One of the compliance areas that creates headaches for accountable institutions is the obligation to identify and verify its clients. The obligation to identify and verify has had a major makeover. Whereas the heading to Part 1 of Chapter 3 of the FIC Act previously read “Duty to identify clients” it reads after the amendments as “Customer due diligence”.
The amendments pertaining to Customer Due Diligence becomes effective on 02 October 2017. The crux of the amendments pertaining to the Regulations and the Exemptions relate to the issue of Customer Due Diligence. The movement from a Rules Based Approach to a Risk Based Approach (or a hybrid thereof in my view) affects the Regulations and the Exemptions dramatically and industry is holding its breath in anticipation of how these amendments will be affected. The FIC has published draft amendments in respect of the Regulations, the Exemptions and of the Guidance and it will be interesting to see the final product.
Customer Due Diligence Amendments
Section 20A: Anonymous clients and clients acting under false or fictitious names:
The gist of this new section is simple – an accountable institution may not establish a business relationship or conclude a single transaction with an anonymous client or with a client with an apparent false of fictitious name. This applies regardless of the amount in the case single transactions. If an accountable intuition does that what will the consequences be? Keep an eye open for the next articles where this will be addressed.
Section 21(1): Identification of clients and other persons:
Section 21 still requires the identification and verification of clients of accountable institutions and in instances where the client acts on behalf of another person or where another person acts on behalf of a client. The amendments differ in two specific areas. The one being when this should happen and the second the reference to Risk Management and Compliance Programme (“RMCP”). When an accountable institution engages with a prospective client to enter into a single transaction, or to establish a business relationship, the institution must, in the course of concluding that single transaction or establishing that business relationship and in accordance with its RMCP, establish and verify the identity of the client.
The following is also very important to take note of. The FIC Amendment Act deletes the definition of transaction. A transaction has been referred to before the amendments as, “transaction means a transaction concluded between a client and an accountable institution in accordance with the type of business carried on by that institution”. A single transaction as defined in the FIC Amendment Act means a transaction other than a transaction concluded in the course of a business relationship and where the value of the transaction is not less than the amount prescribed, except in the case of section 20A. In the draft Regulations published the prescribed amount of a transaction to be considered as a single transaction is an amount not less than R5000.00. The definition of business relationship has not been amended and remains an arrangement between a client and an accountable institution for the purpose of concluding transactions on a regular basis.
Section 21A: Understanding and obtaining information on business relationship:
In terms of section 21A, accountable institutions must obtain information from the client to reasonably enable the accountable institution to determine whether future transactions that will be performed in the course of the business relationship are consistent with the knowledge of that prospective client. This includes information describing:
- The nature of the business relationship concerned;
- The intended purpose of the business relationship concerned; and
- The source of funds which the client excepts to use in the course of the business relationship.
Section 21B: Additional due diligence measures relating to legal persons, trusts and partnerships:
Section 21B deals with additional due diligence measures relating to legal persons, trusts and partnerships and natural persons acting on its behalf. These measures apply to these legal entities regardless of whether it is incorporated or originated in the Republic or elsewhere. This section applies to Trusts and Partnerships even though they are not incorporated entities and don’t have legal personality.
In respect of Trusts an accountable institution must in accordance with the FIC amendment Act and in accordance with its RMCP establish the nature of their clients’ business and the ownership and control structure of the client. The accountable institution must:
- Establish the identifying name and number of the trust, if applicable and take reasonable steps to verify the particulars;
- Establish the address of the Master where trust is registered, if applicable;
- Take reasonable steps to verify the particulars; and
- Establish the identity of the founder. Take reasonable steps to verify the identity of the natural persons.
Furthermore, accountable institutions must:
- Establish the identity of (and take reasonable steps to verify the natural persons) Trustee, and each natural person purporting to be authorised to enter into single transaction/business relationship on behalf of trust
- Establish the identity of each beneficiary referred to by name in trust deed or other founding instrument and take reasonable steps to identify the natural persons.
- If the beneficiaries are not referred to by name, the particulars of how the beneficiaries of the trust are to be determined and take reasonable steps to verify the particulars.
