Why the Reserve Bank fined Nedbank R35m

SA has a strong and secure banking system which is governed by solid legislation, aiming to ensure a stable financial sector and payments system. The legislation safely guards depositors’ money, prevents abuse of borrowers and, indirectly, strives to keep everybody safer by making it difficult for criminals to do financial transactions.

Sometimes, legislation such as the Banks Act, the National Credit Act and the Financial Intelligence Centre Act (Fica) place a big burden of compliance on financial institutions as well as clients.

In addition, one can argue that legislation is only as good as its enforcement.

That the South African Reserve Bank (Sarb) Prudential Authority (PA) fined Nedbank R35 million for not dotting all the i’s and crossing all the t’s illustrates that authorities are strict in their enforcement of the legislation. It also underscores the need to keep the Sarb and other authorities independent.

Administrative sanctions

The Sarb issued a statement last week – a day after Nedbank announced its interim results for the six months to end June 2022 – that its Prudential Authority had imposed administrative sanctions on Nedbank and directed the bank to take remedial action following an inspection conducted in 2019 in terms of Fica.

Read: Nedbank’s interim dividend back above 2019 pre-Covid level

“The administrative sanctions were imposed because of Nedbank’s failure to comply with certain of the administrative provisions of the act,” according to the Sarb statement.

“It is important to highlight that there was no evidence of Nedbank being involved in or facilitating transactions involving money laundering or the financing of terrorism,” it adds.

“The administrative sanctions imposed in terms of section 45C(3) of the FIC Act includes, inter alia, cautions, reprimands and a total financial penalty of R35 million, of which R15 million has been conditionally suspended.”

Nedbank’s response

Nedbank explained that the compliance inspection was done more than three years ago.

“While we were disappointed with this outcome, given the effort and investment we have made in compliance over many years, it was not a surprise to us, and management and the Nedbank board have been continually updated on this matter since the inspection in 2019,” it says in a statement.

“Nedbank has paid the financial penalty of R20 million [R15 million was suspended] and acknowledged the administrative and reporting shortcomings present in 2019 which have all since been remediated.

“It is important to remember that this relates to a few administrative and reporting shortcomings identified during the Sarb inspection,” the JSE-listed bank adds.

Nedbank says it actually picked up some of the problems itself and informed the Reserve Bank of the shortcomings during the inspection.

“It is also important to note that R15 million of the total R20 million financial penalty paid related to reporting gaps that had been self-identified by Nedbank and disclosed upfront to the Sarb PA prior to their inspection in 2019 as a remediation programme was already under way to resolve these,” notes the bank.

Read: Nedbank has cut 1 in 4 branches and 16% of staff since 2015

“These related to deficiencies in certain aspects of Nedbank’s cash threshold reporting processes following the implementation of a new financial industry-wide reporting system in 2016 that resulted in the failure by Nedbank to timeously identify a number of reportable cash transactions for a limited number of clients.

“The inspection took place during May and June 2019, less than two months after fundamental amendments to the FIC Act were required to be implemented by 2 April 2019.

“The lengthy delays by government in the promulgation of the amended FIC Act had particular adverse implications for Nedbank, given the resultant extended delays in requirements definitions, which impacted the timeous finalisation of system requirements having to be contended with in conjunction with Nedbank’s comprehensive information technology transformation programme that was already well under way,” adds Nedbank, pointing out that administrative sanctions and penalties are common after a visit by the Reserve Bank’s PA.

Nedbank not the first to be fined

In September 2021, the Sarb imposed administrative sanctions on Sanlam Life (R1 million) and Fedgroup Life (R140 000) for slipping up on Fica as well.

The Sarb said it had found weaknesses in the two life insurers’ money laundering control measures following inspections conducted during 2019. These also entailed administrative shortcomings, such as keeping record of clients’ addresses.

Read: Money laundering seen a high risk threat for SA banks

In December 2019, four banks received fines for similar offences, namely Standard Bank (R30 million), GroBank (R5 million), Ubank (R500 000) and the Johannesburg branch of the Bank of China (R2 million). HBZ Bank received a warning.

Problems

Sarb listed the following problems following the inspection at Nedbank:

• Nedbank failed to comply with its risk management and compliance programme in properly applying a risk-based approach across its business clusters, applying enhanced due diligence controls and rating its clients for risk.
• Nedbank failed to comply with its record-keeping obligations in terms of sections 22, 23 and 24 of the FIC Act. These sections deal with keeping old financial records.
• Nedbank failed to comply with its cash threshold reporting obligations in terms of Section 28 of the FIC Act. The bank failed to report “a significant number of” cash transactions that exceeded the threshold of R24 999.99.
• Nedbank was unable to timeously determine when a transaction was reportable in terms of legislation.
• Nedbank failed to comply with its anti-money laundering and counter financing of terrorism governance-related obligations in that it was unable to evidence that senior management approval was obtained for its customer due diligence requirements prior to implementation.

Compliance

Nedbank’s compliance department explained to Moneyweb that when Nedbank establishes a business relationship with a client, it is obliged to assess the potential money laundering and terrorist financing risk associated with the client.

Depending on the outcome of this assessment, the bank may adjust the amount of information it requires from or about that client. The application of these reduced or increased levels of requirements is in line with the legislated risk-based approach to managing risk.

There were two instances where Nedbank did not have the required documentation (such as proof of address) for previous clients.

It noted that these records were compliant with Fica prior to the regulations a few months earlier.

In essence, the strict inspection and big penalties are a good reminders of the efforts to keep SA banks safe and sound.