LawLibrary is a new and developing resource, and we need your input to improve it.
Please send us your feedback.
Guidance Note 8: On the Directive for Conduct within the National Payment System in respect of the Financial Action Task Force Recommendations for Electronic Funds Transfers (Directive 1 of 2022)
Guidance Note 8: On the Directive for Conduct within the National Payment System in respect of the Financial Action Task Force Recommendations for Electronic Funds Transfers (Directive 1 of 2022)
i)The Financial Intelligence Centre Act, 2001 (Act 38 of 2001) (FIC Act) places obligations on financial institutions and other businesses deemed vulnerable to money laundering and terrorist financing. The Prevention of Organised Crime Act, 1998 (Act 121 of 1998) (the POC Act) introduced the crime of money laundering and provides for the confiscation and forfeiture of the proceeds of crime. The Protection of Constitutional Democracy Against Terrorist and Related Activities Act, 2004 (Act 33 of 2004) (the POCDATARA Act) introduced measures to address the financing of acts of terrorism.ii)Compliance with the FIC Act, together with the effective implementation of the POC Act and the POCDATARA Act, contributes to making it more difficult for criminals to hide their illicit proceeds in the formal financial sector and from their criminal activities, and cuts off the resources available to those seeking to use terrorism as a means to promote their cause.iii)The FIC Act also established the Financial Intelligence Centre (the Centre) which is South Africa’s financial intelligence unit, a government entity created to collect, analyse and interpret information disclosed to it and obtained by it. The principle objectives of the Centre are to assist in the identification of the proceeds of unlawful activities, combating of money laundering and the financing of terrorist and related activities and the implementation of resolutions of the United Nations.iv)In addition, section 4(c) of the FIC Act empowers the Centre to provide guidance in relation to a number of matters concerning compliance with the obligations of the Act. This guidance is published by the Centre in terms of section 4(c) of the FIC Act. Guidance provided by the Centre is the only form of guidance formally recognised in terms of the FIC Act and the Money Laundering and Terrorist Financing Control Regulations issued under the FIC Act (the MLTFC Regulations). Guidance provided by the Centre is authoritative in nature which means that accountable institutions must take the guidance issued by the Centre into account in respect of their compliance with the relevant provisions of the FIC Act and the MLTFC Regulations. If an accountable institution does not follow the guidance issued by the Centre, it should be able to demonstrate that it nonetheless achieves an equivalent level of compliance with the relevant provisions. It is important to note, therefore, that enforcement action may emanate as a result of non-compliance with the FIC Act and the MLTFC Regulations where it is found that an accountable institution has not followed the guidance issued by the Centre.v)DisclaimerGuidance which the Centre provides does not relieve the user of the guidance from the responsibility to exercise their own skill and care in relation to the users’ legal position. This guidance does not provide legal advice and is not intended to replace the FIC Act or the MLTFC Regulations issued under the FIC Act. The Centre accepts no liability for any loss suffered as a result of reliance on this publication.vi)Copyright noticeThis guidance is copyright. The material in guidance may be used and reproduced in an unaltered form only for non-commercial use. Apart from any use permitted under the Copyright Act (Act 98 of 1978), all other rights are reserved.
