The Crypto Assets Regulatory (CAR) Working Group (WG) of the Intergovernmental Fintech Working Group (IFWG) recommend that South Africa employ a staged approach to bring crypto assets within the regulatory remit through the regulation of crypto asset service providers (CASPs).

On April 14, 2020 the Intergovernmental Fintech Working Group (IFWG) introduced its Position Paper on Crypto Assets, which aligned closely with the FATF Virtual Asset Guidelines. The paper introduced the term Crypto Asset Service Provider or CASP as a new class of regulated institutions that aligns with the FATF VASP definition. CASPs are required, according to the paper, to comply with FATF’s AML/CFT measures like FATF’s Recommendation 16 on the Travel Rule.

‍
‍
On June 11th, the IFWG released a second position paper IFWG: CAR WG Position Paper on Crypto Assets, which outlines 25 Recommendations for a revised South African policy, legal and regulatory position on crypto assets and related activities. The paper essentially provides a regulatory roadmap for South African virtual assets service providers.

‍

Note that where the FATF uses terms ‘virtual assets’ and ‘virtual asset service providers,' the South African preference is for ‘crypto assets’ and ‘crypto-asset service providers.’

‍

1. Is cryptocurrency legal in South Africa?

Yes. South Africa’s view is that crypto is a financial product and should be regulated as a financial product. The country recognizes cryptocurrencies as an investment and taxable asset, yet not as legal tender. 

(IFWG) 2020 Position Paper on Crypto Assets page 3:

“​As an interim measure, the Crypto Assets Regulatory Working Group recommends that crypto-assets be declared a financial product through the provisions of the Financial Advisory and Intermediary Services Act 37 of 2002 (the FAIS Act).

‍

‍

2. Are there AML crypto regulations in South Africa?

Yes. Section 8.4.2 of South Africa’s Intergovernmental Fintech Working Group’s (IFWG) 2020 Position Paper on Crypto Assets notes that crypto service providers will be required to register and adhere to all relevant provisions of the FIC Act, including requirements aimed at AML/CFT. 

(IFWG) 2020 Position Paper on Crypto Assets section 8.4.2:

“This will include conducting customer identification and verification, conducting customer due diligence, keeping records, monitoring for suspicious and unusual activity on an ongoing basis, reporting to the FIC any suspicious and unusual transactions, reporting cash transactions of R25 000.00 and above (or the applicable threshold at any given time), and reporting in respect of control of property that might be linked to terrorist activity or terrorist organisations. Other obligations will include developing, documenting, maintaining and implementing a Risk Management and Compliance Programme (RMCP)39, ensuring compliance with the FIC Act, and training employees related to AML/CFT compliance.”

‍

3. Is the Crypto Travel Rule mandated in South Africa?

Yes. Section 8.4.2.2 of South Africa’s Intergovernmental Fintech Working Group’s (IFWG) 2020 Position Paper on Crypto Assets says that CASPs will be required to implement Recommendation 16 (‘the travel rule’) of the FATF Recommendations.

(IFWG) 2020 Position Paper on Crypto Assets 8.4.2.2:

CASPs will be required to implement Recommendation 16 (‘the travel rule’) of the FATF Recommendations. The originating CASP should obtain, and hold, required and accurate originator information as well as required and accurate beneficiary information of the crypto asset transaction, submit this information to the beneficiary CASP or another obliged entity, and make this information available on request to the appropriate regulatory and/or law enforcement authorities. The beneficiary CASP should obtain, and hold, required and accurate originator information as well as required and accurate beneficiary information of the crypto asset transaction, and make this information available to the appropriate regulatory and/or law enforcement authorities if and when requested to do so. It is not required that this information be directly attached or encoded to the crypto asset transaction, but this information should be transmitted immediately and securely on request by the appropriate authorities.”

‍

4. Who regulates cryptocurrency in South Africa? 

The Financial Sector Conduct Authority (FSCA) is the cryptocurrency regulator in South Africa. The South African financial overseer added cryptocurrency into its regulatory oversight in June 2021. 

‍

FATF Travel Rule requirements in South Africa

‍

1. Are there licensing or registration requirements for VASPs in South Africa?

Yes. Section 8.4.2 of the Intergovernmental Fintech Working Group’s (IFWG) 2020 Position Paper on Crypto Assets, requires crypto services providers to register with South Africa’s Financial Intelligence Centre to become an “accountable institution.”

(IFWG) 2020 Position Paper on Crypto Assets: section 8.4.2

“It is recommended that Schedule 1 to the FIC Act be amended by adding CASPs to the list of accountable institutions. Therefore, all CASPs will be required to register with the FIC as an accountable institution. Once registered, all the relevant provisions of the FIC Act will become applicable to CASPs.” 

