Record Keeping
Accountable institutions that made use of third parties in respect of record keeping failed to comply with the requirement to inform the relevant supervisory body.
- FSPs that appoint a third party to keep customer due diligence records and transactional records must inform the FIC and FSCA of the arrangement and provide the necessary details of the third party.
Training
FSPs failed to comply with requirement of training, in that they did not provide ongoing training to their employees on the FIC Act and on the institution’s RMCP.
- Accountable institutions are advised to regularly train employees on both the Act and the RMCP to enable them to comply with the provisions which are applicable to them, and to keep adequate training records.
Customer Due Diligence
FSPs failed to establish and verify the identity of the client and to keep records of same.
- Accountable institutions must establish and verify the identity of a client in accordance with the processes set out in its RMCP. An accountable institution should use the findings from its risk assessment to decide on the appropriate level and type of customer due diligence it will apply to a client; its RMCP must describe the customer due diligence measures which it applies and how these measures are intensified on the basis of Money Laundering and/or Terrorist Financing risks. In addition, accountable institutions must keep customer due diligence records for at least five years from the date the business relationship is terminated, or single transaction concluded.
Submission of Cash Threshold Reports
FSPs failed to submit Cash Threshold Reports to the Financial Intelligence Centre.
- If cash is received or paid out by an accountable institution that is in excess of R24 999.99, it needs to be reported to the Financial Intelligence Centre within two days of becoming aware of the transaction. Therefore, good practice is to do daily checks on bank statements in order to detect these transactions as soon as possible.
GoAML log in credentials
During an inspection, the FSCA that the Money Laundering Compliance Officer shares his goAML log in credentials with the personal assistant.
- In terms of Directive 02/2014 issued by the Financial Intelligence Centre on 9 April 2014, no person may share their goAML log in credentials.
The administrative sanctions imposed by the FSCA for non-compliance with FICA resulted in financial penalties ranging between R4000 to R65 000. Given that accountable institutions had an 18-month grace period to implement the amendments to FICA from 2 October 2017 until 1 April 2019, supervisory bodies such as the FSCA are no longer lenient with any form of FICA related non-compliance. Accountable institutions are therefore urged to ensure that they are FICA compliant.
Speak to your Masthead Compliance Officer or get in touch with us for more information on how Masthead can assist you to be compliant in terms of the FICA requirements.
Masthead offers a wide range of services to all Accountable and Reporting Institutions including FICA training for your employees, hands-on assistance with the implementation of FICA requirements in your business and support services when preparing for a FIC Inspection.
Read more about how we can assist with: