FSCA update on roll-out and implementation of cross-sectoral conduct of business return for financial institutions
The FSCA has published its ‘Update on roll-out and implementation of cross-sectoral Conduct of Business Return for financial institutions’. The stakeholder feedback has highlighted a number of important factors that require further consideration and broader consultation to ensure a more streamlined, efficient and effective conduct reporting framework in the longer term. Key themes emerging from stakeholder feedback include:
- Structure, format and functionality of the reporting template
- Training and implementation guidance
- Reporting process challenges
- FSCA’s authority relating to the scope of data being requested
- Data collection challenges
- Frequency of reporting
- Definitional clarity
- Confidentiality of reported information
he FSCA is finalising a consultation survey to obtain deeper insights on the potential operational and systems impact of future Omni-CBR reporting. During the first half of 2024, work will continue on the phase 1 and phase 2 activities described in the roadmap, targeting the following timeframes:
- Continuing with follow up industry engagements to clarify outstanding issues raised in respect of the current version of the draft Omni-CBR template until 1 April 2024.
- Publishing a revised, streamlined version of the draft Omni-CBR template by 1 July 2024.
- Publishing an industry survey on the potential operational and systems impact of implementing the revised Omni-CBR requirements by 1 July 2024.
Final Joint Standard 1 of 2023 IT Governance and Risk Management
The Prudential Authority (PA) and FSCA published the final Joint Standard, which commences on 15 November 2024. This Joint Standard applies to the following types of financial institutions:
- Insurers
- Banks
- Managers of Collective Investment Schemes
- Discretionary FSPs
- Administrative FSPs
- Market infrastructure
The Joint Standard sets out the requirements for information technology (IT) risk management that financial institutions must comply with in line with sound practices and processes in managing IT risk. The requirements covered in this standard include:
- IT strategy
- IT risk management framework, with oversight requirements
- IT service management policies, standards, processes and procedures (framework) requirements
- Requirements relating to the handling of sensitive or confidential information
- IT programme and/or project management
- Certain notification and reporting
- Requirement for the control functions and/or external assurance providers to have the capacity to independently review and provide objective assurance of compliance with all IT related activities
- Requirement relating to IT resilience and business continuity
Tabled in Parliament: Joint Standard on Cybersecurity and Cyber Resilience Requirements
The Joint Standard on Cybersecurity and Cyber Resilience Requirements was tabled in Parliament early December 2023. The Joint Standard needs to be tabled in Parliament for a period of at least 30 days while Parliament is in session. Parliament stood down on 8 December 2023 and will reconvene in February 2024. The commencement date will be at a date to be determined by the Authorities through a notice published on their websites.
The Joint Standard sets out the minimum standards for sound practices and processes of cybersecurity and cyber resilience for categories of specified financial institutions. It also seeks to ensure that these financial institutions implement processes and have tools and technology which will prepare them for cyber-attacks as well as respond to and recover from such attacks.
This Joint Standard applies to the following financial institutions:
- Insurers
- Banks
- Managers of Collective Investment Schemes
- Category I FSPs
- Discretionary FSPs
- Administrative FSPs
- Market infrastructure
- OTC derivative provider
- Retirement Funds
- Section 13B Administrators
FSCA Communication 36 of 2023 (RF): Exemption from using certain prescribed formats for preparing financial statements
The FSCA has published Communication 36 of 2023 Exemption from using certain prescribed formats for preparing financial statements under section 15 of the Pension Funds Act, 1956 – audit reports, together with RF Notice 26 of 2023. This Communication and Notice addresses the misalignment between the amendments made to Regulation 28 of the Pension Funds Act and the prescribed format of the annual financial statements. BN 77 Notice will be replaced with a Prudential Standard Requirements related to Regulatory Reporting and Audited Financial Statements for Pension Funds, which was published for comments on 9 November 2022. This Prudential Standard will align to the recent amendments to Regulation 28. However, until this Prudential Standard is finalised there will be misalignment between the amended Regulation 28 and the reporting requirements prescribed in BN 77.
This misalignment creates a challenge from an auditor reporting perspective and therefore the FSCA has published the following exemptions:
- The FSCA provides for the exception relating to infrastructure reporting through an exemption in terms of which funds are not required to complete Schedule IB1 contained in BN 77 on the condition that they complete Annexure A to FSCA RF Notice 26 of 2023 titled “Assurance Report on Compliance with Regulation 28 of the Pension Funds Act”.
- It exempts funds from the requirement to complete Schedule D, on the condition that funds complete the IRBA Auditor’s Report, as approved and amended by IRBA from time to time.
The exemptions only apply for the preparation of financial statements in respect of a financial year that ends after 31 December 2022.
