Checklist de conformité KYC, KYB et AML
Afrique du Sud KYC, KYB & AML
A general FIC Act implementation baseline for Schedule 1 accountable institutions, with fintech and crypto-asset notes. It is not a complete sector checklist; banks, payment businesses, financial services providers, insurers, CASPs and other institutions must also apply their Prudential Authority, FSCA, SARB, FIC or other sector requirements.
- Revue le
- 15 July 2026
- Version
- 1.0
- domaines de contrôle
- 7
- contrôles d’implémentation
- 49
Réponse directe
Que couvre la checklist de conformité pour Afrique du Sud ?
La checklist pour Afrique du Sud traduit les principales règles KYC, KYB et AML en 7 domaines de contrôle et 49 contrôles d’implémentation, avec les autorités, obligations de déclaration et preuves à conserver.
Faits réglementaires clés
- Registration
- FIC goAML within 90 days of operations
- Core framework
- FIC Act and Schedule 1
- Record retention
- Generally 5 years
- Suspicion reporting
- Without delay; no later than 15 days
Détail d’implémentation
Exigences et actions de conformité pour Afrique du Sud
Ouvrez chaque domaine pour consulter l’exigence, l’action recommandée, les preuves à conserver et la source primaire utilisée.
01Applicability and governanceConfirm accountable-institution status and make the risk-based compliance programme operational and accountable.6 éléments+
Map Schedule 1 status
- Action d’implémentation
- Map each service and product against Schedule 1 of the FIC Act. Do not infer accountable-institution status from the fintech label alone; record the activity, item number, license and any exclusions.
- Preuves à conserver
- Accountable-institution and licensing assessment
- Source primaire
- FIC Act, Schedule 1
Identify every supervisor
- Action d’implémentation
- Map every activity to its Schedule 1 item and Schedule 2 supervisory body. The FSCA supervises items 4, 5 and 12. SARB acts through the Prudential Authority for items 6, 7, 7A, 8, 19 and 23; through Financial Surveillance for items 10, 13 and 19; and through its other statutory functions for item 23. The FIC directly supervises listed sectors including items 1, 2, 3, 9, 11, 14, 20, 21 and 22 and where no other supervisory body applies. A CASP conducting item 22 activity is accountable to the FIC; if it also provides crypto-asset advice or intermediary services, item 12 FSCA licensing and coordinated oversight may also apply.
- Preuves à conserver
- Schedule-item, license and supervisor register
- Source primaire
- FIC Act, Schedules 1-2; FIC supervision mapping
Register under every applicable item
- Action d’implémentation
- Register through goAML within 90 days after commencing business as an accountable institution under every applicable Schedule 1 item. Notify the FIC in writing of changes to registration particulars within 90 days.
- Preuves à conserver
- FIC registrations and change log
- Source primaire
- FIC Act, s.43B; FIC registration notice
Keep accountability at the highest level
- Action d’implémentation
- The board, senior management or other person or group exercising the highest authority must approve the RMCP. The board of a legal person, or senior management where there is no board, remains accountable for institutional and employee compliance. A legal person must maintain a compliance function and assign a person with sufficient competence and seniority to ensure its effectiveness; ultimate accountability is not an operational task that can be delegated away.
- Preuves à conserver
- Approval, appointment, mandate and governance minutes
- Source primaire
- FIC Act, s.42A
Maintain an operational RMCP
- Action d’implémentation
- Develop, document, maintain, implement and regularly review the RMCP. Address every section 42 component or document why it is not applicable, make the RMCP available to relevant employees and provide it to the FIC or supervisor on request. Cover institutional risk, CDD, BO, TFS, PEP, monitoring, reporting, records, training and governance.
- Preuves à conserver
- Approved RMCP mapped to actual controls
- Source primaire
- FIC Act, s.42; Revised GN 7A
Apply the sector overlay
- Action d’implémentation
- Add applicable PA, FSCA, SARB, exchange-control, payment, insurance, credit, CASP or professional-sector requirements and resolve differences in favor of the binding rule.
- Preuves à conserver
- Sector-overlay matrix
- Source primaire
- Applicable sector law and supervisor guidance
02KYC for natural personsEstablish and verify identity using methods proportionate to risk and documented in the RMCP.6 éléments+
Prohibit anonymous or fictitious clients
- Action d’implémentation
- Do not establish a business relationship or conclude a single transaction with an anonymous client or a client using an apparent false or fictitious name.
- Preuves à conserver
- Onboarding rule and exception report
- Source primaire
- FIC Act, s.20A
Establish the client's identity
- Action d’implémentation
- Collect sufficient identity particulars for the customer type and risk, including full legal name, date of birth, identification number or passport details, nationality, address and contact information as defined by the RMCP and applicable sector rule.
- Preuves à conserver
- Completed customer profile
- Source primaire
- FIC Act, s.21; RMCP
Verify identity reliably
- Action d’implémentation
- Verify identity using reliable independent sources and methods defined in the RMCP, documenting authenticity checks, exceptions and the basis for any non-face-to-face approach.
- Preuves à conserver
- Verification result and audit trail
- Source primaire
- FIC Act, s.21; GN 7A
Verify representatives and underlying clients
- Action d’implémentation
- Where a person acts for another, establish and verify the representative and the person on whose behalf they act, and confirm authority.
- Preuves à conserver
- Authority evidence and relevant KYC files
- Source primaire
- FIC Act, ss.21 and 21B
Understand purpose and source of funds
- Action d’implémentation
- Record the nature and intended purpose of the relationship, expected activity and source of funds expected to be used.
- Preuves à conserver
- Purpose and expected-activity profile
- Source primaire
- FIC Act, s.21A
Resolve failed CDD
- Action d’implémentation
- If required CDD cannot be completed, do not establish the relationship, conclude or give effect to the transaction, or continue the relationship; terminate according to the RMCP and consider a section 29 report.
- Preuves à conserver
- Decline or exit and reporting decision
- Source primaire
- FIC Act, s.21E
03KYB for legal persons and arrangementsVerify the entity and authority, then identify the natural persons who ultimately own or control it.7 éléments+
Verify legal existence and status
- Action d’implémentation
- Obtain and independently verify the registered name, registration number, legal form, status, governing documents and registered address through CIPC or another reliable registry.
- Preuves à conserver
- Current registry result and formation documents
- Source primaire
- FIC Act, ss.21 and 21B; RMCP
Understand activity and financial profile
- Action d’implémentation
- Record the business activity, operating address, expected products, transaction volumes, counterparties, geographies and source of funds.
- Preuves à conserver
- Business and expected-activity profile
- Source primaire
- FIC Act, s.21A
Verify authority and required connected persons
- Action d’implémentation
- Establish and verify every person acting for a client or on whose behalf a client acts, and confirm authority. Identify and take reasonable steps to verify all natural-person beneficial owners under section 21B. Obtain director and controller information needed to understand the structure, but verify additional directors or controllers only where they are representatives, beneficial owners, required by the RMCP because of risk, or covered by a sector rule.
- Preuves à conserver
- Mandate, structure analysis and required KYC
- Source primaire
- FIC Act, ss.21 and 21B
Apply the beneficial-owner cascade
- Action d’implémentation
- Identify natural persons exercising controlling ownership, then control through other means, and only where no such person can be identified after reasonable measures, the person exercising control over management.
- Preuves à conserver
- Ownership and control chart with BO rationale
- Source primaire
- FIC Act, s.21B; PCC 59
Use 5% as a control indicator, not a safe harbor
- Action d’implémentation
- PCC 59 strongly recommends identifying persons with 5% or more ownership interest, but the AML test remains control-based. Do not stop where lower ownership, agreements, voting rights or other means create control.
- Preuves à conserver
- Threshold and other-control analysis
- Source primaire
- PCC 59, paras. 2.18-2.19
Check CIPC BO information
- Action d’implémentation
- Compare customer declarations with available CIPC BO and securities information. Newly incorporated entities must file BO information within 10 business days after incorporation and amended information within 10 business days after a change. CIPC applies a 5% minimum threshold with broader effective-control indicators; declarations and the applicable securities or beneficial-interest register are also filed annually with the annual return within 30 business days after the incorporation anniversary. Do not treat CIPC information or 5% ownership as conclusive for AML CDD.
- Preuves à conserver
- CIPC result, discrepancy record and filing evidence
- Source primaire
- CIPC BO guidance; PCC 59
Resolve trusts and layered structures
- Action d’implémentation
- Trace ownership and control through intermediate companies, partnerships, trusts or nominees and obtain reliable evidence for trustees, founders, beneficiaries, protectors and other controlling persons as applicable.
