Financial Intelligence Centre (FICA) Act - How to Stay Compliant in South Africa

South Africa has been part of the Financial Action Task Force (FATF) since 2003 and has established several regulations to fight money laundering and terrorism financing. The Financial Intelligence Center Act 38 of 2001 (FICA) was enacted as a guide for businesses operating in the country to stay compliant. However, South Africa still lacks in implementation of these regulations although it has the potential to fight money laundering according to a report from FATF and was recently added to the FATF grey list in 2023.

South Africa has since then continuously worked to make amendments to FICA to address these existing issues. As a business, you need to understand the FICA Act and how it's relevant to your company for AML compliance. 

What is the Financial Intelligence Center Act (FICA)?

The Financial Intelligence Center Act (FICA) is the premier Anti Money Laundering (AML) legislation in South Africa that outlines the guidelines for businesses operating in regulated industries to follow. The act was first introduced in 2001 and has been amended since then to align with new FATF legislation.

The FICA Act was established to prevent and detect money laundering and other financial crime proceeds in South Africa by imposing compliance requirements on financial institutions and other relevant businesses. This includes banks, insurance firms, Non-Banking Financial Institutions, Gaming and casino organisations, and more.  

FICA Act generally combats: 

• Money laundering
• Terrorist financing
• Tax evasion 
• Fraud, etc

The law ensures South Africa remains a safe country to conduct business and free from criminal activities by ensuring key organisations comply with AML standards.

Why the FICA Act?

FICA law simply exists to empower businesses to prevent and detect criminal activities that generate illegal proceeds in South Africa. It operates by mandating all regulated entities to implement AML and effective Know Your Customer (KYC) processes during customer onboarding and across the customer-business relationship lifetime. By extension, the FICA Act also ensures that South Africa is compliant with FATF recommendations.

The act empowers the Financial Intelligence Center (FIC) to monitor and enforce compliance of regulated entities with the AML regulations as laid out by the FICA act. 

What is the Difference Between the FIC and FICA?

Putting it simply - FICA is the law, while FIC is the regulatory authority empowered to supervise and enforce the law on regulated entities to ensure they're compliant or administer proportionate penalties when they aren’t. FICA is the Financial Intelligence Center Act (regulatory law), while FIC is the Financial Intelligence Center (governing body). 

The FIC is responsible for investigating and taking action when there's a case of financial crimes and also analysing and disseminating information to other law enforcement agencies for the detection, prevention, and prosecution of financial crimes.

According to the law, all regulated entities are mandated to register with FIC, report suspicious activities, and submit regular reports that may be indicative of financial crimes. Institutions are also required to report financial activities or risk penalties. 

Read more: AML Compliance in South Africa.

What is a FICA Document in South Africa?

These are documents businesses can accept to conduct customer due diligence during onboarding for FICA compliance. Examples of these documents for individuals include:

• Green bar-coded national identity document
• Smart card
• A government-approved document containing your address for address verification due diligence
• Valid passport
• Driving license

For businesses, examples include:

• Company registration documents
• Proof of business physical address
• Mandate or resolution
• ID documents or passports of business-related parties
• Shareholder confirmation of business-related parties
• Proof of address of business-related parties
• List of members of business-related parties

Which Businesses Are Regulated by the FICA Act?

The FICA Act generally affects businesses operating in regulated markets. Examples include: 

• Banks
• Gaming and Casinos organisations
• Real estate agents and companies
• Investment firms 
• Asset management firms
• Insurance companies
• Payment processors
• Nonbanking financial institutions
• Brokers
• Remittance companies, etc.

These are a few of the companies that have to implement AML policies according to the FICA Act or risk penalties. 

Recommended: KYC Requirements in South Africa

FICA Act AML Compliance Requirements

The FICA Act sets different AML compliance requirements for entities depending on their industries. Failure to comply may result in penalties including financial fines of up to 100 million rands, imprisonment, and even loss of license. Therefore, establishing the right AML compliance program is nonnegotiable for concerned entities.

Key FICA Act compliance requirements include:

• Conduct effective customer risk assessment and risk management
• Verifying customer identity during onboarding and reauthenticating their data at regular intervals through effective Know Your Customer (KYC) procedures and relevant Customer Due Diligence (CDD) measures necessary based on the kind of business relationship being established.
• Adopt a risk-based approach for AML processes depending on the customer risk level  
• Conduct AML screening on customers across adverse media, sanctions lists, watchlists, and politically exposed person lists.  
• Store customer due diligence data according to AML regulatory requirements and data protection laws and provide them to regulatory authorities as required.
• Establish a compliance officer who would be responsible for coordinating in-house compliance activities including developing policies, auditing, and reporting to regulatory authorities on behalf of the company.
• Keep customer transaction records for the stipulated period 
• Conduct training relating to anti-money laundering, counter-terrorist financing, and financial sanctions obligations compliance

Note that there are specific requirements under each of these listed above, which vary depending on the kind of entity. Therefore, businesses should understand what and how it precisely affects them.

Learn more in our South Africa KYC guide or Book a free demo to speak with our experts today.