- For any financial year that ends before 31 December 2022, the IRBA’s illustrative “Assurance Report on Compliance with Regulation 28 of the Pension Funds Act” will still apply as an alternative to Schedule IB.
- The exemption notice replaces FSCA RF Notice 5 of 2020 and will be valid pending the finalisation of Prudential Standard currently under development, which will ultimately replace BN 77.
FSCA Prudential Standard – Regulation 28 reporting requirements for pension funds and FSCA Communication 31 of 2023
Prudential Standard 1 of 2023, published on 4 November 2022, changed the “exception reporting” approach as per the current Board Notices to an approach where pension funds report on assets held in compliance with Regulation 28 (holistic reporting), infrastructure and ESG. However, the public raised concerns in their comments on the change in approach, timing pressures as well as some of the specific proposed reporting obligations.
The FSCA therefore decided to remove the requirement to report on assets held in compliance with Regulation 28, as well as the requirement to report on infrastructure and ESG, from Prudential Standard 1 of 2023. They will proceed with submitting the draft Prudential Standard to Parliament, expected imminently.
Concurrently, the FSCA will start consulting on the draft holistic reporting Prudential Standard, which was published on 14 November 2023 for comment.
Draft Governing Rules for the National Financial Ombud Scheme South Africa
The National Financial Ombud Scheme (NFO) is an amalgamation of the Credit Ombud Association, the Ombudsman for Banking Services, the Ombudsman for Long-term Insurance and the Ombudsman for Short-term Insurance (“collectively referred to as Predecessor schemes”). This was done in response to the World Bank’s recommendation to consolidate the existing ombud system into a new, independent single scheme covering the entire financial sector. The FAIS Ombud and Office of the Pension Funds Adjudicator (OPFA) are excluded, for now, from the NFO.
One of the requirements of the Financial Sector Regulations Act is that an industry ombud scheme, like the NFO, needs to have governing rules in place. Accordingly, the proposed governing rules of the NFO have been published for consultation and include:
- The Rules of the Predecessor schemes will be applied to existing Complaints, and Complaints received from 1 March 2024, will be dealt with in accordance with the Rules of the NFO.
- Enforcement mechanisms are available to the NFO for non-compliance with these Rules, which include publishing the facts of the non-compliance.
- The availability and contact details of the NFO must be communicated to consumers, including the public, through a participant’s website and premises.
- The NFO will be funded based on its Board-approved funding model, which includes participants’ membership fees, case fees, or both.
OPFA draft policy on expedited complaints and vulnerable complainants
The OPFA has published its Draft Policy on Expedited Complaints and Vulnerable Complainants, which provides guidelines on how the OPFA will identify vulnerable complainants and complaints that may be expedited. It proposes the following guidelines will apply:
Complaints in respect of complainants that are:
- older than 65 years;
- physically or mentally challenged;
- seriously ill (life threatening);
- children who are the head of their households;
- in exceptional need of financial assistance and the expeditious resolution of the complaint has the potential to provide such assistance;
- in need of an outcome from the OPFA to make an important decision that is time sensitive, and
- non-payment of contributions by a participating employer.
Complaints relating to:
- requests for information, including benefits statements,
- the withholding of a benefit by a fund, where the accrual date is older than 12 months;
- delays in finalising a s37C allocation / distribution, where the member’s death occurred more than 24 months prior to lodging the complaint.
WHAT TO EXPECT DURING 2024
Two pot/component retirement regime legislation
The Minister of Finance recommended to Standing Committee on Finance that the implementation date be 1 September 2024, which was accepted. At the National Treasury (NT) workshop on Annexure C submissions during December 2023, NT confirmed the implementation date of 1 September 2024.
The Revenue Laws Amendment Bill (RLAB) will be considered when Parliament starts meeting again in February 2024. The amendments to the Pension Funds Act must still be tabled in Parliament, which is expected to take place during February 2024.
Conduct of Financial Institutions (COFI) Bill
The latest update from NT is that the COFI Bill is still a priority and they aiming to introduce the Bill to Parliament during Q1 2024.
Urgent Omnibus Bill
NT has received an urgent request from the FSCA and Financial Intelligence Centre (FIC) to publish an Omnibus Bill early in 2024 to address the Financial Action Task Force (FATF) recommendations.
Financial Markets Act Review
We are expecting NT to publish the Draft Bill for industry consultation sometime this year.
FSCA Interpretation Ruling [-] of 2023 (RF) on the application of Section 37C of the Pension Funds Act
This draft Interpretation Ruling was published in August 2022 and we are hoping to receive the FSCA’s feedback on this during 2024.
A framework for unclaimed financial assets in South Africa
The FSCA indicated it will be publishing its feedback this year, including responses to the submissions received and the immediate next steps. The focus, for now, will be on the reporting proposals as more data and information is required. A phased-in approach will be followed in respect of the proposals.