Once enacted, the Conduct of Financial Institutions Bill (COFI) will introduce a significant shift in the legislative and regulatory landscape of South Africa’s financial services sector. It forms a key component of the country’s Twin Peaks regulatory reform and will primarily focus on strengthening market conduct regulation across the entire financial services sector.
COFI will, among other things, consolidate and replace various industry-specific conduct laws, such as the Financial Advisory and Intermediary Services Act, the Collective Investment Schemes Control Act, the Short-term Insurance Act, the Long-term Insurance Act, the Credit Rating Services Act, the Financial Institutions (Protection of Funds) Act, and the Friendly Societies Act.
It will also effect extensive amendments to the Pension Funds Act, the Financial Sector Regulation Act (FSRA), the Banks Act, the Labour Relations Act, the Insurance Act, the Income Tax Act, the Financial Markets Act, the Medical Schemes Act, the Transnet Pension Funds Act, the Co-operative Act, and the Government Employees Pension Funds Law. It also brings within its ambit certain activities under the National Payments Systems Act and the National Credit Act (NCA).
Why COFI readiness is essential
Following two rounds of public commentary, COFI is expected to be introduced in Cabinet towards the end of 2025 and tabled in Parliament either later this year or in the first quarter of 2026. Its promulgation is anticipated in 2026, with a transitional period of about three years.
The Financial Sector Conduct Authority’s Commissioner has emphasised that readiness for COFI is an industry-wide responsibility, not solely the FSCA’s. Financial institutions must proactively align their business models, governance frameworks, and compliance strategies with COFI’s principles and expectations. Early preparation will ensure agility and competitiveness once the new regime takes effect.
Preparing for the requirements
COFI will introduce a range of practical obligations for which institutions should begin planning now. These include the following:
- Financial institutions should monitor and participate in the formal consultation processes that may follow once COFI is introduced into Parliament.
- Financial institutions are advised to begin mapping their current activities to prepare for the activity-based licensing model, and to develop compliance frameworks aligned with this approach.
- Principles from the Retail Distribution Review will need to be considered to ensure readiness for implementation.
- Governance structures may have to be revised, or developed from scratch, and institutions must ensure that key persons meet, and continue to meet, the fit and proper requirements.
- Fair customer treatment practices must be strengthened in line with the Treating Customers Fairly principles.
- Financial resources across the financial institution should be reviewed to ensure they remain adequate.
- Financial institutions must evaluate their operational capabilities to ensure they are ready to meet COFI’s demands.
- Reporting frameworks may have to be updated, while transformation policies and related structures should be developed or enhanced.
- Automated or technology-driven systems and processes should be reviewed to confirm that they remain fit for purpose under the new regulatory expectations.
The above should be considered in light of the broader range of financial products and services and activities that will be affected by COFI.
Who will be affected by COFI?
COFI will apply broadly to all financial institutions as defined in the FSRA. This includes financial product providers, financial services providers, the holding companies of financial conglomerates, and any person licensed or required to be licensed in terms of a financial sector law.
A financial product provider is any person that, as a business or part of a business, provides a financial product.
Under the FSRA, “financial product” will include participatory interests in collective investment schemes and alternative investment funds; non-retail lending; life and non-life insurance policies; retirement funds and friendly society benefits; deposits under the Banks Act; health service benefits provided by medical schemes; credit under the NCA; warranties, guarantees or other credit support arrangements; and any other facilities or arrangements designated by regulation.
An FSP is any person who, as a business or part of a business, provides a financial service. This includes providing financial products, distribution, financial advice, investment management, administration, custodian services, crypto asset custodial services, payment services, debt collection, financial market activities, benchmarks, credit rating services, third-party treasury management, and corporate advisory services.
Any financial institution providing one or more of these financial products or financial services will be required to comply with COFI.
Licensing and ongoing obligations
Institutions offering these financial products and financial services will have to be licensed under COFI and meet ongoing obligations, including:
- ensuring that key persons and representatives satisfy the fit and proper requirements;
- maintaining sound corporate governance standards;
- implementing appropriate remuneration and conflict of interest policies; and
- having a transformation policy in place.
Financial institutions must maintain adequate financial resources and operational capabilities at all times and meet all reporting, record-keeping, and audit requirements under COFI. To prepare for the relicensing, financial institutions should map all activities, services, and products against the new requirements to determine the correct licensing approach.
Although the new regulatory framework will require significant preparation, it presents a strategic opportunity for financial institutions to build trust, improve governance, and position themselves for long-term resilience and growth. Proactive planning and early action will be key.
This article was written by Webber Wentzel’s Financial Regulatory Practice Group.
Disclaimer: The views expressed in this article are those of the writers and are not necessarily shared by Moonstone Information Refinery or its sister companies.
