Fintech
Description
“Fintech” is defined as advanced technology firms that have the potential to transform the provision of financial services spurring the development of new business models, applications, and whose products and services are directly applicable in the delivery of financial services.
Fintech start-ups in South Africa service clients and markets specific to the South African financial services sector, and/or service the same located outside of South African legal jurisdiction, doing so from South Africa.
Market segments are broadly defined to include payments, lending, savings & deposits, Insurtech, investments, financial planning & advisory, capital raising and business-to-business technology providers.
Differentiating attributes
Fintech companies in South Africa typically focus on the payment systems and the enablement of money transfers; peer-to-peer and business lending; lending of crypto currencies; alternative funding (e.g. crowd funding); crypto currency exchanges; and others.
The main regulatory compliance aspects to be considered by prospective and current Fintech companies in South Africa include:
Consumer protection.
Data protection.
Cybersecurity.
Anti-money laundering and financial crime.
Aspects relating to registering, complying and operating a business entity under South African law in general.
Useful resources
Fintech scoping in South Africa, 2019 published by National Treasury.
FinTech in South Africa: overview, 2021 published by ThomsonReuters.
Requirements for setting up: Achieving Freedom to Operate
Any prospective business needs to undergo the decision process and activities with which to pursue normal company registration for the legal entity(ies) trading as a Fintech.
Following this, the business needs to consider the following, based on whether or not it is
Planning to
Planning to
Planning to
Render services listed as financial products regulated by FAIS
Obtain a licence to act as a financial services provider
Financial Service Provider
Provide the electronic means for parties to receive or send funds
Register as a payment service provider with PASA.
Payment Service Provider
PASA
Operate a digital bank
Obtain a banking licence from the South African Reserve Bank.
Bank licence
Digital Bank
Offer any form of lending services, including online and peer-to-peer (P2P)
Register as a credit provider
with the NRC.
Credit Provider
NRC
Provide insurance (long or short-term)
Obtain an insurance licence from the FSB,
Pay a levy to the FSB.
Insurance
Insurance brokers
Offer a platform connecting buyers and sellers of equity/securities
Obtain an exchange licence from the FSCA.
Equity Exchange
Securities trading
Source and use personal information, including digital information
Comply with the provisions of the Consumer Protection Act, 2008 and the Protection of Personal Information Act (“POPI”), 2013.
Consumer Protection
POPI Act
Ensure compliance with anti-money laundering activities by
Taking note of the criteria to be considered “an accountable institution” within the provisions of the Financial Intelligence Centre Act, 2001, (FICA).
FICA
Send money across national borders
Obtain permission from the South African Reserve Bank.
Know Your Customer (KYC) by complying with the regulations to prevent money laundering contained in the Financial Intelligence Centre Act & Amendment Bill relating to KYC.
Know Your Customer
KYC
Anti-money launder
Offer and trade in cryptocurrencies
Seek legal advice on the use of crypto assets as to the nature of the service offering, as there were no dedicated laws or regulations specifically governing the use of crypto assets at time of writing (February 2022).
Ensure compliance with anti-money laundering regulations and requirements outlined elsewhere, if dealing in crypto assets.
Crypto
Cryptocurrencies
Crypto assets
Blockchain
Use, develop and/or provide distributed ledger technology and blockchain, virtual/digital currencies, cryptocurrency exchanges and initial coin offerings (ICOs)
Monitor and study the outputs of the Intergovermental Fintech Working Group (IFWG), as South Africa’s current anti-money laundering laws don’t specifically apply to, or cover cryptoassets.
Distributed ledger
Blockchain
Digital currency
Crypto currency
IFWG
Enter into a contractual arrangement with traditional financial service providers (i.e. a bank, or an insurer)
Ensure that your partner has the necessary approvals and/or meets the applicable compliance requirements relevant to ensure its own Freedom to Operate.
Partnering with Financial Service Providers
Notwithstanding the above, Fintech companies have to comply with the normal requirements outlined elsewhere, in respect of:
-
South African company, employment and tax laws.
-
Immigration laws if employing foreign nationals in South Africa.
-
Intellectual Property laws governing innovations and inventions.
-
Exchange control policies applying not only to the movement of money, but also expatriation of intellectual property.
Pertinent Acts, Regulations and Regulatory bodies:
Financial Advisory and Intermediary Services Act (FAIS): financial services providers that render financial services in respect of a defined list of financial products are regulated by FAIS. Financial services include the furnishing of advice, buying and selling or otherwise dealing, managing, administering or servicing a financial product, collection or accounting of premiums or other monies payable by a client to a product supplier and the receiving, submitting or processing of claims. Any person that renders a financial service must obtain a licence to act as a financial services provider and are included as an accountable institution in Schedule 1 to the FIC Act. As such, they are regulated for AML/CFT purposes.
​
-
There are five categories of Financial Services Provider licences. The category of licence required will depend on the activities the institution seeks to perform.
-
Financial Services Providers that are authorised to provide the advice through an electronic medium that uses algorithms and technology without the direct involvement of a natural person, must comply with additional operational ability requirements.
National Payment System Act: payment service providers must register as a payment service provider or third party payment provider (TPPPs) with PASA. Payment service providers provide the electronic means for parties to receive or send funds, while the TPPs accept money or the proceeds of payment instructions from two or more payers for on-payment to third persons to which the money is due. In order for members to clear payment instructions there must be an understanding of the business rules, requirements and technical agreements that make clearing possible.
​
-
A non-bank may participate in the national payment system via a sponsoring arrangement with a banking entity licensed for clearing and settlement.
Banks Act: not only requires digital banks to have a banking licence with the SARB, but applies obligations concerning capital and liquidity ratios and reserve requirements.
-
Should the credit provider agree to pay back lenders at a later stage, it “may” be considered deposit taking and the platform will be subject to the requirements of the Bank Act.
-
Providers of digital wallets and e-money solutions may fall within the definition of deposit taking and be subject to the requirements of the Banks Act and E-Money position paper of 2009.
-
In terms of the Banks Act, section 6(5); banks are able to enter into outsourcing arrangements with alliance partners.
National Credit Act: All lending entities must register as a credit provider with the NCR regardless of the value or volume of funds lent. As such all online lenders and P2P lending platforms are required to register. The determination in 2016 to reduce the minimum threshold for registering as a credit provider to R0 (nil) has had implications for limiting the operations of P2P / debt-based crowd funding platforms in South Africa as each participant on the platform may be required to register as a credit provider.
Insurance Act: Insurance Company must be licenced as a short-term, long-term, micro insurer or reinsurer. Amendments in the Insurance Act allows micro-insurers to offer life and non-life insurance. Insurers will be able to offer new innovative products subject to product standards.
Financial Market Act: governs capital market activities and institutions. A platform connecting buyers and sellers of equity may be considered an exchange and need to be licenced as an exchange with the FSCA. The application process does not guarantee the approval of a licence.
Other pertinent legislation:
-
A business is required to register as an external company in terms of the Companies Act, 2008, within 20 business days after it first begins conducting business within SA.
-
Direct marketing to customers in South Africa is stringently regulated in terms of the Consumer Protection Act, 2008 and the Protection of Personal Information Act, 2013 ("POPI"). The Consumer Protection Act establishes the right of consumers and the responsibilities of product and service providers. POPI codifies the manner in which organisations can source and use entities’ personal information, including digital information.
-
Money laundering is regulated by the Financial Intelligence Centre Act, 2001, (FICA). “Accountable institutions” under law are subject to compliance requirements when accepting new customers. Not all fintechs fall into the category of “accountable institutions” making it difficult to screen transactions for potential money laundering activities.
-
South Africa still has a system of exchange control and, as a general rule, persons wishing to remit money cross-border would have to apply for permission.
-
The Financial Intelligence Centre Act & Amendment Bill governs KYC regulation to monitor money flows to prevent money laundering, the financing of terrorism and organised crime.
-
In June 2019 FATF announced a note to R.15 (new technologies) that establishes “binding measures,” which require countries to, among other things, (i) assess and mitigate risks associated with virtual asset activities and service providers; (ii) licence or register service providers and subject them to supervision; (iii) implement sanctions should they fail to comply; and, (iv) ensure that service providers implement the full range of AML/CFT preventive measures under the FATF Recommendations.