![CDATA[ [if IE 9] ]]>
What is an RMCP?
An RMCP documents the identified money laundering and terrorist financing risks the institution faces, and how this accountable institution will deal with these risks in their institution. An institution's RMCP must contain policy documents, and detail all the processes, systems and controls used for aspects such as customer due diligence (identification and verification of clients), record-keeping, reporting and how the risk-based approach will be applied.
Who must have an RMCP?
All accountable institutions as listed in Schedule 1 of the FIC Act.
Why an RMCP is necessary
It is a legislative requirement that accountable institutions understand their exposure to money laundering and financing of terrorism risks. An RMCP assists accountable institutions in identifying and assessing these risks to protect and maintain the integrity of their business and thereby the integrity of the financial system of South Africa. Accountable institutions must provide copies of their RMCP, if requested to do so, to their relevant supervisory body, as set out in Schedule 2 to the FIC Act.
How does an RMCP work?
An RMCP must contain the procedures on how an accountable institution will identify, assess, monitor, mitigate, and manage money laundering and terrorist financing risks. This would start with the accountable institution performing an institutional risk assessment to identify the risks they face at a business level.
Institutions must use a risk-based approach in developing their RMCP and in approaching clients. This approach gives flexibility to accountable institutions to decide what they consider to be high or low risk clients, and how to manage them,.
What happens if an accountable institution does not implement an RMCP?
Failure to implement an effective RMCP could lead to a financial penalty of up to R10 million for a natural person or R50 million for a legal person.
For further reading please refer to PCC 53 which focuses on RMCP, and Guidance Note 7. <<go back