If it feels like the regulatory environment has hit “cruise control” in 2026, it’s only because the speed keeps increasing. From the long-awaited progress of the COFI Bill to ever more detailed guidance from the Financial Intelligence Centre, there’s certainly no shortage of developments competing for attention. And just when it seems like frameworks are in place, the focus shifts towards proving that they actually work.
A common thread running through these updates is effectiveness. It’s no longer enough to have policies gathering dust (albeit neatly filed); regulators are increasingly interested in how these translate into real-world outcomes. Add to that new reporting requirements and evolving supervisory themes, and it’s clear that “business as usual” is doing a lot more heavy lifting than it used to.
While each update on its own may seem manageable, together they reflect a regulatory environment that is becoming more integrated, more demanding, and less forgiving. As always, the balancing act between keeping up with change and keeping the lights on remains very real…
THE FINANCIAL SECTOR CONDUCT AUTHORITY (FSCA)
Continuous Professional Development (CPD) deadline – 31 May
If you’re reading this you most likely don’t need the reminder, but nonetheless, don’t forget to ensure all FAIS-registered Representatives (not under supervision) and Key Individuals have completed their required CPD hours by 31 May 2026. The competence register needs to be updated by 30 June so start collecting those certificates!
The COFI Bill passes to Parliament
South Africa’s long-anticipated Conduct of Financial Institutions (COFI) Bill is moving forward, with Cabinet approving its submission to Parliament. The Bill aims to establish a single, comprehensive framework for regulating market conduct across all financial institutions, aligning with the country’s Twin Peaks regulatory model. By strengthening the role of the Prudential Authority and the FSCA, COFI seeks to enhance consumer protection, ensure fair treatment of customers, and promote a more stable and inclusive financial sector.
The Bill also aims to advance transformation by requiring alignment with the Financial Sector Code and proponents claim that it has a more flexible, differentiated licensing regime.
High Court confirms construction guarantees are insurance business
The Gauteng Division of the High Court has confirmed that Fusion Guarantees (Pty) Ltd was conducting unregistered insurance business and has interdicted the company from issuing construction guarantees going forward. In a judgment delivered on 23 March 2026, the Court upheld the FSCA’s position that certain construction guarantees constitute non-life insurance under the Insurance Act, notwithstanding Fusion’s registration under the National Credit Act.
The Court rejected arguments by Fusion and its associated financial service provider (FSP), Elasah Risk Consultants, that the guarantees were credit agreements rather than insurance products. It found that the guarantees exhibit key insurance characteristics, including premium payments, indemnification against loss, and reliance on uncertain future events such as contractor default. Costs were awarded against both parties.
The ruling reinforces prior precedent and regulatory clarity, confirming that entities issuing construction guarantees must be licensed insurers. The FSCA welcomed the judgment as an important step in protecting customers and maintaining the integrity of South Africa’s insurance sector, and reiterated its warning to contractors and public entities to verify the licensing status of guarantee providers.
FSCA takes regulatory action against Ian Roscoe
The FSCA fined Ian Roscoe R1,500,000 and banned him for 20 years for providing unauthorised financial services linked to the BHI Trust investment. The BHI Trust and its operator, Craig Warriner, were previously penalised for similar violations under the FAIS Act, including unauthorised financial service activities.
FINANCIAL INTELLIGENCE CENTRE (FIC)
Travel rule guidance for crypto asset transfers
The FIC has issued Public Compliance Communication (PCC) 61 of 2026, providing detailed guidance on implementing the “travel rule” for crypto asset transfers under Directive 9 of 2024, effective from 30 April 2025.
The guidance applies to crypto asset service providers and relevant FSPs, requiring them to collect, verify, and transmit originator and beneficiary information for all crypto asset transfers regardless of the value. The rule aligns South Africa with the Financial Action Task Force (FATF) Recommendation 16 and aims to enhance transparency and combat money laundering, terrorist financing, and sanctions evasion.
Key expectations include:
- Zero-threshold application: All crypto transfers must include required information, with no minimum value exemption.
- Real-time compliance: Information must be transmitted securely and simultaneously with the transaction.
- Risk-based controls: Crypto asset service providers must implement enhanced due diligence for high-risk transactions, including those involving unhosted wallets or high-risk jurisdictions.
- Monitoring and sanctions screening: Real-time and post-event monitoring, including screening against UN sanctions lists, is required.
- Execution controls: Transactions lacking required information must be suspended, rejected, or returned, and suspicious activity must be reported.
The FIC emphasises that its guidance is authoritative and non-compliance may result in enforcement action unless institutions can demonstrate equivalent compliance measures.
FIC issues guidance on the scope of “credit providers” under the FIC Act
The FIC published Public Compliance Communication (PCC) 23A on 30 March 2026, clarifying the scope of entities that qualify as “credit providers” under item 11 of Schedule 1 to the Financial Intelligence Centre Act. The guidance confirms that the designation extends beyond lenders registered under the National Credit Act (NCA) and includes a wide range of entities that carry on the business of providing credit, including non-bank lenders, intra-group and ad hoc commercial lending arrangements, certain factoring and loan book acquisitions, and credit agreements excluded from the NCA.
Importantly, the FIC emphasises a substance-over-form approach when assessing whether an entity is “carrying on the business” of providing credit, considering factors such as frequency, commercial intent, systems, and recovery arrangements. Entities relying on “incidental credit” exclusions are cautioned against structuring arrangements to avoid designation. Designated credit providers are reminded of their obligations to register as accountable institutions; to apply customer due diligence; to maintain a risk management and compliance programme; and to assess money laundering, terrorist financing and proliferation financing risks using the risk indicators outlined in the PCC.
Risk and compliance return submission
The FIC has issued Directive 11 of 2026 under the Financial Intelligence Centre Act, mandating the submission of the 2026 Risk and Compliance Return (RCR) by specified accountable institutions.
All affected accountable institutions must complete and submit their RCR electronically via the FIC’s online platform, with submissions opening on 4 May 2026. The return requires firms to assess and report on their exposure to money laundering, terrorist financing, and proliferation financing risks, as well as the effectiveness of their risk-based compliance controls.
The Directive applies to the following entities:
- Legal practitioners and trust service providers
- Estate agents
- Casinos
- Non-bank credit providers
- Accountants and auditors
- Crypto asset service providers
- High-value goods dealers
Banks, mutual banks, and co-operative banks acting as credit providers are explicitly excluded from this Directive.
Two main reporting periods apply depending on the type of institution: 1 April 2023 – 31 March 2026 for legal practitioners, estate agents, casinos; and 1 July 2023 – 31 March 2026 for credit providers, crypto asset service providers, and high-value goods dealers.
Submission deadlines are 30 June 2026 (17:00) for most sectors, including credit providers, crypto asset service providers, accountants, and casinos; and 31 July 2026 (17:00) for high-value goods dealers, legal practitioners, and estate agents.
Institutions must fully complete all applicable sections of the RCR, ensuring that responses reflect their current risk understanding and control environment via the FIC’s electronic platform. Note that no offline submissions will be permitted.
A separate draft guidance document was also released, which clarifies key structural issues, including the treatment of branches, franchises, and separately incorporated entities, and reinforces that each distinct legal entity or functional business activity may trigger a separate RCR obligation.
Failure to comply with the Directive constitutes non-compliance and may result in administrative sanctions under the Act.
Appointment of new FIC director
The Minister of Finance, Enoch Godongwana, has appointed Thabiso Lucas Thiti as the new Director of the FIC with effect from 15 April 2026, for a five-year term.
Thiti succeeds Pieter Smit, who has served in an acting capacity since September 2023. His appointment follows a comprehensive recruitment process and brings more than two decades of senior leadership experience across the justice, security, and intelligence sectors.
The appointment comes at a critical time for South Africa’s financial crime framework, following the country’s recent removal from the FATF greylist. The FIC is expected to maintain momentum in strengthening anti-money laundering, counter-terrorism financing, and enforcement effectiveness ahead of an upcoming FATF mutual evaluation.
