Proposed amendments relating to the FICA RMCP
The FIC published draft Guidance Note 7A which seeks to amend Chapter 4 of Guidance Note 7 of 2017. The new Chapter 4 is intended to replace the current requirements in respect of the formulation and recordal of the Risk Management and Compliance Programme (RMCP). The FIC has identified that the formulation requirement of the RMCP has been misapplied in practice and is often not contained in one singular consolidated document. Draft Guidance Note 7A now clarifies that the RMCP must be in the form of one single comprehensive or apex document – known as the Apex RMCP.
The draft publication also expands on what should be contained in the Apex RMCP. The Apex RMCP document constitutes the identifiable and readily accessible single document that records comprehensively the RMCP and would be the single document the board of directors, or senior management would approve. The accountable institution would make this single document available to all employees and train them on its contents. This single Apex RMCP document must also be provided to the FIC or other supervisory body upon their request.
The requirement that the RMCP must provide for all the requirements as set out in section 42 of the FIC Act, remains in place.
Interested parties are invited to submit comments on the draft Guidance Note 7A via the online comments submission link before close of business on 2 May 2022.
RMCP Guide for Designated Non-Financial Businesses and Professions
The draft Public Compliance Communication (PCC) 114 is applicable to Designated Non-Financial Businesses and Professions (DNFBPs) that are accountable institutions. The draft PCC discusses the drafting of an RMCP in detail and is limited to assisting DNFBPs to better understand how to identify and manage risk assessment issues pertaining to ML/TF within their businesses. A reference table of all applicable sections of the FIC Act that must be included in the institution’s RMCP together with an editable template that can be used as a guide RMCP are included as annexures to the publication. The draft PCC 114 states that the publication and guide is specifically intended for DNFBP accountable institutions and not banks and other larger accountable institutions that have more advanced and complex compliance structures.
Interested parties are invited to submit comments on the draft PCC 114 via the online comments submission link before close of business on 2 May 2022.
PCC 52: on the identification of ML/TF Risks and associated CDD for clients of Authorised Users of an Exchange
The content of Public Compliance Communication (PCC) 52 was made available for public comment in early 2021 (as draft PCC 112). The FIC has since received and considered comments from various institutions including banks and financial service providers as well as the FSCA. PCC 52 deals with the identification of ML/TF risks and associated customer due diligence (CDD) for clients of authorised users of an exchange in terms of FICA. Authorised user is defined in the Securities Service Act 36 of 2004 as a person authorised by an exchange in terms of the exchange rules to perform such securities services as the exchange rules may permit.
The purpose of this PCC is to assist authorised users in applying effective risk management and CDD in engagements and/or interactions with their clients. The communication provides that a client of an authorised user of an exchange, is the person who provides the authorised user with a mandate/instruction. In such instances the authorised user must first identify and assess the ML/TF risks their client presents prior to determining if they will enter a business relationship or single transaction with the client and perform the associated customer due diligence (CDD). This is done in order to have a comprehensive and holistic overview of the ML/TF risks that may be present in the business relationship.