The Financial Sector Conduct Authority (FSCA) imposed a historic fine of fifty million Rands on Viceroy Research and its associates for disseminating false information about Capitec, a major South African financial institution. This penalty underscores the importance of adhering to financial regulations and addresses the challenges of regulating cross-border financial activities.
The saga began in January 2018 when Viceroy Research released a damning report titled "Capitec, a Wolf in Sheep's Clothing," alleging predatory lending practices and financial mismanagement within Capitec.
The report sent shockwaves through the financial markets. The impact that the Viceroy statement had on South African financial markets prompted immediate scrutiny from regulators. Despite warnings about the inaccuracies in their claims, Viceroy failed to correct them as required by law.
Unathi Kamlana, FSCA Commissioner, emphasized the seriousness of the penalty, highlighting the obligation of market participants to comply with financial laws. The case also brings attention to jurisdictional complexities in regulating foreign entities.
While the FSCA imposed the penalty, questions arose regarding jurisdiction over foreign entities. In 2022, the Financial Services Tribunal, in a majority decision, found limitations in its personal jurisdiction over a foreign peregrinus, highlighting the challenges in regulating cross-border financial activities. The Tribunal ultimately granted Viceroy Research Partnership's application for reconsideration, leading to the overturning of the FSCA's order.
The ruling of the Tribunal is significant because it established that the Tribunal itself as well as the FSCA lacked personal jurisdiction over a foreign entity, thereby underscoring the challenges inherent in regulating cross-border financial activities.
Recently, the Financial Sector Conduct Authority (FSCA) issued a series of amendments through FAIS Notices 79 to 85 in 2023, impacting various aspects of the financial services industry. Let's delve into these updates and understand their implications.
FAIS Notice 79 of 2023 - Amendment to Exemptions under Section 13 of the General Code of Conduct
The FSCA, through FAIS Notice 79, has introduced amendments to FAIS notices related to the exemption of certain Financial Service Providers (FSPs) who are insurers from section 13 of the general code of conduct. This means that certain Financial Service Providers (FSPs) who are insurers are exempted from having suitable guarantees or professional indemnity or fidelity insurance cover. These changes are applicable from December 31, 2023, to June 30, 2026. Notably, this notice replaces the previous extension notices and updates the exemption expiry date outlined in FAIS Notice 122 of 2017.
FAIS Notice 80 of 2023 – Changes to Audit Report and Liquidity Requirements
FAIS Notice 80 exempts specific FSPs from section 19(3) audit report and liquidity requirements. These changes are effective from December 31, 2023, to June 30, 2026. Category I FSPs providing specific financial services and not handling premiums or monies beyond the scope of these services are eligible for the exemptions, subject to specified conditions. Similar to FAIS Notice 79, this notice replaces prior extension notices and updates the expiry date in FAIS Notice 123 of 2017.
FAIS Notice 81 of 2023 – Exemption for Juristic Representatives
Addressing exemptions for juristic representatives from section 13(1)(c), FAIS Notice 81 is applicable from December 31, 2023, to June 30, 2026. The notice modifies the exemption expiry date mentioned in Notice 15 of 2021, allowing juristic representatives rendering specific financial services on behalf of particular FSPs to operate beyond the usual constraints of section 13(1)(c), with adherence to stipulated conditions.
FAIS Notice 85 of 2023 – Extension of Compliance Officer Exemptions
FAIS Notice 85 introduces an extension to the exemption granted to Compliance Officers regarding minimum prescribed intervals of visits and reports to FSPs. This exemption, initially granted in 2017 and extended subsequently, is now prolonged until June 30, 2026.
Compliance Officers must adhere to specific conditions, including conducting sufficient visits, implementing a comprehensive monitoring program, and regularly reporting on control environments and identified risks.
The recent FAIS Notices 79-85 of 2023 reflect the ongoing efforts of the FSCA to adapt to the dynamic financial landscape, ensuring a balance between regulatory requirements and industry flexibility. FSPs are encouraged to thoroughly review these amendments and adjust their practices accordingly to maintain compliance and efficiency in their operations.
The Financial Sector Conduct Authority (FSCA) has recently released Communication 33 of 2023, offering a comprehensive update on the cross-sectoral Conduct of Business Return (Omni-CBR) planned for financial institutions. Here's a breakdown of the key highlights:
Purpose of Communication 33 of 2023:
• To provide an update on the development of Omni-CBR for financial institutions.
• To give an overview of the stakeholder consultation process for the first draft of the Omni-CBR template.
• To give details on envisaged next steps for the roll-out and implementation of Omni-CBR based on extensive feedback.
1. FSCA Communication 22 of 2021 (GENERAL) - December 22, 2021:
• This Communication provided an initial update on Omni-CBR development.
• It further signalled the FSCA's intention to conduct a robust consultation process starting in 2022.
2. FSCA Communication 16 of 2022 (GENERAL) - June 8, 2022:
• This Communication included a detailed Roadmap for Omni-CBR roll-out and shared the first draft of the Omni-CBR template for stakeholder consultation.
• It furthermore outlined the objectives, outcomes, and milestones for phased implementation over multiple years.
3. Post-Roadmap Developments:
• Since the June 2022 publication, extensive consideration of stakeholder comments has taken place.
1. Draft Omni-CBR Template Changes:
• The template is undergoing significant changes based on voluminous and critical feedback.
• These changes will inter alia include a substantial streamlining of data points requested.
2. Engagements with Prudential Authority:
• This is an ongoing process to ensure alignment and mitigate potential duplication of regulatory reporting requirements.
3. Consultation Survey and Industry Pilot:
• The FSCA is finalising a consultation survey to understand potential operational and systems impact.
• A survey is envisaged to run parallel to the industry pilot of the revised reporting template.
4. Review of Implementation Timelines:
• The original timeline from the Roadmap is under review and will be extended.
• A detailed breakdown of extended timelines for Phase 3 and Phase 4 will be communicated in 2024.
5. First Half of 2024 Targets:
• Industry engagements will continue, in order to clarify issues raised until April 1, 2024.
• A revised, streamlined version of the draft Omni-CBR template is aimed to be published by July 1, 2024.
• An industry survey on potential operational and systems impact is aimed to be released by July 1, 2024.
6. Possible Revisions and Industry Pilot:
• These timelines are subject to possible revision in 2024 based on further refinement and harmonization efforts.
• The planned industry pilot will be launched in the second half of 2024, based on survey outcomes.
7. Progress Updates:
• Further updates on progress related to the described activities will be provided by July 1, 2024.
Financial institutions are increasingly reliant on Information Technology (IT) to conduct business and deliver services, especially with the advent of the fourth industrial revolution. The integration of advanced technology and online systems poses both opportunities and challenges, necessitating a proactive approach to IT governance and risk management. Published on November 10th, 2023, the Financial Sector Conduct Authority (FSCA) introduced the 'IT Governance and Risk Management for Financial Institutions, 2023' Joint Standard. This Joint Standard will commence on 15 November 2024.
A summary of the principles and minimum requirements for information technology (IT) governance and risk management that financial institutions must adhere to, will follow.
Who does this apply to?
Roles and Responsibilities:
Regarding the IT Strategy:
Regarding the IT Risk Management Framework:
A financial institution must establishment a comprehensive framework, which must be approved by the governing body, subject to annual review. This framework must include -
Regarding IT Operations:
A financial institution must –
Risks Associated with Financial Products and Services:
A financial institution must -
Notification and Reporting Requirements:
A Financial institution must notify the responsible authority of any material incidents (a systems failure, malfunction, delay, or other disruptive event) within the determined timeframe.
In addition, to the requirements in the paragraph above, the Authorities may, through ongoing supervisory review and evaluation processes, request for specific information or regulatory reports as well as assurance in terms of compliance with this Joint Standard.
This Joint Standard emphasizes the importance of a proactive and adaptable approach to IT governance and risk management, ensuring the resilience and stability of financial institutions in an ever-evolving landscape. Financial entities are encouraged to implement and continuously update these guidelines to fortify their IT infrastructure against potential risks. Rest assured, we are currently in the process of formulating a policy on this matter and will furnish our clients with the template in the upcoming year.
In a significant development, the Financial Sector Conduct Authority (FSCA) has issued Communication 27 of 2023, outlining their plans to initiate a thorough verification process regarding certain designated individuals and significant owners within financial institutions. This communication is designed to enhance the transparency and integrity of the financial sector.
Who does this apply to?
