Legal Compliance Services
As an FSCA registered Phase 1 Compliance Practice, we offer
Compliance Advisory and Consulting Services.
COMPLIANCE SERVICES
- Providing services to internal functions and offering expert compliance opinions.
- Additional monitoring services to ensure ongoing compliance.
- Reviewing, drafting, or amending key compliance risk documentation, including policies, risk assessments, compliance risk management plans, frameworks, and compliance plans.
- Development and implementation of compliance manuals, monitoring programs, frameworks, compliance risk management plans, policies, and procedures.
- Conducting independent compliance reviews and audits to ensure adherence to regulatory standards.
- Performing compliance health checks, reviewing systems and controls, and developing policies and processes to ensure regulatory compliance.
- Risk management and documentary evidence assessments.
- Offering expert compliance advice on complex, strategic, or operational business matters.
- Engaging and facilitating with regulators and Ombudsman such as NCR, FSCA, CIPC, OSTI, Credit Ombud, FAIS Ombud, and Information Regulator.
- Ensuring health and safety compliance and raising awareness.
- Providing comprehensive labour solutions tailored to your business needs.
- Offering training programs to enhance competence in compliance and related areas.
- Developing and implementing robust business continuity plans to ensure operational resilience.
FAIS Compliance
What is the purpose of FAIS Act?
The Financial Advisory and Intermediary Services Act, 2002 (FAIS Act) aims to:
- Protect Consumers: Ensure consumers receive proper financial advice and sufficient information for informed investment decisions.
- Professionalise the Financial Services Industry: Impose requirements on financial service providers to ensure they are fit and proper.
Key Requirements
Authorization:
- Individuals or entities providing financial advice or intermediary services must be authorized as Financial Services Providers (FSPs) or appointed as representatives of an FSP.
- FSPs are authorized by the Financial Services Conduct Authority (FSCA).
- Representatives are appointed by FSPs.
Key Individuals:
- FSPs must have key individuals responsible for managing or overseeing the financial services aspect of the business.
- Key individuals require FSCA approval to ensure they are fit and proper.
Fit and Proper Criteria:
- FSPs must ensure their representatives have honesty, integrity, and competency.
- Representatives must be authorized to provide advice and intermediary services for the specific financial products they handle.
Responsibilities of FSPs
- Verify that representatives meet fit and proper criteria.
- Ensure representatives are authorized to render financial services for the relevant financial products.
How can we assist?
- License Categories
- Adhering to Fit & Proper requirements
- Implementation of a compliance framework
- Monitoring and maintaining Class of Business Training
- Monitoring and Maintaining Competence Registers
- Project implementations for current and upcoming regulation
- Conducting regular onsite assessments
- Reporting of non-compliance with the view to remediate
- Non-compliance remediation
- Development and implementation of policies and standard operating procedures
- Conduct periodic Risk Assessments
- Customisation of documents and templates for the business
- Provide regulatory updates and assist with implementation
- Change Management
FICA Compliance
What is the purpose of FICA?
The Financial Intelligence Centre Act, 2001 (FICA), as amended, aims to:
- Combat Financial Crimes: Uncover and prevent money laundering, terrorist financing, and tax evasion by identifying the individuals involved.
- Enhance Compliance Ensure that Accountable Institutions accurately know their clients’ identities and motives to report suspicious activities or transactions to authorities.
Key Responsibilities of Accountable Institutions
Client Identification: Establish accurate knowledge of clients’ identities and purposes.
Suspicious Activity Reporting: Report any suspicious activities or transactions to the authorities.
Enhanced Due Diligence: Perform rigorous assessments in higher-risk situations, including requesting documentary proof of client information.
Compliance Obligations
High-Risk Industries: Entities such as credit providers, legal practitioners, estate agents, high-value goods dealers, and financial intermediaries must establish controls for identifying and reporting suspicious activity due to the elevated risks associated with their products and services.
Penalties for Non-Compliance: Failure to comply with FICA can result in severe penalties, including reprimands and fines of up to R50 million for organizations.
Importance of Vigilance
Reputational Risk: Being involved in money laundering can severely damage an organization’s reputation.
Technological Advancements: As technology and new markets evolve, money launderers, terrorists, and proliferation financiers use these advancements to evade detection, necessitating continuous vigilance from companies.
By fulfilling these obligations, Accountable Institutions contribute to the broader effort of combating financial crimes and maintaining the integrity of South Africa’s financial system.
How can we assist?
