June 2025 Legislative Update

June 2025 Legislative Update

As the southern hemisphere rolls past the winter solstice, we start looking towards the change of seasons and a fresh start to our compliance monitoring programmes. If you’re lucky enough to be able to head off to Wimbledon, we hope the weather holds and you get to watch some games. The rest of us will no doubt be looking forward to South Africa’s unofficial religion: rugby! The Springboks have a number of games lined up.

If all that is not exciting enough, the regulators have been busy “tweaking” and enforcing…

THE FINANCIAL SECTOR CONDUCT AUTHORITY (FSCA)

Conduct of Business Returns for financial institutions

The FSCA has released an update on the cross-sectoral Conduct of Business Return, better known as the OMNI-CBR for financial institutions.

Longstanding clients will remember us conducting our own exercise to ascertain readiness for the returns; the results of which were “poor” at best. The issue then essentially went back into its shell, other than the occasional mention in regulator correspondence.

The FSCA has confirmed that it will be taking the next three years to prepare for the Conduct of Financial Institutions Bill; no doubt, issuing standards and directives to manage issues that arise during that time. This includes implementing suitable IT systems.

The regulator’s new plan is to introduce different components of the OMNI-CBR over time. The first component will be the introduction of an OMNI-Risk Return to support the automated Risk Model. The Risk Model is a standardised, system-driven mechanism for calculating risk scores uniformly across all entities supervised by the FSCA. It uses the following elements to generate a risk score for each financial institution:

• Data collected through a risk return (the OMNI-Risk Return) and certain profile data of supervised entities;
• Risk indicators and measurements informed by the data received via the risk return and entity profile data; and
• Structured control assessment questions completed by the relevant FSCA supervisory teams as part of their ongoing supervisory activities.

The FSCA plans to launch an industry pilot in the third quarter of 2025. It is envisaged that financial institutions will then have a year to prepare. By our reckoning, industry will need to implement the plans from January 2027.

We’ve noticed a few parties conducting some “scaremongering” on this and related issues prior to the release of the FSCA’s Communication, either to seem relevant or drum up sales. Suffice it to say “we told you so…”

Guarantee policies

The FSCA has received numerous complaints regarding entities issuing performance guarantees. State entities (and others) require performance guarantees from successful bidders for infrastructure projects.

Its investigations have revealed that numerous entities were found to have been conducting unauthorised insurance business. The issuing entities are often licenced under the National Credit Act and/or hold a financial services provider (FSP) licence issued by the FSCA. However, this is not sufficient to render the conduct of insurance business lawful as the provision of the guarantee is the fulfilment of an insurance contract and must be entered into by a registered insurer.

The risks to the entities include:

• Guarantees falling within the ambit of the Insurance Act, and issued by persons who are not insurers, may not be legally enforceable by the client;
• There is no protection of policyholders as envisaged in the Insurance Act; and
• Beneficiaries of such guarantees do not have the protection afforded by the prudential regulation of licenced insurers.

The FSCA recommends that the entities make certain that the guarantees comply with its requirements and obtain independent legal advice as to whether the guarantee offered constitutes insurance business and, if so, to check with the FSCA whether the entity issuing the guarantee is registered as an insurer.

Financial education plan

The FSCA released its three-year rolling financial education plan early in June. It cited five strategic objectives for itself over the three years:

• Improve industry practices to achieve fair outcomes for financial customers;
• Act against misconduct to support confidence and integrity in the financial sector;
• Promote the development of an innovative, inclusive, and sustainable financial system;
• Empower households and small businesses to be financially resilient; and
• Accelerate the transformation of the FSCA into a socially responsible, efficient, and responsive organisation.

To achieve this, the FSCA then noted its four priorities:

• Shift the focus of financial education activities towards digital financial literacy;
• Embed the consumer perspective across FSCA operations;
• To be a thought leader and collaboration partner in respect of financial literacy, financial capability, and consumer education and awareness; and
• Use of behavioural economics principles and acquiring of data on consumer behaviour to direct consumer messaging to reach the most vulnerable.

The FSCA team that puts in so much effort on this project every year has set themselves a mammoth task, and we hope they achieve their objectives.

Warnings

Every month, the FSCA issues a number of warnings regarding unscrupulous operators in the financial services industry. We have provided brief details but hope that the financial education plan mentioned above starts to bear fruit in this regard.

