Company Obligations: FICA, as amended
The Financial Intelligence Centre Act 38 of 2001 (“FICA”) came into effect in an effort to combat financial crimes, such as money laundering, tax evasion, and terrorist financing activities and accordingly places numerous mandatory obligations on accountable and reporting institutions, as well as their members, which they are required to comply with in order to bring life to the objectives of FICA.
As such, while the first article in this series dealt with companies’ obligations in terms of the Prevention and Combating of Corrupt Activities Act 12 of 2004 (“PRECCA”), this article deals with the obligations placed on certain companies, namely accountable and reporting institutions, by FICA, and highlights the consequences that may arise for failure to comply with same.
Who does FICA apply to?
The provisions of FICA apply to, inter alia, all accountable and reporting institutions, as defined in Schedule 1 and 3 of FICA respectively, which include but are not limited to the institutions set out hereunder.
Broadly, in terms of Schedule 1 of FICA, Accountable Institutions include:
Financial service providers;
Board of executors, a trust or any other person that, inter alia, invests, controls or administers trust property;
Investment management companies;
A licensed member of a stock exchange; and/or
A person who carries on the business of:
dealing in foreign exchange;
lending money against security;
rendering investment advice or investment broking services;
a bank; and
a 'long-term insurance business' (including an insurance broker and an agent of an insurer).
In addition, as of 19 December 2022 and in terms of amendments effected to Schedule 1 of FICA, the following institutions are now also considered Accountable Institutions, required to comply with the obligations imposed by FICA:
Crypto asset service providers;
Dealers of high-value goods;
Trust and company services providers; and
Payment clearing service operators.
(Collectively referred to as the “Accountable Institutions”)
In addition, reporting institutions as provided in Schedule 3 of FICA, includes any person who carries on the business of dealing in:
motor vehicles; and/or
(Collectively referred to as the “Reporting Institutions”)
FICA Obligations: Accountable and Reporting Institutions
Below briefly sets out the most pertinent obligations that Accountable and Reporting Institutions are required to comply with in terms of FICA. To this end, while Accountable Institutions are required to comply with all the obligations set out below, Reporting Institutions are only required to comply with certain of the obligations, as indicated hereunder.
1. Register with the FIC
Accountable and Reporting Institutions are required to register with the Financial Intelligence Centre (the “FIC”) within 90 (ninety) days from the date that their business commences.
2. Appoint a Compliance Officer
Accountable Institutions are required to appoint a Compliance Officer who is responsible for, inter alia, ensuring compliance with FICA. The Compliance Officer must have sufficient competency and seniority to ensure compliance with the provisions of FICA.
3. Develop Risk Management and Compliance Programme (“RMCP”)
When establishing business relationships and/or conducting a single transaction with a client/customer, Accountable Institutions are required to adopt a risk-based approach which includes developing and implementing, among other things, controls and measures to mitigate financial crimes and the risks relating to same.
Accordingly, FICA requires that an RMCP be developed, documented, maintained, and implemented by Accountable Institutions, which must contain, inter alia, the following information:
The identified money laundering and terrorist financing risks the Accountable Institution faces/may face;
How the Accountable Institution will deal with these identified risks;
The processes, systems and controls used by the Accountable Institution for, inter alia, customer due diligence, record-keeping, reporting and how the risk-based approach will be applied and implemented within the Accountable Institution;
The Accountable Institution’s record-keeping process, including provision regarding access to records and confidentiality controls in respect of same;
Internal rules concerning, inter alia:
The establishment and verification of the identity of persons whom the institution must identify in terms of its due diligence obligations;
The instances in which records need to be maintained;
The manner in, and place at, which, the records must be maintained;
The steps to be taken in order to determine whether a transaction is reportable.
The RMCP should be reviewed and continuously updated, as and when applicable or necessary, to ensure that the provisions are effective and align with the objects and purpose of FICA, as well as any amendments thereto.
4. Customer Due Diligence
This obligation requires that Accountable Institutions have knowledge of their clients/customers, understand how the business of such client/customer could be used for the purposes of financial crimes and understand how to mitigate this risk.
