The Financial Intelligence Centre Amendment Act – The dawn of a new era April 2019

By KEVIN WEST, Published in Financial Law

The Financial Intelligence Centre Amendment Act was gazetted on 2 May 2017. As per the Financial Intelligence Centre, the key objective of the Act is to improve the protection of the integrity of South Africa's financial system and strengthen its ability to prevent and punish financial crimes such as money laundering, illicit capital flows, tax evasion, corruption, bribery and financing of terrorism. Accountable Institutions must implement The Amendment Act by April.

The Amendment Act introduces a number of new approaches:

  • A full range of customer due diligence requirements focusing on understanding and knowing your customer, as opposed to following the rules based approach advocated in the FIC Act (38 of 2001);
  • Introduction of Beneficial Ownership requiring Accountable Institutions to know and understand the control and ownership structure of their customers;
  • The inclusion of Prominent Influential Persons, and the implementation of risk management procedures to identify and better manage the risks associated with such persons, their families and known close associates;
  • Freezing of assets in respect of targeted financial sanctions against persons identified by the United Nations Security Council

These new approaches will require Accountable Institutions to revise and change the way in which they have traditionally on-boarded and managed customers. One of the important requirements is for the Institutions to develop, document, implement and maintain a Risk Management and Compliance Program (RMCP) to replace the previous internal rules. The RMCP must set out:

  • how Accountable Institutions will (i) identify; (ii) assess; (iii) monitor; (iv) mitigate and (v) manage the risk that the services or products the Institution may use for money laundering or financing terrorist activities;
  • the manner in which the Institution will determine if the person is a client or prospective client;
  • the manner in which, and the processes by which, the establishment and verification of clients will be undertaken (Know Your Customer);
  • the manner in which the Institution determines whether future transactions that will be performed in the course of the business relationship are consistent with the Institution's knowledge of the client (Transaction Monitoring);
  • the manner in which the Institution will undertake additional due diligence measures in respect of legal persons, trusts and partnerships (Enhanced Due Diligence);
  • how the Institution will comply with ongoing due diligence investigations and account for monitoring of its clients (On-going Customer Due Diligence);
  • how the Institution will examine complex and large transactions and unusual patterns of transactions which have no apparent lawful purpose (Transaction Monitoring);
  • the manner in which, and the processes by which, enhanced due diligence is conducted for higher risk business relationships;
  • the manner in which, and the processes by which, the Institution will perform customer due diligence requirements in accordance with sections 21, 21A, 21B and 21C of the Act;
  • The manner in which the Accountable Institution will terminate an existing business relationship as contemplated in s21E of the Act.

rgad

The implementation of various provisions of the Amendment Act started on different dates, namely, 13 June, 2 October 2017, and dates to be determined after 2 October. The first set of implemented provisions for 13 June 2017 did not require changes to existing regulations, exemptions or internal systems of institutions to enable compliance with the FIC Act. The second set of provisions applicable from 2 October 2017 deal with the new approaches, set out at the beginning of this article.

The development and documenting of the RMCP will be a key activity for Institurtions.This document will form the foundation of its Anti-Money Laundering Control framework, and will be used by supervisors during their routine inspections of Accountable Institutions. The new Risk Based Approach demanded by the Amendment Act has paved the way for Institutions to be truly innovative in how they address Financial Crime Risk. Opportunity for innovation and the use of technology will feature across the entire Financial Crime customer lifecycle. Accountable Institutions will seek to reduce the cost of compliance while still effectively addressing financial crime risk. It will be interesting to see how the various Accountable Institutions formulate their financial crime risk appetite and the approaches they will implement. This will require changes to be made to IT systems and business processes, and from the way in which Financial Crime Compliance was previously viewed and approached. The possible need to change management so as to implement the new Amendment Act must not be underestimated.

In addition, Accountable Institutions will need to have approved plans in place to ensure their current customers are brought in line with the new requirements of the Amendment Act and their RMCP. How, and by when, will this be done?

As we enter the Digital Age, products, services and business models that have previously worked may no longer be relevant. Customers are demanding that financial institutions respond swiftly to their needs. Financial crime controls must become more real-time, as opposed to "after the fact". However, financial crime control architecture, more often than not, has been built on consuming customer data from data warehouses, which, by design, is not real-time. IT infrastructure will have to be modernised – but how will this fit into the larger book of work that business demands in order to stay competitive? Fintech solutions will be sought but these will need to be able to integrate into current infrastructure of financial institutions, without "breaking the bank" to procure. Previously, systems such as automated transaction monitoring systems have cost millions of rand to implement but have not proved to be effective nor have they provided a good form of return on investment. Indeed, such systems have continued to cost large sums of money to maintain and improve.

Financial institutions sit on an incomprehensible amount of customer data internally (structured data) and have access to large amounts of data available as open source data (unstructured data). This data, used in combination with each other, can benefit financial institutions but must be used in the right way. The roles of data analytics and data scientists are going to be paramount as we move into this new era.

Entering this new era will not be without its challenges. Who is going to be the early adopter, and who will be the follower? It is time for financial institutions to work smarter and faster but still comply with their regulatory obligations, both efficiently and effectively.

All of this is happening at a time when South Africa itself will be subjected to a FATF Mutual Evaluation toward the end of the year.

Implementing the Amendment Act and getting ready for the Mutual Evaluation will place enormous pressure on Accountable Institutions, the Regulator and supervisors. All these stakeholders will need to work closely together to ensure that the country is in a good position when the Mutual Evaluation occurs.

West is a Senior Managing Director with FTI Consulting (South Africa).