In February 2023, South Africa was placed on the Financial Action Task Force’s (FATF) “grey list” after the global watchdog found shortcomings in how the country implemented anti-money laundering (AML) and counter-terrorism financing (CTF) standards.
By Sameer Kumandan, MD of SW360
Since then, government, regulators, and the private sector have worked to strengthen compliance with the Financial Intelligence Centre Act (FIC Act). So much so that in June 2025, the FATF acknowledged the significant progress that had been made on the various action items proposed when the grey listing was announced over two years ago.
While getting South Africa off the grey list is a whole-of-government effort, the private sector must also play a part. Accountable institutions have a responsibility to comply on the ground by ensuring robust customer due diligence (CDD/KYC) processes, applying enhanced due diligence for higher-risk customers, setting up transaction monitoring systems, keeping comprehensive records and investing in proper staff training.
HR and FIC compliance
HR teams in accountable institutions play a critical role in ensuring compliance with FICA. While compliance is often viewed as a legal or risk department function, HR must create an organisation-wide culture of accountability. Additionally, HR has a responsibility to ensure the right people are hired, vetted, and continuously monitored to prevent compliance risks.
To illustrate the importance of this, consider a traditional mining company. While a mining company is not explicitly listed in Schedule 1 categories of accountable institutions, there are many aspects of mining operations that can trigger FIC relevance. For example, HR must recognise that senior management can influence the movement of funds and contract approvals, among other things.
As such, screening new hires thoroughly is essential. This includes running identity and background checks, verifying beneficial ownership, checking for sanctions, and assessing links to politically exposed persons (PEPs). It’s important to remember that risks don’t only occur at hiring; someone’s exposure or status may change, which makes continuous monitoring a must.
But comprehensive screening processes can be complex for various reasons. Successful screening requires accurate, up-to-date data and often this data is incomplete or inconsistent. In addition, because screening involves personal and sensitive data, HR has a responsibility to ensure that any checks align with privacy laws. Finally, when dealing with large workforces, the scale of screening/monitoring can be costly and time-consuming, especially when done manually.
With VOCA from SW360, HR and people teams can automate critical compliance processes, which reduces manual effort and mitigates the risks associated with financial crimes. An integrated compliance solution, VOCA enables real-time identity verification, automated risk assessments, and ongoing monitoring, making compliance and due diligence simple.