Where an FSP collects premiums from clients directly and then pays it over to the Insurer there has always been a requirement that they :
The new amendment means that one does not have to have a separate bank account any longer given that you comply with the requirements of the specific insurer concerned, that the insurer authorises it and a set out in section 47A of the Long-term Insurance Act.
This goes for Short-term insurance as well, but this has been the case for quite some time.
The new amendment means that one does not have to have a separate bank account any longer given that you comply with the requirements of the specific insurer concerned, that the insurer authorises it
If an FSP is collecting and holding funds for other products or they do not have approval from a Short- or Long-term insurer they must still have separate bank accounts and comply with the other regulations and procedures surrounding that.
Section 10(1)-(2) states what you do need to do if you are indeed collecting funds and none of the exemptions apply to you:
(1) Subject to the provisions of any other applicable Act, a provider who receives or holds financial products or funds of or on behalf of a client must account for such products or funds properly and promptly and-
(a) when documents of title are lodged with the provider on behalf of the client, the provider must immediately provide written confirmation of receipt thereof which contains a description of the documents that is sufficient to identify them;
(b) when a provider receives funds into safe custody without the mediation of a bank, the provider must on receipt of the money, issue a written confirmation of receipt thereof;
(c) where the provider, or a third party on behalf of either of them, is in control of such financial products or funds, take reasonable steps to ensure that they are adequately safeguarded;
(d) open and maintain a separate account, designated for client funds, at a bank and-
(i) must within one business day of receipt pay into the account all funds held on behalf of clients;
(ii) ensure that the separate account only contains funds of clients and not those of the provider;
(iii) pay all bank charges in respect of the separate account except that bank charges specifically relating to a deposit or withdrawal of the funds of the client are for the client’s own account; and
(iv) ensure that any interest accruing to the funds in the separate account is payable to the client or the owner of the funds;
(e) take reasonable steps to ensure-
(i) that at all times such financial products or funds are dealt with strictly in accordance with the mandate given to the provider;
(ii) that client financial products or funds are readily discernible from private assets or funds of the provider; and
(iii) that, subject to any applicable contractual or statutory provisions, a client has ready access to any amount paid into the separate account, less any deductions which are authorised, and charges and fees required or authorised to be paid by law.
(2) Where a transaction or agreement has been recorded in writing, the provider who dealt with the client, must ensure that the original agreement is delivered to the client for safe custody.”
On Thursday, 17 November 2022, one of our Compliance Officers, Adriaan van Wyk, was invited to a discussion on Money Laundering at the radio station POWER FM 98.7 hosted by Faith Mangope.
You can listen to the Podcast here: omny.fm/shows/power-lunch/money-laundering-in-south-africa#description
On 19 October 2022 Crypto Assets were declared a financial product in terms of FAIS.
This is defined as:
a digital representation of value that –
(a) is not issued by a central bank, but is capable of being traded, transferred or stored electronically
by natural and legal persons for the purpose of payment, investment and other forms of utility;
(b) applies cryptographic techniques; and
(c) uses distributed ledger technology.
One can argue this included crypto currencies, nodes as well as NFT art as well as you'll see below.
It is important to note that currently this practically does not mean much and this was likely done in an attempt to avoid possible greylisting of South Africa by the FATF. This is because one is exempt from licensing as an FSP or Financial Services Provider (section 7(1) of the FAIS Act) and can obtain a license between June 2023 and November 2023 in terms of FAIS Notice 90 of 2022. It is important to note that included in this notice is the mention of currencies, NFT's, miners and nodes specifically.
But the notice also states that one must in the meantime comply with Chapter 2 of the Determination of Fit and Proper requirements of FAIS, which is too long to repeat here verbatim but generally states:
A person must have honesty and integrity and the chapter also states in which instances one is deemed to no longer have that (i.e. convicted of fraud etc).
One must also in the meantime comply with section 2 of the General Code of Conduct which states:
A provider must at all times render financial services honestly, fairly, with due skill, care and diligence, and in the interests of clients and the integrity of the financial services industry.
Full compliance with the General Code kicks in on 1 December 2023, ostensibly after licensing has been concluded.
It is important to note that included in this notice is the mention of currencies, NFT's, miners and nodes specifically.
