South Africa poses a high risk for money laundering, terrorist financing and proliferation financing (providing funds or financial services to procure nuclear, chemical or biological weapons or their components). This is the opinion of the Paris-based Financial Action Task Force (FATF), and if the country does not put urgent and substantial measures in place by October 2022, it risks being greylisted by the international money laundering and terrorist financing watchdog before February 2023.

Greylisting would place SA on a list alongside the likes of Yemen, Burkina Faso, Albania and the Cayman Islands, which are deemed to be a risk to the international financial system, and just one notch higher than blacklisted North Korea and Iran. 

That’s not all: if SA is greylisted, the EU, UK, US and other FATF members are likely to refuse to do business with South African entities, which will affect the country’s credit rating. 

On Wednesday, 27 July, the SA Reserve Bank’s Prudential Authority (PA) published two reports into the banking and life insurance sectors as part of its activities to assess and address the risks of money laundering (ML), terrorism financing (TF) and proliferation financing (PF) in the financial services sector.

The PA is responsible for anti-money laundering and counter-financing of terrorism supervision of banks, mutual banks and life insurers.

Banking sector

In its assessment of the banking sector, reflecting on the earlier ML/TF/PF risk assessment for the period 1 October 2018 to 31 December 2020, the PA surveyed 34 banks in March 2021, including five large banks, nine medium to small locally controlled banks, 17 foreign controlled banks (including Al Baraka, China Construction, Deutsche and HSBC) and three mutual banks. The PA also engaged with central banks, the Financial Intelligence Centre and law enforcement agencies, conducted independent research and consulted with the Financial Surveillance Department of the SA Reserve Bank.

The PA said it wanted to identify the ML/TF/PF risks in the sector, in order to aid its supervisory activities, “as appropriate”.

Across the banking sector, the PA found common threats and vulnerabilities, including fraud, bribery and corruption, Ponzi/pyramid schemes, environmental crimes, tax-related offences or crimes, illicit cross-border flows, criminals using money mules, and drug trafficking, human trafficking and cybercrime, including emerging technologies. 

Products with the highest ML/TF risk were trade finance products and services, cash-intensive transactions, cross-currency transactions, correspondent banking, investment products, treasury products, corporate finance, credit products, trust accounts and stokvel accounts. 

It also found the banking sector wanting in terms of identifying domestic prominent influential persons (DPIPs), obtaining beneficial ownership information, using trade products and advanced payments, and not identifying cryptocurrencies and exchanges as client types. 

Further weaknesses came from non-face-to-face client onboarding, allowing large cash deposits and data issues.

Large banks, it noted, are widely exposed to a high level of inherent ML/TF risk. 

“This is as a result of their high numbers of clients, substantial exposure to foreign country risk, use of non-face-to-face delivery channels which increases anonymity, very high exposure to cash and the propensity for the illicit flow of funds.”

One of the large banks, it reported, had 8,388 clients with unknown citizenship, which poses a high risk within the sector. 

Another large bank had 1,782 clients with the country of incorporation unknown. The sector is targeted by criminals, as clients use cash extensively and can use non-face-to-face methods such as ATMs to anonymously deposit cash.

Concerningly, large banks lost R322.1-million in the past 24 months due to cybercrime or online fraud attacks, while locally controlled banks lost R159.1-million — R7.9-million of which was due to staff collusion, while one of the nine locally controlled banks did not know how many fraud attempts were successful, indicating weak controls.

The PA’s analysis of the beneficial ownership information revealed that two of the five largest banks have the highest number of beneficial owners that were identified as DPIPs, and one of the five large banks also had the highest number of beneficial owners identified as foreign prominent public officials across the sector.

Locally controlled medium-sized banks, meanwhile, are highly exposed to cash, which increases their ML/TF vulnerability. 

“Increased remote service delivery channels, such as the use of ATMs and online banking, can facilitate identity fraud, contribute to the anonymity of persons and make it difficult to detect suspicious and unusual transactions,” the PA said. 

Two locally controlled banks offer contactless or digital banking services, where clients’ anonymity and the rapid movement of transactions increased their ML/TF risk, as do international fund transfers. 

The overall ML/TF risk rating foreign banks was deemed to be high due to significant exposure to foreign country risk. While they mostly bank fewer clients and offer limited banking services, they are exposed to a small number of high-risk clients (especially trusts, high-net-worth clients, financial institutions and foreign-based clients) who conduct cross-border transactions and offer complex high-risk products, such as trade finance, agent bank arrangements, and investment products and services that may hide illicit funds.

Mutual banks’ ML/TF inherent risk was assessed to be low, because they typically offer services to low- and middle-income earners, who take up simple product offerings, but because most of their clients are onboarded digitally, they were deemed to be vulnerable. 

