South Africa
Financial Sector Assessment Program-Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT)-Technical Note

This Technical Note discusses findings and recommendations made in the Financial Sector Assessment Program (FSAP) for South Africa in the areas of anti-money laundering and combating the financing of terrorism (AML/CFT). The AML/CFT supervisory framework for the financial sector, in particular the banking sector, has been strengthened by the amended Financial Intelligence Center (FIC) Act that took effect in 2010 and the creation of the AML/CFT supervision team within Banking Supervision Department (BSD) of the South African Reserve Bank (SARB). Significant technical deficiencies remain, such as the absence of requirements to identify and verify the identity of beneficial owners of customers and to apply enhanced diligence to high-risk situations.

Abstract

This Technical Note discusses findings and recommendations made in the Financial Sector Assessment Program (FSAP) for South Africa in the areas of anti-money laundering and combating the financing of terrorism (AML/CFT). The AML/CFT supervisory framework for the financial sector, in particular the banking sector, has been strengthened by the amended Financial Intelligence Center (FIC) Act that took effect in 2010 and the creation of the AML/CFT supervision team within Banking Supervision Department (BSD) of the South African Reserve Bank (SARB). Significant technical deficiencies remain, such as the absence of requirements to identify and verify the identity of beneficial owners of customers and to apply enhanced diligence to high-risk situations.

Executive Summary1

1. This note sets out the findings and recommendations made in the Financial Sector Assessment Program (FSAP) for South Africa in the areas of anti-money laundering and combating the financing of terrorism (AML/CFT). It summarizes the findings of the targeted review of certain aspects of South Africa’s AML/CFT system undertaken in the context of the FSAP from June 17–24, 2014, and is based on the FSAP team’s analysis of the relevant legal and policy documents, as well as extensive discussions with the relevant authorities and private sector representatives.

2. South Africa has made significant progress in improving its AML/CFT legal and institutional framework since it was last assessed against the AML/CFT standard in 2008. Notably, the AML/CFT supervisory framework for the financial sector, in particular the banking sector, has been strengthened by the amended Financial Intelligence Center (FIC) Act that took effect in 2010 and the creation of the AML/CFT supervision team within Banking Supervision Department (BSD) of the South African Reserve Bank (SARB). Law enforcement efforts have also been strengthened by the creation of the Directorate for Priority Crime Investigation (DPCI) within the South Africa Police Service as a specialized unit responsible for investigations of money laundering (ML) and other serious proceeds generating crimes. Draft amendments to the FIC Act under consideration are expected to address most of the remaining deficiencies in the legal framework for AML/CFT preventive measures and supervision of the financial sector, and to introduce a risk-based approach (RBA) to AML/CFT preventive measures. However, significant technical deficiencies remain, such as the absence of requirements to identify and verify the identity of beneficial owners of customers and to apply enhanced due diligence to high risk situations.

3. Although they have not conducted a comprehensive assessment of the money laundering/financing of terrorism (ML/FT) risks, the South African authorities seem to have a reasonable understanding of the ML risks that confront the country. There is a broadly shared perception among the authorities and the private sector that corruption, fraud, and organized crime generate most criminal proceeds in South Africa. The banking sector and its supervisor tend to agree that as the major financial center in the region, the South African financial system, in particular banks, acts as the gateway for funds flowing from sub-Saharan countries to the rest of the world, including for potential foreign proceeds of crimes such as corruption. In addition, the opaqueness of the informal sector in the South African economy is considered by the authorities to pose a risk that illegal activities are occurring without being detected. South Africa is in the initial stages of conducting its first national assessment of the ML/FT risks (NRA), but there is no inter-agency mechanism dedicated to national AML/CFT policy making, which could help facilitate this exercise. It is recommended that the authorities press ahead as a matter of priority with this key initiative, and conduct it in an inclusive and cooperative manner. The outcome should facilitate the setting of priorities and allocation of resources, as well as inform the implementation of risk-based measures by the private sector.

4. Measures have been taken to strengthen the monitoring of the compliance of financial institutions, notably banks, with AML/CFT requirements and certain aspects of the international standard outside the current legal framework; such measures have included the initial efforts of supervisors to apply a risk-based approach to their activities. The BSD has exercised the strengthened powers granted by the 2010 amendments to the FIC Act to promote AML/CFT compliance by conducting on-site inspections and off-site monitoring, as well as imposing sanctions for non-compliance. The FIC has provided some guidance to banks by issuing Public Compliance Communications (PCCs) and participating in periodic meetings and workshops held by the BSD with banks. The transition from a rules-based supervisory approach to a risk-based one has begun, but will take time to mature. Going forward, this transition should be supported by appropriate legal reform, a sound and inclusive NRA, clearly communicated supervisory expectations and more practical guidance to banks, and an appropriate level of AML/CFT supervisory resources for the BSD.

