Illegal activities such as human trafficking, fraud and corruption generate large illicit proceeds for criminals, and to benefit from their dirty money they seek to conceal the source of their funds.
Businesses must be alert to the risks they face of money laundering and terrorist financing, because their products and services are abused by criminals to launder illicit funds.
As part of SA’s regime for anti-money laundering, combatting the financing of terrorism and combatting the financing of proliferation, the Financial Intelligence Centre (FIC) Act places certain obligations on businesses defined as accountable institutions.
Refer to Schedule 1 of the FIC Act for the list of accountable institutions.
Accountable institutions must meet certain obligations which include registering with the FIC, appointing a compliance officer, keeping records, implementing a risk management and compliance programme, and conducting targeted financial sanctions screening.
Registration with FIC
All accountable institutions listed in Schedule 1 of the FIC Act must register with the FIC. This is the first step for all entities before they can fulfil other compliance requirements such as submitting regulatory reports.
Registration with the FIC is free and is completed electronically via goAML, the centre’s reporting platform.
All registrations must be accompanied by supporting documentation including a copy of the identity documents of the compliance officer and an authorisation letter on the entity’s letterhead.
Refer to the goAML registration guide for accountable institutions as well as public compliance communication (PCC) 5D for guidance on how to register.
Should an entity’s business activities fall under more than one item designation in terms of Schedule 1 to the FIC Act, the entity would need to register each business with the FIC separately.
Customer due diligence
All accountable institutions must conduct customer due diligence, which involves establishing and verifying the identity of clients, and if applicable, the person representing the client as well as any other person on whose behalf the client is acting.
Where the client is a legal person, trust or partnership, the accountable institution must determine all natural persons who own or have control over the client. This is because criminals often abuse legal persons, trusts, and partnerships to obscure the ownership or control of funds derived from illegal activities.
When determining which natural person is the beneficial owner of a legal person accountable institutions must follow a process of elimination as follows:
Step 1: Identify the natural person who independently or together with another person has controlling ownership interest in the legal person. If in doubt, proceed to step 2.
Step 2: Identify the natural person(s) who exercises control by other means. Or, if a natural person is not identified, proceed to step 3.
Step 3: Identify the natural person(s) who exercises control over the management of the legal person.
For guidance on beneficial ownership, refer to PCC 59.
Risk management and compliance programme
As part of their obligations, accountable institutions must develop and maintain a risk management and compliance programme (RMCP).
The RMCP is an all-encompassing document that contains the controls to identify and mitigate money laundering, terrorist financing and proliferation financing risks.
Revised Guidance Note 7A provides guidance on RMCPs as well as what the entity wide risk assessments entails.
The accountable institution’s board of directors, senior management, or the person(s) with the highest authority must approve the RMCP and ensure compliance with the FIC Act obligations.
Reporting obligations
As part of their FIC Act obligations, accountable institutions must file regulatory reports that assist in combatting money laundering, terrorist financing and proliferation financing.
The three main regulatory reporting streams for accountable institutions are cash threshold reports, suspicious and unusual transaction reports, and terrorist property reports.
Cash threshold reporting
Accountable institutions are required to file cash threshold reports (CTRs) with the FIC where clients pay or receive cash in excess of R49,999.99.
The accountable institution should submit a CTR to the FIC as soon as possible but not later than three working days after becoming aware that a cash transaction has exceeded the prescribed amount.
For guidance on cash threshold reporting, refer to Guidance Note 5C.
Suspicious and unusual transaction reporting
All business in SA has the obligation to report suspicious and unusual transactions to the FIC in terms of section 29 of the FIC Act.
Any person associated with a business and who knows or suspects that the business has received, or is about to receive, proceeds of unlawful activities or property connected to an offence relating to the financing of terrorism must file a suspicious and unusual transaction or activity report.
Suspicious and unusual transaction reports (STRs) relate to completed transactions, while suspicious and unusual activity reports (SARs) are filed where the suspicion concerns an activity or transactions that are incomplete, abandoned or cancelled.
These reports should be submitted to the FIC as soon as possible without delay but no later than 15 working days from when a person becomes aware of facts that give rise to the suspicion.
For guidance on filing STRs and SARs, refer to Guidance Note 4B.
Targeted financial sanctions
Accountable institutions must determine whether an existing or prospective client is a designated person or entity on the FIC targeted financial sanctions (TFS) list.
No person is allowed to transact with or process transactions for a designated person or entity. Screening against the sanctions list should be done during the client take-on process, when transactions are conducted and when updates are made to the TFS list.
Where an accountable institution identifies a designated person or entity as its client or linked to its client, the accountable institution must immediately cease “freeze” any activity in relation to that designated person or entity.
Additionally, where an accountable institution confirms a match with a designated person or entity, the institution should file a terrorist property report with the FIC in terms of section 28A of the FIC Act.
For guidance on the implementation of TFS in SA refer to Public Compliance Communication 44A.
More information and guidance for accountable institutions can be found on the FIC website. Alternatively, contact the FIC’s compliance contact centre on 012 641 6000 or log an online compliance query.
This article was sponsored by the FIC.