There is also a Draft Notice out for comment on exempting persons rendering a crypto financial service from:
Submissions on the draft Exemption must, using the submission template attached, be submitted in writing on or before 1 December 2022 to the FSCA, at FSCA.RFDStandards@fsca.co.za.
Please reach us on our Contact Us page for any assistance on licensing matters related to crypto. We are here to help you.
The FIC has updated the cash thresholds from R25 000.00 to R50 000.00. The reporting timeframes have also been updated from reporting within 2days to reporting within 3days after the company or any of its employees become aware of the transaction. This will become effective on 14 November 2022.
Lastly the aggregation of amounts that together total above R25 000.00 is also abolished.
Generally this can be seen as a relaxation of the requirements and it unknown how this fits into the prevention of the possible coming FATF greylisting.
The FSCA recently posted the abovementioned notice. When reading it the average person, or even professional, will find it hard to understand what they are trying to convey. We simplify and explain it for you.
Some background info: this is one of the items the FIC and our government needed to fix to ensure we do not get Grey Listed as a country. They are also busy ensuring other kinds of businesses are also classified as accountable institutions in terms of FICA (new additions will be credit providers, crypto exchanges, co-operative banks and high value goods dealers to name a few - more on this in our next post). The notice is complex because you have to refer to 2 notices (the original Joint Standard of 2020 and the exemption general notice 3 of 2020) and 2 pieces of legislation (FAIS Act and FSR Act) to understand it.
In short - the notice only puts in place the legislation to allow the FSCA to ask for the information of significant owners of FSPs.
One has to read the content very carefully - it only exempts FSPs from the requirement to prove competence and financial standing of significant owners. They will still need to do other things the original joint standard of 2020 requires of significant owners (such as disclosure thereof etc). Banks, insurers and CIS managers must do all that FSP's have to do but also prove competence and financial standing of SO's.
In short - the notice only puts in place the legislation to allow the FSCA to ask for the information of significant owners of FSPs. The mechanism with which they will require us to submit is still to be seen. I am guessing this will be asked with license applications and in future and perhaps they will require FSP's to upload it onto the e-Portal (or the compliance reports) , however that is just conjecture on my part. The actual submission requirement has not been announced yet.
We will, however, potentially start to ask for it in our future compliance audits next year as a means to ensure our clients and so they are ready when the time comes.
There is nothing in the FAIS Act that suggests that a Key Individual needs to be positioned internally within the FSP and by this statement, the Authority is an overreach.
Over the past few years, the FSCA has been very inconsistent when reviewing Key Individual applications. It seems as if the Authority is weary of approving Key Individual applications where the Key Individual is already approved on another license. One analyst will start questioning a person’s operational ability once the Key Individual is approved on more than 1 license, while another analyst will only raise operational ability concerns after 3 approvals. At face value, the case-by-case approach that seems to be the modus operandi at the moment is prejudicial as there is really no set criteria for the operational ability test.
Yes, the role of the Key Individual is one that is critical to ensure that the management and oversight role in respect of the financial services and activities is carried out and performed by the FSP. This entails ensuring that the financial services are rendered with utmost good faith, due care, skill and diligence. We also understand that the recent strictness in the application of the operational ability requirement stems from the FSCA seeking to curb rent-a-KI situations within the industry. However, the manner in which the Authority has opted to go about doing so, is more burdensome and somewhat inefficient.
What was also very enigmatic in a recent application, was when an analyst said:
“There is also a clear intent that the FAIS Act requires a key individual to be positioned internally within the FSP to oversee the activities of that FSP as well those of the appointed representatives of the FSP and as such can therefore not be too far removed from the day-to-day activities of the business of the FSP.”
There is nothing in the FAIS Act that suggests that a Key Individual needs to be positioned internally within the FSP and by this statement, the Authority is an overreach.
My suggestion is for the Authority to decide and place on record the exact maximum number of licenses a Key Individual can be on, instead of moving the goal post as and when it is suitable. Otherwise, the “unintended consequence” would be that there will be a vast shortage in the industry thereby limiting access even to new entrants. I say “unintended consequence” because at this rate, we are not really certain of the Authority’s intention. Also, what happened to progressively “cutting the red tape” and ensuring access as stated by the President of the Republic?