5. The financial industry, especially the banks, supervisory bodies, and law enforcement agencies, seem to be focusing more or less on the main ML risks that they perceive, but the effectiveness of their efforts is being hampered by lack of information on beneficial ownership and capacity weaknesses. Banks seem to be implementing some enhanced measures, sometimes beyond the requirements of the current legal framework, to address perceived high-risk areas such as relationships with foreign and domestic politically exposed persons and cross-border correspondent banking relationships. Cooperation between the FIC and the DPCI in pursuing cases of money laundering and major predicate crimes such as corruption and fraud appears to be effective. The criminal justice system also seems to have become more effective in securing more ML convictions, although there is a clear lack of capacity to handle complex cases including those that involve third parties (e.g., attorneys) in the laundering process. In addition, non-conviction-based forfeiture has proved effective. However, the difficulty in obtaining information on beneficial ownership and in maintaining an ongoing understanding of their customers seriously impedes the financial institutions’ ability to detect and report suspicious transactions, and thus the FIC’s ability to produce quality intelligence for law enforcement agencies and the latter’s effectiveness in pursuing ML investigations. Going forward, it is crucial that the legal and institutional framework be strengthened to ensure the availability and accessibility of up-to-date and accurate information on beneficial ownership and control of legal persons.2 Capacity should be strengthened especially within the law enforcement and prosecutorial agencies to enable them to pursue complex ML cases. In addition, greater granularity of statistics with respect to financial intelligence disseminations, investigations into and convictions for ML and predicate crimes would enable the authorities to better monitor the effectiveness of their AML/CFT system.

Table 1.

Main Recommendations for AML/CFT

article image

Introduction

6. South Africa’s anti-money laundering and combating financing of terrorism (AML/CFT) system was last assessed in 2008.3 The assessment was conducted jointly by the Financial Action Task Force (FATF)—the standard setter—and the Eastern and Southern Africa Anti-Money Laundering Group against the 2003 FATF 40+9 Recommendations and on the basis of the corresponding assessment methodology. In light of the FATF’s current schedule of mutual evaluations, South Africa is expected to undergo a comprehensive assessment against the recently revised standard and methodology4 after 2017.

7. This technical note provides a targeted review of South Africa’s AML/CFT system in the context of the Financial Sector Assessment Program (FSAP).5 It is not a comprehensive assessment against the full set of FATF Recommendations, but rather a review of specific aspects of South Africa’s AML/CFT framework which were found deficient in the previous assessment and could potentially pose elevated money laundering (ML) risks, based on staff’s understandings prior to the mission.6 More specifically, the review focused on:

  • ML risks, in particular with respect to the proceeds of corruption and financial fraud, especially within the banking sector;

  • Measures taken since the 2008 assessment to strengthen AML/CFT preventive measures and the AML/CFT supervisory framework for banks;

  • Measures taken to address the cross-border risks, including risks emerging from banking relationships with foreign politically exposed persons; and

  • Measures taken to ensure that beneficial ownership information of legal persons is available to competent authorities on a timely basis.

8. Staff was guided by the current FATF 40 Recommendations and assessment methodology, and based its analysis on the review of available information and on discussions held during a mission undertaken from June 17 to 24, 2014. Staff reviewed available information including the Mutual Evaluation Report (MER), the documentation submitted by South Africa to FATF on progress made since the last mutual evaluation, and other documents provided by the authorities.

9. During the mission, staff conducted meetings with representatives of: the National Treasury (NT), Financial Intelligence Center (FIC), South African Reserve Bank (SARB), Financial Services Board (FSB), Directorate for Priority Crime Investigation (DPCI) within the South African Police Service (SAPS), National Prosecuting Authority (NPA), Anti-Corruption Task Team (ACTT), Companies and Intellectual Property Commission (CIPC), Department of Public Service and Administration, Banking Association of South Africa (BASA), Law Society of South Africa, and a sample of four commercial banks operating in South Africa.

10. The key findings of the mission are presented in this paper. The paper aims at providing a targeted update rather than a comprehensive assessment, and therefore does provide ratings of compliance against specific FATF Recommendations or Immediate Outcomes.

Progress Since the Last Assessment

A. Main Findings of the 2009 MER

11. The MER indicated that South Africa was vulnerable to the laundering of criminal proceeds. The MER noted that South Africa’s economy remains primarily cash-based, and that fraud, corruption, and smuggling of precious metals were perceived by the authorities to be the main proceeds-generating crimes.7 Funds were noted to be laundered by lawyers or other service providers and through the establishment of shell companies. In addition, the assessors also found that the high level of development of South Africa’s financial system contributed to its vulnerability to misuse by domestic and foreign money launderers.

12. The MER noted that South Africa has a relatively strong legal and institutional AML/CFT framework. The criminalization of money laundering and terrorist financing was deemed to be largely in line with international standards. The systems for criminal (and civil) confiscation were also found to be largely in line with the standard. The FIC was considered to be operating effectively as the financial intelligence unit of the country and providing support to the investigatory and prosecutorial efforts to fight ML/FT.

13. However, a number of technical shortcomings were identified, notably with respect to AML/CFT preventive measures across the range of financial institutions. These shortcomings included the absence of requirements to identify and verify beneficial owners8 of customers or assets held; conduct ongoing due diligence; identify and apply enhanced scrutiny on foreign politically exposed persons (PEPs); take enhanced measures regarding high risk scenarios (such as cross-border correspondent banking relationships); and ensure compliance with the South African requirements by financial institutions’ foreign branches and subsidiaries. Deficiencies were also noted in the framework for AML/CFT supervision of financial institutions; the sanctions for non-compliance, in particular, were not considered to be sufficiently dissuasive, proportionate, and effective. In addition, there were significant shortcomings regarding measures to ensure that accurate information on the beneficial ownership and control of legal persons and arrangements (e.g., trusts) is available to competent authorities in a timely manner.

14. The MER further suggested that South Africa appeared not to have effectively mitigated its ML risks. As noted above, the AML/CFT preventive measures, in particular customer due diligence (CDD) measures, were suffering from a number of deficiencies, and this was hampering the financial institutions’ ability to detect suspicious transactions. AML/CFT supervision of the banking sector also appeared to lack effectiveness, partly due to the limited range of sanctions available for non-compliance with AML/CFT requirements. In addition, it was unclear how effective the authorities were in focusing their AML/CFT supervisory efforts on institutions with higher ML/FT risks. Finally, the low level of ML investigations and prosecutions compared to the perceived level of proceeds-generating crimes suggested that money launderers were not being adequately sanctioned.

B. Subsequent Developments

15. South Africa has made significant progress in improving its AML/CFT legal and institutional framework since the 2008 mutual evaluation. The legal and institutional frameworks for AML/CFT supervision have been strengthened. The 2010 amendment to the FIC Act introduced administrative sanctions for non-compliance with the Act and expressly empowered the supervisory bodies, including the SARB and FSB, to carry out inspections and compel production of records and information from institutions to enforce compliance with the Act. A specialized team was established within the Banking Supervision Department (BSD) of the SARB in 2012 to carry out AML/CFT supervision of banks.9 Similarly, a division was created under the Financial Surveillance Department of the SARB to oversee compliance of the dealers in foreign exchange with limited authority with the FIC Act. The FSB also designated dedicated teams to carry out AML/CFT supervision of the regulated entities.

16. The investigation of ML and serious predicate crimes has been streamlined and strengthened by the creation of the DPCI within SAPS. Legislation enacted in November 2008 established the DPCI as the responsible body for the investigation of “national priority crimes” including organized crime, corruption, economic crime such as ML, and other serious crimes such as crimes against the state including FT.

C. Draft Amendments to the FIC Act

17. Draft amendments to the FIC Act are now being considered and are expected to address most of the remaining legal deficiencies in AML/CFT preventive measures, strengthen supervision of the financial sector, and introduce an RBA to AML/CFT preventive measures. The authorities expect the draft bill to be tabled in Parliament in late 2014.

ML/FT Risks and National AML/CFT Strategy

18. While the NT is formally in charge of the financial integrity policy framework, the FIC has been de facto playing this role over the past years. The NT is responsible for the design of the overarching regulatory framework for the financial sector, including for financial integrity issues. It is, however, the FIC that has actually taken the lead in the development of policy initiatives regarding the national AML/CFT regime. In terms of legal reform, for instance, the FIC took the initiative of preparing the draft bill mentioned above and leading the consultations within the government as well as with the private sector, while the NT coordinated this process.

19. There are no formal mechanisms for national inter-agency cooperation and coordination dedicated to AML/CFT issues for policy or operational purposes. Instead, the authorities that have AML/CFT responsibilities cooperate with each other within “clusters” (e.g., special sub-committees of the cabinet) specialized in areas such as financial supervision and criminal justice.

20. South Africa is at the initial stage of preparing its first national assessment of the ML/FT risks. While informal discussions have begun between the FIC and the law enforcement agencies on ML/FT threats, a formal national risk assessment (NRA) has not yet been launched. This exercise is expected to be organized through relevant cabinet clusters, but a specific governance structure, including the lead agency and the participating parties, needs to be defined by cabinet. The authorities have indicated their intention to make the process an inclusive one with the involvement of all government agencies that play a role in AML/CFT. However, it is not entirely clear whether and how the private sector would be involved in the exercise.

21. Despite the absence of an NRA, the FIC, SARB, FSB, DPCI, and NPA seem to share a reasonable understanding of some aspects of ML risks faced by the country, which has to some extent directed their priorities. In terms of the types of proceeds-generating crimes, corruption, organized crime, economic crime (such as ML), and other serious crimes have been identified as “priority crimes,” and specialized units have been established within the law enforcement and prosecutorial agencies to target those crimes. These cover the main crimes that seem to have generated most of the proceeds domestically, which were also identified by staff prior to the mission. With an understanding of the ML risks faced by the South African banks acting as the gateway for funds flowing from the sub-Saharan countries to the rest of the world, SARB has also made efforts to direct resources towards products and services which are perceived to be more vulnerable to misuse by launderers, such as trade finance and correspondent banking. While the FIC’s analysis of suspicious transaction reports (STRs) has showed some indication of attorneys, corporate vehicles, and trusts potentially being misused by money launderers, the authorities have not established how significant these risks are.

22. However, the authorities’ understanding of risk is not sufficiently comprehensive. It appears that the priority crimes were not identified on the basis of a comprehensive assessment of risks. No consideration has been given to the comparative level of vulnerabilities of various sectors. Although it has been noted by the industry as well as the supervisor that South African banks may be vulnerable as a gateway for the sub-Saharan funds (including for possible foreign proceeds of crimes such as corruption) flowing to the rest of the world, such potential threats have been given little attention by the law enforcement or prosecutorial authorities. In addition, some potential risks, such as the misuse of attorneys and corporate vehicles, have not been sufficiently examined or targeted.

23. Similarly, the authorities have not conducted any in-depth research on the size, composition, and specific features of the informal sector that may make it vulnerable to misuse. The opaqueness of the informal sector in South Africa poses a risk of illegal activities occurring without being detected. The South African government has been promoting financial inclusion at the national level. As a result, the percentage of the unbanked population has decreased over the past decade. Nonetheless, the authorities believe that a significant portion of the population still relies on the informal sector, and this is supported by the research conducted by some non-governmental organizations.10 However, the authorities’ understanding of the size, composition, and other characteristics of the informal sector seems rather limited.

A. Key Recommendations

24. The authorities are strongly encouraged to press ahead with the NRA as a matter of priority in a cooperative and inclusive manner. An inter-agency mechanism should be established at the national level to facilitate the conduct of the NRA. Building on the various agencies’ understanding of ML risks, the NRA exercise should enable discussions to be held among all stakeholders including the private sector to obtain a more in-depth understanding of the ML/FT risks faced by South Africa. The NRA should cover (i) ML/FT threats in terms of the main proceeds of crimes generated, domestically or abroad, which may be laundered in or channeled through South Africa; (ii) the vulnerabilities of various sectors and the products/services they offer (including those related to the potentially large informal sector and the relatively low level of financial inclusion); and (iii) the adverse economic and social consequences caused if the risks were to materialize.11 The results of the NRA should then inform national policy making, including whether further legislative amendments are needed, and allow the competent authorities and the private sector to direct resources to target areas with higher risks.

AML/CFT Measures in the Financial Sector

A. Preventive Measures in the Banking Sector

25. AML/CFT preventive measures, in particular with respect to CDD, remain deficient. In the absence of legislative amendments in this respect, the FIC has tried to address in its Guidance Notes (GNs) some of the shortcomings in the current legal framework, such as the absence of a requirement for enhanced due diligence measures for PEPs. However, these measures are not anchored in the current FIC Act and are not enforceable. As a consequence, there are no legal obligations to identify and verify the identity of beneficial owners, conduct ongoing due diligence, and apply enhanced due diligence on PEPs and other high risk customers or scenarios.

26. Notwithstanding the remaining deficiencies in legal framework with respect to CDD requirements, banks seem to be implementing measures to manage and mitigate the main ML risks they perceive. To varied degrees, some banks have developed frameworks to assess ML/FT risks and apply enhanced measures for high risk customers and business relationships such as domestic and foreign PEPs, and cross-border correspondent banking relationships. However, the BSD’s inspections have found that some banks do not have appropriate systems to identify higher risk situations and, consequently, do not apply enhanced measures in all instances where these may be justified. There is little information on the manner in which CDD measures are being applied by banks that have not yet undergone an AML/CFT inspection, and these comprise almost half of all banks operating in South Africa.

27. The identification and verification of the identity of beneficial owners, including those of customers that are legal persons, remains a significant challenge. In the absence of a legal requirement to identify and verify the identity of beneficial owners, the type of measures implemented by banks concerning beneficial owners varies. Some banks indicated that they identify beneficial owners when they consider the risks posed by a customer are higher. Nonetheless, it seems that the majority of banks do not try to identify individuals beyond legal ownership. Overall, banks consider it a very significant challenge for which more guidance is needed from the supervisor.

28. Although banks seem to have systems and procedures in place to detect suspicious transactions and file STRs, the difficulty in obtaining information on beneficial ownership seriously impedes banks’ ability to detect suspicious transactions effectively. Banks rely on automated systems to a large extent not only to detect reportable cash transactions as required by law, but also suspicious transactions. According to the FIC, although the number of STRs filed by banks to the FIC has increased significantly over the past years, the quality of STRs needs improvement. According to the FIC, the banks’ inability to detect some reportable suspicious transactions is due to their incomplete understanding of customers and their beneficial owners. The information on typologies provided by the FIC through workshops is useful to banks, but the sole typology report published by the FIC does not seem to be sufficiently informative to help banks detect suspicious transactions. The FIC does not keep statistics on the disseminations made to law enforcement agencies based on STRs filed by banks, so there was no indication as to how useful they were.

Table 2.

STRs Filed by Banks: 2008–2013

article image
Source: FIC.