Wextraders Capital is soliciting funds from the public and promising to trade in cryptocurrencies for members of the public (which you could simply do yourself – Ed.). It is not authorised to provide financial services.

Binary Options Investment and Caroline Mthethwa are soliciting funds from members of the public for investment purposes, while promising unrealistic returns. Neither Binary Options Investment nor Mthethwa are authorised to provide financial services.

Neo Forex Institute is using Instagram and Telegram to offer Forex signals to members of the public, but is not an authorised FSP.

Forex Venus SA and Ofentse Maluleke are targeting members of the public via Facebook, soliciting investment funds with unrealistic returns as well as providing investment signals and trading services.

It seems that the FSCA is struggling to keep up with investigations into all the scammers and released a further list of 22 persons/entities that the public should avoid transacting with.

Zibu Masotobe Sibiya and Mike Mabuyakhulu are impersonating Brokstock SA (Pty) Ltd through Telegram and WhatsApp groups called Brokstock Beginner/s.

Vusy Holdings (Pty) Ltd trading as Tshi-Lettie Funeral Services and Tombstones is potentially providing unlicensed insurance services.

A warning was issued regarding a WhatsApp group operating under the names “Q23 Momentum Official Securities Group” and “Q923 MOSG Official Securities Group” that is impersonating Momentum Metropolitan Holdings and its Group Finance Director, Risto Ketola.

Some deepfake videos of Leanne Manas, Paul Mashatile, Dr Patrice Motsepe, and Cyril Ramaphosa have been created urging unwitting investors to place funds with the operators of a website.

In addition the FSCA released a list of entities that are impersonating FSPs or the FSCA itself! It’s not the first time this has happened, but it does make it that much harder for the uninitiated to navigate the financial services industry.

Nessfin’s licence withdrawn

The FSCA provisionally withdrew Nessfin Investments and Finance Group (Pty) Ltd’s authorisation to act as an FSP on 2 May 2025. This was due to an ongoing investigation that links Nessfin to My Wealth Legatus (Pty) Ltd (Legatus). Legatus is not authorised by the FSCA as an FSP but appears to be conducting unregistered financial services business in respect of crypto assets.

FINANCIAL INTELLIGENCE CENTRE

Potential removal from the “grey list”

The Financial Action Task Force (FATF) announced that South Africa has substantially completed all 22 action items that were contained in the Action Plan adopted when South Africa was greylisted in February 2023.

The decision, taken at the FATF Plenary in Strasbourg, France, notes that South Africa’s progress warrants an on-site assessment to verify that critical Anti-Money Laundering and Combating of the Financing of Terrorism (AML/CFT) reforms have been implemented, and that the necessary political commitment remains in place to sustain progress.

During this visit, the FATF will confirm the country’s ongoing commitment in the implementation of controls against money laundering, terror financing and other financial crimes.

Three banks receive administrative sanctions

The Prudential Authority is the regulatory authority responsible for enforcement of South Africa’s anti-money laundering legislation in relation to banks. Three banks were given administrative penalties for contravention of the FIC Act following inspections in 2022.

HBZ Bank Limited was fined R9 million, of which R1.5 million is conditionally suspended for a period of 24 months. Citibank N.A. South Africa Branch was fined R6 million which is fully and conditionally suspended for a period of 12 months. Bank of Taiwan South Africa Branch was reprimanded and given a caution (which is the banking equivalent of giving your dog a stern look – Ed.)

FIC WhatsApp channel

The FIC launched its WhatsApp channel on 2 June. The aim is to provide an additional communications platform to receive updates on the FIC Act, compliance guidelines, regulatory updates, and videos.

If you’re interested, you can scan the quick response code in the announcement.

PRUDENTIAL AUTHORITY (PA)

Directive on capital treatments in insurance entities

The PA released Directive 2 of 2025 to instruct banks on the capital treatment of investments in insurance businesses. The Directive specifies the manner in which the limited recognition framework must be applied in prescribed instances.

The threshold deduction treatment was introduced by the Basel Committee on Banking Supervision in a document titled Basel III: A global regulatory framework for more resilient banks and banking systems. Similar to the full deduction treatment under the Basel II framework, the purpose of the threshold deduction treatment for banks’ significant investments in insurance entities is to limit any potential double counting of capital in the financial system.

