Financial Intelligence Centre (FIC)
Financial Intelligence Centre (FIC)
4, FIC INSPECTIONS
Section 45A (1) provides that the Director or the head of a supervisory body, as the case may be, may appoint any person in the service of the centre or supervisory body or any other suitable person as an inspector. Section45B(1)(b) provides that an inspector appointed in terms of section 45A may enter the premises, excluding a private residence, of an accountable institution or reporting institution which is registered in terms of section 43B or otherwise licensed or authorised by a supervisory body and inspect the affairs of the accountable institution or reporting institution for the purpose of determining compliance.
Section 45B(1A) provides that an inspector appointed in terms of section 45A may, for the purpose of determining compliance and on the authority of a warrant issued under subsection (1B), enter, and inspect-
- A private residence or
- Any premises other than premises contemplated in subsection (1)(b) or paragraph (a) (in this section referred to as “unlicensed business premises),
If the Centre or a supervisory body reasonably believes that the residence or premises are used for a business to which the provisions of this Act apply.
4.1.1. SCOPE OF FIC INSPECTIONS
The FIC Act comprise of various compliance obligations, and these are tested during an inspection by an inspector and includes, inter alia:
- The accountable institutions risk-based approach (including business risk assessments, new products and process risk assessment, and client risk assessment methodology);
- Client identification and verification;
- Scrutinising of client information against the targeted financial sanctions lists;
- Scrutinising of client information to identify domestic prominent influential persons and prominent influence persons;
- Record keeping;
- Compiling of a Risk Management and Compliance Programme (RMCP);
- Appointment of a person responsible for compliance;
- Training of employees;
- Registration with FIC.
4.2. RISK MANAGEMENT AND RISK-BASED APPROACH
Risk Based Approach is the identifying the highest compliance risks to your organisation, making them a priority for the organisation's compliance controls, policies and procedures. Property practitioners, as accountable institutions are required to apply a risk-based approach when establishing a business relationship and/or conducting a single transaction with a client. This requirement aligns with the Financial Action Task Force (FATF), which sets international standards on combating money laundering and terrorist financing.
4.2.1. What is risk in terms of FIC Act
Risk - refers to the impact or likelihood of ML/TF taking place in an institution. Inherent risk or the level of risk that exist before mitigation, not residual risk or the level of risk that remain after mitigation. Therefore, from a money laundering and terrorist financing view, ML/TF risks will include the following elements:
- Threat – persons or objects with the potential to cause harm.
- Vulnerability – things that can be exploited by the threat or facilitate its activities.
- Consequences – refers to impact of a threat or exploitation of a vulnerability.
4.2.2. What is risk-based approach
Risk Based Approach (RBA) - in this context, requires a property practitioner to identify, analyse, assess, mitigate, and monitor inherent ML/TF risk associated in doing business with customers to prevent ML/TF activities. To successfully implement a risk-based approach, a property practitioner is required to.
- Conduct business risk assessments, new product and processes risk assessments and client risk assessments, this is influenced by the nature of your business, size, structure, range of products and services offered by your business, and the various clients.
- Make provision for risk indicators – for example indicator relating to products - to what extent does your product provide anonymity to clients, can the product be funded by cash or does the product allow the flow of cash, what is the cost of the product.
- Implement risk identification measures – property practitioner should then assess, understand, its money laundering risk posed by its product as an example, it is important to note that the risk must be assessed at regular intervals based on the changes that occur in the institution internally and externally.
- Implement risk rating mechanism – implies assigning distinct categories to various levels of risk according to a risk scale and classifying the money laundering and terrorist financing risk. Under those circumstances the property practitioner would be expected to rate their customers, products, services, delivery channels, geographic areas involved and other risk factors, where applicable.
- Implement Risk Matrix mechanism –may be made up of different components to evaluate a particular client, product, transaction, or service in its entirety.
- Implement risk management and risk mitigation measures.
Section 42 of the FIC Act requires property practitioners to develop, document, maintain and implement a Risk Management and Compliance Programme (RMCP). An RMCP should comprises of policies, processes and procedures, systems, and controls to be implemented by and within the property practitioner’s business. Therefore, an RMCP is underpinned by a risk-based approach as espoused in section 42 of the FIC Act and it must take the following into consideration:
- The board of directors, senior management or other person, or group of persons exercising the highest-level authority in the property practitioner’s business must approve the RMCP.
- It must be reviewed at regular intervals.
- Can be tailor-made to the needs of the institution.
- Unique to circumstances of the institution.
- Institutions differ in size, diversity, sophistication.
- Provide for more flexibility to exercise in determining the extend of information applicable.
- Permit greater control on how to satisfy FIC requirements.
- It is an individual firm responsibility not collective
(05 August 2022)