Inside FICA: Lessons from the frontlines of financial crime

• Real-world cases show how criminals exploit property, banking and trade networks to move illicit funds.

• FICA compliance is about understanding risk, not simply collecting documents.

• Technology and better reporting are becoming essential tools to combat financial crime in South Africa.

Understanding FICA Compliance

Lessons from the frontlines of financial Crime in South Africa

Financial crime is often perceived as something distant, a problem confined to global banks, shadowy offshore accounts, or organised crime networks operating far from everyday businesses.

Yet the reality is far closer to home.

At a recent property industry event, Hawken McEwan, Risk Compliance Director at nCino, together with Murray Coller, Business Development Manager at nCino, unpacked the realities of financial crime in South Africa and the critical role businesses play in combating it.

Their presentation, “Navigating Financial Crime Prevention in South Africa”, provided a practical and often sobering look at how money laundering happens, why compliance with the Financial Intelligence Centre Act (FICA) matters, and how businesses can strengthen their defences.

Why financial crime happens

Money laundering and financial crime exist because criminals need ways to move, disguise and legitimise illicit funds.

Property transactions, high-value goods, trade networks and financial services are often used as channels to move money across borders and conceal its origins.

‍

“Many businesses think financial crime is something that happens somewhere else,” said McEwan.

‍

“But the reality is that ordinary businesses can become part of the chain without even realising it.”

‍

South Africa’s placement on the Financial Action Task Force (FATF) grey list highlighted weaknesses in identifying and prosecuting financial crime, particularly in areas such as sanctions monitoring and suspicious transaction reporting.

As a result, businesses across sectors, including property, legal, finance and high-value goods are now under greater scrutiny.

Case Studies: How criminal networks operate

McEwan shared several real-world examples illustrating how sophisticated and interconnected financial crime networks can be.

Global terror financing network

One case involved Nazim Saeed Ahmed, an alleged financier linked to Hezbollah who reportedly used a complex network of family members and businesses to move illicit funds across multiple countries.

According to investigations, the network used legitimate-looking industries such as:

• Diamond trading

• Art dealing

• Property investment

Family members acted as intermediaries, with companies and proxies used to obscure the true source of funds.

‍

“Transactions often appear completely legitimate on the surface,” McEwan explained. “That’s what makes financial crime so difficult to detect.”

‍

Some of the businesses connected to the network reportedly operated in South Africa, demonstrating how international criminal activity can intersect with local commerce.

Terror financing linked to Cape Town

A second case illustrated how smaller criminal networks operate locally.

A suspected ISIS-linked cell operating in Cape Town reportedly raised funds through kidnapping and extortion before moving the money across borders.

To transport the funds undetected, criminals purchased heavy mining equipment, concealed cash inside the machinery, and transported it across the border under the guise of legitimate trade.

The trucks were later dismantled, allowing the illicit funds to be extracted and redistributed.

‍

“This shows the lengths criminals will go to in order to move money,” McEwan noted.

‍

Identity fraud and illegal mining

Another example involved a syndicate leader connected to illegal gold mining operations in the West Rand.

Using a stolen identity, the suspect opened bank accounts and conducted transactions using falsified documentation.

Funds generated from illegal mining were then used to purchase:

• Residential properties

• Vehicles

• Consumer goods

Several financial institutions and businesses unknowingly facilitated transactions linked to the network.

This highlights how seemingly ordinary transactions can form part of a larger laundering operation.

Key Insights from the Presentation

Throughout the session, McEwan emphasised that FICA compliance is not about bureaucracy, it is about understanding risk.

‍

‍“The purpose of FICA is to build a complete picture of who your client is, where their money comes from and whether something doesn’t make sense.”

‍

Many businesses still treat compliance as a simple document collection exercise. But the modern regulatory framework requires far more.

The core objective is to identify suspicious activity early and report it to the Financial Intelligence Centre (FIC) so authorities can investigate further.