- Preuves à conserver
- Full structure chart and arrangement documents
- Source primaire
- FIC Act, s.21B; PCC 59
04Risk assessment, PEPs and sanctionsApply the RMCP's risk methodology while treating targeted financial sanctions as a non-risk-based prohibition.8 éléments+
Assign and explain customer risk
- Action d’implémentation
- Assess customer, ownership, product, service, delivery channel, geography and transaction risk under the RMCP and retain the rationale and approval.
- Preuves à conserver
- Risk assessment and decision
- Source primaire
- FIC Act, s.42; GN 7A
Identify prominent persons
- Action d’implémentation
- Determine whether customers or beneficial owners are foreign or domestic politically exposed persons or prominent influential persons, including relevant immediate family and known close associates.
- Preuves à conserver
- PEP/PIP result and relationship mapping
- Source primaire
- FIC Act, ss.21F-21G and Schedules 3A-3C
Apply risk-specific prominent-person controls
- Action d’implémentation
- For foreign PEPs, obtain senior approval, establish source of wealth and funds and enhance monitoring. Apply those measures to domestic PEPs and prominent influential persons where the relationship is higher risk.
- Preuves à conserver
- Approval, source analysis and monitoring plan
- Source primaire
- FIC Act, ss.21F-21G; PCC 51
Screen UN and domestic designations
- Action d’implémentation
- Scrutinise prospective and existing clients, beneficial owners, representatives, persons on whose behalf clients act and transaction parties against the current FIC-hosted UN Security Council TFS list and applicable section 23 POCDATARA court orders. Screening is mandatory regardless of customer risk and must occur at onboarding, during the relationship and whenever designations or orders change.
- Preuves à conserver
- Time-stamped list and order screening with match decision
- Source primaire
- FIC Act, ss.26A and 28A; POCDATARA, s.23; PCC 44A
Freeze and prohibit immediately
- Action d’implémentation
- On a true match, immediately and without waiting for consent, another court order or prior reporting, cease all activity and freeze property in the institution's possession or control. Do not deal with, release or make property, funds, financial services or other services available to the designated person, persons acting for them or related controlled property. Lift the freeze only after delisting, a domestic order is set aside or a valid section 26C permission applies.
- Preuves à conserver
- Freeze, block, non-dealing and authorization record
- Source primaire
- FIC Act, ss.26B-26C; POCDATARA; PCC 44A
File the correct TFS report
- Action d’implémentation
- File a TPR without delay and no later than five days after awareness that the institution possesses or controls section 28A property, including attempted transactions. File a section 29 report where activity is suspicious but designation or property connection is not established as fact.
- Preuves à conserver
- TPR or STR decision, filing and timeline
- Source primaire
- FIC Act, ss.28A-29; PCC 44A
Screen employees
- Action d’implémentation
- Screen prospective and current employees for competence and integrity periodically using a documented risk-based approach. Scrutinise employee information against applicable TFS information when section 26A notices are issued. Retain the methodology and outcomes and make them available to the FIC or supervisor on request.
- Preuves à conserver
- Employee-screening policy, results and review log
- Source primaire
- FIC Directive 8; PCC 55
Use adverse information proportionately
- Action d’implémentation
- Review reliable adverse information where relevant, distinguish allegation from verified fact and record its effect on risk and approval.
- Preuves à conserver
- Adverse-information disposition
- Source primaire
- RMCP risk-based control
05Enhanced due diligenceIncrease information, verification, approval and monitoring where the documented risk is higher.5 éléments+
Collect additional customer and BO information
- Action d’implémentation
- Obtain further identity, ownership, business, geography and transaction information needed to understand and mitigate the higher risk.
- Preuves à conserver
- EDD information pack
- Source primaire
- FIC Act risk-based framework; RMCP
Corroborate material claims
- Action d’implémentation
- Use additional reliable sources to verify identity, legal existence, ownership, control, expected activity and explanations for unusual features.
- Preuves à conserver
- Independent corroboration record
- Source primaire
- GN 7A; PCC 59
Establish source of funds and wealth
- Action d’implémentation
- Establish and, where risk warrants, corroborate source of funds and source of wealth, including mandatory prominent-person measures.
- Preuves à conserver
- Source evidence and plausibility analysis
- Source primaire
- FIC Act, ss.21A and 21F-21G
Obtain senior approval where required
- Action d’implémentation
- Require documented approval for foreign PEP and applicable higher-risk domestic PEP or prominent-influential-person relationships and for other cases specified by the RMCP or sector rule.
