FIC Guidance Note 7A on Implementing FICA Requirements

17 Feb

The Financial Intelligence Centre (FIC) has updated its Guidance Note 7A to help accountable institutions understand their responsibilities under the Financial Intelligence Centre Act (FIC Act), 2001. It outlines how to identify and manage financial crime risks, keep proper records, and report suspicious transactions.

The updated guidance applies to all accountable institutions, which include:

The biggest changes focus on risk management and compliance. Here are the key updates:

Stronger Leadership Accountability
The board of directors or senior management must approve and oversee the Risk Management and Compliance Programme (RMCP). This cannot be delegated committees or junior staff.
Mandatory Compliance Function
Businesses must appoint a compliance officer to ensure they follow the law. This person should be senior enough to make important decisions.
Better Documentation & Record-Keeping
Companies need to fully document their RMCP, including how they manage risks and conduct due diligence. Simply referencing other policies isn’t enough – the guide now requires detailed descriptions of how risks are handled.
Clearer Penalties for Non-Compliance
If an institution doesn’t have a proper RMCP, it can face sanctions or fines.
A More Structured Risk-Based Approach
Institutions need to assess risks before putting controls in place. The RMCP should have three key sections:
- Risk Identification – Understanding money laundering, terrorist financing, and proliferation financing risks.
- Risk Mitigation – How the business manages and reduces risks.
- Ongoing Monitoring – Regularly checking if risk controls still work over time.
Group-Wide Compliance for Larger Businesses
If a company operates as part of a bigger group, each entity must do its own risk assessment. The group's overall RMCP must reflect risks from all its businesses.

PPRA Warns Consumers: Ensure Your Property Practitioner is Registered