What's Happening?

Firm action against FSPs for non-compliance with AML requirements



In recent weeks, we have seen a number of administrative sanctions being imposed by the Financial Sector Conduct Authority (FSCA) on entities for their failure to comply with certain provisions of the Financial Intelligence Centre Act (FIC Act). These include Financial Services Providers (FSPs) as well as an asset manager.

One of the objectives of the FIC Act is to help combat money laundering, the financing of terrorism and other related criminal activities. All accountable institutions designated under the FIC Act must comply fully with its requirements.

These latest administrative sanctions issued by the FSCA signal its commitment to bolster the breadth and depth of its Anti-Money Laundering / Countering the Financing of Terrorism (AML/CFT) supervisory capacity as well as reinforce its sanctions and enforcement framework for AML/CFT breaches.

This increase in enforcement action against entities for failing to meet their AML obligations is largely due to the grey listing of South Africa and the need for the regulator to evidence a crackdown on enforcement. To avoid falling foul of the requirements, the FIA have summarised the key findings across all the recent cases for your information.

Key themes from the recent cases include:

  • All accountable institutions falling within the FSCA’s supervisory mandate will be expected to regularly review their Risk Management & Compliance Programs (RMCPs), enhance their understanding of AML/CFT risks and implement effective controls to mitigate such risks
  • Accountable institutions must have appropriate, tailored RMCPs in place. These need to reflect how the entity will ensure compliance with the FIC Act
  • The RMCP must include all prescribed provisions under the FIC Act, for example, examinations of unusually large and/unusual transactions, customer due diligence, termination of existing business relationships, identification of reportable activity, and more
  • When an accountable institution engages with a prospective client to enter into a single transaction or to establish a business relationship, the institution must, in the course of concluding that single transaction or establishing that business relationship, establish and verify the identity of the client, in accordance with its RMCP
  • When an accountable institution engages with a prospective client to establish a business relationship as contemplated in section 211 of the FIC Act, the institution must obtain information to reasonably enable the accountable institution to determine whether future transactions that will be performed in the course of the business relationship concerned are consistent with the institution’s knowledge of the prospective client
  • When a client is a legal person, trust or similar arrangements between natural persons, an accountable institution must, in addition to the steps required under sections 21 and 21A of the FIC Act and in accordance with its RMCP, establish the nature of the client’s business and the ownership and control structure of the client
  • An accountable institution must, in accordance with its RMCP, conduct ongoing due diligence in respect of a business relationship and keep information obtained for the purpose of establishing and verifying the identities of clients pursuant to sections 21, 21A2 and 21B3 of the FIC Act, up to date

What does this all mean for accountable institutions?

  • RMCPs are the cornerstone of compliance with the FIC Act, combatting money laundering and the financing of terrorist and related activities or proliferation financing activities
  • RMCPs are business specific and there is not a one-size fits all approach. It must be suitable for the business and the assessed risk of the clients with which it interacts
  • If you include something in your RMCP, you must actually follow the provisions contained in that document
  • Failure to include a prescribed requirement under the FIC Act in the RMCP will result in a sanction, as will failure to adhere to the provisions included on the RMCP

This is not an exhaustive list, but certainly acts as a timely reminder to firms to ensure that their RMCPs are in place, fit for purpose, and being followed.

Where to find more information?

The FIA hosted a webinar in 2023, presented by Michele Fourie of the FSCA, focusing on the FIC Act amendments and clarifying the Supervisor’s expectations for AML/CFT compliance. A link to the Webinar can be accessed here

To better understand the concepts of AML, CTF and Counter-Proliferation Financing (CPF), as well as a number of other resources – please visit the FSCA’s website here or browse through the resources below:

Press Releases:


¹ Identification of clients and other persons
² Understanding and obtaining information on business relationship
³ Additional due diligence measures relating to legal persons, trusts and partnerships.