Accordingly, Accountable Institutions are required to undertake client/customer due diligence which necessarily includes the process of analysing information about the client/customer obtained from multiple sources and then evaluating and assessing that information to ensure that the client/customer is who they say they are.
Unlike Accountable Institutions, Reporting Institutions are not required to implement client/customer due diligence procedures as aforesaid, however, they are required to obtain minimum client/customer information and record transaction details to enable them to submit the required reports to the FIC, in accordance with their reporting obligations.
5. Submit reports to the FIC
Accountable and Reporting Institutions, which necessarily includes any person associated with the institution as an owner, manager/Director or employee of that institution, are required to submit, inter alia, the following reports to FIC, as applicable in the specific circumstances:
- Cash Threshold Reports are required to be submitted in respect of any cash transaction in excess of R49 999.99 (this is the current cash threshold effective from 14 November 2022);
- Suspicious Activity Reports are required to submitted where transactions, whether complete or incomplete, are unusual or arouse suspicion in terms of money laundering or terrorist financing activities.
- Terrorist Property Reports are required to be submitted where it is believed that that client/customer possesses or controls property that is/could be linked to terrorist activities. This report is based on whether a party to the transaction in question is listed on the Targeted Financial Sanctions List or the list contained in United Nations Security Council Resolution 1267.
Submitting reports to FICA is not only important from a compliance perspective but it serves a larger purpose in that the FIC analyses the information therein contained to create financial intelligence reports which are ultimately used to facilitate combatting financial crimes.
6. Record Keeping
In line with their due diligence obligations, Accountable Institutions are required to keep and maintain various records in instances of concluding a single transaction, concluding transactions as part of a business relationship and/or at the establishment of a business relationship.
Accountable Institutions are required to maintain records relating to, inter alia:
Due diligence that has been carried out on client/customer as well as the method used for identification and verification of the client/customer);
The details and nature of transactions/business relationship with the client/customer (including any counter-parties to those transactions/business relationships);
The parties to a transaction as well as the monetary value thereof;
The particulars of the employee or representative of the Accountable Institution that obtained the information in relation to the verification of the client/customer;
The information, documentation and/or forms furnished by the client/customer to verify the information; and
Any regulatory reports filed with the FIC.
Accountable Institutions are required to keep the required records for a period of at least 5 (five) years from the date that:
the business relationship was terminated; or
a single once-off transaction was concluded; or
a regulatory report about that client/customer was submitted to the FIC; or
an active investigation closed, as the case may be.
Records may be kept in hardcopy and/or electronic form so long as they are retained in a manner that is safe, secure and accessible by the duly appointed Compliance Officer.
7. Ongoing training
Accountable Institutions are required to provide mandatory ongoing training to its employees on FICA as well as the Accountable Institution's RMCP, which must be provided to the institution's employees at regular intervals (as specified in the RMCP).
To be compliant with this obligation, Accountable Institutions must ensure that the training is:
- Based on the provisions of FICA; and
- Based on the content of the RMCP.
Consequences of non-compliance with provisions of FICA
Not only is it imperative that Accountable Institutions, and Reporting Institutions to the applicable extent, comply with their FICA obligations to assist in combatting financial crimes, but also to ensure that they avoid penalty for failure to comply with FICA.
To this end, failure to comply with the provisions of FICA may also result in, inter alia:
- Imprisonment for a period of up to 15 years or a fine of up to R100 million;
- Administrative sanctions being imposed, which includes but are not limited to:
a caution not to repeat the conduct which is non-compliant with the provisions of FICA;
a directive being issued against the Institution to take remedial action;
a restriction or suspension of certain business activities of the Institution;
a fine of up to R10 million for natural persons and R50 million for legal persons.
Compliance with the provisions of FICA is therefore essential and at Kern, Armstrong and Associates, we can assist you in ensuring that you and your company are compliant with the obligations mandated by FICA and provide legal guidance on any aspects related to same.