- Preuves à conserver
- Approval and conditions
- Source primaire
- FIC Act, ss.21F-21G; RMCP
Increase ongoing monitoring
- Action d’implémentation
- Set tighter review cycles, transaction scrutiny, alert thresholds and escalation requirements proportionate to higher risk.
- Preuves à conserver
- EDD monitoring plan
- Source primaire
- FIC Act, s.21C; RMCP
06Ongoing due diligence and fintech controlsKeep customer knowledge current, connect monitoring to the expected profile and apply technology-specific directives.9 éléments+
Monitor throughout the relationship
- Action d’implémentation
- Conduct ongoing due diligence and scrutinise transactions for consistency with the institution's knowledge of the customer, business, risk profile, source of funds and expected activity.
- Preuves à conserver
- Monitoring rules, alerts and case outcomes
- Source primaire
- FIC Act, s.21C
Refresh on risk and trigger events
- Action d’implémentation
- Keep CDD and BO information current at a risk-based frequency and when ownership, authority, activity, product, geography, behavior or prior information changes.
- Preuves à conserver
- Review schedule and event-driven reviews
- Source primaire
- FIC Act, ss.21C-21D; RMCP
Examine unusual activity
- Action d’implémentation
- Investigate activity lacking an apparent lawful purpose, inconsistent with the expected profile or otherwise unusual, and preserve the rationale for reporting or closing the case.
- Preuves à conserver
- Investigation notes and decision
- Source primaire
- FIC Act, s.29; GN 4B
Meet Directive 5 ATMS clocks
- Action d’implémentation
- Where a reporter uses an automated transaction monitoring system, treat alert generation as knowledge of potentially reportable activity and begin investigating within 48 hours, excluding Saturdays, Sundays and public holidays. Submit a section 29 report as soon as possible and no later than 15 days after alert generation. Prevent backlogs, document decisions and preserve manual reporting and monitoring for system gaps.
- Preuves à conserver
- Alert timeline, investigation and filing record
- Source primaire
- FIC Directive 5; PCC 45
Govern ATMS effectiveness
- Action d’implémentation
- Assign skilled staff and responsibilities; test detection effectiveness, data integrity, scenarios, thresholds and rules; perform risk-based tuning; document and test configuration changes; obtain prior highest-authority approval for significant changes; and obtain highest-authority review and approval of ATMS effectiveness at least annually. Include the methodology and workflow in the RMCP.
- Preuves à conserver
- Tests, changes, annual approval and RMCP mapping
- Source primaire
- FIC Directive 5; PCC 45
Apply Directive 9 to in-scope CASPs
- Action d’implémentation
- Directive 9 applies to item 12 and item 22 accountable institutions acting as ordering, intermediary or recipient CASPs for domestic or cross-border crypto-asset transfers and has applied since 30 April 2025. In a business relationship, any value above zero qualifies. Ordering CASPs must transmit required originator and beneficiary information securely before or simultaneously with the transfer; use the reduced treatment only for qualifying single transactions below R5,000 and verify the originator where suspicion exists.
- Preuves à conserver
- Travel-rule messages, threshold logic and exceptions
- Source primaire
- FIC Directive 9
Control counterpart CASPs and incomplete data
- Action d’implémentation
- Conduct due diligence on counterpart CASPs, preserve required information through intermediary and recipient stages, and maintain risk-based procedures for incomplete information and unhosted wallets in the RMCP. An ordering CASP must not execute a transfer when it cannot comply with Directive 9 paragraphs 4.1 to 4.7.
- Preuves à conserver
- Counterparty due diligence and transfer decisions
- Source primaire
- FIC Directive 9
Submit the 2026 risk and compliance return
- Action d’implémentation
- Check Directive 11 scope. The 30 June 2026 deadline for item 2 trust and company service providers, item 9 casinos, item 11 non-bank credit providers, item 14 Postbank, item 21 South African Mint and item 22 CASPs is now overdue; remediate immediately if outstanding. Item 1 legal practitioners, item 3 estate agents, item 20 high-value goods dealers and item 9 non-casino gambling institutions must submit by 31 July 2026 through the prescribed platform under PCC 60 and current FIC instructions.
- Preuves à conserver
- Scope assessment, submission and remediation record
- Source primaire
- FIC Directive 11; 2026 RCR notice; PCC 60
Maintain continuity across KYC and monitoring
- Action d’implémentation
- Ensure monitoring and case decisions can retrieve the onboarding purpose, expected activity, BO structure, risk rating and prior reviews instead of treating KYC as a static file.
