“FICA” refers to the Financial Intelligence Centre Act 38 of 2001. If you have ever tried to open a bank account or engage a law firm, you will likely have been required to provide a number of documents for those institutions’ “FICA” purposes. Accountable institutions are required to take certain measures in terms of FICA to combat money laundering activities and prevent financial crime. The Financial Intelligence Centre (“FIC”) has issued a new directive in terms of section 43A(1) of FICA, Directive 8 of 2023, in effect from 31 March 2023. The new directive requires accountable institutions to evaluate employees for their competence and integrity, as well as scrutinise employee information against targeted financial sanctions lists.
Directive 8 of 2023 was issued in order to address the lack of sufficient internal control measures to manage the risks faced by accountable institutions when employing employees. The risk is that accountable institutions (including financial institutions, banks, attorneys, insurers, crypto exchange providers, etc) will employ employees who abuse their positions to commit financial crimes. The Financial Intelligence Centre has issued public compliance communication 55 (“PCC55”) which sets the minimum standard for the screening of employees and provides guidance to accountable institutions on the application of the directive. PCC55 sets out a risk-based approach which employers must apply when evaluating employees, and recommends that employees be evaluated on an annual basis, at minimum.
Accountable institutions must assess the competence of employees by determining whether an employee possesses the necessary skills, knowledge and expertise to perform their role effectively and in accordance with the accountable institutions’ risk-based approach. The accountable institution has flexibility to determine the manner in which it screens employees for competence according to its risk-based approach. This could involve due diligence when it comes to an employee’s previous employment history, references, qualifications and any other relevant accreditations.
The screening of integrity would involve the scrutiny of an employee’s morality including the consideration of their criminal records and any previous indications of dishonesty, with a focus on financial crimes. PCC55 further provides for enhanced screening for integrity which considers whether an employee is a known close associate or immediate family member of a high-risk client or is a national of a high-risk terrorist financing or proliferation financing geographic area.
Accountable institutions must also ensure that the manner in which these assessments are conducted comply with the legal considerations presiding over employment relationships. The process of screening must one that is fair and that it is not in contravention of the right to privacy, particularly the Protection of Personal Information Act 4 of 2013. This is significant when considering the need for employee consent and for sufficient security measures to store personal data. PCC 55 further states that these mechanisms must be applied in compliance with the applicable South African labour laws.
Accountable institutions must retain a record of their risk management of employee FICA risks and produce this risk management policy on request from the FIC. The FIC may impose sanctions on accountable institutions which fail to comply with FICA, including an order to take remedial action, suspension on business activities and/or financial penalties of up to R50 million. Compliance with FICA and its regulations and directives is therefore essential.
Contact us today if you have any queries in connection with the above.