Directive 8: Enhanced Employee Screening Measures Introduced by the Financial Intelligence Centre

In South Africa, the Financial Intelligence Centre (FIC) Act is a regulatory framework designed to combat money laundering, terrorist financing, and other financial crimes. The Act places obligations on various industries to ensure they comply with anti-money laundering (AML) and counter-terrorist financing (CTF) measures.

The following industries are typically required to comply with the FIC Act in South Africa:

• Financial Institutions: This includes banks, insurance companies, asset management firms, and other entities within the financial services sector.
• Accountants and Auditors: Professionals offering accounting, bookkeeping, and auditing services are subject to FIC Act regulations due to their involvement in financial transactions.
• Estate Agents: Professionals involved in real estate transactions, such as property sales, purchases, and rentals, are required to comply with the FIC Act.
• Attorneys and Legal Professionals: Law firms and legal practitioners are covered under the FIC Act due to their involvement in financial and property transactions.
• Casinos and Gambling Institutions: The gaming and gambling industry is also subject to FIC Act regulations to prevent money laundering through these channels.
• Dealers in Precious Metals and Stones: Businesses engaged in buying, selling, or trading precious metals and stones are required to comply with the FIC Act.
• Motor Vehicle Dealers: Dealers selling high-value items like luxury cars and motor vehicles fall under the FIC Act’s scope.
• Trust and Company Service Providers: Entities providing services related to trusts, offshore companies, and corporate structures are covered by FIC Act regulations.
• Money Remitters and Transfer Agencies: Businesses offering remittance and money transfer services are subject to FIC Act obligations.
• Telecommunications and Mobile Money Services: In certain cases, mobile money and telecommunications service providers are also included to prevent the misuse of these platforms for financial crimes.

In an effort to further fortify defences against financial threats like money laundering, terrorist financing, and proliferation financing, the Financial Intelligence Centre (FIC) unveiled Directive 8 on March 31, 2023.

The purpose of Directive 8 is to require Accountable Institutions to screen prospective employees and current employees for competence and integrity, as well as to scrutinise employee information against the Targeted Financial Sanctions lists, in order to identify, assess, monitor, mitigate and manage the risk of money laundering, terrorist financing and proliferation financing.

Applying a risk-based approach

Whilst all employees must be subject to scrutiny, not all employees present the same level of Money Laundering (ML) / Terrorist Financing (TF) / Proliferation Financing (PF) risk.

An Accountable Institution must determine the level of risk an employee role poses and ensure that the screening applied is proportionate. As such, where the Company identifies a higher risk of ML/TF/PF based upon the employee role, the Company should apply more stringent competency and integrity screening and seek to mitigate any identified risk.

The Company asserts to identify and verify employees and collect information and evidence of sufficient quantity and quality to be able to assess the potential level of ML/TF/PF risk presented.

Timing of screening

An Accountable Institution must screen all prospective employees for competence and integrity before their appointment at the Company. The word “periodically” is used in Directive 8. This indicates that screening of employee information must occur on an ongoing basis.

In application of a risk-based approach to screening of employee information, employee roles presenting a higher ML/TF/PF risk must be screened more frequently than employee roles that are considered to present a medium or lower ML/TF/PF risk. The FIC recommends that where the employee role poses a heightened ML/TF/PF risk, the Accountable Institution should perform competence and integrity screening of the employee on an annual basis, at a minimum.

As such, employees identified as lower risk, may be screened every 5 years, employees identified as medium risk, may be screened every 3 years and employees identified as higher risk, should be screened every year. Higher risk roles The FIC considers the following employee roles as presenting a heightened ML/TF/PF risk:

• Senior management, including employees who sit within committees that approve the establishment of a Business Relationship or Single Transactions with high-risk Clients such as DPEPs or FPEPs.
• Any employee that takes decisions which alter the anti-money laundering, counter terrorist financing and counter proliferation financing regime of the institution. Therefore, persons fulfilling such roles will be subject to more frequent scrutiny.

Screening for Competence

Screening for competence refers to determining whether the employee has the necessary skills, knowledge, and expertise to perform their functions effectively.

The Company has the flexibility to determine the way it will screen for competence according to its risk-based approach.

A Company could consider the review of: • the employee’s previous employment history

• the employee’s previous employment references

• the employee’s previous qualifications

• the employee’s previous relevant accreditations

Evidence of screening for competence should be kept on the employee personnel files.

Screening for Integrity

The FIC defines ‘Integrity’ as the honesty and moral principles of an employee. An Accountable Institution could consider:

• determining whether the employee does not have a criminal record, particularly related to crimes of dishonesty, money laundering or other financial crimes
• establishing whether the employee held a senior decision-making role in relation to anti-money laundering, terrorist financing or proliferation financing at an Accountable Institution that was found to have criminally contravened the FICA, the Prevention and Combating of Corrupt Activities Act 12 of 2004 (PRECCA), the POCA or the POCDATARA confirming whether the employee is a high-risk DPEP or FPEP, or known close associate, or immediate family member of such a person
• establishing whether the employee is a national of a high-risk terrorist financing or proliferation financing geographic area (refer to FIC PCC 54)

It’s important to note that the FIC Act’s requirements can change over time, and the scope of industries covered may expand. Organizations within these industries are required to implement measures for customer due diligence, reporting of suspicious transactions, record-keeping, and more, as outlined by the FIC Act.

If you’re in doubt about whether your industry needs to comply with the FIC Act, it’s recommended to consult with legal professionals or relevant regulatory authorities in South Africa for the most up-to-date information and guidance.