The FSCA's verification process will focus on specific categories of individuals within financial institutions. Those subject to this scrutiny will include significant owners, key individuals, directors, shareholders, members, and trustees of authorized Financial Services Providers (FSPs) as defined in the Financial Advisory and Intermediary Services Act, No. 37 of 2002, with a few exceptions. Significant owners and directors of collective investment scheme (CIS) managers as defined in the Collective Investment Schemes Control Act, No. 45 of 2002 are also part of this verification process.
Who is excluded?
It's essential to note that the following entities licensed by the Prudential Authority (PA) will have a separate verification process determined by the PA:
The Historical Context
The FSCA has already taken steps to verify information, including criminal records, for all new license applicants since June 1, 2022. New license applicants have been required to provide comprehensive verification information concerning various key individuals and stakeholders as part of the license application process. Now, the FSCA is expanding its scope and intends to continuously verify existing information, including criminal records of significant owners, directors, shareholders, members, and trustees of FSPs and CIS managers already holding licenses.
The Verification Partner: Managed Integrity Evaluation (Pty) Ltd (MIE)
To facilitate this extensive verification process, the FSCA has enlisted the services of an independent service provider, Managed Integrity Evaluation (Pty) Ltd (MIE). MIE will be responsible for verifying records, including qualifications and criminal histories, on behalf of the FSCA. This collaboration underscores the FSCA's commitment to ensuring thorough and impartial verification.
The Verification Process
As part of the verification process, MIE may directly contact the individuals whose information needs verification. Impacted individuals will receive a link from MIE, delivered via the latest contact details as recorded in the FSCA's system. This link will allow individuals to book appointments at the closest MIE fingerprint zone or satellite office, most convenient to their location. During the appointment, individuals must bring their official identification documents (ID book/card or passport) for verification purposes.
When Does it Start?
The commencement of the verification process and the outreach to impacted individuals is scheduled to begin on November 1, 2023.
Does your FSP participate in Open Finance? The FSCA requires certain information relating to Open Finance
In June the Financial Sector Conduct Authority (FSCA) published the Open Finance Draft Position Paper (Draft Position Paper) for comments. The position paper sets out the policy approach by the regulator when it comes to regulating Open Finance in South Africa.
The FSCA now requests certain information from all financial institutions and Third Party providers that participate in Open Finance. This was requested in the FSCA Information Request 2 of 2023 (General) in October. The information must be submitted to the FSCA by no later than 10 November 2023.
Where do I submit the Information?
Click HERE to access the online form through the Authorities’ website.
What is Open Finance?
Open Finance supports financial institutions in sharing their customers financial data with third party providers (TTPs) for the provision of Open Finance Services.
It relies on open APIs (Application Programming Interfaces) and data sharing to facilitate third-party developers and fintech firms in accessing and integrating financial information and services from multiple sources to assist a third party in the development of financial services for a financial customer.
This empowers individuals and businesses to authorise the sharing of their financial data with external service providers, moving away from the traditional control of banks and financial institutions over customer data and services.
This allows for the development and provision of innovative and personalised financial services and products to customers by third parties.
What Happens If I Don’t Submit the Information?
If an entity participates in Open Finance and fails to submit the requested information within the specified timeline it will be seen as an offence under section 267 of the Act and will, therefore be liable on conviction to a fine not exceeding R1 000 for each day during which the offence continues.
I Have Some Questions, Please Help!
For more information regarding this Information Request please contact the Financial
Technology Department of the FSCA at Nolwazi.Hlophe@fsca.co.za.
We are also here to answer any questions that you may have.
COMPLIANCE NOTICE IN TERMS OF SECTION 83(3)(d) OF THE PROMOTION OF ACCESS TO INFORMATION ACT 2 OF 2000
In accordance with the Protection of Personal Information Act 4 of 2013, the Information Regulator is a statutory body tasked with various responsibilities, including monitoring and enforcing compliance with the Promotion of Access to Information Act 2 of 2000 (PAIA) by both public and private entities.
Recently, the Minister of Justice and Correctional Services, on 27 August 2021, introduced the PAIA Regulations. These regulations, under regulation 17(1), have repealed several forms, including:
• Form A (Request for access to record of a public body),
• Form B (Notice of Internal Appeal), and
• Form C (Request for access to record of private body).
However, the Information Regulator has observed that certain public and private organizations still have these outdated forms on their websites. This practice is obstructing the right of access to information, which is a fundamental right. Therefore, in line with section 83(3)(d) of PAIA, a notice has been issued to ensure compliance.
Public and private bodies are hereby required to upload the following prescribed forms to their websites promptly:
• Form 02: Request for Access to Record in terms of Regulation 7 - Applicable to both Public and Private Bodies.
• Form 03: Outcome of Request and Fees Payable in terms of Regulation 8 - Applicable to both Public and Private Bodies.
• Form 04: Internal Appeal Form in terms of Regulation 9 - Applicable to Public Bodies only.
This action is taken to guarantee that access to records, both in the public and private sectors, is provided promptly, cost-effectively, and with ease. All public and private bodies are expected to comply with this directive by uploading the prescribed PAIA Forms to their websites within a fourteen (14) day period from the publication of this notice, i.e. on / before Friday 20 October 2023.
On 18 August 2023, following the issuance of a notice in the Government Gazette, the amendment of Section 56 of the Financial Intelligence Centre Amendment Act of 2017 came into effect. This amendment is explained by the FIC’s Draft Guidance Note 104A, issued on 18 January 2023, as well the FIC’s International Funds Transfer Reports user guide, dated 9 February 2023.
In essence, Section 43 of FICA introduces an amendment to Section 56 within the Act. This Section deals with the repercussions when an accountable institution, as mandated, fails to report the prescribed information concerning cross-border electronic funds transfers (EFT’s).
This amended Section 56 now includes a sub-section (2) which specifies that if an accountable institution fails to report the prescribed information related to an electronic money transfer in accordance with Section 31, it not only becomes liable for an offense but is also considered non-compliant and subject to an administrative penalty.
Section 31 of FICA imposes an obligation on accountable institutions to submit an international funds transfer report (IFTR) -
• within three days of the transaction or transfer date, when conducting electronic money transfers.
• This report must be submitted directly to the Financial Intelligence Centre (FIC).
• These electronic money transfers must be moved on behalf, or on the instruction, of another person,
• across South African borders,
• involving amounts of R20 000 and above (excluding transaction fees).
Who must Report?
The obligation to report international fund transfer transactions exceeding the prescribed threshold applies solely to specific categories of accountable institutions authorized to conduct the business of cross-border electronic funds transfers, for example authorised dealers (banks), the Post Office, authorised dealers with limited authority (remittance and forex dealers), FSP’s that have a direct reporting dispensation under the Exchange Control Regulations and the South African Postbank, etc.
These FSP’s will, in terms of the Exchange Control Regulations, be authorised by the Treasury in accordance with conditions as the Treasury may impose, to do the following:
• Take or send out of the Republic any bank notes, gold, securities or foreign currency, or transfer any securities from the Republic elsewhere.
• Send, consign or deliver any bank notes, gold, securities or foreign currency to any person for the purpose of taking, sending or removing such bank notes, gold, securities or foreign currency out of the Republic.
• Take any South African bank notes into the Republic or send or consign any such notes to the Republic.
• Make any payment to, or in favour, or on behalf of a person resident outside the Republic or place any sum to the credit of such person.
• Draw or negotiate any bill of exchange or promissory note, transfer any security or acknowledge any debt.
• Grant any financial assistance to any person in the Republic, where as security for such financial assistance, the person granting the financial assistance in turn relies on any security, guarantee, undertaking or financial assistance, directly or indirectly furnished by –
(i) any person resident outside the Republic; or
(ii) an affected person.
• Grant any financial assistance to any person in the Republic, where such person –
(i) is not resident in the Republic; or
(ii) is an affected person.
Failure to Report?
The IFT Report must contain the specified details as stipulated in Regulation 23E of the Money Laundering and Terrorist Financing Control Regulations. Failure to adhere to these provisions constitutes an offense, subject to potential penalties including imprisonment for up to three years or a fine of up to R1 million.
Additionally, failure to submit an IFTR within the stipulated timeframe classifies the entity or individual as non-compliant and subjects them to administrative sanctions, which may involve financial penalties reaching up to R10 million for individuals and R50 million for legal entities.
In the financial sector, transformation and compliance with BBBEE (Broad-Based Black Economic Empowerment) codes play a significant role in promoting economic inclusion and diversity. Recently, we've been receiving queries from clients about BBBEE communication related to the Financial Sector Transformation Council (FSTC) and the Financial Sector Conduct Authority (FSCA). To clear up any confusion and provide clarity, let's delve into the key requirements and application of BBBEE reporting for financial institutions.
What is the FSTC and its Mandate?
