FSP compliance: tackling FICA and KYC
In recent months, the Financial Sector Conduct Authority (FSCA) has issued several fines to Financial Service Providers (FSPs) for failing to comply with anti-money laundering regulations.
As the FSCA intensifies and continues its enforcement efforts, FSPs are urged to ensure their AML regulatory processes are not only created but actively used and implemented.
FAnews spoke to Hawken McEwan, Director of Risk and Compliance at DocFox to unravel the complexities South African FSPs face in complying with regulatory requirements.
Recent fines and common areas of non-compliance
When asked about recent fines issued by the FSCA and common areas of non-compliance, McEwan stated, "Ashburton received the largest fine so far this year of R16m, and I say so far as with greylisting and the FIC, SARB, and FSCA’s subsequent commitment to tightening up, we will see more sanctions in the coming months and years."
He added, "The findings at Ashburton were perhaps driven by not having a complete and implemented Risk Management and Compliance Programme or RMCP as we call it because we love an acronym. If this was in place then it could have driven the firm to undertake proper due process as standard and avoided the subsequent findings you can see on screen of not completing client due diligence properly, not identifying ultimate beneficial owners, and not screening for sanctions."
McEwan also mentioned fines issued to other firms, saying, "TVAS received a R400k fine. Considerably less than Ashburton, but for a small firm, that level of fine can still make a real dent in the business. A similar story here around weaknesses in that RMCP and not carrying out proper process."
He continued, "Jannie Parsons received an R870k fine again for not having an RMCP, not carrying out due diligence fully, and in this case, not assessing the risk associated with doing business with their clients. A bit of a common theme coming out there."
Importance of public transparency
On the topic of public transparency, McEwan noted, "All of the information around these fines are published for all to see on the FSCA or FIC website and these ones hit the news headlines and the internet. Such public transparency can make current and potential clients nervous about entrusting their hard-earned money with you… and the banks and product vendors you work with may be cautious about doing business too as they have to ensure that they not only remain compliant and try to manage the risk of customers introduced to them but also be mindful of their own reputation risk through association."
Key requirements for FICA and KYC compliance
When discussing the key requirements for FICA and KYC compliance, McEwan stated, "This is too big a question to answer but the key requirements are in the image below. Everything from this is mandated by FICA. It’s not an a la carte menu where you can pick and choose elements you want to do and avoid others, it’s a set menu, and you really only have the flexibility to choose the garnish or details around how you meet the need of each category."
The role of technology in compliance
Highlighting the role of technology in ensuring standardised compliance processes, McEwan said, "Meeting FICA requirements can be time consuming, so one of the biggest reasons to invest in technology for compliance is the time saving aspect of it. To get the full benefit, you should find an end-to-end solution that covers all aspects of FICA compliance and does the heavy lifting for you. This will save your team and compliance officer a lot of time that could be better spent on other things."
He continued, "You are required to rescreen your customer base every time the list changes. Having a system that does this in the background is crucial."
McEwan emphasised consistency and control, stating, "In our experience, if you have a solution that tells your team exactly what’s required and which steps are outstanding, you get that consistency. As the compliance officer, you want an easy way to check how CDD was performed for each client, question when items are outstanding, and be in full control. Being able to at any stage provide evidence to the FIC of what exactly the CDD was done for each client."
Final thoughts on technology and compliance
In his final words, McEwan reflected on the broader benefits of using technology for compliance: "In today’s world, people expect technology solutions to make life easier. Customers expect to do more online without the backwards and forwards of emails and filling out forms, and companies look for cost-effective solutions that keep their teams away from administrative burdens."
He added, "The requirements of FICA are broad, and there is very little wriggle room for mistakes. So, employing a system to ensure that FICA is carried out quickly and consistently across a business with clear central oversight, even with teams working remotely, can give a level of comfort that should the regulator come knocking, you can relax knowing everything is taken care of."
Writer’s Thoughts
In an increasingly regulated environment, FSPs must take proactive steps to ensure their compliance programs are both robust and actively implemented. Staying ahead of regulatory requirements not only protects their business but also enhances client trust and fosters long-term relationships. Please comment below, interact with us on Twitter at @fanews_online or email me your thoughts myra@fanews.co.za.