Definitions
“The Centre” means the Financial Intelligence Centre established in terms of section 2 of the FIC Act.“Cover payment” refers to an electronic funds transfer that combines a payment message sent directly by the ordering financial institution to the beneficiary financial institution with the routing of the funding instruction (the cover) from the ordering financial institution to the beneficiary financial institution through one or more intermediary financial institutions.“Directive 1 of 2022” refers to the Directive for conduct within the National Payment System in respect of the Financial Action Task Force recommendations for electronic funds transfers, made in terms of section 43A(2) of the FIC Act as issued by the SARB and published in Government Notice 47019 of 15 July 2022. Reference to “the Directive” has the same meaning.“Electronic funds transfer” as defined in the Directive 1 of 2022, has the same meaning as the term “wire transfer” as per FATF recommendation 16 and interpretative notes thereto.“FATF” refers to the Financial Action Task Force.“FIC Act” refers to the Financial Intelligence Centre Act, 2001 (Act 38 of 2001)“Interpretive Notes on Recommendation 16” refers to the additional information provided by the FATF in the interpretation of Recommendation 16. See https://www.fatfgafi.org/media/fatf/documents/recommendations/pdfs/FATF%20Recommendations%202012.pdf“MLTFC Regulations” refer to the Money Laundering and Terrorist Financing Control Regulations, 2002, made in terms of section 77 of the FIC Act and published in Government Notice 1595 in Government Gazette 24176 of 20 December 2002, as amended by Government Notice R456 in Government Gazette 27580 of 20 May 2005 and Government Notice R867 in Government Gazette 33596 of 01 October 2010 and Government Notice 1107 in Government Gazette 33781 of 26 November 2010 and Government notice 1062 in Government Gazette 41154 of 29 September 2017.“Payment message’ is a general term used in this Guidance Note to indicate the prescribed information to flow with the electronic funds transfer as set out in Directive 1 of 2022.“Recommendation 16” refers to the recommendation regarding wire transfers as issued by the FATF. See https://www.fatfgafi.org/media/fatf/documents/recommendations/pdfs/FATF%20Recommendations%202012.pdf“Serial payment” refers to a direct sequential chain of payment where the electronic funds transfer and accompanying payment message travel together from the ordering financial institution to the beneficiary financial institution directly or through one or more intermediary financial institutions (e.g. correspondent banks)Where a term is not defined in this Guidance Note, the definition as provided in the South African Reserve Bank FATF electronic funds transfer Directive 1 of 2022 and FIC Act applies.1.Application of Directive 1 of 20221.1.The objective of this guidance note is to provide clarity to accountable institutions on the requirements as set out in the Directive 1 of 2022 as issued by the National Payment System Department (NPSD) of the South African Reserve Bank (SARB), which sets conditions for the processing of electronic funds transfers.1.2.This guidance note must be read together with the provisions of Directive 1 of 2022.1.3.Directive 1 of 2022 applies to electronic funds transfers as described in paragraphs 3 of the Directive 1 of 2022, and includes:1.3.1.Electronic funds transfers where the originator and the beneficiary are separate clients of the same accountable institution; and1.3.2.Batched electronic funds transfers, including serial payments and cover payments.1.4.This guidance is applicable to accountable institutions that must comply with the Directive 1 of 2022, either as an ordering financial institution, intermediary financial institution or beneficiary financial institution.1.5.Although the application of this Directive 1 of 2022 does not have extraterritorial jurisdiction, accountable institutions are reminded that the Directive is applicable to qualifying electronic funds transfers that flow within South Africa, leave South Africa or come into South Africa.2.The application of the general FIC Act compliance obligations in the context of electronic funds transfers2.1.When implementing the Directive 1 of 2022, accountable institutions are reminded that the Directive is issued through the provisions of the FIC Act. In this context, accountable institutions should consider the Directive 1 of 2022 provisions in their money laundering, terrorist financing and proliferation financing (ML/TF/PF) controls as detailed in their risk management and compliance programme (RMCP). Customer due diligence (CDD) controls can be mutually applied to both the FIC Act obligations, and the provisions set in Directive 1 of 2022.2.2An electronic funds transfer can be either a single transaction or a transaction within a business relationship between the client and the accountable institution, as contemplated in terms of Chapter 3 of the FIC Act and the MLTFC Regulations.2.3.Before executing an electronic funds transfer, the ordering financial institution, and beneficiary financial institution must have conducted CDD on their respective clients in compliance with the FIC Act and in terms of their RMCP, where applicable. (see Guidance Note 7).
Verifying the accuracy of client information
2.4“Verify the accuracy” as stated paragraphs 4.8 and 4.9 of Directive 1 of 2022 means that an accountable institution, must verify the required client and the client’s associated information being captured in the electronic funds transfer.2.5Given that an accountable institution must identify and verify client information prior to concluding a single transaction of R5 000.00 and above, in terms of the FIC Act and read with the accountable institution’s RMCP, it is the Centre’s view that the information verified in this CDD process, would meet the verification requirements set in Directive 1 of 2022. Information that is not identified and verified as part of the CDD process, would need to be verified through a process as determined by the accountable institution.2.6For purposes of Directive 1 of 2022, there would be no need to re-verify CDD information for every transaction made or received by a client, unless there are doubts about veracity of previously obtained information as contemplated in section 21D or where a suspicious transaction report has been submitted to the FIC in terms of section 29 of the FIC Act.