Life insurers

In its assessment of risks in the insurance sector, the PA focussed on the primary life insurers and life cell captives (entities consisting of a core and an indefinite number of cell entities which are kept legally separate from each other), not reinsurers, in line with FATF recommendations, for the two-year period between 2021 and 2022. The report was intended as a guidance to policymakers, especially Treasury, as it provides risk information that could affect future policy making positions and benefit life insurers by helping them to better understand risks in their sector.

As at 31 December 2020, there were 60 primary life insurers, five life cell captives, one life reinsurer and five composite reinsurers in SA. The total asset size of the sector was R3,290-billion, with gross premiums totalling R575-billion.

The PA said ML, through life insurance institutions, is often performed to disguise the origin and nature of illegal proceeds of crime and gains obtained from it by “buying, altering and surrendering insurance policies and filing insurance claims to avert the tracing of the origin of the funds”. 

Life insurers may be vulnerable to money laundering due to the nature of their business, through payments of illegal earnings for commissions to buy insurance policies, which are then sold and converted by repeatedly trading it to “launder” its ties with crime. Onboarding teams, finance departments and servicing teams were most exposed to risk within business segments.

Life insurers flagged accepting payments in cash (eg when direct debits bounce); allowing for payments from third parties; receiving and making payments to other jurisdictions; accepting overpayments; life products wrapped with investment or savings; accepting payment of premiums outside the premium schedule; single premiums from high-net-worth individuals and large single lump-sum payments, which could allow criminals to get rid of large sums of money in one go, as high risk of ML.

Most life insurers (67%) indicated their products had a low to medium TF risk, so no red flags have been identified to date. “Furthermore, customers are risk-rated and enhanced due diligence measures are applied in respect of high-risk customers, including screening customers against relevant sanctions and targeted financial sanctions lists.”

Life insurers believed that considerations leveraged for ML, TF, fraud and sanctions were deemed sufficient to detect PF risk in the long-term insurance sector. One life insurer said PF requires high levels of funding and was therefore not a risk applicable to their business model.

In jurisdictions where there are known terrorist activities taking place, such as Mozambique and Kenya, five life insurers have a presence, which exposes them to inherent risk. Weak AML/CFT controls in these accountable institutions may result in direct or indirect financing of terrorism in these countries, the report noted.

Seventy-two percent of the primary life insurers indicated that they did not ask their customers to provide reasons for changing beneficiaries, while 22% said they did.

Although the PA found life insurers had processes in place to identify and file reportable cash transactions to the FIC, not all insurers had investigated such cash transactions to determine whether they should also be filed as suspicious and/or unusual transactions in terms of the FIC Act. Closer scrutiny of these transactions by the PA showed that the transactions may indicate placement of undeclared earnings in the financial system.

The level at which life insurers were deemed to be vulnerable to ML/TF was, however, assessed as low, while the overall ML/TF/PF risk rating was medium. This rating is based on the assessment of the criminal threat environment, inherent vulnerabilities in the subsector and consequences associated with criminal threats.

What is greylisting?

If SA is greylisted, the country will be deemed to be high-risk. This will mean increased scrutiny, monitoring and costs. Foreign banks and investors will be forced to hike their requirements, and some investors and banks will simply refuse to do business with SA entities. 

There are fears that if SA is greylisted, the EU and UK will blacklist SA. 

Intellidex chairperson Stuart Theobald told eNCA last month that greylisting is “fairly bad”. 

“The FATF… works through a system of mutual evaluation, so member countries [SA included] evaluate each other and assess how compliant each country is, with a set of standards and norms that every country’s financial systems are expected to comply with. South Africa, through the Financial Intelligence Centre Act, has in the past been fairly compliant.” 

Last year though, the mutual evaluation conducted in SA found several shortcomings — many linked to State Capture — and gave SA a year’s notice to substantially implement the FATF’s recommendations by October this year to avoid potentially being greylisted. 

Greylisting is serious, Theobald said. “It means that every counterpart to the member country, not only the EU and UK, but the United States and many other countries are required to apply an enhanced level of due diligence to any greylisted country.” 

If the FATF has determined a country is not compliant with its standards, its enhanced due diligence will mean many businesses and entities will simply refuse to do business with SA entities, which will affect the country’s credit rating.

On Wednesday evening, deputy Reserve Bank governor and chair of the PA, Fundi Tshazibana, told 702 their report was not saying that banks were involved in wrongdoing, but identified existing risks.

She said financial crimes are increasingly widespread, which is why the FATF does periodic reviews across countries.

Tshazibana said that “if we do not undertake the actions that they’ve [the FAFT] identified as gaps, there is a very high risk that we will be placed [on the greylist”, but added that the authority was working “at breakneck speed” to ensure that we comply by October. BM