We recently attended a workshop hosted by the FSCA on their new envisaged FAIS compliance reports called, Conduct of Business Reports (in typical regulatory nomenclature) also known as CBR reports.
Here is a summary of the key points from the Workshops conducted by the FSCA on the 7th and 8th of July 2022. Both workshops, (one aimed at smaller and one aimed at larger FSPs) contained the same contents albeit the questions posed by the participants were somewhat different.
Purpose of the CBR report: The FSCA published the report in its draft form to give the industry an idea of the questions they can expect and should prepare for. They also want the industry to comment on the applicability and format of the questions.
Some of the feedback the industry gave at the workshop was as follows:
Comment/question: The report does not seem to be in line with “cutting of red tape” for the industry as it is overly burdensome
Feedback from the FSCA: The Insurance industry is already reporting in a similar manner and although the financial services industry has not used the reports before, just as with the compliance reports, the CBR reports will take some getting used to. The FSCA also reiterated the fact that although the report will eventually be tweaked here and there, the contents and questions asked will not change
Comment/question: Smaller FSPs (especially 1 man run entities) do not see how it will be practically possible for them to be able to complete and submit the report, while conducting business and ensuring the timely submission of all other regulatory requirements
Feedback from the FSCA: The answer to this question was essentially the same as above. The FSCA also added that the questions for larger and smaller FSPs are exactly the same.
Comment/question: The industry is concerned about the actual length and complexity of the report. It was also suggested that the definitions section should be expanded further, especially because some of the terms and concepts used are not in legislation
Feedback from the FSCA: The FSCA will try and expand on the definitions and will also issue guidance notes.
Comment/question: How will feedback be provided (if any) after reporting
Feedback from the FSCA: The main idea is not for the FSCA to provide feedback but rather to regulate market conduct. The main entities that will be consulted, will be the outliers within a particular sector.
Imagine if you asked the same questions and took the same approach for all clients when rendering financial services. The FSCA would have a massive problem with that but it is exactly what they are doing with the current format of the CBR reports.
The FSCA acknowledged that the report is not perfect and may have a few errors, but the content is what the industry should focus on, as not all functionality has been built in yet.
It is concerning to us that the regulator does not seem to take complaints of increased red tape seriously and often dismisses it or ignores it. Of equal concern is the fact that the same questions are asked of large and small FSPs - this makes no sense. Imagine if you asked the same questions and took the same approach for all clients when rendering financial services. The FSCA would have a massive problem with that but it is exactly what they are doing with the current format of the CBR reports.
Luckily the industry seems to all have the same concerns and we'll keep a close eye on how the FSCA handles it.
Submission of the reports
When? The reports are not yet due, and the implementation will be done in a staggered approach over the next two or so years. The FSCA did indicate that there will be a Pilot Project in early 2023 and FSPs are encouraged to volunteer for the same. The obvious pro in volunteering, would mean you would get first-hand experience with the final report and feedback on the same. As stated in the Omni CBR Roadmap, this is a multi-year project, and the FSCA will consult on the implications of the reporting more than once and support the industry in implementing it in an incremental manner.
Therefore, the current phase is specifically for the practicality of questions. Next year the FSCA will be dealing with the functionality and practicality of the report. Implementation will start in 2024 in phases.
If you would like to volunteer for the Pilot Project, kindly send an email to firstname.lastname@example.org or email@example.com
The FSCA finally published drafts of their new compliance reports and in line with all things bureaucratic decided to call them Conduct of Business Reports or CBR for short. This report seems like it will attempt to enable all financial institutions ranging from Banks to one-man run FSPs to fill it in. It will do this by changing the content of the report depending on the input of the person filling it in.
At first glance the report seems broken as certain fields do not work and some of the auto selection an population content does not activate when it should. What we can see at this stage is that the information asked for is copious and some of it does not seem related to aspects of legislation.
The content was informed by overseas regulators in western developed nations. Although this is a good base to start from, one must significantly adapt as we are not a western developed nation. We must still develop and overregulation will not get us there. Our President recently embarked on a campaign of cutting red tape to enhance business creation and operation. I do not think this complex reporting approach is in line with this goal.
