At the end of a year we tend to reminisce about the goals we managed to achieve, all those obstacles we managed to overcome and even some disappointments and heartaches. In compliance 2023 was a big one. Where in 2021 we had to learn to speak the language of data privacy, 2023 was the year we had to learn to speak all things anti-money laundering. The changes that the General Laws Amendment Act 22 of 2022 (“GLAA”) brought about have run far and deep. 

The end of a year also brings about the opportunity to look ahead at the prospects that the new year will bring, some being welcomed and others more daunting. There are various opinions out there on what to expect from the new year when it comes to compliance. Here are a few of the most popular ones:

  1. Artificial Intelligence (“AI”)
  2. Forbes suggests that one of the biggest business trends for 2024 will be the use of generative AI. Even though the use of AI has distinct advantages in respect of compliance when it comes to the collection and processing of data, it also poses ethical questions and new risks. The use of AI will therefore have to form part of any comprehensive risk management policy. This will in turn require compliance professionals to collaborate across different business units in order to identify relevant risks and address them appropriately. 

  3. Cybercrime and cybersecurity
  4. Data is increasingly becoming a valuable asset and accordingly the protection thereof has become a major concern as cybercrime keeps rising. Worldwide, Business Email Compromise (“BEC”) has cost companies and individuals the most in terms of financial losses. US companies have lost $2.4 billion to these attacks in 2022 according to a report by Interpol. Locally, the spotlight has been on BEC because of several high-profile court cases and the facts of these cases demonstrate that no one is immune to BEC. Although Africa as a region has only contributed 0.75% to all reported global BEC attempts, South Africa has accounted for more than half of the cases. Cybersecurity and training of staff on cyberthreats should therefore remain a top priority for 2024.

    Other major identified cyberthreats are phishing, ransomware, banking trojans and stealers, online scams, cyber extortion, and crimeware-as-a-service.

  5. Financial crime
  6. With South Africa still being grey listed by the Financial Action Task Force (“FATF”) the aim of government, regulators, private entities, and other stakeholders will be, for the foreseeable future, to address the outstanding deficiencies highlighted in the Mutual Evaluation Report. According to the FATF’s Follow-up Report released in November 2023, South Africa has already made progress in various areas of concern and was upgraded in respect of some of the 40 Recommendations. South Africa is still rated as partially compliant in respect of five of the Recommendations: 

        • Recommendation 2 – National co-operation and co-ordination
        • Recommendation 6 – Targeted financial sanctions related to terrorism and terrorist financing
        • Recommendation 8 – Non-profit Organisations
        • Recommendation 15 – New technologies
        • Recommendation 32 – Cash couriers

    These areas will certainly be the focus in the year to come. 

  7. Regulatory enforcement
  8. 2023 saw Meta being fined a record breaking €1.2 billion by the Irish Data Protection Commission for non-compliance with the European Union’s General Data Protection Regulation. Our own regulator, the Information Regulator of South Africa, issued its very first fine to the Department of Justice and Constitutional Development. This trend is set to continue in 2024 as regulators not only look towards heightening their supervision efforts, but also due to the industries they oversee constantly evolving. 

    And this goes for all regulators, not just those in the data privacy space. The changes brought about by GLAA affects the Companies and Intellectual Property Commission (CIPC), the Master of the High Court, The Department of Social Development, the Financial Intelligence Centre, and other supervisory bodies in terms of the Financial Intelligence Centre Act. These regulators will work towards refining the application of and enforcing these changes to ensure that South Africa is removed from the FATF grey list as soon as possible. South Africa is due to report back to FATF by October 2024 about further progress made on the outstanding issues.

    There are a few other suggestions about compliance trends for 2024 out there: cryptocurrency, environmental, social and governance factors, labour relations, etc.

Do you need guidance in managing your financial risks and establishing the appropriate accounting treatment? We’d love to connect with you. Contact Dale Petersen on 021 819 7802 or at dpetersen@wauko.com.

references: