The Financial Intelligence Centre (FIC) has released Guidance Note 7A (GN 7A) to help Accountable Institutions comply with the risk management and compliance programme (RMCP) requirements.
According to Sholane Sathu, Managing Director of Navigate Compliance, the new Guidance Note 7A aims to provide clearer directives and practical approaches for accountable institutions to comply with the risk management and compliance programme (RMCP) requirements. This guidance aims to enhance the effectiveness of anti-money laundering (AML) and counter-financing of terrorism (CFT) controls, ensuring that institutions adopt a more rigorous risk management framework.
Sathu recommends that Accountable Institutions take the following steps to comply with the new Guidance Note –
- Review and Update RMCP: Ensure that the Risk Management and Compliance Programme (RMCP) is updated to align with the new guidance. This includes documenting systems and controls for managing money laundering (ML) and terrorist financing (TF) risks. The RMCP must be customised for each business context. Avoid purchasing off-the-shelf RMCP templates.
- Board and Senior Management Approval: The RMCP must be approved by the board of directors or senior management, and this responsibility cannot be delegated.
- Align with Treating Customer Fairly Principles: Ensure that the application of guidance on ML/TF risk issues aligns with Treating Customer Fairly principles.
- Effective AML/CFT Controls: Apply effective anti-money laundering (AML) and counter-financing of terrorism (CFT) controls, even when using a risk-based approach.
- Document Compliance with Section 20A: Record how the institution complies with section 20A of the FIC Act for business relationships and single transactions below and over the R5000 threshold.
- Use Public Sector Information: Recommended to use information from public sector sources, such as the Companies and Intellectual Property Commission, to corroborate company attributes.
- Define Beneficial Owners: Identify and document beneficial owners, defined as natural persons.
- Comply with POPI Act: Ensure that the processing of personal information for FIC Act compliance is within the confines of the Protection of Personal Information Act (POPI Act).
- Assess High-Risk Relationships: Consider business relationships with foreign prominent public officials as high-risk and apply appropriate due diligence.
- Document Decisions: Clearly document final decisions on business relationships with prominent persons, including approvals or refusals by senior management.
About Navigate Compliance
Navigate Compliance is an award-winning firm specializing in digital compliance, project management, learning, resourcing, and outsourced compliance. Since 2016, they have been assisting organizations globally in implementing new regulations and compliance software. Recognized as one of the leading turn-key compliance practices in Southern Africa, Navigate Compliance boasts a proven track record of zero fines and penalties for its clients. Learn more at www.navigatecompliance.io
