• slide

In this article I discuss some of the high-level requirements Accountable Institutions (AI) need to put in place to become compliant with the new Financial Intelligence Centre Amendment Act. Although a seemingly daunting task, I discuss some of the templates and solutions available to AI’s so as not to break the bank and put the requirements in place over a 3-4 week period.

If you are an Accountable Institution, and up until now you have been relying on the exemptions that were put in place by the Regulator to manage the overhead related to Know Your Client (KYC) and Risk Management, then this article is for you. The exemptions have fallen away, so what now, and what do you need to know?

The Financial Intelligence Centre Amendment Act 1 of 2017 (FICAA) came into operation on 13 June 2017 and 2 October 2017 respectively. The significance of 2 October 2017 is, amongst others, that previous exemptions granted by the Financial Intelligence Centre (FIC) are no longer applicable - all Accountable Institutions are now subject to the entire scope and application of the Financial Intelligence Centre Act 38 of 2001 (FICA), as well as FICAA.

In terms of FICAA, all Accountable Institutions (which includes Asset Managers, Estate Agents, Long-Term Insurers etc.) are required to implement provisions relating to:

  • Customer Due Diligence (CDD) measures;

  • Record Keeping requirements;

  • A Risk Based Approach (RBA); and

  • A Risk Management and Compliance Programme (RMCP).

As from 1 April 2018, the Twin Peaks model of the Financial Sector Regulation saw the creation of a prudential regulator – the Prudential Authority – housed in the South African Reserve Bank, while the Financial Services Board has been transformed into a dedicated market conduct regulator – the Financial Sector Conduct Authority (FSCA).

A joint statement has been issued by the respective Regulators on the implementation date of FICAA – which has been confirmed as 2 April 2019.

To lay a regulatory compliant foundation to any rapidly growing business, one of the immediate challenges is to become FICAA compliant in preparation of the deadline of 2 April 2019.


The RMCP document is a living document which needs to adapt, change and remain relevant based on the current reality within an Accountable Institutions life. The trick is to define and develop an RMCP that ensures the measures to detect, prevent and/or mitigate financial crime which are comparable to the Accountable Institutions’ risk exposure, through defining proportionate practices which will allow resources to be directed in accordance with priorities so that the greatest risks receive the highest attention. The overall aim of risk management is to ensure that organisational capabilities and resources are employed in an efficient and effective manner to manage both opportunities and threats.

There are six key components to the RMCP, which are: Financial Crime Risk Assessment; Risk Based Approach and Methodology; Risk Management Methodologies; Policies and Internal Rules; Training, and; The Risk Management Framework.

Developing an RMCP can appear to be a daunting task, however, with the right approach and templates, this can be a quick exercise which results in a robust RMCP capable of growing and improving as your business grows and improves.

The Monivation team have developed templates and questionnaires that can be used to quickly work through the 6 requirements of an RMCP and provide a Regulator-ready pack within a 3-4-week period. Through extensive experience enabling both FICA and now FICAA within Accountable Institutions, the team can guide you through developing a fit for purpose RMCP that’s right for your business.

Article written by:

DAVID HARROWSMITHCo-Founder & Chief Executive Officer

Leave a Reply

Your email address will not be published.