Threshold amount relating to ‘verify for accuracy’ and related CDD application
2.7.A qualifying electronic funds transfer refers to a cross-border electronic funds transfer that is a single transaction and is above the threshold of R10 000.00 as set out in Directive 1 of 2022.2.8Accountable institutions are reminded that the threshold set for CDD requirements in the FIC Act, read with MLTFC Regulation 1A, remains at the amount of R5 000.00. As expressed in paragraph 4.4 of the Directive 1 of 2022, the Directive does not supersede the CDD obligations as set in the FIC Act. As such, the application of CDD processes remains an obligation on clients entering into a single transaction where the amount is R5 000.00 and above.2.9Although the Directive 1 of 2022 only requires verification of information for transactions above R10 000.00, an accountable institution in practice, has readily available access to verified client information obtained through their CDD processes. Accountable institutions are therefore strongly encouraged to capture verified information, irrelevant of the value of the transaction, that is accessible to them. This will ensure the accuracy of payment related information in the financial system and will aid the effective access to and use of information by regulators. It is the Centre’s understanding that verified information will be available for all transactions above R5 000.00 and transactions concluded within a business relationship, irrelevant of transaction value.2.10For a single once-off transaction where the amount is less than R5 000.00 the accountable institution must still obtain and record all the required information as per Directive 1 of 2022 and the FIC Act, although the information would not be subject to verification. Similarly, where this information has been verified, the Centre strongly encourages the verified information to be captured.2.12Where a cross-border electronic funds transfer transaction raises suspicion of money laundering or terrorist financing, irrelevant of the transaction amount, the accountable institution is required in terms of the Directive 1 of 2022 to conduct CDD on their client.[Please note: numbering as in the original.]2.13Like with incoming cross-border electronic funds transfers read in paragraph 4.9 of the Directive 1 of 2022, where an outgoing cross-border electronic funds transfer is a single transaction of less than R10 000.00 to a beneficiary in a high-risk or other monitored jurisdiction by the FATF, an ordering financial institution is strongly urged to verify the accuracy of the originator information as part of effective ML/TF/PF risk mitigation. Readers should refer to PCC49 for further guidance on ML/TF/PF risks regarding geographies.
Example 1: Cross-border electronic funds transfer below the R10 000.00 threshold set in Directive 1 of 2022 with no business relationship:
Client X requests that Bank S in South Africa, transfers an amount of R9 900, 00 via an electronic funds transfer to Mr K in Zimbabwe. Client X does not have an arrangement with Bank S for the purpose of concluding transactions on a regular basis. The transaction does not exceed the threshold amount in Directive 1 of 2022 and therefore the requirement to verify the information in the payment message for accuracy does not apply unless the electronic fund transfer is covered in paragraph 4.8 or 4.9 of the Directive (i.e. a suspicious transaction or funds from a high-risk jurisdiction).Bank S must include the required information in the electronic funds transfer payment message for Client X, in doing so, Bank S has complied with Directive 1 of 2022.Bank S must conduct CDD on the client in terms of the FIC Act, as the single transaction is more than R5 000.00 as prescribed in terms of regulation 1A of the MLTFC Regulations. Bank S should capture this verified information obtained in the CDD process in the payment message given that it is available to them.
Example 2: Cross-border electronic funds transfer transaction above the R10 000,00 threshold set in Directive 1 of 2022 with no business relationship
Client Z requests that Bank X in South Africa transfers an amount of R10 001,00 via an electronic funds transfer to Mr J’s bank account in Angola.Client Z does not have an arrangement with Bank X for the purpose of concluding transactions on a regular basis. However, the transaction value exceeds the threshold set in Directive 1 of 2022 and meets the definition of a single transaction in terms of the FIC Act.Bank X must therefore verify the information of Client Z in accordance with the requirements as set out in the FIC Act and Bank X’s RMCP. Bank X must ensure that the required and accurate information relating to Client Z and required information relating to Mr J as prescribed in Directive 1 of 2022 is included in the cross border electronic funds transfer.