Much more action and responsibility needs to be taken by the authorities when malfeasance is brought to their attention instead of placing a heavy regulatory reporting burden on financial services providers. And in these economic times there is even less breathing space for businesses as it is. We'll publish our comments via our industry bodies in line with this approach but please feel free to comment on your own as well or via your industry bodies.
Their documentation states that they will only commence Phase 2 of the Consultation in Q1 2023 and that first reporting will likely only start in 2024.
There are workshops on the CBR reports and we will attend them on your behalf but anyone can attend them and voice their opinions if they’d like. Please see the links and documents at the end of this post.
Their documentation states that they will only commence Phase 2 of the Consultation Process in Q1 2023 and that first reporting will likely only start in 2024.
Written comments must be submitted via the secure FSCA “Comments” portal, available on the FSCA website under Home > Regulated Entities > E-services or by clicking here. The comments template is web-based and is available for completion by any individual on behalf of a licensed financial institution or industry association.
The “Comments” portal will only be available from 10 June 2022 and all written comments must be submitted by 10 August 2022. The portal will be closed for any further submissions after this date.
Workshops can be booked for here:
Large FSPs (turnover >R5)
Smaller FSPs (turnover <R5m)
For more information about this Communication please contact Ms Juanita Smit at Juanita.Smit@fsca.co.za and copy FSCA_Omni_CBR_Comments@fsca.co.za
What is this?
The FSTC recently sent out important reporting changes and information. See the original communication here. To be clear, the FSTC is not to be confused with the FSCA. Although this does not fall in the realm of FAIS compliance, we thought it is a good idea to perhaps just summarise the requirements and application thereof.
Usually the BEE components of a business is handled internally/with HR or accountants in consultation with Verification Agents (BEE Compliance Officers) if need be.
The FSTC is mandated to obtain BBBEE statistical data from entities operating in the financial services sphere on their progress relating to BBBEE. They send out a request once a year for statistical data so they can compile their annual report on the progress of Financial Institutions with the Financial Sector BBBEE codes.
Who does this apply to?
The sectors/companies asked to report are:
This does not apply to:
How do I report if I need/want to?
Changes in Submission of Reports:
It is extremely important to note that the FSTC changed the method for companies to submit reports. The FSTC will NO LONGER accept reports via the reporting email.
The reports and supporting documents should be submitted as a folder through Drop Box. All report should now be submitted electronically to the Drop Box link: https://www.dropbox.com/request/YYZggWgIZT3BwJrh4AP5 with the folder named: FSTC 2020/21 Reporting– (name of entity).
FIs were requested to submit the full final verification reports, to the FSTC no later than the end of the business Friday, 12 August 2022. All reports are to be submitted electronically to the Drop Box link.
***Avoid editing and saving online into one drive. ***
Should an entity encounter difficulty in providing the above-requested information they should contact the FSTC at firstname.lastname@example.org, or call (011)838 6696 or get in touch with their respective Trade Associations for more clarity
2022 Compliance Reports
The FSCA has confirmed that there will be no compliance reports yet for this year. They are still busy drafting the new Conduct of Business Reports it seems. The last compliance reports were issued in 2018. It is not clear why it is taking them 4 years + so far to draft new CBR reports. My guess is that they are waiting for the COFI Act first, which still has to become law. Or maybe some more coffee is needed, post-haste. But that is just an educated guess at this stage. In the meantime we continue to make sure our clients are compliant in terms of what the law requires of them.
You can read more here.
FICA FATF Review
In other news, the FIC issued a document with a complicated title: "Important communication regarding FATF Mutual Evaluation: Immediate Outcome 4 - Preventative Measure". I am going to save you the time you would have spent to read the 10 page document and summarise if for you.
The document basically details that the Financial Action Task Force (the global rule maker responsible for FICA being in your lives) did an assessment on the compliance in South Africa and found us wanting. They say that entities do not understand the money laundering risk and also fail to identify reportable transactions and fail to report them to the FIC.
What does this mean? If South Africa (meaning, effectively, our regulators) does not pull up it's socks, then South Africa might get grey listed. Just know - this is not good. This also means the FIC and FSCA might do more intensive inspections of their own to prevent this. On the bright side, they will also assist the industry more. So expect more guidance and perhaps more changes to come.
Read more about this here.
by: Horizon Compliance team