- Preuves à conserver
- Linked customer, monitoring and case audit trail
- Source primaire
- Recommended implementation control; FIC lifecycle obligations
07Reporting, records, privacy and assuranceFile each report within its own trigger and deadline, prevent tipping off and preserve retrievable evidence.8 éléments+
File STRs and SARs
- Action d’implémentation
- Section 29 applies broadly to persons carrying on, managing or employed by a business. Report suspicious or unusual transactions or activities through goAML as soon as possible and without delay, but no later than 15 days excluding Saturdays, Sundays and public holidays after awareness of the reportable fact; internal review time is included. A report does not itself stop a transaction, although a section 34 FIC intervention may prohibit continuation for up to five days.
- Preuves à conserver
- STR/SAR reference and decision timeline
- Source primaire
- FIC Act, ss.29 and 34; GN 4B; FIC reporting FAQ
Prevent tipping off
- Action d’implémentation
- Do not disclose that a section 29 report has been or will be filed or reveal its contents, and limit access to reports and investigations.
- Preuves à conserver
- Access controls and communications guidance
- Source primaire
- FIC Act, ss.29 and 38
File cash threshold reports
- Action d’implémentation
- Report physical cash received or paid of R50,000 or more as soon as possible and no later than three business days after awareness. Do not treat electronic transfers as cash and do not assume CTR filing replaces an STR or TPR.
- Preuves à conserver
- CTR logic, filings and reconciliation
- Source primaire
- FIC Act, s.28; GN 5C
File IFTRs where the institution is in scope
- Action d’implémentation
- Authorised dealers, authorised dealers with limited authority, financial services providers with a direct-reporting dispensation and Postbank must report each qualifying inbound or outbound cross-border electronic transfer of R20,000 or more. Submit as soon as possible and no later than three days excluding Saturdays, Sundays and public holidays after awareness that the transfer occurred, ordinarily when value becomes available to the beneficiary. Apply per transfer without aggregation and include qualifying Common Monetary Area transfers.
- Preuves à conserver
- IFTR scope assessment, filings and reconciliation
- Source primaire
- FIC Act, s.31; GN 9
Escalate missed reports
- Action d’implémentation
- If the institution discovers that a required CTR, TPR, STR/SAR or IFTR was not submitted, immediately notify the FIC in writing through the prescribed channel, request engagement on mitigation and continue remediating the missed report. Notification does not condone the failure, extend the original deadline or prevent enforcement.
- Preuves à conserver
- FIC notification, late filing and remediation record
- Source primaire
- FIC Directive 3A
Retain retrievable records
- Action d’implémentation
- Keep CDD records for five years after relationship termination, transaction records for five years after the transaction and section 29 reporting records for five years after submission; ensure free and easy access, legibility and prompt production.
- Preuves à conserver
- Retention schedule and retrieval test
- Source primaire
- FIC Act, ss.22-24; FIC reference guide
Apply POPIA controls
- Action d’implémentation
- Register the Information Officer, document the eight lawful-processing conditions, minimization, transparency, security safeguards, operator governance, rights, cross-border transfers, retention, impact assessments, prior authorization where required and security-compromise response. Preserve FIC Act records where legally required.
- Preuves à conserver
- Information Officer record, processing register and privacy controls
- Source primaire
- POPIA; Information Regulator guidance
Train, test and remediate
- Action d’implémentation
- Provide ongoing employee training sufficient to enable compliance with the FIC Act and RMCP. Test control effectiveness at documented intervals and remediate weaknesses. Independent assurance is a recommended implementation control unless a binding sector rule, licence condition or governance standard makes it mandatory.
- Preuves à conserver
- Training, testing record and remediation log
- Source primaire
- FIC Act, s.43; RMCP

7 domaines de contrôle et 49 vérifications d'implémentation avec sources réglementaires directes.
Téléchargez la checklist KYC, KYB et AML pour Afrique du Sud
Partagez vos coordonnées professionnelles pour accéder immédiatement à la checklist d'implémentation sourcée pour Afrique du Sud. Date de revue réglementaire : 15 July 2026.
