The South African Reserve Bank (SARB) this month announced details of the administrative sanctions it has imposed on a life insurer, a microinsurer, and a bank for non-compliance with the Financial Intelligence Centre Act (FICA).
The non-compliance did not concern facilitating transactions relating to money laundering or the financing of terrorism.
The non-compliance was discovered by the Prudential Authority (PA) during inspections. The PA, operating within the administration of the SARB, is mandated to supervise and enforce compliance by accountable institutions with the provisions of FICA.
The three entities co-operated with the PA and undertook the necessary remedial action to address the identified compliance deficiencies and control weaknesses.
Assupol Life
The SARB sanctioned Assupol Life for non-compliance uncovered during an inspection conducted in 2020. The sanctions consist of three cautions, a reprimand, and a financial penalty of R4 million.
The SARB said the inspection identified the following areas of non-compliance:
- Not conducting customer due diligence (CDD). Assupol was cautioned not to repeat the conduct that led to the non-compliance and fined R1.5m.
- Not keeping client records, for which Assupol was reprimanded and cautioned.
- Not adequately developing and implementing a Risk Management and Compliance Programme (RMCP), which included:
- adequately developing, documenting, and/or implementing CDD processes and procedures for low risk-rated products;
- adequately developing, documenting, and/or implementing processes and procedures for the identification of beneficial owners of legal persons, trusts, and partnerships;
- adequately developing, documenting, and/or implementing processes and procedures to sanction screen all its clients at onboarding;
- adequately developing, documenting, and/or implementing processes and procedures to determine whether a prospective client is a domestic prominent influential person;
- adequately developing, documenting and/or implementing processes and procedures to provide for how records are to be kept;
- adequately developing, documenting, and/or implementing a risk-rating framework; and
- adequately developing, documenting, and/or implementing its RMCP by not enabling the risk-rating categorisation of clients as low risk.
The PA cautioned Assupol and imposed a fine of R2.5m.
Monarch Insurance
The SARB sanctioned microinsurer Monarch Insurance for non-compliance discovered during an inspection conducted in 2022. The sanctions consist of a reprimand, two cautions, and a fine of R1m, of which R200 000 was conditionally suspended for 36 months from 10 June 2024.
The administrative sanctions imposed on Monarch stem from the following non-compliance:
- Monarch failed to register with the Financial Intelligence Centre (FIC) as an accountable institution. The microinsurer was reprimanded for this non-compliance.
- Monarch failed to provide ongoing anti-money laundering and combating the financing of terrorism compliance training to its employees. Monarch was cautioned and fined R500 000, of which R100 000 was conditionally suspended for 36 months.
- Monarch failed to adequately develop and implement its RMCP, including to:
- develop, document, maintain, and implement an RMCP;
- identify, assess, monitor, mitigate, and manage its money laundering and terrorist financing risks; and
- approve its RMCP.
The PA cautioned Monarch and imposed a fine of R500 000, of which R100 000 was conditionally suspended for 36 months.
State Bank of India
The State Bank of India (SBI) was sanctioned for non-compliance uncovered during an inspection in May 2020.
SBI received four cautions and was fined R10m, of which R4.5m was conditionally suspended for 36 months from 13 July 2023.
The administrative sanctions imposed on SBI stem from the following non-compliance:
- SBI failed to conduct basic and enhanced CDD. SBI was cautioned and fined R5m, of which R3m was conditionally suspended for 36 months.
- SBI failed to comply with its cash threshold reporting obligations. SBI was reprimanded and cautioned not to repeat the conduct that led to the non-compliance.
- SBI failed to comply with section 42 of FICA, read with FIC Directive 5/2019, in that:
- Its money laundering and terrorist financing risk assessment failed to provide a rationale for the different risk rating scores allocated to the assessed risk factors, no rationale for risk mitigating decisions was undertaken, no rationale for the controls was applied, and there was a failure to evidence that all the requisite risk factors were being considered, including, consideration of in-country specific risk factors and institution-specific risk factors.
- Its RMCP did not document the governance structures responsible for approving the RMCP framework (risk assessment and methodology), as well as the process thereof and the different levels of management approval that would be required to make amendments or updates to the RMCP.
- The Automated Transaction Monitoring System employed ineffective transaction monitoring rules, and there were deficiencies linked to the timeous closure of the alerts, as well as deficiencies linked to the closure of alerts without adequate reasons being provided.
SBI was cautioned and fined R4m, of which R1.5m was conditionally suspended for 36 months.
- SBI failed to comply with section 42A because it failed to ensure compliance with sections 28, 29, and 42(2) of FICA. The PA imposed a caution and a fine of R1m.
Section 28 requires an accountable institution to report cash transactions that exceed the prescribed limit, section 29 requires an accountable institution to report suspicious and unusual transactions, and 42(2) requires an accountable institution to implement an RMCP. Section 42A requires a board of directors or senior management to ensure that an accountable institution complies with FICA and the RMCP.
