BarnOwl Info Sharing Insight: Greylisting Creates New Risks for Companies. Are you Exposed? with Robert Davies

July 6, 2023

BarnOwl info sharing session: – Greylisting creates new risks for companies. Are you exposed?
BarnOwl Info Sharing session: 29 June 2023
Presented by: Robert Davies, Robert Davies is an Attorney of the High Court of South Africa and a member of the Law Society of the Northern Provinces


Thank you very much Robert for your most informative presentation on ‘FATF Greylisting’ at the BarnOwl info-sharing event held on 29 June 2023. Thank you too, to all those who attended the session.
South Africa has been grey listed by global financial crime watchdog the Financial Action Task Force (FATF) for not fully complying with international standards around the prevention of money laundering and terrorist financing.
The most significant implication to a country that is grey listed is the reputational damage to the country and the economic effect this has on that country.
The South Africa government has moved swiftly to address the eight areas of strategic deficiencies identified by the FATF by introducing new legislation in the form of amendments to the Financial Intelligence Centre Act, 2001 (FICA) and related laws. These amendments have created a number of new categories of “accountable institutions “which means all companies need to review their current position and reassess their status as they may now fall within one of the new categories of “accountable institution”. If they do, the company must fulfil the new FICA requirements failing which they may be subject to significant penalties, including imprisonment for a period not exceeding 15 years or a fine not exceeding R100 million.
In this session, Robert, discusses the strategic deficiencies identified by the FATF and the new categories of accountable institutions as well as the steps to take to mitigate your risks and fulfil the new FICA requirements.

What are the Implications for a Country that is Greylisted by FATF?

Some analysts have estimated that our grey listing could cost South Africa anywhere between 1% and 3% of the GDP. Grey listing:

  • has a negative impact on the economy, specifically because it will raise the cost of capital and frighten away investors. Some investors may not be allowed to invest in the country anymore.
  • may / will make it more difficult for businesses in South Africa to access international financial services.
  • for institutions who engage in cross-border trade and other activities may be subject to higher levels of customer due diligence by financial institutions outside of that country. In practice, this means that companies must be more thorough in the processing and vetting of their clients and in their understanding of the sources of their funds.
  • results in reputational damage and reduces confidence in South Africa as an investment destination.

What is the Financial Action Task Force (FATF)?

The Financial Action Task Force (FATF) is a global inter-governmental body that promotes policies and sets international standards relating to the combating of:

  • money laundering,
  • terrorist financing, and
  • the financing of the proliferation of weapons of mass destruction

The FATF grey list refers to the FATF’s practice of publicly identifying countries with strategic Anti- Money Laundering and Countering the Financing of Terrorism (AML/CFT) deficiencies.
South Africa was put under a one-year observation period in October 2021, giving the country time to address 67 recommended actions; however not enough progress was made and we now fall under the jurisdiction referred to as the “grey list” where we are subject to increased monitoring and are actively working with the FATF to address their strategic deficiencies.
Generally, it takes anything from one to three years for countries to address the deficiencies and to be taken off the grey list. South Africa is aiming to address the 8 areas of strategic deficiencies identified by the FATF by no later than the end of January 2025

What are the 8 Areas of Strategic Deficiencies Identified by FATF that need to be Addressed?

During the period of the review (i.e. next two years), South Africa will need to:

  1. demonstrate a sustained increase in outbound Mutual Legal Assistance requests that help facilitate money laundering/terrorism financing (ML/TF) investigations<.li>
  2. improve risk-based supervision of Designated Non-Financial Businesses and Professions (DNFBPs) and demonstrate that all AML/CFT supervisors apply effective, proportionate, and effective sanctions for non-compliance
  3. ensure that competent authorities have timely access to accurate and up-to-date Beneficial Ownership (BO) information on legal persons
  4. demonstrate a sustained increase in law enforcement agencies’ requests for financial intelligence from the Financial Intelligence Centre for its ML/TFML/TF investigations
  5. demonstrate a sustained increase in investigations and prosecutions of serious and complex money laundering and the full range of terrorist financing activities in line with its risk profile
  6. enhance its identification, seizure, and confiscation of proceeds of crimes, in line with its risk profile
  7. update its terrorist financing risk assessment to ensure the implementation of a comprehensive national counter-financing of terrorism strategy
  8. show the effective implementation of targeted financial sanctions against non-compliant accountable institutions

What are the Next Steps to Implement the Action Plan by FATF?