To preserve the integrity of the capital structures of banks with significant investments in insurance businesses, capital resources of banks and insurance entities must be separated.

A copy of the Directive is to be made available to the banks’ external auditors. The acknowledgement of receipt is to be signed by both the chief executive officer of the institution and the auditors and then returned to the PA.

Draft directives for banks

Two draft Directives were issued by the PA informing banks of the plans to change the submission requirements. The revised submission requirements are to be effective from 1 July 2025.

SOUTH AFRICAN RESERVE BANK (SARB)

Corporation for Deposit Insurance (CODI) handbook

An updated CODI handbook was released during June. Member banks should adopt the amended guidelines into their operational standards and adjust the data submissions standards. Note that the data submissions have been postponed until 30 September 2025.

INFORMATION REGULATOR (IR)

PAIA reports due

A reminder that Information Officers from all companies must submit the annual PAIA report to the IR by 30 June. It’s a simple process to conduct through the IR’s eServicesPortal.

DEPARTMENT OF HEALTH

NHI governance regulations

As the South African government ploughs ahead with the National Health Insurance Act, it released the governance regulations which were released for public consultation. The first time we became aware of them was on 4 June 2025.

The regulations are necessary, but will they be properly enforced? The regulations are dated 6 March 2025 and the document states that comments were required by 6 June 2025. However, this release notes comments are due by 2 September 2025 and can be sent to regcomments@health.gov.za.

A-PROOFED

Confessions of a Compliance Proofreader

After six years of proofreading Omega Compliance Solutions’ legislative update, I’ve learned many things: that the FSCA will always find new acronyms to unleash (OMNI-CBR, anyone?); that scammers are more creative than most screenwriters; and that no matter how many times I correct a misplaced apostrophe in “FSCA’s,” it still shows up where it shouldn’t – like glitter after a birthday party.

What I haven’t learned is how to get more proofreading clients out of my article, which appears right at the very end of this legislative update.

Now, don’t get me wrong. I’m not in it for the fame. I genuinely enjoy working on this publication. There’s something oddly satisfying about taming sentences that try to explain the Basel III threshold deduction framework without snuffing out your will to live. But every now and then, I wonder: is anyone out there reading this and thinking, “You know what my life needs? A proofreader who understands the difference between a FSCA Directive and a strongly-worded suggestion.”

Over the years, I’ve proofread pieces on greylisting, unlicensed funeral policies, capital treatments, deepfake scams, and insurance guarantees that aren’t actually insurance. I’ve become oddly fluent in compliance jargon. My inner voice now narrates most things in the tone of a regulator issuing a polite but ominous warning.

And yet – despite all this effort – I’ve received maybe a handful of enquiries through this legislative update.

A few weeks ago, I thought things were looking up. A large insurer got in touch, sounding desperate for help with a policy wording. “We really need your help,” they said. “All the words are starting to blur together.” I was genuinely excited. A policy wording! Who gets excited about that? Me, apparently. But then… silence. I’m still holding out hope. That document’s not going to clarify itself.

Perhaps proofreading is one of those things people only notice when it’s missing. Like commas. Or clean reputations.

Maybe it’s the nature of compliance itself: readers are too busy absorbing acronyms and monitoring risk indicators to notice that someone behind the scenes made sure that every sentence made sense, and every semi-colon was exactly where it should be (and yes, I do notice those things).

Still, hope springs eternal. This month’s issue includes the FSCA’s financial education plan, another batch of scam warnings, and a reminder that clarity underpins trust. Whether you’re publishing a Directive or issuing a guarantee that might secretly be insurance, clean, accurate language matters. It’s the difference between compliance and confusion, professionalism and panic.

So if you’re reading this – and you’re responsible for anything that might land in a regulator’s inbox (or Bryan’s perhaps) – consider me your behind-the-scenes ally. I’ll make sure your words are working as hard as you are.

And if not? That’s fine too. I’ll be here, quietly proofreading, nodding along to the next acronym, and hoping this article is the one that finally gets me a referral.

Just one.

I’m not greedy.

Kim Hatchuel

083 657 3377 | kim@a-proofed.co.za

www.a-proofed.co.za