South Africa’s major crypto rules shake-up
South Africa’s Financial Intelligence Centre (FIC) has received feedback from seventeen commentators on its proposed new regulations on cryptocurrency transactions.
This comes after the FIC issued a draft directive regarding the “Travel Rule” — requiring crypto platforms in South Africa to identify the parties of a cryptocurrency transaction.
Complying with the Travel Rule is part of a broader effort to get off the Financial Action Task Force (FATF) greylist.
The proposed directive, signed by FIC acting director Pieter Smit, states that South African crypto asset service providers (CASPs) must transmit a significant amount of a sender’s personal data to recipient providers.
This includes their full name, ID or passport number, residential address, date and place of birth, and wallet address.
It also requires that CASPs verify the information they receive from other providers in line with the FIC Act (i.e. FICA).
According to the FIC, it received submissions from several major crypto asset service providers, insurance companies, travel rule solution providers, and The Banking Association South Africa.
“The FIC is in the process of assessing all comments with a view to finalising a final version of the directive, taking into account relevant comments,” the agency told MyBroadband.
“The aim is to have the final directive in place by the third quarter of the financial year.”
As the directive is currently written, senders must provide full names, details of the sending and receiving crypto wallets, and the beneficiary’s name for cross-border transfers.
These particulars need not be verified for accuracy for transactions less than R5,000 unless there is suspicion of money laundering or terrorist financing.
However, one of the more onerous requirements is in section 4.8 of the FIC’s proposed new rules.
Before transmitting this private data, CASPs must first identify the counterpart provider, conduct due diligence on the counterparty, and regularly update its due diligence when dealing with them.
Additionally, intermediary CASPs must ensure that all originator and beneficiary information for cross-border and domestic crypto asset transfers is transmitted to the recipient CASP, or another intermediary in a transaction chain.
Intermediaries must take reasonable measures to identify cross-border crypto asset transfers that lack the required information.
Recipient CASPs must comply with FICA’s “know your customer” rules, with which most South Africans will be familiar.
Broadly, this requires that they obtain proof of identity and address when customers open an account with them.
They must also monitor incoming cross-border transfers, taking “reasonable measures”, including post-event monitoring or real-time monitoring where feasible to identify transactions lacking the required information.
For cross-border transactions less than R5,000 from high-risk or “other monitored jurisdictions” as listed by the FATF, a beneficiary CASP must verify the accuracy of the beneficiary information.
The proposal also deals with so-called “unhosted wallet transfers” — better known as self-custody in the crypto world.
It stipulates that CASPs must have a risk-based policy for obtaining further information on unhosted wallets if they determine a higher risk of money laundering, terrorist financing, or proliferation financing.
The FATF greylisted South Africa on 24 February 2023 for falling short on its eleven measures of a country’s effectiveness in combating money laundering and the financing of terrorism.
Its Travel Rule requires financial institutions, including those who deal in virtual assets, to provide relevant originator and beneficiary information alongside transactions.
This helps to prevent criminal and terrorist misuse, the FATF states.
In 2022, only 29 jurisdictions had confirmed to the FATF that they had implemented regulations to enact the Travel Rule. Very few had started enforcing them.
By April 2023, this had increased to 35 jurisdictions, with 27 saying they were busy passing relevant legislation.
A year later, a status page on the FATF website showed that most countries had passed or enacted legislation to implement the Travel Rule.
Towards the end of June, the FATF issued an update stating that South Africa remained on the greylist.
This was in line with expectations that South Africa would only get off the greylist in 2025.
The intergovernmental agency commended South Africa for its high-level political commitment to work on anti-money laundering (AML) and counter-financing of terrorism (CFT).
It also said South Africa should continue taking action to address some of its remaining strategic deficiencies, including:
- Demonstrating a sustained increase in outbound mutual legal assistance (MLA) requests that help facilitate ML/TF investigations and confiscations of different types of assets in line with its risk profile.
- Demonstrating that all AML/CFT supervisors apply effective, proportionate, and effective sanctions for non-compliance.
- Ensuring that competent authorities have timely access to accurate and up-to-date information on legal persons and arrangements and applying sanctions for breaches of violation by legal persons to beneficial ownership obligations.
- Demonstrate a sustained increase in investigations and prosecutions of serious and complex money laundering and the full range of TF activities in line with its risk profile.
- Enhancing its identification, seizure and confiscation of proceeds and instrumentalities of a wider range of predicate crimes in line with its risk profile.
- Ensuring the effective implementation of targeted financial sanctions and demonstrating an effective mechanism to identify individuals and entities that meet the criteria for domestic designation.