Essential compliance and fraud insights for intermediaries

Navigating the complexities of financial fraud and fast-expanding regulatory compliance, especially in the wake of South Africa’s greylisting, can feel like walking through a minefield. 

In March, Investec for Intermediaries toured the country on a “Stay Connected” roadshow sharing expert insights on compliance updates and fraud prevention to intermediary clients. 

Here are some of the core insights and practical strategies shared at the events that you, as an intermediary, can leverage to transform your business.

Changes to global tax compliance

The Organisation for Economic Cooperation and Development (OECD) created the Automatic Exchange of Information (AEOI) framework, which aims to enhance the global transparency of taxpayers' financial account information and serve as a measure against tax evasion. Currently, over 170 jurisdictions participate in AEOI annually.

In her presentation, Samantha Petersen, Compliance Officer at Investec, said: "Under the Foreign Account Tax Compliance Act (FATCA) and the Common Reporting Standard (CRS), it's crucial for financial advisers to conduct ongoing due diligence on all clients. Proactively monitoring changes in clients’ circumstances is essential, as is a thorough understanding of the significant risks associated with non-compliance."

To meet regulatory obligations, intermediaries must obtain and verify Self-Certification forms from all their clients, regardless of their perceived tax residency. This is a crucial step in verifying and maintaining accurate records, which must be retained for eight years from the date of a client’s contract termination.

Additionally, you must ensure compliance with due diligence procedures to identify reportable accounts, particularly focusing on the tax residency of account holders and the classification of entities as Passive Non-Financial Entities (NFEs).

Lowering the bar: New thresholds in beneficial ownership

To combat financial crimes like money laundering and terrorist financing, the Financial Intelligence Centre (FIC) introduced a new threshold to the beneficial ownership requirements of the FIC Act through the publication of Public Compliance Communication 59 (PCC 59).

Previously, the flagging of beneficial owners was limited to those holding 25% or more ownership in a business. Now, the threshold has been lowered. When onboarding a new client, it is necessary to identify and verify any individual holding 5% or greater ownership in the business.

This change is crucial in uncovering hidden connections, preventing financial crime, and safeguarding yourself from the costly repercussions that follow it.

Talking at the event, Romy-Anne Templeton, Financial Crime Compliance Officer at Investec, highlighted a critical truth about financial crime: criminals thrive on complexity. “Elaborate corporate structures are the perfect camouflage to hide their identities and distance themselves from illicit activities. This is why, as intermediaries, a deep understanding of the companies you onboard is paramount.”

Safeguarding yourself and your clients from digital fraud

Phishing is a deceptive tactic that involves sending emails or messages or making calls that appear to come from trusted companies.  The aim is to trick individuals into disclosing sensitive personal information, such as passwords and credit card details.

According to a 2023 report by the South African Banking Risk Information Centre (SABRIC), phishing attacks alone accounted for a loss of approximately R200 million, a 50% increase from the previous year.

Kevin Hogan, Head of Fraud Risk at Investec, captivated the audience at the event by shedding light on the dark world of hacking, revealing that it is not a technological feat, but rather a sophisticated form of social engineering. 

“Criminals exploit our inherent trust, mimic the digital world we feel secure in, and manipulate us into performing actions online that we’d normally avoid in real life,” he said.

Phishing schemes are adaptable to every platform we use; any channel capable of delivering a message becomes a potential channel for attack, and some of the common, day-to-day habits that make us vulnerable were noted as:

• Re-using usernames and passwords across multiple accounts – a single breach can unlock your entire digital life.
• The danger of short phone passcodes and how an eight-digit code can be cracked in under nine seconds.
• Keeping the same password/s for years.

One of his suggested solutions is to invest in a robust, encrypted, and secure password manager – a small price to pay for peace of mind.

A key insight was that fidelity insurance doesn't cover you or your clients for immense financial losses due to fraud. Most commercial business policies exclude cyber-related crimes, and specific cyber insurance comes at an extremely high cost. Therefore, the responsibility is on you to proactively beef up your online security. 

“We must be more aware of the deceptive tactics of cybercriminals, break free from bad online habits, and always think critically on behalf of our clients, who are mostly unaware of the prevalence of modern fraud. By understanding the art of deception, we can protect ourselves and those we serve from becoming the next victim.”

While all the changes and new digital threats can be overwhelming, the key message of the webinar was one of hope: With the right knowledge, tools, and technology, you can safeguard your business and clients while turning compliance into a competitive advantage rather than a burdensome obligation.