Example 3: Cross-border electronic funds transfer below the R10 000,00 threshold set in Directive 1 of 2022 and below the CDD verification threshold of R5 000,00 in terms of the FIC Act. No business relationship and a payment from a highrisk country:
Mr P receives an electronic funds payment to the value of R4 900, 00 from Mr O in Syria. Mr P does not have an arrangement with accountable institution F for the purpose of concluding transactions on a regular basis. The transaction does not exceed the threshold amount for a single cross-border payments transaction set in Directive 1 of 2022, nor does it meet the single transaction threshold in terms of the FIC Act, requiring a CDD obligation. However, the electronic fund transfer is processed (coming) from a high-risk country as determined by the accountable institution F.Therefore, accountable institution F must verify the accuracy of Mr P’s information as the beneficiary. The same would apply if there was a suspicion of money laundering and/or terrorist financing.
Example 4: Cross-border electronic funds transfer transaction below the R10 000,00 threshold set in Directive 1 of 2022 within a business relationship:
Client B in South Africa, makes an electronic funds transfer amounting to R9 900.00 from his bank account at Bank H in South Africa, to Mr T in the Kingdom of Eswatini on a regular basis. Bank H must ensure that the required and accurate information relating to Client B and required information relating to Mr T as prescribed in Directive 1 of 2022 is included in the cross-border electronic funds transfer. Bank H must conduct CDD on Client B in compliance with the requirements as set out in the FIC Act and its RMCP when establishing a business relationship. It is not required that Bank H re-verifies Client B for each subsequent electronic funds transfer processed, unless part of ongoing monitoring or where Bank H doubts the veracity of information provided by Client B.2.14The cross-border electronic funds transfer threshold of R10 000.00 stated in paragraphs 4.7, 4.8 and 4.9 of the Directive 1 of 2022 will be reviewed by the SARB as and when appropriate.
Record keeping of information pertaining to the electronic funds transfer
2.15The ordering financial institution, intermediary financial institution and beneficiary financial institution must maintain the required information obtained in respect of the originator and beneficiary as prescribed in Directive 1 of 2022 in accordance with the record-keeping requirements in the FIC Act.3.Practical application of Directive 1 of 2022 by accountable institutions3.1Electronic funds transfers effected to or from South Africa and the other Common Monetary Area (CMA) countries, are deemed cross-border electronic funds transfers.3.2Where the name of the originator is required, it is the Centre’s view that the full names for natural persons, and the registered names for legal persons as captured for CDD of the client should be used.3.3Accountable institutions are urged to view PCC 49 to assist in the determination of country (jurisdiction) risk within its risk-based approach. A geographic area that is deemed as presenting a higher ML/TF/PF risk by the accountable institution is considered to be a ‘high-risk jurisdiction’ as referenced in Directive 1 of 2022.3.4An accountable institution must determine its approach of capturing the required information for domestic electronic funds transfers and document this in their RMCPs, for example, whether the accountable institution will be capturing full information in domestic electronic funds transfer messages, or only providing the name of the beneficiary and account number or the unique customer identifier as read with paragraph 4.11 of Directive 1 of 2022.3.5In terms of paragraph 4.11 of Directive 1 of 2022, an ordering financial institution must provide the required information referred to in paragraph 4.1 of Directive 1 of 2022 within three business days, to the beneficiary financial institution and to appropriate authorities or supervisory bodies upon request or demand in accordance with any law.3.6In turn, the Centre strongly urges accountable institutions to honour all such information requests made to them from other accountable institutions timeously, to allow for the processing of such transactions. Accountable institutions should take note of draft PCC 22A which discusses matters relating to the protection and processing of personal information concerns.
Unique customer identifier
3.7A unique customer identifier can be used in a domestic and cross-border electronic funds transfer.3.8The use of a unique customer identifier for an originator in a cross-border electronic funds transfer must be used with caution, as it may result in the rejection or suspension of transactions due to non-compliance with the international standards of FATFRecommendation 16.3.9The use of a unique customer identifier does not apply in respect of the beneficiary. Where proxy resolutions are used by ordering financial institutions, they must ensure that the name and account number of the beneficiary are always carried in the payment message of a domestic electronic funds transfer.3.10The use of a unique customer identifier is not considered as a replacement for an identification number. Rather it is to be used as a proxy identifier, that when reviewed on an accountable institutions’ records, they would be able to fully determine the identity of the client as a result of the onboarding and/or CDD obligations.3.11A distinction is drawn between the use of a unique customer identifier and a unique transaction reference number. A unique customer identifier refers to the use of a numeric or alphanumeric combination (that denotes the customer address, a national identity number of the client, or a date and place of birth), whereas the unique transaction reference number denotes the identification of an account or transaction number.3.12The requirement of ‘unique’ must be understood in the context of;3.12.1The purpose of the identifier is to be used to ascertain the identity of the client held on the entity’s records easily, without issue;3.12.2The identifier is attributed to only that particular person or client whenever the client engages with the accountable institution at any time;3.12.3The identifier is tied to the person or client’s identity, and the client or person would not be given a new identifier;3.12.4The identifier cannot be recycled or re-assigned to another person or client;3.12.5No other person or client has the same number or identifier.
