• slide


On 1 April 2018 the Twin Peaks model was welcomed with mixed emotions as responses varied from one extreme to the other - “the Twin Fiasco”, “a sad day for SA financial services” with “profound and damaging consequences for the financial services sector, in particular the insurance industry”, while others labelled it as “the most significant reform to the regulation of the South African financial system and a superior version than Australia’s twin peaks model” and “an important milestone on the journey towards a safer and fairer financial system”, to mention but a few.

The Financial Sector Regulation Act 9 of 2017 (FSRA) lays the foundation and architecture of the Twin Peaks model and was signed into law on 21 August 2017, came into force on 1 April 2018, but only partially in effect. Prior to adopting Twin Peaks, South Africa used the sectoral model which regulated banks separately from other financial firms, such as insurers.

For various reasons, the question of necessity, validity of rumors relating to bureaucratic desire, value in return for an estimate R4.8bn per annum and the possible unconstitutional nature of the South African Twin Peaks model are not addressed herein.

This article is limited to the impact of Twin Peaks on the insurance industry from a financial crime perspective, in particular the Financial Intelligence Centre Act 38 of 2001, as amended in 2017 (FICA).


Aside from the David Lynch series, “Twin Peaks” refers to a model for regulating financial services, first adopted in Australia during 1998. South Africa has become the eighth country to adopt the model. The Twin Peaks model gets its name from the fact that it separates oversight into two independent regulators as follows:

The one peak refers to the Prudential Authority (PA) – the PA within the South African Reserve Bank (SARB), with the purpose of enhancing the safety and soundness of financial institutes and maintaining financial stability. The twin peaks model extends the reach of what was once the Banking Supervision Department (BSD) in the Reserve Bank — to scrutinise not only the soundness of banks but also of insurers, cooperative financial institutions, financial conglomerates (corporation that is made up of several different, seemingly unrelated businesses) and certain market infrastructures.

The second peak is the Conduct Regulator, the Financial Sector Conduct Authority (FSCA) – the FSCA has replaced the Financial Services Board (FSB), and regulates the conduct of financial services businesses by ensuring that financial institutions treat consumers fairly through specific and clearly articulated outcomes, and in doing so, enhancing the efficiency and integrity of the financial system. The FSCA will regulate all financial institutions, including banks — which the FSB did not oversee — to ensure good market conduct and consumer protection.


The overall objective of the model is to achieve a stable financial system that works in the interests of financial consumers and supports balanced and sustainable economic growth in South Africa. The rationale behind creating two institutions that are independent of one another and that have clear and unambiguous responsibilities and accountability, is that there’s a much greater chance (but note, no guarantee) of avoiding a financial crisis.

In addition, Twin Peaks aims to eliminate the blurry lines of responsibilities between the old BSD and FSB, specifically relating to financial conglomerates, which were previously regulated by multiple regulators, for similar lines of business.

Once fully phased in, the Twin Peaks regulatory model will focus on a more harmonised system of licensing, supervision, enforcement, customer complaints (including ombuds), appeals, and consumer advice and education across the financial sector - ensuring that there is co-ordination across all regulators in the financial system is an important supporting pillar. These regulators include the PA and FSCA, the National Credit Regulator, the Financial Intelligence Centre (FIC), the Council for Medical Schemes and the SARB.


The name and mandate change of the FSB to the FSCA (a new entity in its entirety) is by far the lesser evil of all changes brought about by the FSRA.

The insurance industry undoubtedly made the loudest noise, voicing their disapproval and concerns with the Twin Peaks Model, during the lengthy consultation process– not only relating to the cost impact “by the huge potential cost that will inevitably be charged back to the industry through product and servicing fees – directly affecting consumers”, but also the “timing of regulatory interventions given the parlous state of the South African economy”.