In respect of Legal Persons accountable institutions must:
- Establish the identity of the beneficial owner of the client by:
- Determining the identity of each natural person who (independently or together with another person) has a controlling ownership interest in that legal person;
If in doubt whether a natural person has the controlling ownership interest, or if no natural person has a controlling ownership interest, then identify each natural person who controls that legal person through other means. If the natural person cannot be identified through these means then –
- Determine the identity of each natural person who exercises control over the management of the legal person, including in his/her capacity as executive officer, non-executive director, independent non-executive director, director or manager;
- Take reasonable steps to verify identity of the beneficial owner of client. AI must be satisfied that it knows who beneficial owner is.
In respect of Partnerships accountable institutions must:
- Establish the identifying name of the partnership and take reasonable steps to verify the particulars;
- Establish identity of every partner, every member of the partnership en commandite, an anonymous partnership or any similar partnership;
- Establish identity of person who exercises executive control over partnership;
- Establish identity of each natural person who purports to be authorised to enter into a single transaction or establish a business relationship with the AI on behalf of the partnership
- Take reasonable steps to verify the natural persons so that AI is satisfied it knows the identities of these natural persons
Ongoing due diligence
Accountable Institutions must conduct ongoing due diligence in respect of a business relationship, including:
- Monitoring of transactions throughout the course of the business relationship and it includes;
- Source of funds: to ensure that transactions are consistent with AIs knowledge of client and client’s business and risk profile;
- The background and purpose of all complex, unusual large transactions & unusual patterns of transactions, which have no apparent business or lawful purpose
- Keeping information obtained for purpose of establishing & verifying the identities of clients pursuant to sections 21, 21A and 21B, up to date.
Doubts about veracity of previously obtained information
Accountable Institutions must repeat the verification steps mentioned in sections 21 and 21B if it at any point after entering into a single transaction or establishing a business relationship it:
- Doubts the veracity or adequacy of previously obtained information;
- Doubts information the accountable institution is required to verify as required in sections 21 and 21B.
Inability to conduct CDD
When an accountable institution is unable:
- To identify and verify client in terms of sections 21 & S21B;
- Or obtain information in terms of section 21A; or
- To conduct ongoing due diligence in terms of section 21C
Then an accountable institution must not:
- Establish a business relationship or conclude even a single transaction with client;
- Conclude a transaction in the course of a business relationship or perform any act to give effect to a single transaction;
An accountable institution must:
- Terminate an existing business relationship with a client, in accordance with its Risk Management and Compliance Programme; and
- Consider making a Suspicious and Unusual Transaction Report under section 29 of the FIC Act.
Domestic prominent influential persons (“Domestic PIPs”) and their family members and known close associates
This amendment and Schedule 3A of the FIC Amendment Act is bound to give accountable institutions sleepless nights. The first question to be answered is why is it important to know who exactly are Domestic PIPs and secondly who are they?
Why important: If the prospective client or the beneficial owner of the prospective client, is a domestic prominent influential person the AI must:
- Obtain senior management approval for establishing business relationship (again this apparently only applies to business relationships and not to single transactions);
- Take reasonable steps to establish source of wealth or funds of the client;
- Conduct enhanced ongoing monitoring of the business relationship,
Who is a Domestic PIP? See Schedule 3A for complete list:
- President, Deputy President, Ministers, Deputy Ministers, Premiers of provinces
- Member of Executive council of province, executive mayors
- Leaders of political parties
- Members of royal family or senior traditional leaders
- Head, accounting officer or CFO of national or provincial departments
- Officer of the SANDF above the rank of Major-General
- The chairperson of a board of directors, of the audit committee, executive officer or CFO
- The head, or other executive directly accountable to that head, of an international organisation based in RSA
It appears as if the FIC will be providing guidance and websites that can assist in determining who Domestic PIPs are. This article will deal with family members and known associates after dealing with Foreign Prominent Public Officials (Foreign PPOs), simply because it applies to both categories.
