Why security is the cornerstone of POPIA compliance

The Protection of Personal Information Act (POPIA) has evolved considerably since it was first put into practice four years ago. In 2024, the Information Regulator (IR) intensified enforcement, issuing at least seven enforcement notices for non-compliance to several...

RMCP enforcement is here, and the consequences are real

Having a Risk Management and Compliance Programme (RMCP) isn’t just a procedural formality – it is a legal requirement under Section 42 of the Financial Intelligence Centre Act (FICA), writes Sameer Kumandan, MD of SearchWorks360. More importantly, it has become...

The business benefits of getting POPIA right

Waiting until you’re on the wrong side of the Protection of Personal Information Act (POPIA) before taking action is a risk no business can afford. Beyond the threat of hefty fines or legal consequences, there’s the potential for serious reputational damage –...

POPIA regulations get a makeover 

The Protection of Personal Information Act (POPIA) Regulations have received a facelift, with the Information Regulator publishing amendments to the Regulations on 17 April 2025. By Nadine Mather, partner, and Pascale Towers, senior associate at Bowmans The...

What SA’s tougher carbon tax means for high-emission industries

The South African government’s ‘carrot and stick’ approach to carbon emissions is going to feature more stick and less carrot in the coming years, as the incentives become less generous and the deterrents more onerous. In other words, the tax-free carbon allowance is...

The state of data protection laws in Africa

Data protection is no longer a niche concern; it’s a fundamental part of the digital age. With businesses, governments, and individuals increasingly relying on digital platforms, the issue of personal data security has never been more critical. By Oluwakemi Ola,...