CIPC again gives companies a new-year headache

Shortly before the start of the December holidays, the Companies and Intellectual Property Commission (CIPC) implemented a new “identity verification and multi-factor authentication” process for director amendments.

However, numerous complaints about delays and practical issues with the process emerged from the get-go, particularly from secretarial practitioners who deal with the administration of large, listed companies.

The CIPC issued a notice on 4 December alerting customers to the change.

It said it has to exercise stringent controls and authentication processes “to mitigate the risk of unauthorised director amendments and remove vulnerabilities that enable corruption and corporate crime”.

Single-factor authentication insufficient

CIPC commissioner Rory Voller explains in the December notice that due to the increase in director amendments, and with criminal activities being prevalent, the historical “single-factor” authentication process has been challenged as a “reliable authentication control”. It is now deemed insufficient.

“The purpose of this multi-factor authentication therefore, is to provide a high level of assurance that the entity representative logging on to the CIPC system is who they say they are and have the mandate to perform the respective amendments pertaining to the entity.”

Only directors themselves will now be allowed to make amendments since they will receive one-time pin numbers (OTPs) individually.

If they cede their login details to a third-party service provider, the CIPC absolves itself of the responsibility of amendments made on the company’s account.

Noticeable slowdown

A secretarial practitioner says with the change in December there has been a noticeable slowdown in lodging amendments successfully.

This is caused by several factors, including incorrect email and cellphone contact details on the CIPC database, directors not receiving the OTPs or not responding within the specified time frame, and the role of the Department of Home Affairs.

The issue date of the filer of the amendment, and the directors’ IDs, must be verified against the data from the Department of Home Affairs.

However, the department’s systems are offline “most of the time” making it impossible to finalise the amendment, an agent told Moneyweb.

The CIPC says it has “no control” over mismatches of identification issue dates on the ID card or book and the records held by Home Affairs.

That grey list

South Africa landed on the Financial Action Task Force’s grey list in March last year because of government’s inability to comply with international standards around the prevention of money laundering, terrorist financing and proliferation financing.

Ever since then there has been mad rush to pass and implement legislation to tighten controls and add extra layers of security to get off the grey list.

This includes the passing of the General Laws (Anti-Money Laundering and Combating Terrorism Financing) Amendment Act, which amended the Companies Act, the Financial Intelligence Centre Act, the Trust Property Control Act, and the Non-profit Organisations Act.

Read:
SA to get beneficial ownership database to fight financial crime
Three more state entities to get access to confidential taxpayer information

Last year’s disastrous migration

In January last year the CIPC introduced the rather disastrous migration to its upgraded e-services and Bizportal platforms.

This was part of its efforts to implement changes required by the General Laws Amendment Act with company registrations. It was also supposed to ease doing business in SA.

However, the migration was eventually stopped and rolled back because of challenges and problems.

Read: CIPC upgrades e-services and BizPortal platforms

The South African Institute of Chartered Accountants (Saica) listed the chronology of events as follows in a notice to its members at the time:

• 9 January 2023 – CIPC communicated some initial problems with the Department of Home Affairs’ verification and customers not being able to submit new applications;
• 14 January 2023 – CIPC confirmed that there have been more issues specifically linked to foreign directors and the migration of names from the old system to the new system;
• 17 January 2023 – CIPC confirmed delays on outgoing OTPs and e-mails;
• 18 January 2023 – OTPs and emails restored;
• 20 January 2023 – the commissioner took the decision to roll back the services and migrate back to the old platforms (the CIPC systems were shut down for the weekend of 20 January); and
• 23 January 2023 – the CIPC confirmed that they have rolled back to the old e-services.

Lack of engagement

A year and a new process later, there are again problems. Private sector role players have lamented the lack of engagement when government entities change systems or processes that directly impact their businesses.

“There is just no consultation when systems are designed,” a frustrated service provider said. Practitioners want to petition the CIPC to obtain advice from experts who can either revamp or rewrite the system.

“There has been such a deluge of new compliance measures in the past year that it is just becoming so difficult to get anything done in this country,” another exasperated practitioner said.

Listen to Jimmy Moyaha’s interview with InfoDocs CEO founder Joshua Alexandre in this SAfm Market Update with Moneyweb podcast:

You can also listen to this podcast on iono.fm here.

Download the free LiSTN audio app on Google Play, Apple or here.