The Prudential Authority (PA) has imposed administrative sanctions on Absa Bank Limited after identifying serious compliance failures with provisions of the Financial Intelligence Centre Act, 38 of 2001 (FIC Act).

Following a 2022 inspection conducted under section 45B of the FIC Act, the PA found that Absa had failed to adequately conduct customer due diligence (CDD) and enhanced due diligence (EDD) on several client files involving politically exposed persons (PEPs) and foreign prominent public officials (FPPOs) linked to state-owned enterprises (SOEs).

The deficiencies included:

Failure to properly conduct customer due diligence on four FPPO client files and two PEP client files relating to SOEs.
Failure to adequately perform enhanced due diligence on three domestic prominent influential persons (DPIPs) and five FPPO client files.
In addition, Absa was found to have breached FIC Act Directive 5 of 2019 by:

Not timeously attending to 8,559 automated transaction monitoring system (ATMS) alerts within the required 48-hour period.
Delays in processing non-reportable alerts and suspicious transaction reports (STRs) beyond the stipulated 15-day timeframe.

As a result of these findings, the PA imposed:

Two formal cautions not to repeat the non-compliant conduct,
A reprimand,
And a combined financial penalty of R10 million (R7 million related to CDD/EDD failures and R3 million for transaction monitoring and reporting failures).

The PA noted that Absa cooperated fully during the process and has undertaken necessary remedial actions to address the identified compliance weaknesses.

This enforcement action forms part of the Prudential Authority’s broader efforts to improve South Africa’s anti-money laundering (AML) framework, especially as the country works to exit the Financial Action Task Force (FATF) grey list.

Key Compliance Learnings

Rigorous CDD and EDD Are Non-Negotiable

Financial institutions must ensure enhanced due diligence is thoroughly performed on all high-risk clients, especially foreign PEPs and SOE-related entities.

Transaction Monitoring Alerts Must Be Timely Managed

All ATMS alerts must be reviewed and actioned within regulatory deadlines (48 hours), even where alerts are deemed non-reportable.

Suspicious Transactions Require Strict Reporting Discipline

Suspicious Transaction Reports (STRs) must be submitted within the prescribed 15-day window — delays constitute non-compliance.

Remediation Does Not Erase Penalties

Cooperation with regulators and remedial action post-inspection is expected but does not absolve institutions from financial penalties.

Continuous Monitoring and Proactive Compliance Are Essential

Institutions must proactively monitor their compliance frameworks to avoid enforcement actions, especially in South Africa’s current heightened AML environment.