The Financial Intelligence Centre Amendment Act was gazetted on 2 May 2017. As per the Financial Intelligence Centre, the key objective of the Act is to improve the protection of the integrity of South Africa's financial system and strengthen its ability to prevent and punish financial crimes such as money laundering, illicit capital flows, tax evasion, corruption, bribery and financing of terrorism. Accountable Institutions must implement The Amendment Act by April.
The Amendment Act introduces a number of new approaches:
These new approaches will require Accountable Institutions to revise and change the way in which they have traditionally on-boarded and managed customers. One of the important requirements is for the Institutions to develop, document, implement and maintain a Risk Management and Compliance Program (RMCP) to replace the previous internal rules. The RMCP must set out:
The implementation of various provisions of the Amendment Act started on different dates, namely, 13 June, 2 October 2017, and dates to be determined after 2 October. The first set of implemented provisions for 13 June 2017 did not require changes to existing regulations, exemptions or internal systems of institutions to enable compliance with the FIC Act. The second set of provisions applicable from 2 October 2017 deal with the new approaches, set out at the beginning of this article.
The development and documenting of the RMCP will be a key activity for Institurtions.This document will form the foundation of its Anti-Money Laundering Control framework, and will be used by supervisors during their routine inspections of Accountable Institutions. The new Risk Based Approach demanded by the Amendment Act has paved the way for Institutions to be truly innovative in how they address Financial Crime Risk. Opportunity for innovation and the use of technology will feature across the entire Financial Crime customer lifecycle. Accountable Institutions will seek to reduce the cost of compliance while still effectively addressing financial crime risk. It will be interesting to see how the various Accountable Institutions formulate their financial crime risk appetite and the approaches they will implement. This will require changes to be made to IT systems and business processes, and from the way in which Financial Crime Compliance was previously viewed and approached. The possible need to change management so as to implement the new Amendment Act must not be underestimated.
In addition, Accountable Institutions will need to have approved plans in place to ensure their current customers are brought in line with the new requirements of the Amendment Act and their RMCP. How, and by when, will this be done?
As we enter the Digital Age, products, services and business models that have previously worked may no longer be relevant. Customers are demanding that financial institutions respond swiftly to their needs. Financial crime controls must become more real-time, as opposed to "after the fact". However, financial crime control architecture, more often than not, has been built on consuming customer data from data warehouses, which, by design, is not real-time. IT infrastructure will have to be modernised – but how will this fit into the larger book of work that business demands in order to stay competitive? Fintech solutions will be sought but these will need to be able to integrate into current infrastructure of financial institutions, without "breaking the bank" to procure. Previously, systems such as automated transaction monitoring systems have cost millions of rand to implement but have not proved to be effective nor have they provided a good form of return on investment. Indeed, such systems have continued to cost large sums of money to maintain and improve.
Financial institutions sit on an incomprehensible amount of customer data internally (structured data) and have access to large amounts of data available as open source data (unstructured data). This data, used in combination with each other, can benefit financial institutions but must be used in the right way. The roles of data analytics and data scientists are going to be paramount as we move into this new era.
Entering this new era will not be without its challenges. Who is going to be the early adopter, and who will be the follower? It is time for financial institutions to work smarter and faster but still comply with their regulatory obligations, both efficiently and effectively.
All of this is happening at a time when South Africa itself will be subjected to a FATF Mutual Evaluation toward the end of the year.
Implementing the Amendment Act and getting ready for the Mutual Evaluation will place enormous pressure on Accountable Institutions, the Regulator and supervisors. All these stakeholders will need to work closely together to ensure that the country is in a good position when the Mutual Evaluation occurs.
West is a Senior Managing Director with FTI Consulting (South Africa).