We will need to continue working to improve the AML/CFT system to meet the FATF requirements in the 8 specific areas. In this regard, continuously improving the integrity of the financial system is not just a FATF exercise, but rather part of government’s objectives for the regulation of the financial sector. National Treasury is particularly working to:

  1. continue to strengthen and expand anti-money laundering (and combatting terror finance) systems in the financial sector, and
  2. minimise perceived risks relating to this sector, including from new and emerging risks (e.g. crypto-related risks)

How to do this? #1 New categories of “Accountable Institutions”

As a result of the FATF assessment, several new categories of accountable institutions were added to Schedule 1 of the Financial Intelligence Centre Act, 2001 (“FICA”) at the end of November 2022, which became effective mid-December 2022:

  1. life insurance business (excluding reinsurance business)
  2. credit providers under the National Credit Act (“NCA”)
  3. certain credit providers excluded in the NCA
  4. financial services providers under the Financial Advisory and Intermediary Services Act
  5. business of a money or value transfer provider
  6. business of dealing in high-value goods in respect of any transaction where such a business receives payment in any form to the value of ZAR100 000 or more
  7. certain crypto asset service providers
  8. certain trustees and entities which assist others in establishing companies

How to do this? #2 The FIC’s requirements for compliance:

The key obligations in terms of the FIC are:

  1. Register with the FIC
  2. Appoint an Anti-Money-Laundering (AML) / Combating the Financing of Terrorism (CFT) Compliance Officer
  3. Develop an RMCP
  4. Perform Customer Due Diligence
  5. Submit reports to the FIC
  6. Record Keeping
  7. Ongoing Training

Directives and Guidelines can be found on the FIC website and more specifically Guidance Note 7 on the Implementation of Various Aspects of the Financial Intelligence Centre Act, 2001 (Act 38 Of 2001):

Preparing a Risk Management and Compliance Programme (RMCP):
In order to prepare the RMCP, you need to look at section 42 of FICA as amended and PCC 53 which says that the Accountable Institution’s RMCP document must provide for all the following requirements in order to ensure compliance:

Public Compliance Communication No 53 on the Risk Management and Compliance Programme in terms of Section 42 of the Financial Intelligence Centre Act, 2001 (Act 38 of 2001) for Designated Non-Financial Businesses and Professions:


The FIC Act has has two types of penalties for contraventions or acts of non-compliance with the Act. The first is administrative sanctions which includes:

  1. A caution not to repeat the conduct which led to the non-compliance in question;
  2. A reprimand;
  3. A directive to take remedial action or to make specific arrangements;
  4. The restriction or suspension of certain specified business activities; or
  5. A financial penalty not exceeding R10 million in respect of natural persons and R50 million in respect of legal entities.
  6. The second type of penalty is the criminal sanction for contraventions of certain offences. The maximum penalty for these offences are 15 years or a fine not exceeding R100 million. There are also certain lesser offences that carry penalties of maximum sentences of five years or a fine not exceeding R5 million.
    These penalties are set out in sections 46 to 68 of the FIC Act for the specific acts of non-compliance and offences provisions.

Who is responsible for this?

In conclusion

There are a lot of new obligations in terms of the FICA amendments that are being put on an accountable institution. However, having said this, if you run your business on sound governance principles, you are probably doing most of it anyway as you will already have:

  1. A good understanding of your customers based on a detailed customer questionnaire that you complete when you onboard a customer;
  2. Systems, protocols and standard procedures in place to ensure efficiencies within your company;
  3. Debt control processes to avoid losses; and
  4. Various staff training programmes which should now be updated to include training on the relevant aspects of FICA.

In terms of getting off the grey list, FATF are going to want to see that this new legislation has permeated through all the businesses that fall under FICA. They have sophisticated assessment tools and methodologies to do this, which includes looking at how many investigations have been done by the Financial Intelligence Centre and how many companies have been fined.
The bottom line with FICA is that if you are an accountable institution you’ve got to do it, you’ve got to do more of it and you’ve got to be better at it.
As a country, we will be required to investigate more, report more and we’ve got to have more penalties and sanctions to show that the legislation has teeth and is an effective deterrent to money laundering, the financing of terrorism and the proliferation of weapons of mass destruction.

Presentation and video links

Please see attached presentation here, and the info sharing recording here.

Related links

Contact us

Cheryl Keller | BarnOwl:
Robert Davies |

Thank you

Once again, thank you Robert for your time and for your informative presentation and thank you to all those who attended our info sharing session. We look forward to seeing you at our next info sharing session. Please keep a look out for our upcoming events at:

Kind regards
Jonathan Crisp
Director – BarnOwl GRC and Audit software

About BarnOwl:

BarnOwl is a fully integrated governance, risk management, compliance and audit software solution used by over 150 organisations locally and internationally. BarnOwl is a locally developed software solution and is the preferred risk management solution for the South African public sector supporting the National Treasury risk framework.
Please see for more information.

About our guest speaker