The staff of the Insurance Prudential Department (within the previous FSB) left their offices on Friday, 30 March 2018, under the governance of the Long-term Insurance Act 52 of 1998 (LTIA) and the Short-term Insurance Act 53 of 1998 (STIA), only to return on Monday 2 April 2018, reporting to the PA for prudential purposes and the FSCA on conduct matters, governed by the FSRA.

Further amendments were brought about by the Insurance Act 9 of 2017, and further to be expected from the Conduct of Financial Institutions (COFI) Act (currently a Bill), replacing the FAIS Act.


The FSRA, in conjunction with FICA, brought about the PA’s mandate to supervise banks and insurance entities for compliance with FICA - levelling the playing field between banks and insurers. The PA continues with the financial crime oversight role over banks, which was initially performed by the BSD of the SARB since April 2012. The PA’s approach to supervision is risk-based, assessing and enforcing the adequacy and effectiveness of the controls implemented by Accountable Institutions (which includes long-term insurers) in their attempt to prevent financial crime.

It’s noted that, until very recently, the FSCA communicated to all financial services providers (including insurers, regulated by the PA from a financial crime perspective) regarding the FICA implementation roadmap and the deadline of 2 April 2019 for implementation with the new requirements of the FIC Act as amended, for all Accountable Institutions.


A word of advice: Having had extensive exposure and dealings with the previous BSD (within SARB), as well as the FSB (now FSCA) during on-site inspections, qualifies me to say - Insurers will need to “clean their house” and prepare themselves for a far more intrusive, intense and challenging style of supervision by the PA than what they’ve been accustomed to with the previous FSB. Effective reporting, accurate and complete data, all aspects being at infancy stage for several Insurers, are of key importance.

One advantage of the Twin Peaks model is that it can facilitate better enforcement – my prediction is that the PA will prove that the model evidently does enforce FICA compliance better, via administrative sanctions and/or penalties, than the previous sectoral model. Having two independent Regulators, with diverse skills, different roles and responsibilities, as well as scope of oversight, results in better coverage, focus and more frequent on-site visits and/or inspections – mutually working towards the enforcement of the said regulations and the upliftment of financial soundness across the financial services industry, resulting in improved financial demeanour and “consumer-centric” conduct.

The fact that FICA (as amended 2017) has only been applicable to previous exempted Accountable Institutions, such as Long-Term Insurers, from 2 October 2017 will not be an acceptable excuse for non-compliance to the PA.

Below is a short summary of what can be expected by and from the PA:

  • Extensively meticulous on-site inspections, with no stone un-turned;

  • Documented business rationale and business practices for all key decisions taken, risk ratings provided, alert closures etc. Remember, if it’s not documented, it does not exist;

  • Key controls to be automated as far as possible to avoid human error;

  • Application at ground level to be 100% aligned to documented practices and procedures and vice versa.;

  • Consistent application of financial crime controls across the Accountable Institution;

  • A solid/clear understanding of financial crime from the Board to junior staff members;

  • Testing of an Accountable Institution’s ability to detect and rapidly respond to industry threats / new modus operandi’s;

  • Test practical application of RBA and RMCP at ground level, testing the understanding of an RBA across all organisational levels; and

  • Expect thought-through and achievable action plans to address issues such as, backlog of alerts, non-compliant client files etc.

In closing – in terms of the FSR, FICA and Insurance Act, Insurers have three Regulators to answer to – the PA for prudential requirements which includes financial crime prevention), the FSCA for market conduct requirements and the FIC as an Accountable Institution (i.e. Long-term Insurers) and Reporting Institution (i.e. Short-term Insurance). As they say – “prevention is better than cure” – especially if the “cure” comes with a heavy financial penalty. Therefore, try not to test the patience and tolerance levels of the Regulators as from the 2nd of April 2019 with non-compliance, and get your “house in order” ASAP!

Article written by:

ILZE CALITZCo-Founder & Chief Legal & Compliance Officer

Leave a Reply

Your email address will not be published.