The Financial Intelligence Centre (FIC) has just published Public Compliance Communication No 43 (PCC43). The objective of the communication is to provide accountable institutions (AI) with the FIC’s view on compliance with their customer due diligence obligation in terms of Part 1, Chapter 3 of the FIC Act, where the accountable institution requests assistance from another accountable institution in relation to a shared client.
PCC 43 provides that an AI (first-party AI) may request the assistance of another AI (third party AI) to provide them with customer due diligence (CDD) information and/or documentation in relation to a shared client for the purposes of establishing and verifying the identity of the client.
It is important to take note of the following:
|●||The third party AI will not perform the CDD , but rather provide the CDD information and/documents held for a shared client to the first party AI.|
|●||The client must be a shared client due to a single transaction or business relationship being entered into, where both AIs are party to. It is not sufficient that a client is fortuitously or accidentally the client of both AIs.|
|●||The risk management and compliance programme (RMCP) of the first party AI must clearly document the procedure to be followed where a third party AI will be utilised for this purpose.|
|●||Where the CDD information and/or documentation provided is not sufficient in terms of the RMCP of the first party AI, additional due diligence measures would need to be performed by the first party AI .|
|●||The first party AI would need to be able to provide evidence that they have made a concerted effort to determine and understand the CDD standards applied by the third party AI.|
|●||The first party accountable institution remains at all times accountable for all aspects of AML/CFT compliance and compliance with the requirements under the FIC Act which included:|
|○||the risk assessment of a client,|
|○||ongoing CDD; and|
This matter has long been a bone of contention for advisers who felt that they were required by product providers to do their work for them. Hopefully, these guidelines will clarify the responsibilities and obligations of the various parties.
Click here to download PCC43.