‍

2. When does the Crypto Travel Rule go into effect in South Africa?  

The Crypto Travel Rule goes into effect in South Africa in June 2022, which is when the FIC assumes a supervisory rule to ensure CASP compliance with the FIC Act. The FIC Act encompasses the crypto travel rule. Table 4, Row 3 of (IFWG) 2021 CAR WG Position Paper on Crypto Assets outlines a roadmap for implementing the proposed recommendations.

‍

‍

3. Does South Africa permit a grace period to comply with the Crypto Travel Rule?

There is no mention of a grace period to comply with the FIC Act, which comprises the crypto Travel Rule in South Africa. 

‍

{{training2="/cta-components"}}

‍

Complying with the FATF Crypto Travel Rule in South Africa

‍

1. What is the minimum threshold for the Crypto Travel Rule in South Africa?

The (IFWG) 2020 Position Paper on Crypto Assets section 8.4.2 brings crypto asset service providers in line with AML/CFT legislative requirements, which means reporting cash transactions of ZAR 25,000 (currently roughly USD 1,697) and over (or the applicable threshold.

(IFWG) 2020 Position Paper on Crypto Assets: section 8.4.2

‍[...]This will include conducting customer identification and verification, conducting customer due diligence, keeping records, monitoring for suspicious and unusual activity on an ongoing basis, reporting to the FIC any suspicious and unusual transactions, reporting cash transactions of R25 000.00 and above (or the applicable threshold at any given time), and reporting in respect of control of property that might be linked to terrorist activity or terrorist organisations. Other obligations will include developing, documenting, maintaining and implementing a Risk Management and Compliance Programme (RMCP)39 , ensuring compliance with the FIC Act, and training employees related to AML/CFT compliance.

‍

2. What personally identifiable information is required to be shared for the Crypto Travel Rule in South Africa?

South Africa’s (IFWG) 2020 Position Paper on Crypto Assets Section 8.4.2.2 aligns the personally identifiable information with FATF’s:

CASPs will be required to implement Recommendation 16 (‘the travel rule’) of the FATF Recommendations. The originating CASP should obtain, and hold, required and accurate originator information as well as required and accurate beneficiary information of the crypto asset transaction, submit this information to the beneficiary CASP or another obliged entity, and make this information available on request to the appropriate regulatory and/or law enforcement authorities. The beneficiary CASP should obtain, and hold, required and accurate originator information as well as required and accurate beneficiary information of the crypto asset transaction, and make this information available to the appropriate regulatory and/or law enforcement authorities if and when requested to do so. It is not required that this information be directly attached or encoded to the crypto asset transaction, but this information should be transmitted immediately and securely on request by the appropriate authorities.

This means, the originator CASP must share the following information with the beneficiary VASP alongside a transaction over ZAR 25,000 (currently roughly USD 1,697): 

• Originator customer’s name 
• Originator customer’s account number
• Unique identifiable information such as either a residential address, national identity number or date, and place of birth.

The beneficiary CASP must share the following recipient information with the originator CASP:

• Beneficiary customer name
• Beneficiary customer’s account number
  

‍

3. Are there differences in requirements for customer PII for cross-border transfers vs within South Africa?

Neither of the recent IFWG papers mention any of the differences in requirements for customer PII in cross-border compared to transfers within South Africa. However, ​​a framework to monitor cross-border financial flows has been set into place. The Intergovernmental Fintech Working Group (IFWG) recommended the Financial Surveillance Department of the SARB to assume the supervisory and regulatory responsibility for the monitoring of illegitimate cross-border financial flows in respect of crypto assets ((IFWG) 2020 Position Paper on Crypto Assets section 9.1.2.3). 

‍

4. What are the non-custodial or self-hosted wallet requirements in South Africa?

Only digital wallet service providers that execute control over the customers’ crypto assets are included within the scope of CASPs, according to the (IFWG) 2020 Position Paper on Crypto Assets. As South Africa follows FATF Recommendations closely, it is possible that this changes in step with FATF. 

‍

Why choose Notabene for Crypto Travel Rule Compliance in South Africa?

Notabene helps South African financial institutions and CASPs comply with the FATF’s Recommendation 16 “Crypto Travel Rule” and the FIC Act as required by the Intergovernmental Fintech Working Group (IFWG). South African VASPs can use our tools and partner integrations to: 

• Conduct customer identification and verification, 
• Perform customer due diligence, 
• Keep records, 
• Monitor for and report to the FIC suspicious and unusual activity on an ongoing basis,
• Report transactions of R25 000.00 and above, and
• Locate and report transactions that may be linked to terrorist activity or terrorist organizations as required by the FIC Act.