Guidance Note 8 is issued under section 4(c) of the Financial Intelligence Centre Act, 2001 (FIC Act) and supports compliance with the Directive 1 of 2022. It aligns South Africa’s national payment system practices with international standards established by the Financial Action Task Force (FATF) for the traceability of electronic funds transfers. The note complements the FIC Act, the Prevention of Organised Crime Act (POC Act), and the Protection of Constitutional Democracy Against Terrorist and Related Activities Act (POCDATARA Act).

This guidance is authoritative and must be considered when implementing compliance programmes. If an institution does not follow it, it must be able to demonstrate equivalent compliance. Non-adherence may result in enforcement action.

Application of Directive 1 of 2022

The Directive applies to accountable institutions acting as ordering, intermediary, or beneficiary financial institutions in both domestic and cross-border transfers. It covers all qualifying electronic funds transfers, including those between separate clients of the same institution and those processed in batches (such as serial and cover payments). The directive applies to transactions within, into, or out of South Africa but has no extraterritorial effect.

Customer Due Diligence (CDD) & Verification Requirements

All accountable institutions must integrate the directive’s obligations into their existing Risk Management and Compliance Programmes (RMCPs). Before executing a transaction, institutions must conduct CDD in line with the FIC Act, especially for single transactions of R5,000 or more. For cross-border transfers exceeding R10,000, institutions must verify the accuracy of originator and beneficiary information.

Although transactions below R10,000 are not subject to mandatory verification under the directive, the FIC encourages institutions to capture verified information wherever possible. This enhances data quality and strengthens oversight. If a transaction is linked to a high-risk jurisdiction or suspicion of financial crime, verification becomes mandatory regardless of the amount.

Record-Keeping & Information Inclusion

All ordering, intermediary, and beneficiary institutions must retain information required under Directive 1 of 2022, in compliance with the FIC Act. Ordering institutions must include in the payment message:

• Full name and account number or a unique customer identifier for the originator

• Beneficiary’s name and account number

The guidance outlines when unique customer identifiers may be used, stressing that they must be consistently applied, traceable, and not recycled. However, these do not replace identification numbers and must be linked to verifiable data in the institution’s records.

Institutions must ensure systems are in place to detect incomplete transfer messages and must document how they will handle such cases (execution, rejection, or suspension). All decisions should be justified within the institution’s RMCP.

Practical Implementation

The guidance does not prescribe a specific format for including information in a transfer. Institutions may choose from methods such as SWIFT messages, QR codes, supplementary files, or file-based messaging, provided they meet traceability and compliance objectives.

Transfers between South Africa and Common Monetary Area (CMA) countries (e.g., Lesotho, Eswatini, Namibia) are treated as cross-border and must comply with the directive. Institutions are urged to use full names for natural persons and registered names for legal persons in all cases.

Sanctions Screening & Suspicious Activity

Institutions must screen all transfers (domestic and cross-border) against the Targeted Financial Sanctions (TFS) list under section 26A of the FIC Act. Transfers involving designated individuals or entities must be blocked immediately, and funds must be frozen and reported. If no funds are held, a terrorist financing activity report must be submitted.

Names like “unknown” or entries with numeric placeholders in beneficiary fields are unacceptable. These may constitute suspicious or unusual transactions and undermine South Africa’s financial integrity.

Enforcement & Institutional Feedback

Annual declarations of compliance must be submitted to the SARB by 31 March each year. These declarations must confirm that the institution’s systems and processes align with the directive and should be supported by the internal audit function.

The guidance also incorporates feedback from consultations on draft Guidance Note 102A. Among the key clarifications were distinctions between the R5,000 CDD threshold and the R10,000 verification threshold, expectations for data quality, and the limited applicability of unique identifiers.

Conclusion: WTR Compliance Integration

Guidance Note 8 provides essential detail for the practical implementation of Directive 1 of 2022 and clarifies the roles and responsibilities of accountable institutions under South Africa’s AML/CFT framework. It reinforces the FATF Travel Rule’s objective of ensuring that accurate and traceable data accompanies every electronic funds transfer, thereby supporting law enforcement and financial integrity across domestic and cross-border payment systems.