B. AML/CFT Supervision of Banks

29. The AML/CFT supervision of banks has been strengthened significantly since 2011. The amendment to the FIC Act in 2010 strengthened the BSD’s powers to conduct AML/CFT supervision of banks, including the power to carry out on-site inspections. The sanctions regime has been improved to provide for administrative sanctions for non-compliance with AML/CFT requirements. The BSD established a specialized AML/CFT supervision team (“AML/CFT Unit”) in 2011, which comprises nine inspectors and two managers. The AML/CFT Unit has developed some AML/CFT supervisory tools, including a supervision manual that covers various aspects of supervision such as on-site inspections, off-site monitoring, and sanctions.

30. The BSD has conducted on-site inspections and some off-site monitoring to assess banks’ compliance with the FIC Act. During the period of April 2012 to June 2014, the BSD conducted 19 AML/CFT on-site inspections on 18 out of 34 banks, including local banks and branches and subsidiaries of foreign banks. Each inspection took around 4–6 weeks to complete, during which the inspectors reviewed banks’ AML/CFT related policies and procedures and conducted sample testing of customer profiles and transactions. Apart from the on-site inspections, all banks are required to submit quarterly returns that contain rather limited information such as the number of STRs filed. Furthermore, the AML/CFT inspectors attended quarterly prudential meetings held by the BSD with five large banks to discuss AML/CFT compliance issues. The BSD also conducted AML/CFT compliance workshops with a few banks individually to discuss specific issues and provide guidance. To address the risks arising from foreign branches of some South African banks, the BSD has coordinated with its foreign counterparts in planning joint inspections of a few foreign branches of South African banks, to be conducted in 2015. Overall, the BSD is of the view that the level of banks’ compliance with the FIC Act has increased since it started on-site inspections in 2012.

31. The BSD has exercised its strengthened powers to sanction banks that have been found non-compliant with the FIC Act. The FIC Act, as amended in 2010, provides more proportionate and dissuasive sanctions for banks (and other reporting entities) for non-compliance with AML/CFT requirements, which includes warning, reprimand, directive to take remedial action, restriction of certain businesses, and financial penalty. For banks, these administrative sanctions are imposed by the Registrar of banks. However, in practice, when the BSD sees the necessity of sanctions based on its findings, it proposes to the Registrar that administrative sanctions be imposed on non-compliant banks. There have been no instances where BSD’s proposals have been rejected by the Registrar. In April 2014, administrative fines were levied on four large banks that were inspected in 2013 for non-compliance with requirements with respect to CDD, record keeping, detection of STRs, and detection of terrorist assets. Except for one, all the banks were inspected only once since the AML/CFT Unit came into being, so none of them had received any adverse supervisory actions (such as a warning) prior to being fined. Therefore the fines may not necessarily be an indication of enduring serious shortcomings that lighter supervisory actions (such as warnings) had failed to correct. One of the four banks fined by the BSD was also sanctioned by a foreign supervisor in early 2014. Other banks inspected were required to take remedial actions and report back periodically on progress made in implementing these actions.

32. There has been some coordination between the BSD and the FIC in engaging with the industry and providing guidance to promote compliance with the FIC Act, but more is needed. The FIC issued GNs in consultation with the supervisory bodies including the BSD. Meetings are held quarterly by the FIC with the supervisory bodies including the BSD to discuss issues arising from the STRs filed during the period, as well as other issues such as the development of guidance. The FIC has also issued PCCs12 in response to institutions’ inquiries regarding interpretation issues. Although the BSD has not issued any formal guidance on its own, it has provided advice during inspections and other interactions with banks to promote their compliance with the FIC Act. In some cases, banks found the guidance or advice provided by BSD and FIC to be inconsistent. The BASA has established a committee responsible for issues related to compliance with the FIC Act. Although the BASA’s efforts to have more guidance on AML/CFT were welcomed by banks, it has not been supported by the FIC or BSD. In general, the guidance provided by the authorities so far seems inadequate and the engagement with the banking sector has been far more limited than expected by the sector.

C. Application of Risk-Based Approach to AML/CFT Measures and Supervision of Banks

33. The BSD’s supervisory expectations have extended beyond the legal framework for preventive measures to require implementation of non-binding FIC GNs and aspects of the international standard that are not covered in the FIC Act. This is the case notably with respect to banks’ application of the RBA to AML/CFT measures, such as enhanced CDD measures for PEPs, cross-border correspondent banking relationships, and other high risk situations, which are covered by the GNs, but not embedded in the current legal framework. The BSD stated that their AML/CFT supervision benchmarks are set against the GNs and the revised FATF standard, and where the GNs are not being followed, the institutions need to explain why. This statement was confirmed to a large extent by banks. For instance, as part of the preparation for an on-site inspection, banks were requested to submit a self-assessment of their ML/FT risks, even though this is not requested in law or other enforceable means.

