RMCP Rollout

RMCP_rollout

Another successful RMCP rollout

The cornerstone of FICA Compliance is the Risk Management and Compliance Program (RMCP). This is the definitive quality control document that contains all the essential policy and procedures concerning the organization’s FICA compliance.

The document in the photo covers some 66 pages of policy, including the Risk Matrix and annexures. KYC is described covering basic, standard and enhanced client due diligence. The Annexures contain specific procedures and templates.

  • This document contains
    • Definitions
    • Governance
    • Risk Based approach (Categories/Factors and procedures)
    • Due Diligence
    • Activity Monitoring
    • Reports
    • Records
    • Directives
    • Annexures

FICA compliance is extensive and onerous.

This is our effort to lighten the burden.

Our business is to facilitate your compliance requirements. If you require support in your compliance journey, do not hesitate to contact us today.

-BC

Basic KYC Repeat

At the most basic level, the client due diligence part of FICA compliance requires at least three steps:

  • Photo ID
  • Proof of Residential Address
  • TFS screening

Of the three, Targeted Financial Sanctions (TFS) screening is the most onerous, creating a duty to screen continuously, not only when on boarding a client, but every day while the mandate remains active. TFS screening must be done daily.

Proof of Residential Address requires the client to submit proof of address that, at the time of verification, is  not older than 90 days.  Certain types of documents readily fall into this category: municipal utility bills, tenant statements, or in some cases, written confirmation of occupation, often by a spouse or family member.

Only the photo ID should not lapse.

Once onboarding is complete, the KYC record remains valid for a year.

This is an important distinction to make. At the time of document verification, the submitted documents may not be older than 90 days. However, once accepted, the KYC profile remains valid for one year.

This has the further implication that at some future date, every single KYC profile will lapse and the document verification process must be renewed.

Even a small firm with as few as 600 active matters, with any mandate exceeding 12, months will face a challenge to repeat the document collection and verification process.

Practical steps will require contacting the client for current documents, receipt and consideration of same and update the local KYC document repository. The time and labour demands of such an activity must not be underestimated.

In the event where more stringent KYC requirements apply, such as a formal Risk Assessment, this will also have to be repeated.

 What steps can be taken to ameliorate this problem?

Certain themes repeat when dealing with structural problems such as this. These include systems, training and time management.

Regardless of whether a manual or computer system is in use, KYC profiles should be scheduled on a calendar for the anticipated renewal date. With online systems, early warning notifications may be expected. Once the return date arrives, the relevant documents must be requested immediately. Where template documents or electronic system are in use, these should be updated regularly.

Training keeps staff aware of the obligations under which they work. Training should include ethics and confidentiality, office procedure and escalation as well as practical use of any systems deployed.

Once the renewal cycle commences, it is important to complete the various relevant activities as rapidly as possible, in order to prevent disruption of other activities as far as possible and avoid potential bottlenecks.

Depending on the level of KYC required, the steps to be completed may include

  • recent proof of Residential Address
  • Risk Matrix assessment
  • Request of supporting documents

Note that TFS is not an annual activity.

-BC

FICA Compliance is everywhere

The Platteland1 is known for it’s that won’t happen here attitude. When it comes to FICA compliance and reporting obligations, this is not true. Even the most idyllic small town may the centre of money laundering, terror financing or other illicit forms of financial proliferation.

As reported by IOL a man appeared in the Lichtenburg Magistrates Court on charges of funding a terrorist organization.

It is worth noting that Lichtenburg is located 140km from Johannesburg, with a population of some 26000 souls. It is the heart of an agricultural community, which mainly produces maize.

The highlights include

  • A small town
  • A South African Citizen
  • R11500
  • Bitcoin
  • A listed terrorist organization

This clearly illustrates that FICA risks exist everywhere, not merely in the big cities.

  1. remote country districts ↩︎

Ultimate Beneficial Ownership

South Africa remains on the FATF greylist, at least until February 2025.

Although major progress has been made in meeting the requirements of the FATF, it is clear that Ultimate Beneficial Ownership of trusts remains an issue.

What is a Trust? A trust in South African law is a legal person that operates an estate separate from its owners. South African trust law is heavily sourced from English law. Trust can be created by living persons for a specific purpose, and often from Testaments for minor children.

Like a company? This is similar to a company, although ownership here has different meaning. With companies, directors and shareholders need to be disclosed and these records are kept by the CIPC, the Companies Office.

The Problem The problem appears to be not so much with the legal concept of trust, but rather the administration of the trust and its assets. In South Africa no formal registry or repository of trust administration records exist. This means that although a legal trust may operate a bank account and continue with its activities, there is no legal framework or central registry which readily informs on who the trustees or beneficiary of a given trust is.

And this is one of the core problems being address by FIC at the moment.

The practical implication is that any Accountable Institution dealing with trusts, should expect enhanced scrutiny by FIC.

FICA Regulations recognize three distinct categories of Accountable Institutions dealing with trust

  • Attorneys (or Advocates with Trust accounts)
  • Property Practitioners (Estate Agents)
  • Trust & Company service providers
  • Banks

Example Property Purchase with a Trust involved. Where a new trust is created, or a new trustee appointed to an existing trust, the Trust & Company service provider must comply with FIC KYC requirements. The Estate Agent handling the transaction will likewise be required to perform independent KYC. The attorney responsible for the Deeds Office transfer will likewise be required to perform an independent KYC. And finally, any commercial bank, with a bond being cancelled or registered, and/or ownership passing from or to a trust, will likewise be required to perform KYC.

In the event that any one of these Accountable Institutions reports to FIC concerning suspicious activity, it can be anticipated that the other involved entities will be subject to additional FIC scrutiny.

FIC Directive 8 Now Active

Please note that a compliance deadline has not yet been issued for Directive 8 of 2023.

Accountable institutions must screen prospective employees and current employees for competence and integrity periodically, in a risk-based manner

Directive 8 requires that attorneys and trust account advocates must prior to employing any person, or after such employment, regularly scan and verify each individual, including

  • Finger print verification
  • Photo ID
  • Academic qualification
  • SAPS Criminal Record Check
  • Credit Check

Be Compliant can assist with providing the required reports.


The purpose of this Directive is to require accountable institutions to screen prospective employees and current employees for competence and integrity, as well as to scrutinize employee information against the targeted financial sanctions lists, in order to identify, assess, monitor, mitigate and manage the risk of money laundering, terrorist financing and proliferation financing.

This Directive is issued by the Financial Intelligence Centre (FIC) in terms of
section 43A(1) of the Financial Intelligence Centre Act, 2001 (Act 38 of 2001)
(the FIC Act.)

The Directive is available as a PDF download from the FIC website.

LPA Financial Year

For the majority of attorneys and trust account advocates, 29 February was the end of their Financial Year.

In terms of the Legal Practice Act, trust account practitioners now have six months to file their audit reports. This means a Chartered Accountant (CA SA) must audit and report on the state of the financial records and submit this report not later than Friday 30 August 2024.

Audit reports are submitted to the local provincial Legal Practice Council office.