The Financial Sector Conduct Authority (FSCA) has recently published a series of administrative sanctions that it meted out on FSPs that were found to be non-compliant with the provisions of the Financial Intelligence Centre Act (FICA).
Accountable institutions are required to comply with a number of provisions of FICA when dealing with their customers. Certain FSPs are categorised as accountable institutions and are therefore obliged to comply with such provisions. The obligations applicable to accountable institutions include: registration with the Financial Intelligence Centre; conducting customer due diligence; record-keeping of client information and transaction records; developing, documenting, maintaining and implementing a Risk Management and Compliance Programme (RMCP); ongoing training of employees on FICA and the institution’s RMCP; appointment of a FICA compliance officer; and reporting obligations such as the submission of cash threshold reports, suspicious transactions reports and terrorist property reports.
The recent investigations by the FSCA reveal certain trends of FICA non-compliance by FSPs. Below we look at these trends and provide guidance to avoid such non-compliance:
- FSPs failed to develop, maintain, and implement an RMCP that incorporates the requirements of FICA that is applicable to its business entity.
Accountable institutions must take cognisance that it is not enough to merely develop the RMCP as a once-off in the business, instead the RMCP should be maintained by reviewing it at regular intervals to ensure that it remains relevant to its operations and the achievement of the requirements of FICA. Accountable institutions must follow a risk-based approach to address the money laundering and terrorist financing risks which it is exposed to. This means that it is not a one-size fits all.
- FSPs did not provide ongoing training to their employees on the FIC Act and on the institution’s RMCP.
Accountable institutions are advised to regularly train employees on both the Act and the RMCP to enable them to comply with the provisions which are applicable to them, and to keep adequate training records.
- FSPs failed to establish and verify the identity of the client and to keep records of same.
Accountable institutions must always establish and verify the identity of a client in accordance with the processes set out in the RMCP when establishing a business relationship or concluding a single transaction. In addition, accountable institutions must keep clients’ identity records for at least five years from the date the business relationship is terminated, or single transaction concluded.
- FSPs failed to submit Cash Threshold Reports to the Financial Intelligence Centre.
If cash is received or paid out by an accountable institution that is in excess of R24 999.99, it needs to be reported to the Financial Intelligence Centre within two days of becoming aware of the transaction. Therefore, good practice is to do daily checks on bank statements in order to detect these transactions as soon as possible.
The administrative sanctions meted out by the FSCA for non-compliance with FICA resulted in financial penalties ranging between R5 000 to R400 000. Accountable institutions are therefore urged to take FICA compliance seriously.
Masthead can assist you to be compliant in terms of the FICA requirements. Speak to your Masthead Compliance Officer or get in touch with us for more information.