34. The BSD’s supervisory practices have not been fully adapted to banks’ application of RBA to preventive measures. Although the GNs have incorporated some elements of RBA, and the BSD’s emphasis on the implementation of RBA is understood by the institutions, in practice the BSD has adopted a more rules-based approach, which has created some confusion among banks about the supervisory expectations. According to some banks, BSD examiners have taken a zero-tolerance approach and were overly focused on technical issues rather than institutional control systems to manage ML/FT risks. This misalignment may partly be attributed to the lack of a legal framework for implementing RBA in the AML/CFT preventive measures. Furthermore, banks have received very little practical guidance on the application of RBA for the same reason.

35. The BSD has taken steps to move toward risk-based AML/CFT supervision. Although the BSD has not formally adopted a risk-based approach to AML/CFT supervision, it has developed some preliminary tools to assess banks’ respective ML/FT risk exposure, with a view to directing its limited resources to higher risk institutions. In practice, the BSD seems to have focused on large banks. This decision may have been partly driven by the fact that banks that are part of foreign financial groups have to comply with stricter foreign rules. Overall, the tools and the data collected are not sufficiently comprehensive to enable the prioritization of supervisory targets to be based on a sound assessment of the comparative level of banks’ ML/FT risk exposures and the robustness of control systems.

D. AML/CFT Supervision by FSB

36. The Financial Advisory and Intermediary Services Department (FAIS), the Insurance Department, and the Collective Investment Schemes (CIS) Department within the FSB are responsible for AML/CFT supervision of financial service providers (FSPs), long-term insurers, and CIS managers, respectively. They monitor the institutions’ compliance with the FIC Act by reviewing the compliance reports submitted by the institutions and conducting on-site visits. In particular, the FAIS has made some efforts to target institutions that it perceives are exposed to higher ML/FT risks and has developed some supervisory tools for this purpose. It also expects the FSPs to establish a ML/FT risk management framework and, when the risks are higher, apply enhanced measures, which go beyond the current legal framework. The mission is not in a position to assess how effectively these measures are mitigating the ML risks faced by the FSPs. The FAIS has also, in consultation with the FIC, provided advice to FSPs to promote their compliance with the FIC Act. Overall, the FAIS seems satisfied with the compliance level of the sector it oversees and has therefore not had reason to apply the administrative sanctions provided by the 2010 amendment to the FIC Act. Instead, remedial actions have been requested of some FSPs where shortcomings were identified, and, according to the FSB, these FSPs have taken the requested remedial actions.

E. Key Recommendations

37. As a matter of priority, financial institutions including banks should be required by law to identify and verify the identity of beneficial owners of customers or assets held. The authorities expect that the draft amendment to the FIC Act currently being considered, once enacted, will provide for such obligations. The authorities are recommended to accelerate the legislative process and bring the legal framework for preventive measures, including those concerning the identification and verification of beneficial ownership, in line with the FATF standard. Upon the enactment of an appropriate legal framework, the FIC and supervisory bodies including the BSD should work together to develop and provide more guidance to the private sector with respect to the identification and verification of beneficial owners of legal persons to improve banks’ ability to know their customers and detect suspicious transactions.

38. The BSD should further adapt its supervisory expectations and practices to facilitate the ongoing transformation of banks’ AML/CFT framework from rules-based to risk-based. The transformation of banks’ AML/CFT framework from rules-based to a risk-based one has begun, but will take time to complete. To facilitate this process, the BSD should focus more on the robustness of banks’ ML/FT risk management framework and less on occasional failures. It should set clear and reasonable expectations that are communicated to all banks to ensure a level playing field. The FIC and BSD should coordinate to provide more guidance to and better engage with the institutions.

39. The BSD’s risk-based AML/CFT supervision also needs to improve. The BSD should complete its first supervisory cycle of all 34 banks, and consider formally adopting a RBA to AML/CFT supervision. It should further develop its risk-based supervisory tools so that the prioritization of inspection targets can be based on sound assessments of banks’ ML/FT risks. The enhanced tools should also help assess the adequacy of BSD’s AML/CFT resources and identify the potential need for an increase.

Investigation, Prosecution and Conviction of ML and Main Predicate Crimes

A. Access to Information on Beneficial Ownership of Legal Persons

40. Except for public companies that are subject to disclosure requirements, information on the beneficial ownership of legal persons is not readily available to competent authorities and financial institutions. The South African law allows for the creation of two types of legal persons: companies (public or private) and co-operatives.13 The CIPC serves as the registry of these legal persons and applies similar rules to the registration of both types of legal persons. The information required to form a company is limited to basic personal information on the company’s directors such as identification documents and address. None of the above information is verified except that the identification documents of directors who are South African citizens are checked against the database of the Ministry of Home Affairs. Applicants are not required to disclose the corporate structure (legal ownership) or beneficial ownership to the CIPC. Approximately 70 percent of applications are processed by agents including attorneys and accountants (this percentage is decreasing gradually as the authorities endeavor to simplify the company formation process to improve the business environment). However, neither attorneys nor accountants are required to identify (and verify the identity of) the beneficial owners of their clients or assets held by them. It has come to the CIPC’s attention that some shell companies were set up and sold shortly after being formed. This could be a sign of potential misuse of ML, but the prevalence of this phenomenon is not known.

