The Three Gates Framework

FICA COMPLIANCE CHECKLIST

FICA KYC Checklist
Commercial Banks

Regulator: Prudential Authority (PA) & South African Reserve Bank (SARB) · Schedule: Schedule 1, Item 1
·

South African commercial banks are accountable institutions under FICA Schedule 1, Item 1, supervised by the Prudential Authority. This checklist covers the minimum Customer Due Diligence (CDD) requirements under FICA Section 21, Enhanced Due Diligence (EDD) for high-risk clients, and ongoing monitoring and record-keeping obligations. Use this as an audit tool when onboarding new clients or reviewing existing client files.

STEP 1

Natural Person — Standard CDD

  • Certified copy of South African ID document or Smart ID card (FICA S.21(a))
  • Certified copy of passport for foreign nationals
  • Proof of residential address — not older than 3 months (utility bill, bank statement, or municipal account)
  • Income tax reference number (where applicable)
  • Source of funds declaration for transactions above R49 999 cash
STEP 2

Legal Entity — Standard CDD

  • CIPC registration certificate (Companies Act S.14)
  • Memorandum of Incorporation (MOI) or founding documents
  • Proof of registered business address
  • List of directors and beneficial owners (5% threshold — FIC PCC 59)
  • Certified ID documents for all beneficial owners holding 5% or more
  • Board resolution authorising the account signatory
  • Tax clearance certificate or SARS registration confirmation
STEP 3

Trust — Standard CDD

  • Trust deed (certified copy)
  • Letter of authority from the Master of the High Court
  • Certified ID documents for all trustees
  • Certified ID documents for all beneficiaries (if determinable)
  • Proof of address for the trust
STEP 4

Enhanced Due Diligence (EDD) — High-Risk Clients

  • Politically Exposed Person (PEP) declaration and screening confirmation
  • Source of wealth declaration (not just source of funds)
  • Enhanced source of funds documentation (audited financials, tax returns)
  • Senior management approval for onboarding (FICA S.21E)
  • Ongoing monitoring schedule documented in client file
  • Adverse media screening results
STEP 5

Ongoing Monitoring & Record-Keeping

  • KYC records retained for minimum 5 years after account closure (FICA S.22)
  • Transaction monitoring alerts documented and resolved
  • Annual review of high-risk client files
  • Suspicious Transaction Report (STR) filed via goAML where applicable (FICA S.29)
  • Cash Threshold Report (CTR) filed for transactions above R49 999 (FICA S.28)

REGULATORY BASIS

This checklist is based on the Financial Intelligence Centre Act 38 of 2001 (as amended by the FICA Amendment Act 1 of 2017), FIC Guidance Notes, and FIC Public Compliance Communications (PCCs). The beneficial ownership threshold of 5% reflects FIC PCC 59 (August 2024). The cash reporting threshold of R49 999 reflects Government Notice 2638 (October 2022). Always verify against the current FIC guidance at fic.gov.za.

RELATED GUIDES

KYC Requirements for SA Commercial Banks →What is Customer Due Diligence (CDD)? →What is Enhanced Due Diligence (EDD)? →What is a Politically Exposed Person (PEP)? →What is a Suspicious Transaction Report (STR)? →What is FICA? →