Compliance markers for motor vehicle dealers
As reporting institutions, motor vehicle dealers are required to register with the Financial Intelligence Centre. Following consultations with the industry during 2018, the FIC has proposed changing MVDs from Schedule 3 – reporting institutions – of the FIC Act, to Schedule 1 – accountable institutions.
A proposal on this is being drafted for the Minister of Finance. Once the Minister approves the proposal, a consultation paper with draft amendments to the Schedules will be published for comment.
The FIC Act forms the basis of South Africa’s legislative framework for combating money laundering and financing of terrorism. The compliance obligations of accountable institutions are aimed at addressing these threats to the financial system.
The underlying premise to the compliance obligations is that accountable institutions follow a risk-based approach when establishing and verifying the identity of a client. To do this, institutions need to assess their new or existing clients in terms of the risk they pose to their business i.e. their products and services. With this in mind institutions can apply greater flexibility in the customer verification measures for their various customers, based on the customer type, the institution’s product and service offering, the location, the delivery channel and other possible factors.
This client risk rating offers a more cost-effective alternative for institutions and is potentially a less burdensome approach to identity verification for the customer. What this means is that heightened verification measures are to be applied to high risk clients and a lighter measures applied for lower risk clients.
For MVDs, the risk-based approach requires that, as accountable institutions, they too will be expected to identify and assess the risk of doing business with their customers with a view to deciding how to best manage their money laundering and terror financing risk. This will entail MVDs risk rating their clients
In the meanwhile, MVDs can familiarise themselves on the seven key FIC Act compliance obligations for Schedule 1 institutions, which are premised on the risk-based approach.
These seven compliance obligations are:
THE FOLLOWING IS A SUMMARY WHAT THE SEVEN COMPLIANCE OBLIGATIONS ENTAIL:
Customer due diligence
Central to all accountable institutions is that they must know who their clients are. Business cannot be conducted with an anonymous client. Accountable institutions must go through a due diligence process of identifying and verifying their clients (natural persons and legal persons) also referred to as client identification and verification, regardless of whether they are entering a new business relationship or continuing an existing one.
Records of client identification and verification information, transactional information and regulatory reports submitted to the FIC are to be kept for a period of five years. This record-keeping requirement commences from the date of transaction and/or business relationship being concluded and/or date of a report being submitted.
Person responsible for compliance
A designated person with sufficient competence and seniority is required in all accountable institutions, to ensure effective compliance by the institution.
Risk management and compliance programme
Accountable institutions are to develop, document, maintain and implement a risk management and compliance programme (RMCP). An RMCP provides for the manner in processes by which the institution implements and complies with the FIC Act obligations. The RMCP must take into account the institution’s risk-based approach.
Training of employees
Ongoing training for employees on the institution’s compliance obligations, needs to be done, to ensure that the institution’s employees know, understand and meets their organisation’s compliance and RMCP obligations.