Recevez le PDF immédiatement
Envoyez vos coordonnées pour démarrer automatiquement le téléchargement
Revue et sourcée
Version 1.0, revue le 15 July 2026
Approuvé par des équipes conformité de premier plan
Registre des sources primaires
22 sources utilisées pour cette checklist
Utilisez ces liens pour vérifier la législation, les lignes directrices, les procédures de déclaration et les statuts internationaux.
- Financial Intelligence Centre Act booklet, current consolidated materialFinancial Intelligence Centre · primary
- Compliance obligations and supervisory scopeFinancial Intelligence Centre · primary
- Reference guide for accountable institutionsFinancial Intelligence Centre · primary
- Revised Guidance Note 7A on risk management and compliance programmesFinancial Intelligence Centre · primary
- PCC 59 on beneficial ownershipFinancial Intelligence Centre · primary
- Targeted financial sanctions obligations and listFinancial Intelligence Centre · primary
- PCC 44A on targeted financial sanctions and domestic designationsFinancial Intelligence Centre · primary
- Schedule 2 supervision and enforcement mappingFinancial Intelligence Centre · primary
- Crypto asset service provider sector obligationsFinancial Intelligence Centre · primary
- Suspicious transaction reporting periodFinancial Intelligence Centre · primary
- Cash threshold reporting obligationsFinancial Intelligence Centre · primary
- Guidance Note 9 on international funds transfer reportingFinancial Intelligence Centre · primary
- Directive 9 travel rule for crypto asset transfersFinancial Intelligence Centre · primary
- Directive 5 on automated transaction monitoring systemsFinancial Intelligence Centre · primary
- PCC 45 on implementation of Directive 5Financial Intelligence Centre · primary
- Directive 8 and PCC 55 on employee screeningFinancial Intelligence Centre · primary
- Directive 3A on failures to submit regulatory reportsFinancial Intelligence Centre · primary
- 2026 risk and compliance return deadlinesFinancial Intelligence Centre · primary
- Beneficial ownership filing guidanceCompanies and Intellectual Property Commission · primary
- POPIA compliance and Information Officer guidanceInformation Regulator South Africa · primary
- FATF increased monitoring statement, 24 October 2025Financial Action Task Force · primary
- South Africa AML Operations in 2026: Why KYC Alone Fails Under FICAVOVE ID - contextual reading · context
Réponses directes
Questions KYC, KYB et AML pour Afrique du Sud
Which South African businesses must follow the FIC Act's accountable-institution duties?+
The duties apply to the categories in Schedule 1, including specified financial institutions, financial services providers, credit providers, money or value transfer providers, high-value goods dealers and crypto asset service providers. A fintech label alone is not determinative; map the actual regulated service and Schedule 1 item.
What is required for KYC under the FIC Act?+
An accountable institution must establish and verify customer identity, understand the nature and intended purpose of the relationship and expected source of funds, identify relevant representatives and beneficial owners, apply ongoing due diligence and implement the methods in a risk-based RMCP and any sector rule.
How should beneficial ownership be determined in South Africa?+
Apply the section 21B control cascade and identify the natural persons exercising controlling ownership or control through other means. PCC 59 strongly recommends identifying persons with 5% or more ownership, but that is not a safe harbor that replaces broader control analysis. Compare customer information with CIPC BO information where available.
When must suspicious activity be reported in South Africa?+
A section 29 STR or SAR must be filed as soon as possible and without delay, but no later than 15 days excluding Saturdays, Sundays and public holidays after awareness of the reportable fact. Internal review time does not extend that period.
What are the main threshold reports?+
All accountable institutions report physical cash of R50,000 or more within three business days. Only specified institutions authorised for relevant cross-border transfers file IFTRs for R20,000 or more within three days excluding Saturdays, Sundays and public holidays. Suspicion and terrorist-property reports have separate triggers and must not be replaced by a threshold report.
Is South Africa currently on the FATF grey list?+
No. FATF removed South Africa from increased monitoring on 24 October 2025. Institutions should keep country-risk records current and continue applying their documented risk-based controls.
Méthode de recherche et de revue
VOVE ID Compliance Research cartographie le périmètre réglementaire, traduit les obligations en contrôles opérationnels, relie les affirmations importantes aux sources et date chaque revue.
VOVE ID Compliance Research · Revue le 15 July 2026 · Version 1.0
This is a general South Africa baseline, not legal advice or a complete sector checklist. Being a fintech or technology provider does not by itself determine Schedule 1 status. Confirm the regulated activity, accountable-institution category, supervisor, product rules and current FIC directives before implementation.