41. The information held by the CIPC is available to the public including financial institutions for a fee, while government agencies can access it by entering into agreements with the CIPC. For instance, the DPCI regularly approaches CIPC to obtain information on companies involved in its investigations.

B. Financial Intelligence and Investigations into ML and Main Predicate Crimes

42. Established in 2009, the SAPS’ DPCI is the primary law enforcement unit responsible for investigations of ML and main proceeds-generating predicate crimes. Most of DPCI’s more than 3,000 staff members are located at the provincial level, where most of the investigations are carried out with guidance and support from headquarters. The DPCI’s mandate includes the investigation of organized crime, serious commercial crime (including ML), crime against the state (including terrorism), serious corruption, and other serious crimes selected by the head of DPCI or referred by the commissioner of SAPS. Other crimes revealed by its investigations include illegal mining, environmental crime, and human trafficking. Such cases that fall outside the DPCI’s mandate would be handed over to the relevant investigative units within the SAPS or other law enforcement agencies.

43. Cooperation between the FIC and DPCI seems relatively effective. Although the FIC does not prioritize its work based on the ML/FT trends and typologies identified through its analysis, it aligns its work according to the DPCI’s mandate and priorities. According to the FIC, its main efforts were devoted to assistance with ongoing cases under investigation by DPCI rather than spontaneous referrals. During the period 2009–2013, the FIC referred more than 800 cases to the SAPS (see table 3 below). There are no statistics showing how many of the referrals subsequently led to investigations or what the potential underlying crimes were. As noted by the authorities, their limited access to beneficial ownership information hampers their ability to carry out analysis and investigations effectively.

Table 3.

Cases Referred by FIC to DPCI

article image
Source: FIC.

44. The number of ML investigations has increased since 2009 (see table 4). According to the DPCI, most ML investigations were carried out in parallel with investigations of commercial crimes and organized crimes by the same team of investigators. The team applied a multi-disciplinary approach to ML investigations by involving other law enforcement agencies and the FIC in some cases. For complex cases, the investigation can take up to two years to complete. The DPCI seems able to obtain sufficient financial resources to fulfill its mandate, but its staff has received only occasional training mainly from technical assistance provided by other countries and international bodies, which is inadequate to improve their capacity in a systematic and ongoing manner. Going forward, the DPCI plans to establish standardized practices to enhance financial investigations.

Table 4.

ML Investigations carried out by DPCI (2009–2013)

article image
Source: DPCI (channeled through FIC).

45. Investigations of complex cases often have an international dimension. In these instances, the DPCI cooperates with its foreign counterparts through the Interpol channels and informal means, including for a few ML cases currently under investigation.

C. Prosecution and Convictions of ML and Main Predicate Crimes

46. The criminal proceedings of complex commercial crimes (including ML, serious fraud, and corruption) and organized crimes are handled by the Specialized Commercial Crimes Unit (SCCU) of the National Specialized Services Division within the NPA. The prosecutions are carried out at the provincial level under the leadership of regional heads who report to the Director of the SCCU. Where cases need further investigation, the SCCU can either provide guidance to DPCI investigators or take them on itself. Once the investigation has been completed, ML cases are brought to the specialized commercial court for trial.

47. The increased number of convictions for ML since 2011 (see table 5) suggests improvements in ML investigations and prosecutions relative to the past decade, but there seems to be room to improve further the effectiveness of investigatory and prosecutorial efforts against the main ML risks. Most of the 32 ML convictions achieved during 2011–2013 were charges for self-laundering of proceeds of domestic predicate crimes rather than charges for third-party laundering. There is no information on what the underlying predicate crimes are. The number of ML prosecutions for this period is also unknown. As the NPA narrows the SCCU’s focus to the most complex cases, it will become more difficult to secure convictions in these cases.14 The fact that to date there have been no convictions involving third-party laundering, except in some organized crime cases, and no convictions for the laundering of foreign proceeds of crime, suggests that the potential threats posed by such activities are not adequately investigated or addressed. The mission was not able to consider the adequacy of the SCCU’s resources in the absence of necessary information.

Table 5.

ML Convictions (2009–2013)

article image
Source: NPA (channeled through FIC).

48. There is a clear need to enhance the capacity of the SCCU to pursue complex cases including professional third-party laundering cases. In light of the country’s history, violent crimes have long been a top priority for prosecutors. In response to the occurrence of more nonviolent economic crimes such as ML, the prosecutors have adapted their priorities, but they also need to adapt their mindset to this development. In this context, capacity building is a continuing need for the prosecutors to enable them to handle the emerging complex financial crimes such as ML. In particular, prosecutors need to develop the specialty knowledge and expertise to pursue complex cases that involve professional third-party launderers such as attorneys or foreign proceeds of crime.

