26.11.2024

Crypto asset service providers and their role in combating money laundering and terrorist financing

A recent sector risk assessment by the Financial Intelligence Centre (FIC) found that crypto asset service providers (CASPs) can knowingly or unwittingly facilitate criminal activities such as money laundering and the financing of terrorist activities.

Crypto currencies have many legitimate uses, but they are also favoured in financial crime because these transactions can be anonymous, fast, automated and global in nature, making it more difficult for law enforcement agencies to trace.

To mitigate these risks, CASPs have been brought into the South African regulatory fold as accountable institutions listed as item 22 of Schedule 1 to the Financial Intelligence Centre Act (FIC Act). A person who performs the business activities of a CASP, regardless of the technology platform used or the specific type of crypto asset being used for the transaction, is an accountable institution and must register with the FIC.

What does registration entail?

Registration with the FIC is free and is completed electronically on the FIC’s registration and reporting platform called goAML, which is accessible via www.fic.gov.za.

All registrations must be accompanied by supporting documentation including the certified identity document of the compliance officer and an authorisation letter on the CASP’s letterhead. The FIC has issued guidance on how to register; goAML accountable institutions registration guide as well as public compliance communication (PCC) 5D.

Reporting to the FIC

CASPs are obligated to submit the following reports to the FIC:

  • Suspicious and unusual transaction reports
  • Cash threshold reports
  • Terrorist property reports

Reporting suspicious and unusual transactions

CASPs must identify and report suspicious and unusual transactions and activities (STRs and SARs) to the FIC in terms of the FIC Act. The FIC uses this information to develop financial intelligence, which it shares with law enforcement, prosecutorial and other competent authorities for their investigations and applications for asset forfeiture.

The person filing the STR does not have to prove that the funds involved in the transaction are linked to a crime. The report can be based on a subjective suspicion. There is also no monetary limit or threshold that is applicable when filing an STR. Where there is suspicion or knowledge, the transaction or activity must be reported irrespective of the amount involved.

When a transaction has not taken place, but the client’s behaviour leads to the suspicion  that the CASP  may be abused for money laundering, terrorist financing or proliferation financing, this must be reported in a suspicious  activity report (SAR). 

All STRs and SARs must be submitted as soon as possible, and no later than 15 days after a business becomes aware and/or suspicion is raised regarding an activity or transaction. The report must be filed via goAML, on the FIC website. Filing an STR or SAR does not prevent your business from continuing with the transaction, and it may therefore continue.

A person involved in making a report may not inform anyone, including the client or any other person associated with a reported transaction, of the contents of a suspicious transaction or activity report, or that a report has been made. CASPs should consult Guidance Note 4B for more information.

Risk indicators

When monitoring crypto asset transfers and client activity for suspicious and unusual activity, there are some red flag indicators to consider. These include:

  • Technological features that increase anonymity – such as the use of peer-to-peer exchanges websites, mixing or tumbling services or anonymity enhanced crypto assets
  • Sender or recipient profiles – unusual behaviour can suggest criminal activity
  • High-risk clients and jurisdictions e.g. links to institutions or jurisdictions on the sanctions lists
  • Payments from non-associated or unknown third parties and payments for fees in cash where this practice is not typical
  • Funds are received from or sent to a foreign country when there is no apparent connection between the country and the client
  • Transactions linked to a blacklisted crypto asset address
  • Third parties transacting using client details, where client provides its customer due diligence information to the CASP and once the account is opened by the CASP, the client provides the private keys of the crypto asset to the criminal. This has increased recently in South Africa, particularly where the client lacks the technological understanding of how crypto assets work. For more information regarding money mules please consult the FIC report: Financial Crime Insight: Money laundering risks associated with money mules.

Filing cash threshold reports

CASPs are obligated to report to the FIC cash transactions that exceed R49 999.99. Section 28 of the FIC Act stipulates that cash transactions containing prescribed particulars must be reported to the FIC within three business days. Cash transactions refer to physical cash transactions and bank deposits, not electronic transfer of funds. CASPs should consult Guidance Note 5C for more information.

Targeted financial sanctions

When establishing a business relationship with a client, CASPs must screen certain information concerning the client against the targeted financial sanctions (TFS) list. The TFS list contains entities or individuals with known links to international terrorist organisations and have been identified as such by the United Nations Security Council.  If an accountable institution finds the person or entity is an exact match to a designated entity or person on the TFS list, then the transaction must not continue, and such any property in the CASP’s possession must be frozen.

The TFS list can be found on the FIC website. Please consult the targeted financial sanctions manual on how CASPs can screen their clients. For the implementation of TFS, CASPs should consult PCC 44A.

If there is no match, but there is a suspicion of terrorist financing involved, then a terrorist financing transaction or activity report (TFTR or TFAR) should be submitted to the FIC. TFTRs or TFARs area subtype of a section 29 report.

Terrorist property report

A terrorist property report (TPR) is submitted to the FIC when the CASP knows that it has in its possession or controls property of a person or entity listed on the TFS list.

The TPR must be submitted on goAML, as with STRs and CTRs. The TPR must be submitted as soon as possible but no later than five days after the institution has become aware. CASPs should consult to Guidance Note 6A for more information.

For sector specific guidance on CASPs, refer to PCC 57, which contains examples of risk indicators relating to the CASP sector. Please refer to the draft sector risk assessment for CASPs.

Other FIC Act obligations include implementing a risk-based approach to customer due diligence, record keeping, appointing a person responsible for compliance, developing and implementing a risk management and compliance programme, training and screening employees, as well as submitting a risk and compliance return.

The FIC has recently published Directive 9 concerning the implementation of the “Travel Rule” for accountable institutions that engage in crypto asset transfers. Directive 9 requires CASPs that transfer or receive crypto asset transfers on behalf of their clients, to provide information alongside such transfers, and to keep related records. Consult Directive 9 for more information. For an introduction of an accountable institution’s obligations, CASPs can consult Guidance Note 7.

For more compliance information and guidance offered to accountable institutions, refer to the FIC website.

The FIC’s compliance contact centre can be reached on +27 12 641 6000 or log an online compliance query by clicking on: https://www.fic.gov.za/compliance-queries/

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter