Nedbank says a R35-million fine imposed on it by the SA Reserve Bank followed a compliance inspection conducted from May to June 2019 — less than two months after fundamental amendments to the Financial Intelligence Centre Act (FIC Act) were required to be implemented by 2 April 2019.

“While Nedbank has paid the financial penalty and acknowledged the administrative shortcomings present at the time in 2019, it would like to highlight that the lengthy delays in the promulgation of the amended FIC Act had particular adverse implications for Nedbank,” the bank said in a statement on Saturday.

Nedbank contends that the extended delays in the definition of requirements affected the timeous finalisation of system requirements and the bank’s comprehensive information technology transformation programme was already “well under way”. 

The bank further noted that since 2019, its related compliance and risk management environment, including reporting obligations under the FIC Act, had matured extensively and ongoing significant investments had been successfully implemented to further enhance the end-to-end control and compliance environments.

With reference to the administrative sanctions, a Nedbank spokesperson said it was important to highlight the following:

• These sanctions were imposed purely as a result of a limited number of administrative compliance deficiencies identified in samples of data tested back in 2019, and specifically, there was no evidence of Nedbank facilitating any transactions involving money laundering or the financing of terrorism.
• The administrative compliance deficiencies have all since been remediated by Nedbank, and Nedbank has cooperated fully with the SA Reserve Bank.
• A total financial penalty of R20-million was paid in April 2022 (excluding R15-million, which was conditionally suspended) and this amount was covered by central provisions raised by Nedbank over time.
• R15-million (excluding R10-million conditionally suspended for 12 months) of the total R20-million financial penalty paid related to reporting gaps that had already been identified by Nedbank and were disclosed upfront to the SA Reserve Bank before the 2019 inspection. A remediation programme was already under way. These gaps related to deficiencies in certain aspects of Nedbank’s cash threshold reporting processes following the implementation of a new financial industry-wide reporting system in 2016 that resulted in Nedbank’s failure to timeously identify a number of reportable cash transactions. These were subsequently reported in full.

The Prudential Authority (PA) within the SA Reserve Bank enforces compliance with the FIC Act. The Reserve Bank announcement of the fine on Friday afternoon said that Nedbank was found guilty on five different counts. 

Visit Daily Maverick’s home page for more news, analysis and investigations

 Charge One

Failure to:

• Apply a risk-based approach across its business clusters in accordance with its risk management and compliance programme;
• Apply enhanced due diligence controls;
• Risk-rate its clients;
• Provide evidence that it had developed and documented end-to-end procedures and working methods relating to its systems and processes used to onboard clients; and
• Provide evidence that its controls and/or oversight measures were able to extract the correct data that would allow it to accurately risk-rate its clients.

For the above transgressions, the PA imposed a caution, a reprimand and a financial penalty of R5-million, of which R2-million has been conditionally suspended for 12 months.

Charge Two 

The bank also failed to comply with record-keeping obligations under the FIC Act, for which it received a reprimand and a financial penalty of R5-million, of which R3-million has been conditionally suspended for 24 months. 

Charge Three 

Nedbank failed to comply with its cash threshold reporting obligations in that it failed to report a significant number of cash transactions that exceeded the threshold of R24,999.99, for which it received a caution, a reprimand and a financial penalty of R25-million, of which R10-million has been conditionally suspended for 12 months. 

Charge Four 

Failure to timeously determine when a transaction was reportable in terms of section 29 of the FIC Act, for which the PA imposed a caution, a reprimand and a directive to take remedial action.

Charge Five 

Failure to comply with anti-money laundering and counter financing of terrorism governance-related obligations in that it was unable to show evidence that senior management approval was obtained for customer due diligence requirements prior to implementation. The PA imposed a caution not to repeat the conduct which had led to the non-compliance. BM/DM