Foreign Prominent Public Officials (Foreign PPOs) and their family members and known associates:
As with Domestic PIPs in the case of Foreign PPOs, if the prospective client or the beneficial owner of the prospective client is a foreign prominent public official the accountable institution must:
- Obtain senior management approval for establishing business relationship
- Take reasonable steps to establish source of wealth or funds of the client
- Conduct enhanced ongoing monitoring of the business relationship
Schedule 3B contains a list of the Foreign PPOs which include:
- Head of State/ country/ government
- Member of a foreign royal family
- Government minister or equivalent senior politician/leader of political party
- Senior judicial official
- Senior executive of a state-owned corporation
- High ranking member of the military
Family members and known associates of Domestic PIPS and Foreign PPOs:
Yes, sadly the sections 21F & G of the FIC Act as amended also applies to immediate family members and known close associates of a person in a foreign or domestic prominent position. An immediate family member includes:
- Spouse, civil partner or life partner & previous ones
- Children and step children & their spouse, civil partner or life partner
- Siblings and step siblings and their spouse, civil partner or life partner
ASSISTANCE FROM THIRD PARTIES:
Undoubtedly the CDD requirements combined with the Risk Based Approach and the RMCP will be a challenge for accountable institutions. The Draft document for consultation purposes issued by the FIC clearly allows for third party verification. In paragraph 73 of the FIC Guidance the FIC states the following,” Verification of the client’s identity details that the accountable institution corroborates the person’s identity information by comparing this information with information contained in documents or electronic data issued or created by reliable and independent third-party sources.”. Paragraph 74 states that “Accountable institutions must now choose the type of information by means of which they will establish clients’ identities and the means of verification of clients’ identities.” Readers are also referred to paragraphs 80 to 83 of the FIC Guidance document. For purposes of clarity these paragraphs are quoted in its entirety below. It is quite clear though that the future of CDD looks rather different to the past. Herewith the relevant paragraphs:
Para 80: Accountable institutions making use of electronic data sources to verify a prospective client’s identity remain responsible and accountable in their own capacity for compliance with the requirements of the FIC Act. The use of electronic data sources in the verification process does not provide automatic indemnity from regulatory action relating to the institution’s compliance with these requirements. It is important therefore that accountable institutions apply due diligence in choosing electronic solutions as a means to enable verification of a prospective client’s identity
Para 81: If accountable institutions make use of electronic data sources they should apply the same test in principle as in the case of documentary sources, i.e. that the sources should be reliable and independent third-party sources and as, far as possible, the original source of the relevant information. Accountable institutions should likewise determine the level of confidence they place in particular electronic sources of corroboratory information. Solutions which allow prospective customers to manipulate source information in any manner should not be considered credible information sources to enable verification of customer particulars.
Para 82: A factor that may contribute to an accountable institution’s confidence in corroboration based on electronic sources is the size of a person’s “electronic footprint” in relation to the depth, breadth and quality of electronic information. This implies that accountable institutions would have a greater level of confidence in corroboration from electronic sources if they use information from multiple sources, and across time.
Para 83. The means of verification and the sources of corroboration an accountable institution uses in a given case are dependent on the extent to which the institution relies on the verification of the client’s identity as a means to mitigate ML/TF risk in that particular case (see the discussion on risk mitigation in Chapter 1 above).
As readers will pick up as we go through the series of articles CDD is one of the key elements in the RMCP and in an accountable institution’s anti-money laundering framework. If this is done properly, reporting to the FIC under the financial intelligence reporting obligations will be a breeze. It is also one of those compliance areas that can be very costly if not attended to properly. Internationally and domestically, even reputable institutions have had to bear the brunt and financial penalties for non-compliance in this area. Be forewarned.
Article written by Adv Jan Augustyn for Consumer Profile Bureau
Advocate Jan Augustyn has been a Regulator, and specifically an enforcer of compliance for over 15 years He has also witnessed the compliance challenges that industry faces through his consultation and legal representation over the last 3 years. Jan writes and conducts presentations on FICA and related issues. Jan has been appointed by Consumer Profile Bureau as their FICA Compliance counsel specialist.