The concept of an Accountable Institution is one of the most important — and most misunderstood — in South African business compliance. Whether a business is a bank, an estate agent, a cryptocurrency platform, or a luxury goods dealer, understanding whether it qualifies as an Accountable Institution under South African law is the essential first step to meeting its legal obligations. Failure to recognise that designation — and comply accordingly — can result in serious regulatory consequences.

This guide provides a comprehensive explanation of what an Accountable Institution is, who qualifies, what obligations the designation carries, and what the most recent changes to the law mean for South African businesses.

What is FICA?

To understand what an Accountable Institution is, one must first understand the legislative framework that defines and governs the concept.

The Financial Intelligence Centre Amendment Act (FICA) is South Africa's central piece of Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) legislation. FICA governs many aspects of South Africa's financial and commercial landscape, including the identification of Accountable Institutions and the obligations that designation carries. The Financial Intelligence Centre (FIC) is the national regulatory body responsible for applying and enforcing FICA.

FICA has been amended a number of times since its original enactment in 2001, most significantly in 2017 and again in December 2022, to ensure that South Africa's AML/CFT framework remains aligned with international standards set by the Financial Action Task Force (FATF). For a detailed overview of FICA and how it operates, refer to our comprehensive guide: What is the Financial Intelligence Centre Amendment Act (FICA)?

What is an Accountable Institution?

An Accountable Institution (AI) is a business, institution, or organisation that — due to the financial or legal nature of its activities — carries a heightened responsibility towards its clients, government, and society. Accountable Institutions are classified as such because their business activities expose them to a higher risk of being used to facilitate money laundering, the financing of terrorism, or other financial crimes.

When a business is designated as an Accountable Institution under FICA, it becomes legally obligated to comply with a comprehensive set of regulatory requirements covering customer due diligence, identity verification, AML screening, record-keeping, the reporting of suspicious transactions to the FIC, and internal compliance governance.

Who Qualifies as an Accountable Institution Under FICA?

Schedule 1 of FICA sets out the full list of entities classified as Accountable Institutions. This list was significantly expanded by amendments that came into effect on 19 December 2022, which added several new categories of business in response to deficiencies identified by the FATF in its Mutual Evaluation of South Africa.

The following categories of business are currently designated as Accountable Institutions under Schedule 1 of FICA:

• Legal practitioners — including attorneys (conveyancers and notaries), as regulated under the Legal Practice Act (28 of 2014), and advocates who deal directly with members of the public
• Trust and company service providers — any person who provides services relating to the creation of trust arrangements, or the investment, safekeeping, control, or administration of trust property
• Estate agents, as defined in the Estate Agency Affairs Act (112 of 1976)
• Authorised users of an exchange, as defined in the Financial Markets Act (19 of 2012)
• Collective investment scheme managers registered under the Collective Investment Schemes Control Act (45 of 2002), excluding managers who only conduct business under Part VI of that Act
• Banks carrying on the business of a bank as defined in the Banks Act (94 of 1990)
• Mutual banks as defined in the Mutual Banks Act (124 of 1993)
• Co-operative banks as defined in the Co-operative Banks Act (40 of 2007)
• Life insurers carrying on life insurance business as defined in the Insurance Act (18 of 2017), excluding reinsurance business
• Gambling businesses carrying on a gambling activity as contemplated in the National Gambling Act (7 of 2004) for which a licence is required
• Crypto Asset Service Providers (CASPs) — any person who, as a regular feature of their business, provides crypto asset services
• Credit providers, as defined in the National Credit Act (34 of 2005), in respect of credit agreements entered into from 19 December 2022
• High-Value Goods Dealers (HVGDs) — any person who deals in goods where the business receives payment in any form to the value of R100,000 or more, whether in a single transaction or across linked transactions
• Persons carrying on the business of dealing in foreign exchange
• Persons carrying on the business of lending money against the security of securities
• Financial services providers authorised under the Financial Advisory and Intermediary Services Act (37 of 2002) to provide advice and intermediary services in respect of the investment of financial products — excluding short-term insurance and medical scheme health benefits
• Persons who issue, sell, or redeem travellers' cheques, money orders, or similar instruments
• The South African Postbank Limited, in terms of the South African Postbank Limited Act (9 of 2010)
• The Ithala Development Finance Corporation Limited
• Money or value transfer service providers, including informal providers such as hawaladars
• Payment clearing system participants
• The South African Mint Company (RF) (Pty) Ltd, in respect of transactions involving non-circulation coins in retail trade where payment equals or exceeds R100,000

The December 2022 FICA Schedule 1 Amendments: What Changed?