The FSTC, or Financial Sector Transformation Council, is tasked with obtaining BBBEE statistical data from entities operating in the financial services sphere. Their objective is to monitor and assess progress concerning BBBEE within the financial sector. Annually, the FSTC sends out requests for statistical data to compile a comprehensive report on the advancement of financial institutions with respect to the Financial Sector BBBEE codes.
Applicability: Who Needs to Report?
Various sectors and companies within the financial domain are required to report their BBBEE progress to the FSTC. The entities asked to report include, but are not limited to:
• Banking institutions
• Long-term and short-term insurance companies
• Re-insurance companies
• Retirement fund administrators
• Collective investment scheme asset managers
• Financial services intermediaries and brokerage firms (FSP's)
• Public entities involved in the financial sector (e.g., DBSA, Land Bank)
• Asset management, consulting, and administration firms
• Private equity, venture capitalist, and impact investor firms
• Entities managing investments on behalf of the public (including those listed in financial indexes)
The reporting scope also encompasses underwriting management agents and industry trade associations operating within the financial sector.
What are the Penalties for Non-Compliance?
There are currently no financial penalties or criminal sanctions if you do not comply. However, If BBBEE compliance is important to you it's crucial for financial institutions to meet the reporting requirements on time. Failure to submit the necessary reports to the FSTC will result in an automatic discount of one BEE level in the next rating period. Although the Council has the right to name non-compliant institutions, there has been no such action taken yet.
Any Exclusions from the Amended FSC?
There are certain exemptions from the Amended FSC (Financial Sector Charter) reporting. It does not apply to:
• natural or juristic persons who do not have trading operations within the Republic of South Africa
• trading operations of such persons outside South Africa
• managers of investments on behalf of the public who are not subject to regulation by the FSCA (such as lawyers who hold money in intermediate trusts etc.)
Reporting Process: How to Comply
The reporting process varies depending on the size and status of the financial institution:
Deadline and Contact Information
Full and final verification reports must be submitted to the FSTC no later than the end of the business day on Friday, 13 October 2023. The submission is to be done electronically via email to email@example.com with the subject line: "FSTC 2021/22 Reporting – (name of entity])." While entities have sometimes been allowed to submit after this date in the past, it's essential to adhere to the specified deadlines.
Should any entity face difficulties in providing the requested information, they can reach out to the FSTC at firstname.lastname@example.org or call (011) 838 6696 or call us for assistance.
The Financial Sector Conduct Authority (FSCA) recently released FSCA FAIS Notice 32 of 2023, which extends several exemptions pertaining to Private Equity Funds. These exemptions, which were originally set to expire on the 30th of June 2023, have now been prolonged until the 30th of June 2026. Notice 32 of 2023 comes into operation on the 1st of July 2023.
These exemptions include:
• Exemption for Financial Service Providers (FSPs) Dealing with Private Equity Funds
• Exemption for FSPs Dealing with Private Equity Funds from Section 13(1)(c) of the FAIS Act
• Exemption for Certain Juristic Representatives from Liquidity Requirements
Considering that these exemptions are nothing new, we will only provide you with a basic overview of such.
Exemption for Financial Service Providers (FSPs) Dealing with Private Equity Funds
The exemption for Category II FSPs dealing with Private Equity Funds solely applies to older mandates concluded before the 13th of December 2012. This exemption entails that, for discretionary investment mandates entered into before the aforementioned date, there is no obligation to include a general statement addressing risks associated with investing in local and foreign financial products, including currency risks.
However, investors must have been informed in writing about these risks within six months of the publication of Board Notice 208 of 2012 (i.e., by the 13th of June 2013).
This exemption also states that a Category II FSP is exempt from meeting the liquidity requirement set out in the Determination of Fit and Proper Requirements of section 48(2) until 30 June 2026, on the condition that it only manages private equity funds.
Exemption for FSPs Dealing with Private Equity Funds from Section 13(1)(c) of the FAIS Act
Category II FSPs that provide financial services to private equity funds are also exempted from section 13(1)(c) of the FAIS Act, which prohibits individuals from offering financial services or entering into contracts related to financial services except in the name of the FSP they represent.
Exemption for Certain Juristic Representatives from Liquidity Requirements
Juristic representatives of Category II FSPs that exclusively provide financial services to private equity funds are exempted from complying with the liquidity requirements outlined in sections 48(2) and 48(4) of the Determination of Fit and Proper Requirements.
by: Horizon Compliance team