- Guiding and advising Accountable Institutions
- Implementation of a compliance framework on a risk based approach
- Project implementations
- Conducting regular onsite assessments
- Reporting of non-compliance with the view to remediate
- Non-compliance remediation and recommendations
- Development, implementation and review of policies, RMCP and standard operating procedures
- Assist with advice and implementation FICA requirements such as CDD, EDD and Beneficial Owners
- Development and Reviewing of Employee Screening Policies and Processes
- Conduct periodic Risk Assessments
- Customisation of documents and templates for the business
- Provide regulatory updates and assist with implementation
- Provide Recommendations and Action Plans
- Training
- Change Management
POPIA and Data Privacy Compliance
Key Legislation
- Promotion of Access to Information Act (PAIA): Ensures access to information.
- Protection of Personal Information Act (POPI): Safeguards personal rights by imposing conditions for lawful processing of personal information.
Objectives of POPI Act
- Protect Personal Information:
- Applies to data subjects, whether juristic or natural persons.
- Ensures lawful processing of personal data.
- Impact on Organizations:
- Affects entities handling significant amounts of personal data.
- Critical for industries like healthcare, financial services, and marketing.
- Requires protection of business trade secrets and personal data of employees, clients, and customers.
- Compliance Requirements:
- Enforced by an Information Regulator.
- Information Officer responsible for ensuring organizational compliance.
- Non-compliance leads to criminal and civil consequences for leadership and directors.
- Regular documentation and policy updates necessary for compliance.
Steps for Achieving Full Compliance
Evaluate:
– Commercial activities
– Agreements
– Employment contracts and policies
– Corporate governance documents and structures
– Staff skill levels
Data privacy legislation in South Africa, primarily governed by PAIA and POPI, aims to protect personal information and ensure access to information. Compliance with the POPI Act, mandatory by June 2021, is crucial for safeguarding personal data and avoiding severe penalties. Organizations must rigorously manage and protect personal data through comprehensive policies and evaluations of their activities and governance structures.
How can we assist?
- Prior Authorisation assessments and applications
- Review of your company’s administration and implementation of a compliance framework
- Project implementations and privacy impact assessments
- Conducting regular onsite assessments
- Reporting of non-compliance with the view to remediate
- Non-compliance remediation and recommendations
- Development, implementation and review of policies (Website terms and conditions, Terms of Use, Disclaimers, Privacy Policy) and standard operating data security procedures
- Assist with advice and implementation of POPIA requirements to safeguard your business and direct marketing processes
- Conduct Risk Assessments
- Customisation of documents and templates for your business
- Provide regulatory updates and assist with implementation
- Develop and Implement Data Breach Incident processes and policies
- Information Regulator Engagement
- Change Management
- Recommendations on Promotion of Access to Information (PAIA) Processes
Treating Clients Fairly (TCF) Compliance
What is the purpose of TCF?
Treating Customers Fairly (TCF) is a regulatory and supervisory approach focused on ensuring fairness for financial customers. It mandates that regulated financial institutions demonstrate adherence to six specific outcomes throughout the product lifecycle, from design and promotion to servicing and complaint handling.
TCF Outcomes
- Corporate Culture:
Customers can trust they are dealing with firms that prioritize TCF in their corporate culture.
- Product and Service Suitability:
Products and services marketed to the retail market are tailored to meet the needs of specific customer segments.
- Clear and Transparent Information:
Customers receive clear information and are kept informed at every stage, from pre-sale to post-sale.
- Appropriate Advice:
Any advice provided is appropriate and considers individual customer circumstances.
- Product Performance and Service Standards:
Products perform as expected, and service meets acceptable standards as promised.
- Accessible Processes:
Customers encounter no unreasonable barriers when attempting to change products, switch providers, submit claims, or make complaints.
The purpose of TCF is to ensure that financial institutions treat their customers fairly by embedding fairness into their corporate culture and operations. By adhering to the six TCF outcomes, institutions can build trust, ensure products and services meet customer needs, provide clear information, offer appropriate advice, maintain product performance and service standards, and ensure accessible and fair processes for changing products or submitting claims and complaints.
How can we assist?
- Implementation of a compliance framework in preparation for COFI Bill
- Project implementations
- Conducting regular onsite assessments
- Reporting of non-compliance with the view to remediate
- Non-compliance remediation
- Development, implementation and review of policies and standard operating procedures
- Assist with advice and implementation of TCF requirements
- Conduct periodic Risk Assessments
- Customisation of documents and templates for the business
- Provide regulatory updates and assist with implementation
- Values and Culture Training
- Change Management
- Other consumer related support.
Consumer Protection Act (CPA) Compliance
The Consumer Protection Act (CPA) stands out as one of the most comprehensive laws affecting businesses in South Africa. It aims to safeguard the interests of consumers, provide accessible and transparent means for restitution in cases of marketplace abuse, and uphold internationally recognized consumer rights.
The CPA intersects with other laws like the Electronic Communications Act and National Credit Act, posing risks for South African business owners. Agile has a team of Information Compliance Advisors who help businesses comply with these regulations, including the: