Significant changes are being ushered in by the Legal Practice Act 28 of 2014 (LPA). Most of these will take effect towards the end of 2018 when other provisions of the LPA officially come into effect. Amongst the key changes to be introduced under the LPA includes the constitution and establishment of the Legal Practice Council (LPC) together with relevant Provincial Councils (PC). The LPC is said to, amongst others, have its sight set on the regulation of the profession. In effect both the LPC and PCs will take on some of the functions which previously fell within the purview of the Law Society of South Africa (LSSA) as well as the provincial law societies. With regard to the latter and for the purposes of this article being the four regional law societies(RLS) as envisaged under Section 56 of the Attorneys Act 53 of 1979.
Brief background on the profession’ supervision of FICA
Perhaps before getting deeper into some of the key developments which impacts on the profession it is important to take a step back and look at one of the key function shared by the LSSA and the four RLS. This relates to the supervisory as well as enforcement role of or related to the Financial Intelligence Centre Act 38 of 2001 (FICA). In terms of FICA the LSSA is designated as the supervisor for the profession in terms of Schedule 2. However, since the LSSA is or was more focused on educational related initiatives of the profession the four RLS played a significant role, albeit limited, in this space. For example, the former provided extensive anti-money laundering and counter terrorist financing education to the profession via its LEAD programmes and the latter on the other hand, provided guidelines as well as manuals on how to develop internal controls as required under FICA, amongst others.
Under FICA, which was premised on the rules-based or ‘tick-box’ approach it was easier for either the LSSA and the RLS to issue manuals, guidance and or guidelines. FICA has however since underwent a significant change in that it now introduces what is called a Risk-Based Approach (RBA) to customer identification and verification. This has been introduced via the Financial Intelligence Centre Amendment Act 1 of 2017 (FIC Amendment Act). The essence of the new RBA is that it does away with the one-size fits all approach and as a result each institution, irrespective of sector, will individually have to assess its own risk exposure to money laundering and terrorist financing and as a result respond accordingly. This new change impacts both the accountable as well as the supervisory and regulatory authorities including, in the near future, the LPC and its various PCs. This then raise a question as to how should both deal with FICA as amended going forward?
Prior looking at what should be done for the profession going forward its worth reflecting on some of the concerns raised by the Financial Action Task Force (FATF) in its mutual evaluation report of South Africa, 2009. First, it was noted that the RLS did not have specific powers to impose sanctions in accordance with FICA. More often than not, the contraventions or breaches which were picked up by the RLS related mostly to or came about as a result of probing allegations around attorneys’ trust accounts. What this then shows is that previously much focus was given by the RLS to issues related to trust accounts than anything. Perhaps this is one area in which the LPC and PCs should improve upon.
The possibility of lack of AML/CFT skills and resources by the RLS was also noted by the FATF. In such cases, it was suggested and noted that the profession could tap into the resources of the Financial Intelligence Centre (the Centre) when conducting inspections. Thus, the LPC and PCs can also tap into this in order to enhance skills, expertise and leverage on the Centre’s resources during inspections.
The afore-mentioned concerns and suggestions, amongst others, demonstrated how immature the supervision of FICA was and continues to be for the legal profession. The FATF report played a significant role on the amendments to FICA as a whole. Furthermore, it triggered other developments within the legal framework pertinent to the legal profession. One key such being the proposed amendments to the Schedules of FICA. This came at an opportune moment as the LPA which amends the Attorneys Act 53 of 1979 and the Admission of Advocate Act 74 of 1964, amongst others, was set to take effect. Thus, the substitution of the Attorneys Act (name) from the Schedules (Schedule 1) for that of the LPA will be easy to effect.
Additionally, there was, previously, proposals by the legal profession that the names of all four RLS be specified in the Schedules and as a result these become designated supervisory bodies. The process to amend the Schedules is currently underway and should be mindful or married to the developments within the LPA wherein we now have the LPC and its various PCs as regulators of the profession. Should the LPC and PCs be designated as FICA supervisory bodies then there will be a need to increase their resources substantially to meet their new supervisory and enforcement roles. This is noted and supported in the 2009 FATF report.