Understanding the FICA compliance process

Effective FICA compliance is built around several key pillars.

1. Governance and internal controls
Every accountable institution must:

• Register with the Financial Intelligence Centre

• Appoint a compliance officer

• Develop a Risk Management and Compliance Programme (RMCP)

The RMCP outlines how the organisation identifies and manages financial crime risks.

Board members and senior management ultimately carry responsibility for ensuring compliance.

2. Customer Due Diligence (CDD)
Customer due diligence forms the backbone of FICA compliance.

This process involves verifying the identity of clients before conducting business.

Businesses must confirm:

• Identity and address

• Source of funds

• Nature and purpose of the transaction

• Related parties such as directors or trustees

For companies, identifying the Ultimate Beneficial Owner (UBO) is critical. The UBO is the individual who ultimately controls or benefits from the organisation.

3. Risk assessment

Once customer information is collected, businesses must assess the risk associated with the client.

This includes screening for:

• Sanctions lists

• Politically exposed persons (PEPs)

• Adverse media coverage

Higher-risk clients may require enhanced due diligence, including deeper investigation into their financial background.

4. Ongoing monitoring
Compliance does not end once the client is onboarded. Businesses must continuously monitor transactions to identify unusual patterns.

Examples of red flags include:

• Unusual payment structures

• Large cash transactions

• Transactions inconsistent with the client’s business activities

‍

“Your gut feeling matters,” McEwan said. “If something doesn’t make sense, look closer.”

‍

5. Reporting suspicious activity

When suspicious behaviour is identified, businesses must report it to the FIC using the GoAML reporting platform.

Reporting timelines include:

• 15 days for suspicious transactions

• 5 days for terrorist property reports

• 3 days for large cash transaction reports

Failure to report suspicious activity can expose businesses to fines, reputational damage and even criminal liability.

The Role of Technology in FICA compliance

Manual compliance processes can be time-consuming and prone to error. This is where technology plays a crucial role.  

According to Murray Coller, digital compliance platforms can significantly streamline the onboarding and monitoring process.

Modern compliance solutions can automate:

• Client onboarding

• Identity verification through biometrics

• Sanctions and watchlist screening

• Ongoing monitoring of clients

Biometric verification, for example, allows businesses to confirm a client’s identity using facial recognition matched against government databases. This reduces the risk of identity fraud and document manipulation.

Automated screening systems also monitor global sanctions lists daily, alerting businesses when clients appear on updated lists.

‍

“Technology removes much of the manual burden while improving accuracy,” Coller explained.

‍

The cost of non-compliance

While compliance may appear burdensome, the risks of ignoring it are far greater.

Businesses found in breach of FICA requirements can face:

• Significant fines

• Regulatory sanctions

• Reputational damage

• Potential criminal liability

Authorities are also increasing inspections across sectors such as:

• Legal practitioners

• estate agencies

• high-value goods dealers

Regulators are actively enforcing compliance requirements as South Africa works to strengthen its anti-money laundering framework.

‍The Bigger Picture

Ultimately, financial crime prevention relies on collaboration between businesses, regulators and law enforcement.

Each suspicious transaction report contributes to a broader intelligence network used to identify criminal activity.

‍

“Every report adds another piece to the puzzle,” McEwan said.

‍

With global scrutiny increasing and regulatory expectations rising, businesses must view FICA compliance not merely as an administrative obligation but as a critical part of responsible business practice.

Bottom line

Financial crime is evolving rapidly, and South Africa’s regulatory environment is tightening in response.

The lessons from the frontline are clear: FICA compliance is not about ticking boxes or collecting documents. It is about understanding your clients, recognising risks and being prepared to act when something does not add up.

By combining strong internal processes with modern compliance technology, businesses can protect themselves while playing a vital role in safeguarding the integrity of the financial system.

CLICK HERE TO SCHEDULE A DEMO

‍