PRUDENTIAL AUTHORITY (PA)
Flavour-of the-year for 2026
The PA has announced that the 2026 “Flavour-of-the-Year” supervisory focus for banks and life insurers will be the effectiveness of anti-money laundering, counter-financing of terrorism, and counter-proliferation financing (AML/CFT/CPF) controls.
These annual thematic reviews require banks and life insurers to demonstrate how well they understand and mitigate evolving money laundering, terrorism financing, and proliferation financing (ML/TF/PF) risks, aligned with the Financial Sector Regulation Act and the Financial Intelligence Centre Act. Institutions must show clear evidence of strong preventive controls, effective oversight, and the ability to detect and deter criminal abuse of financial products and services.
Banks are required to address the theme at their annual board prudential meeting, and life insurers are required to address the theme either during their annual prudential meeting or, where no meeting is scheduled, by submitting a full board-level AML/CFT/CPF pack to the PA for review by 31 August 2026.
In both cases, a non-executive board member must provide a detailed presentation covering areas such as:
- Board oversight and assurance
- Evolution of ML/TF/PF risks
- Use of national and sector risk assessments
- Customer due diligence effectiveness
- PEP/PIP controls
- Transaction monitoring
- TF and PF mitigation
- Correspondent banking risks
- High-risk jurisdictions
- New technologies and cross-border subsidiary oversight
INFORMATION REGULATOR (IR)
Annual PAIA returns
The IR opened its portal for submission of the annual Promotion of Access to Information Act returns on 1 April. The questions revolve around the number of information requests received, responded to, or denied, and are very simple to complete. There is an option to provide further feedback should you need to.
Information Officers or Deputy Information Officers can follow this link to log in and submit a ‘new’ return by 30 June 2026.
A-PROOFED
A client phoned me today in a bit of a panic. Let’s call him Mr X, mainly to spare him further embarrassment. You see, Mr X knew I could help him out of a bind.
He had just presented documents in a board meeting, and it didn’t go well. Not because the content was wrong or the thinking was off, but because the layout was, in his words, a complete mess.
And once it’s in the meeting, it’s done. There’s no fixing it in the moment.
And just to add to the chaos, the documents were covered in track changes, with comments popping up like unsolicited opinions on social media, quietly signalling that the work wasn’t quite finished.
He was describing it to me and I could picture it immediately. Fonts all over the place. Headings inconsistent. Tables that needed a second look to make sense. Pages that felt crowded, then suddenly empty. No real flow.
You can have the best content in the world, but if it looks like that, it lands badly.
People don’t always say it, but they feel it. If something looks disorganised, it creates doubt. It makes the reader work harder than they should have to. And in a boardroom, nobody has patience for that.
The frustrating part is that this is almost always avoidable.
Layout is usually left until the end. It becomes the “quick tidy-up” task. Except it’s never quick, and it rarely gets done properly when it’s rushed.
And then it shows.
What I said to him, and what I say to most clients, is that formatting isn’t decoration. It’s structure. It’s what helps people follow your thinking and see what matters.
Good layout does a lot of quiet work in the background. Bad layout gets in the way.
If you’re sending documents into a high-stakes space like a board meeting, it’s worth asking a few simple questions. Is this easy to read? Is it consistent? Does it feel like one document or several stitched together?
If you’re unsure, that’s usually your answer.
And it’s worth saying this clearly: Mr X’s job was to present the material in the meeting. Not to design the documents. Getting headings aligned, tables clean, and formatting consistent is often not part of that role. It sits elsewhere in the process.
Mr X can’t change what happened in the board meeting. But he can change what goes out next time.
Because when layout is clean, people focus on what you’re actually saying. They engage with the content instead of fighting the format.
It sounds small. It isn’t.
It’s often the difference between being taken seriously straight away, and having to work much harder to be heard.
If you’re putting together board packs or client documents and you’re not completely confident in how they look and flow, it might be worth getting a second pair of eyes on them before they go out. I help clients clean up, structure, and standardise their documents so the content actually gets the attention it deserves.
So if you want to make sure this doesn’t happen to you the way it did to Mr X, you know where to find me.
083 657 3377 | kim@a-proofed.co.za
www.a-proofed.co.za