Capturing of an identification number or passport number
3.13There may be scenarios where the accountable institution holds on record an identification number for a client that is other than a South African identity number or passport number, as obtained during their CDD process for the client.3.14An accountable institution may make use of such an identification number where applicable. Such examples would include:3.14.1In the instance of a legal person, the entity registration number3.14.2Asylum seeker or refugee permit numbers3.14.3International bank account number (IBAN).4.Processing of incomplete information in an electronic funds transfer message4.1Accountable institutions must as part of their RCMPs have clearly documented policies, processes and system controls in place to identify and either execute, reject or suspend electronic funds transfers which do not include the minimum information in the electronic funds transfer message.4.2The Centre advises accountable institutions that it would be good practice to develop a system that monitors electronic funds transfer messages, in order to identify electronic fund transfers that do not contain the information as required by Directive 1 of 2022.4.3In all instances where an intermediary and/or beneficiary institution has made a determination of how to proceed with an electronic funds transfer transaction that does not contain the required information, the accountable institution must clearly document the decision taken, supported by the rationale for the decision. The Centre recommends that this process be included in the accountable institution’s RMCP.5.Practical considerations for the inclusion of information in a qualifying electronic funds transfer5.1Directive 1 of 2022 does not specify a particular method or mechanism in which information should be captured and included in a qualifying electronic funds transfer.5.2The methods or mechanisms used by an accountable institution should take into consideration the particular operational systems and controls of the accountable institution to affect such transfer of information, within the context of the payments systems parameters.5.3Examples of such methods or mechanisms that could be considered by an accountable institution may include, but is not limited to;5.3.1SWIFT messages5.3.2QR code message exchange5.3.3Supplementary information files5.3.4File message.6.Impact of Directive 1 of 2022 on accountable institutions compliance obligations with the FIC Act
Scrutinising payments and electronic funds transfers to identify sanctions
6.1The accountable institution (ordering financial institution, intermediary financial institution, and beneficiary financial institution) must scrutinise information obtained in all electronic funds transfers against the sanctions lists as published in terms of section 26A of the FIC Act in order to identify sanctioned persons, regardless of any threshold amount. This is applicable for both cross-border and domestic electronic funds transfers.6.2No electronic fund transfers can be processed to or from a person (i.e. originator, or beneficiary) who is designated in terms of section 26A of the FIC Act.6.3The accountable institution in possession of the related funds must immediately freeze the funds where a sanctioned person has been identified as party to the payment and must report the fact to the Centre in terms of section 28A of the FIC Act (refer to Guidance Note 6A).6.4An accountable institution not in possession of funds must file a terrorist financing transaction or activity report (TFTR/TFAR) in terms of section 29 of the FIC Act.6.5It is the Centre’s view that for the purposes of traceability and sanctions screening, the name of the beneficiary in all instances should be a name and surname when dealing with a natural person, or a registration name when dealing with a legal person.6.6Where a beneficiary name and surname, or a registration name, is not provided in the payment message, the accountable institution should consider whether such exclusion of sufficient information for screening purposes is suspicious and unusual. The use of the term ‘unknown’ or ‘not applicable’, numeric characters (incoherent use) or not providing any information for beneficiary information in an electronic funds transfer, where the information is readily available, amounts to a circumvention of South Africa’s financial integrity as potentially critical ML/TF/PF information is deliberately held back.7.Communication with the Centre7.1The Centre has a dedicated compliance contact centre geared to assist accountable institutions to understand their registration obligations in terms of the FIC Act. Should you have any queries please contact the Centre's compliance call centre on 012 641 6000 and select option 1.7.2In addition you can submit an online compliance query by clicking on: https://www.fic.gov.za/compliance-queries/ or visiting the Centre’s website and submitting an online compliance query.Issued by:THE DIRECTORFINANCIAL INTELLIGENCE CENTRE
