RMCP – Be Compliant

Getting started with FICA

New to FICA Compliance? It can be intimidating to get started, but that is why we are here! We can help. Don’t delay, call today!

At the most basic level, FICA Compliance requires

Registration with FICA
Developing an RMCP

The Financial Intelligence Centre issues extensive supporting documentation. These documents are also updated frequently. The documents listed on this page can be downloaded directly from the fic.gov.za website and links to the current version of each document as of 13 October 2025.

Registration with FICA

Registration with FIC PUBLIC COMPLIANCE COMMUNICATION 5D

ON REGISTRATION WITH THE FINANCIAL INTELLIGENCE CENTRE IN TERMS OF SECTION 43B OF THE FINANCIAL INTELLIGENCE CENTRE ACT, 2001 (ACT 38 OF 2001)
Issued October 2023 and covers 64 pages. This document contains critical information on the who, what why of registering with FIC. This document provides the background to which organizations need to register, and contains valuable advice on the process to follow.

Developing an RMCP

Guidance on RMCPs PUBLIC COMPLIANCE COMMUNICATION No 53

ON THE RISK MANAGEMENT AND COMPLIANCE PROGRAMME IN TERMS OF SECTION 42 OF THE FINANCIAL INTELLIGENCE CENTRE ACT, 2001 (ACT 38 OF 2001) FOR DESIGNATED NON-FINANCIAL BUSINESSES AND PROFESSIONS
Issued August 2022 and covers 44 pages. This document outlines the expectations of FIC concerning the RMCP and technical content required to be considered compliant. This document forms the core of FICA compliance and an incomplete, or inappropriate RMCP will automatically result in a non-compliant finding.

Revised Guidance Note 7A

Revised-Guidance-Note-7A-–-Implementation-of-various-aspects-of-the-FIC-Act Revised-Guidance-Note-7A –Implementation of various aspects of the FIC Act

ON THE IMPLEMENTATIONOF VARIOUS ASPECTS OF THE FINANCIAL INTELLIGENCE CENTRE ACT,2001 (ACT 38 OF 2001)

Hot News Issued September 2025 and covers 76 pages. This revised document replaces Guidance Note 7A issued in February 2025. This document is essential reading for understanding concepts fundamental to the FICA process. Among other essential topics, it covers Know-Your-Client concepts, Ultimate Beneficial Ownership and developing a Risk Based Approach.

These links are presented as a first step approach to FICA compliance, and does not intend to cover all topics for all Accountable Institutions. These three documents cover almost 2oo pages and only provide guidance on what is required. It should be noted that subsequent to registration, FIC allows a grace period of 90 days for new Accountable Institutions to complete their FIC registration and submission of Risk Compliance Returns (a report) and RMCP. This long grace period is intentional. FIC appreciates the time and care required to meet the expected requirements.

If you require assistance in meeting your compliance obligations, please contact us for more information.

RMCP update April 2025

FIC Media Release 9/5/1/3 has reference.

On 13 February 2025 the High Court of South Africa, Gauteng Local Division, Johannesburg issued its first court order in terms of section 23 of POCDATARA. This court order has far reaching implications for FICA related compliance.

POCDATARA – Protection of Constitutional Democracy Against Terrorist and Related Activities Act, 2004 (Act 33 of 2004)
Section 23 allows for the freezing of property in terrorist related matters, upon application to court.

FICA – Financial Intelligence Centre Act, 2001 (Act 38 of 2001)

It should be noted that the practical effect of a court order in terms of Section 23 of POCDATARA has an effect similar to that of Section 26 of FICA, meaning that all transactions involving such an entity must stop immediately and be reported to FIC.

This has serious implication for all Accountable Institutions. At the least the current client base should be scrutinized to determine whether any of the names listed in the judgment appear.

Subsequently, and more importantly, the RMCP must be updated to provide for internal process and procedure to deal with POCDARATA related matters. Several aspects come to mind: sourcing POCDATARA related judgments, maintaining a searchable database of names, the frequency of searches conducted against these names, and finally the internal process for escalation and reporting when a client name is found in a POCDATARA related judgment.

The court order makes it clear that the effect of appearing on in POCDATARA judgment has the same practical effect as if the persons name is found in TFS screening result. The means that, just like with a positive TFS result, all business activities must stop, and a report made to FIC, typically within 24 hours.

FIC.Gov.ZA crashed

On Tuesday 11 March at approximately 16:50 the fic.gov.za site which acts as the portal the goAML page became unavailable.

No reasons have been given for same.

On Wednesday 12 March at approximately 12:18 the site became unresponsive.

Users are urged to return to the site and verify that their uploads are in fact secure.

In addition, the https://www.fic.gov.za/compliance-queries/ query page remains available. Unofficially and as a fallback mechanism, users are encouraged to submit their documents with screenshots of previous attempts through this mechanism.

A very brief overview of FICA Compliance

FICA Compliance requires infrastructure

Registration with FIC/ goAML
Appointment of Compliance Officer
RMCP subject to periodic review
RCR (deadline still May 2023)

Then, operationally

Targeted Financial Sanctions list screening (TFS)
Risk Assessment
KYC this includes client due diligence
Ongoing Business Relationships
Employee screening (Directive 8)

With resultant record keeping and reports

RMCP Development Consultancy

Here at Be Compliant, we have built the capacity to assist you with developing and maintaining your Risk and Compliance Management Program (RMCP).

Over that past year alone, we have trained or addressed several hundred individuals on FICA Compliance.

We have also assisted in the development and rollout of RMCP’s to numerous satisfied clients. It is no small achievement to state that all the RMCP developments that we have been involved with, have passed inspection.

Should you require assistance in developing your RMCP, please do not hesitate to complete the contact form above.

RMCP Upload Deadline 12 March 2025

URGENT FICA RMCP NOTICE
On 4 March 2025 the FIC instructed all accountable institutions to upload their current RMCP.
Deadline is 12 March 2025.

Please inspect your FIC portal for this notice

___________________________________________

This upload request is new. Historically the FIC requested RMCP’s on a one-by-one basis as a first step during inspection. This is the first time that a mass upload of documents is requested. It coincides with the start of the Financial Year for mist businesses.

Please note that the RMCP should be updated at least annually and that the date of approval required in the filename must not be older than 2024-03-01, in which case you will be uploading an outdated RMCP.

We believe that this is the start of a mass inspection cycle.

RMCP Rollout

Another successful RMCP rollout

The cornerstone of FICA Compliance is the Risk Management and Compliance Program (RMCP). This is the definitive quality control document that contains all the essential policy and procedures concerning the organization’s FICA compliance.

The document in the photo covers some 66 pages of policy, including the Risk Matrix and annexures. KYC is described covering basic, standard and enhanced client due diligence. The Annexures contain specific procedures and templates.

This document contains
- Definitions
- Governance
- Risk Based approach (Categories/Factors and procedures)
- Due Diligence
- Activity Monitoring
- Reports
- Records
- Directives
- Annexures

FICA compliance is extensive and onerous.

This is our effort to lighten the burden.

Our business is to facilitate your compliance requirements. If you require support in your compliance journey, do not hesitate to contact us today.

-BC