Skip to main content

BD Business Law & Tax (Oct 2022)

Page 1

BUSINESS LAW &TAX

OCTOBER 2022 WWW.BUSINESSLIVE.CO.ZA

A REVIEW OF DEVELOPMENTS IN CORPORATE AND TAX LAW

A risk-based view of crypto

one-size-fits all approach •toAvoid crypto asset service providers Angela Itzikowitz & Aslam Moosajee ENSafrica

R

ecently, the Prudential Authority, acting in terms of the Banks Act, 1990, issued a guidance note (G10/2022) to inform banks and bank controlling companies of practices related to the effective implementation of adequate anti-money laundering and counterfinancing of terrorism controls relating to crypto assets and crypto asset service providers. The Prudential Authority is aware that certain banks in SA have previously decided to terminate their relationship with crypto asset service providers and/or have discontinued the provision of banking services to crypto asset service providers by closing their accounts. In an implicit criticism of such actions by certain banks, the guidance note emphasises that risk assessment does not necessarily mean that banks should seek to avoid any risk entirely by, for example, closing the accounts of crypto asset service providers or by refusing to open an account for them. The guidance note high-

discover more

lights that the decision to close accounts or not to offer banking services should be made only after careful due diligence and consideration. If a bank gives notice of its intention to close an account of a customer simply on the basis that the customer is a crypto asset service provider, the enforcement of the bank’s right to terminate may be challenged on the basis that it is contrary to public policy. Inasmuch as the Financial Intelligence Centre Act, 2001 adopts a risk-based approach to regulation, banks are required to have in place comprehensive policies and risk-management processes as well as procedures to combat money laundering, terrorist financing and proliferation financing. These policies and processes must be documented and updated on a regular basis and training on money laundering and terrorist financing must be provided on an ongoing basis. Risk assessment in terms of such policies would enable banks to understand the direct and/or indirect exposure to risks that a crypto asset service provider may present. Banks need to assess what elements are driving or reducing money laundering,

A LITTLE BIT OF CURRENCY

/123RF — RHJ2017 terrorist and proliferation financing. In this regard, banks have to consider the type of clients, their transactional activity, crossborder flow of funds and a client’s association with crypto-related activities. The risk management and compliance programmes of banks need to be tailored and cater to varying levels of risk

that a crypto asset service provider poses. Appropriate risk assessment involves a consideration of various factors, including: ● The type of services, products, transactions involved; ● Customer risk; ● Geographical factors; and ● The type of crypto assets involved or exchanged. When a crypto asset ser-

vice provider seeks to establish and maintain a relationship with a bank, the bank should, as part of its due diligence, ascertain if the crypto asset service provider has documented and implemented appropriate money laundering, terrorist and proliferation financing risk management policies, procedures, systems and controls that the bank follows in respect of its own activities and product offerings. Where higher risks present themselves, an enhanced due diligence should be undertaken. A “one-size-fits-all” approach in dealing with crypto asset service providers may result in inadequate risk understanding and risk measures. The Prudential Authority has noted that this approach goes against the spirit and practice of a risk-based approach. Risks associated with crypto asset service providers constantly change and this requires banks to conduct regular risk assessments and amend their risk profiles and risk management programmes to deal with new risks that might arise. Banks need relevant and requisite technical expertise to adequately assess the risks stemming from crypto assets and service providers. If the transactional activity of a crypto asset service provider is not in line with the

initial profile the bank has of its customer, it should consider filing a suspicious or unusual activity report with the Financial Intelligence Centre (FIC). Banks must ensure that they employ appropriate detection and monitoring mechanisms to mitigate against any risks of money laundering or terrorist financing that may be introduced through crypto assets

BANKS MUST ENSURE THAT THEY EMPLOY APPROPRIATE DETECTION AND MONITORING MECHANISMS or crypto asset service providers. Banks must ensure they maintain adequate records in respect of all customer transactions for a minimum period of seven years or for a period of seven years from the date of submission of a suspicious or unusual transaction report to the FIC. In due course, crypto asset service providers will become accountable institutions and will have to comply with all the obligations imposed on accountable institutions and that may give CONTINUED ON PAGE 2


Turn static files into dynamic content formats.

Create a flipbook
BD Business Law & Tax (Oct 2022) by SundayTimesZA - Issuu