D. Anti-Corruption Task Team

49. The ACTT appears to be a good mechanism for coordinating the investigation and prosecution of serious corruption cases. South Africa has set anti-corruption action as a national priority. The ACTT was established as a national mechanism for facilitating operational cooperation on priority corruption cases. It comprises nine government agencies that play a role in the national efforts against corruption including the NT, FIC, SAPS, and NPA.15 It identifies priority cases based on the national targets set by the Justice, Crime Prevention, and Security cluster of the cabinet in terms of the number of investigations (criminal and non-criminal) and prosecutions against serious corruption and the number of successful convictions and asset forfeitures (conviction based and non-conviction based). Operational strategies are then developed to facilitate the investigation, prosecution, and asset forfeiture for the priority cases. Between October 2010 and March 2014, 145 priority cases were facilitated by the ACTT with 52 persons convicted (see table 6 below). There is, however, no information on whether these cases involved parallel ML prosecutions and convictions.

Table 6.

Priority Corruption Cases Facilitated by ACTT (October 2010–March 2014)

article image
Source: ACTT.

E. Non-conviction-based Asset Forfeiture

50. The non-conviction-based asset forfeiture regime has proven useful in targeting the proceeds of domestic and foreign predicate crimes. The Asset Forfeiture Unit (AFU) within the NPA is responsible for pursuing cases involving non-conviction-based asset forfeiture provided for in Chapter 6 of the Prevention of Organized Crime Act, which is applicable to ML. The FIC provides direct assistance to the AFU by referring cases arising from analysis of STRs and supporting AFU’s operations at the provincial level through FIC’s regional officers. Normally, non-conviction cases take six to eight weeks to complete, which is significantly shorter than pursuing conviction-based forfeiture. The AFU also seems to have better capacity in carrying out financial investigations, and it appears to be effective in pursuing cases involving relatively small amounts of proceeds (see table 7 below).

Table 7.

Non-conviction-based Forfeiture Cases (2008–2014)

article image
Source: NPA.

F. Key Recommendations

51. Critical legislative amendments are needed to ensure that accurate information on beneficial ownership of legal persons and legal arrangements is made available and accessible to competent authorities in a timely manner. These reforms will improve the FIC’s ability to produce quality intelligence to law enforcement agencies and facilitate the subsequent investigations, which are crucial to an effective AML/CFT regime.

52. Capacity should be strengthened within the law enforcement and especially prosecutorial agencies to pursue complex ML cases. The DPCI and the SCCU will need to build up their capacity, in particular with respect to financial investigations, to pursue complex cases, including those that involve foreign proceeds of crime or professional third-party launderers such as attorneys. To this end, training programs and working procedures need to be developed and implemented by both units.

53. The statistics maintained by the financial intelligence unit, law enforcement, and prosecutorial agencies could be improved. Greater granularity of statistics with respect to disseminations, investigations, prosecutions, and convictions of ML and predicate crimes would enable the authorities to better monitor the effectiveness of their AML/CFT system.

1

This note was prepared by Richard Lalonde and Ke Chen, LEG, IMF.

2

Similar actions are recommended with regard to legal arrangements, although staff’s review did not cover them.

3

The Mutual Evaluation Report (MER) was adopted and published in 2009.

4

The FATF revised the AML/CFT standard in 2012, and the assessment methodology in 2013. The latter places greater focus on assessing the effectiveness of countries in identifying, managing, and mitigating the money laundering and financing of terrorism risks they confront.

5

Under current FSAP policy, every FSAP should incorporate timely and accurate input on AML/CFT. Where possible, this input should be based on a comprehensive AML/CFT assessment conducted against the prevailing standard. In instances where a comprehensive assessment against the prevailing standard is not available at the time of the FSAP, as is the case with South Africa, staff may derive key findings on the basis of other sources of information, including already available information or information obtained in the context of the FSAP.

6

As suggested in the FATF Guidance on National Money Laundering and Terrorist Financing Risk Assessment, risk can be seen as a function of three factors: threat, vulnerability, and consequence. In the AML/CFT context, threat includes criminals, terrorist groups and their facilitators, their funds, as well as past, present, and future ML or FT activities. Vulnerabilities represent weaknesses in AML/CFT systems or controls or certain features of a sector, a product/service or a country. Consequence refers to the impact or harm that ML or FT may cause and includes the effect of the underlying criminal and terrorist activity on financial systems and institutions, as well as the economy and society more generally.

7

See paragraph 12 of the MER.

8

Beneficial owners refer to the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted.

9

This also includes the BSD’s oversight of banks’ compliance with the FIC Act with respect to wire transfers in cooperation with the National Payment System Department of the SARB.

11

See footnote 5 above for more explanations of ML/FT risks in the context of an NRA.

12

PCCs provide guidance on the FIC’s interpretation of the FIC Act. This form of guidance has the same legal status as the guidance notes. PCCs are an added platform to address contentious issues that arise around the interpretation of the FIC Act.

13

The new Companies Act that took effect in 2008 does not allow for the creation of close corporations, which were allowed for under the previous legal framework. However the existing close corporations remain operational under the new Act.

14

As noted in Table 7 on page 29 of the NPA Annual Report 2012–2013.

15

Other government agencies that are members of ACTT are: Special Investigation Unit, South Africa Revenue Services, Department of Public Service and Administration, National Intelligence Coordinating Committee, and State Security Agency.