The advent of the Financial Intelligence Centre Amendment Act, No. 1 of 2017 (the Amendment Act) has created both excitement and a healthy amount of fear. Excitement in that most business entities understand the aim and result of what these FIC Act amendments by necessity brings. Nobody in his/her right mind can deny the nobility and great intentions of these amendments, but the devil is always in the detail and practice and theory is often far removed from each other. Financial Intelligence Centre Act, 2001 as amended (“FICA”) Compliance Officers across the spectrum are probably uttering a sigh of relief for the demise of the old section 43(b) of the Act which read as follows, “An accountable institution must appoint a person with the responsibility to ensure compliance by – (b) appoint a person with the responsibility to ensure compliance by –
(i) the employees of the accountable institution with the provisions of this Act and the internal rules applicable to them; and
(ii) the accountable institution with its obligations under this Act.”
A proper reading of this section clearly placed compliance officers at risk for non-compliance with the FIC Act and the personal liability they had under this section, gave those compliance officers in the know, sleepless nights. The rest were blissfully ignorant of what section 43(b) entailed for them. In truth, the personal risk for administrative criminal sanction were high for compliance officers of accountable institutions. Fortunately, the Financial Intelligence Centre (“FIC”) has consistently indicated that the responsibility for compliance accrues higher up in the organisation. The message has also been that the compliance officer needs to be able to make a difference in an organisation’s Anti-Money Laundering (“AML”) compliance and he/she must be senior enough to make that difference.
In the immortal words of Bob Dylan, “times they are a changing”. The FIC Amendment Act deleted section 43(b) from the statute. The Amendment Act inserts a new section 42A into the FIC Act which becomes effective on 2 October 2017. This section is a total game changer and demands of the board of directors and senior management (where there is no board of directors) to ensure compliance, by the accountable institution and its employees, with the provisions of the FIC Act and the Risk Management and Compliance Programme (“RMCP”). It is the board of directors or senior management who must create a culture a culture of compliance within the accountable institution, ensuring that the institution’s policies, procedures and processes are designed to limit and control risks of money laundering and terrorist financing and are fully consistent with the law and that staff adhere to them.
The Centre[1] in draft guidance emphasises the following in Chapter 4, p61 and 62:
– The board of directors or senior management is responsible to create a culture of compliance within the accountable institution and they must ensure that the institution’s policies procedures and processes are designed to limit and control risks of money laundering and terrorist financing and are fully consistent with law and that staff adhere to them. I suspect many a compliance officer is silently saying a thank you to the powers that be. For far too long compliance officers were branded that they stifle sales and are responsible for the increased cost in compliance. Now the anti-money laundering compliance and especially the risk of non-compliance fall squarely on boards of directors or senior management.
– The board of directors and senior management should be fully engaged in decision making processes and take ownership of the risk-based measures adopted and they will be held accountable if the content of the RMCP is found to be inadequate. In my view, this is broader than simply Customer Due Diligence and includes financial intelligence reporting. Board of directors will have to ensure that ultimate aims of the FIC Act is achieved.
– The RMCP should include a description of the board of directors’ or senior management’s accountability and the appointment of a person with adequate seniority and experience to assist with ensuring compliance with the FIC Act. The Centre suggests that the overall responsibility for the establishment and maintenance of effective AML/CFT systems and controls be allocated to a specific director or senior manager and that this be clearly set out in the RMCP.
So, what do the new amendments mean for compliance officers? Does it mean that they can now sleep sounder than before, do they have less exposure and are they off the hook? Firstly, the shift in the FIC Act to make board of directors and senior management accountable is not only desirable but obligatory. The tone is set at the top. Being FIC Act compliant is but one aspect of doing business ethically and doing business ethically sits at the top and should filter down the institutions. So, sending the right message to staff members on the FIC Act compliance culture in an organisation, is a must for any accountable institution who wishes to do business ethically. Your FIC Act compliance officers remain a vital tool in achieving that result. The shift in focus demands that directors and senior management sit up and take notice.
For the FIC Act compliance officers, it probably means business as usual, but with a bonus in knowing that the boss is also keeping awake at night, worrying about possible FIC Act non-compliance. I suspect in the Sales Departments may in the future lose one or two fights it would previously have won against the FIC Act Compliance Officer. Boards of directors and senior management should invest in the right people who has the right attitude, to assist with their FIC Act compliance and manage their own exposure and liability.
In conclusion if you are on the board of directors or alternatively on senior management, what is the message that you are sending to your staff members? If staff members are probed by the Centre or a relevant Supervisory Body during compliance inspections, what will staff members reveal about your institution’s AML and Counter Terrorist Financing (CFT) compliance culture? Deal with this issue now or face the consequences!
Article written by Adv Jan Augustyn for Consumer Profile Bureau
Advocate Jan Augustyn has been a Regulator, and specifically an enforcer of compliance for over 15 years He has also witnessed the compliance challenges that industry faces through his consultation and legal representation over the last 3 years. Jan writes and conducts presentations on FICA and related issues. Jan has been appointed by Consumer Profile Bureau as their FICA Compliance counsel specialist.
Consumer Profile Bureau (CPB) has taken the market by storm with their unique “paperless” FICA solution that allows Accountable Institutions to ensure compliance and risk mitigation in terms of their Risk Based Compliance Programme.