These are just some of the concerns which were noted in relation to the legal profession. As already alluded to elsewhere in this article, the FIC Amendment Act introduces significant changes which will need a fresh approach by the LPC and PCs. Evident from the comments and submissions by the LSSA during the consultation period on the FIC Amendment Act was the fact that the profession stands in a unique position compared to other accountable institutions with regard to its legal obligations in terms of FICA. Regard was also had as to how the majority of the law firms were comprised. This then led to a repeated call by the LSSA to have the profession regulated separately from the rest. There was also a call to leave certain exemptions intact, however under the RBA this is not possible as each decision or measure employed to counter risks have to be documented and substantiated on to the supervisory authorities. Higher risk scenarios will be met by enhanced due diligence measures and lower risks by simplified measures. There is no room for complete exemption.
As alluded to before the RBA differs from the rules-based or tick box approach. Under the latter approach rules or prescribed list of requirements and how to go about comply with the same was spelt out in law. Thus, it was easier for the LSSA or either of the law societies to draw from that an issue manuals, guidelines, etc. Now under the RBA firms’ risk responses and appetites will differ one from the other. This then presents a challenge for the supervisors (i.e. LPC and PCs) on how to go about monitor compliance with the law. Furthermore, this then takes us back to the question, how should the LPC and PCs deal with the new requirements of the FIC Amendment Act going forward?
How should the LPC and PCs deal with FICA going forward?
Under the RBA wherein the discretion to choose control measures to deal with identified risks is on the hands of the accountable institutions (i.e. law firms) there are very few key things which the LPC and PCs should do and focus on. The first key important thing to do is ensure that the call for separate regulation of the profession is maintained. This should be done through, for instance, a sector-specific high-level Guidance Note for the profession. The recently issued Guidance Note 7 on the implementation of various aspects of the Financial Intelligence Centre, 2001, is too generic and financial-sector-focused and as a result it does very little justice to the interests of the profession. In any case, it is also acknowledged within that guidance that the regulatory authorities are open to issuing other industry specific guidance notes.
Secondly, and most importantly the RBA hinges on what is called a Risk Management and Compliance Programme (RMCP) as envisaged under Section 42 of the FIC Amendment Act. The RMCP is said to be the foundation and core basis towards an effective implementation of the RBA. It calls for documentation of all efforts as well as reasoning or justification behind all risks-related decisions taken. This is one key section which I submit should occupy and consume the attention of the LPC and PCs. I suggest that both should strive towards coming up with sector specific high-level guiding principles of an RMCP (or its content). These can also be taught and inculcated on legal practitioners via the now proposed Practical Vocational Training (PVT).
Thirdly, it is widely acknowledged that most practices comprise of a minimum of two practitioners at most. In such situations, there might be an issue of lack of risk management skills in general. It should be remembered that the RBA rest upon continuous risk assessments. As also acknowledged previously by the LSSA, provision should be made for risk matrix templates specific to the profession. This can be done by the regulatory authorities or alternatively by the LPC and PCs. Such matrixes are going to be instrumental and helpful to smaller firms when assessing individual risks and threats.
Finally, pursuant to the FIC Amendment Act all exemptions applicable to the legal profession has now been withdrawn. The scope of compliance for the profession has, as a result, been widen. Newer onerous provisions have to be applied by the profession as well, for example, identifying and verifying beneficial owners, Prominent Influential Persons, Legal Entities and Arrangements, continuous risk assessment and the maintenance of RMCPs, etc. The LPC and its PCs will to come up with outreach and or educational initiatives specific to the profession on these. These will require resource and expertise for the LPC and various PCs alike. Again, the regulatory authorities might be helpful in this regard.
In a nutshell, the above background as well as some of the few key suggestions outlined above are intended to get the LPC and PCs started on how to deal with the FIC Amendment Act. The profession’s approach to FICA or AML/CFT was and is still in its infancy and the focus is still much more on the regulation of legal professionals as against the public. Furthermore, the fact that its key supervisors lack enforcement and sanctioning ability adds to its challenges. It should however be noted that there are develops underway which might change this position. The formal RBA, flexible and arguably effective as it is, is still fairly new within SA’s regulatory framework and many lessons will still be learned along the way. Finally, with regard to the RBA, the devil is literally in the details which are not to entertained since risk profiles and appetites will vary, thus the reason why my suggestions are ‘high-level’.
Attorneys Act 56 of 1979
Admissions of Advocates Act 74 of 1964
Financial Intelligence Centre Act 38 of 2001
Financial Intelligence Centre Amendment Act 1 of 2017
Legal Practice Act 28 of 2014
Guidance Note 7 on the implementation of various provisions of the Financial Intelligence Centre Act, 2001
South Africa’s 2009 Mutual Evaluation Report by the Financial Action Task Force
Out with the Old and In with the New – Understanding the Legal Practice Actby Etienne Barnard, 28 October 2015 (De Rebus)