The December 2022 amendments to Schedule 1 represent the most significant expansion of the Accountable Institution framework since FICA's original enactment. Published in Government Gazette 47596 on 29 November 2022 and effective from 19 December 2022, these amendments were introduced as part of South Africa's concerted effort to address deficiencies identified by the FATF and avoid — and ultimately reverse — the country's greylisting.

Several entirely new categories of Accountable Institution were added, most notably:

1. Crypto Asset Service Providers (CASPs) were formally brought within FICA's regulatory framework, reflecting the global regulatory consensus that crypto assets present a meaningful money laundering and terrorist financing risk. CASPs are now required to register with the FIC, implement full KYC procedures, conduct business risk assessments, and report suspicious transactions.
2. High-Value Goods Dealers (HVGDs) were introduced as a new category, capturing any business that regularly deals in goods valued at R100,000 or more per transaction — including dealers in motor vehicles, precious metals, jewellery, art, and luxury items. The R100,000 threshold applies regardless of the payment method used, whether cash, EFT, or cryptocurrency. Importantly, a business must trade in high-value goods as a regular feature of its operations to qualify — incidental sales do not meet the threshold.
3. Credit providers acquired accountable institution status in respect of new credit agreements entered into from 19 December 2022, with no monetary threshold applicable.
4. Two Acts referenced in FICA's previous Schedule 1 were also corrected by the amendments: the repealed Attorneys Act (53 of 1979) was replaced by the Legal Practice Act (28 of 2014), and the repealed Securities Services Act (36 of 2004) was replaced by the Financial Markets Act (19 of 2012).
5. South Africa was officially removed from the FATF greylist on 24 October 2025, having completed all 22 action items in its remediation plan. However, South Africa's next FATF Mutual Evaluation is expected to begin in the first half of 2026 — meaning compliance standards for Accountable Institutions remain under active scrutiny and the obligation to maintain rigorous FICA compliance has not diminished.

What Obligations Does an Accountable Institution Have Under FICA?

Once a business is designated as an Accountable Institution, it must comply with a comprehensive set of obligations under FICA. These include:

• Registering with the Financial Intelligence Centre (FIC)
• Conducting customer identification and verification — confirming the identity of clients before conducting business with them
• Performing customer due diligence and, where required, Enhanced Due Diligence (EDD) for higher-risk clients such as Politically Exposed Persons (PEPs)
• Conducting ongoing monitoring of business relationships to detect any suspicious activity or changes in a client's risk profile
• Maintaining detailed records of all client information and transactions
• Reporting suspicious and unusual transactions to the FIC
• Appointing a dedicated compliance officer
• Developing, implementing, and maintaining a Risk Management and Compliance Programme (RMCP) that details how the AI will identify, assess, and mitigate financial crime risks
• Training employees on their AML/CFT obligations and the business's compliance procedures

How Does the Risk-Based Approach Affect Accountable Institutions?

South Africa applies a Risk-Based Approach (RBA) to its AML/CFT regulatory framework. Under the RBA, Accountable Institutions are not presented with a single, standardised compliance checklist. Instead, each AI is responsible for conducting its own risk assessment, developing a tailored Risk Management and Compliance Programme (RMCP), and submitting that programme to the FIC for approval.

The RBA means that the scope and intensity of an AI's compliance obligations will vary depending on the risk profile of its specific business and client base. A high-risk multinational bank will carry substantially greater AML/CFT obligations than a small estate agency. Accordingly, the specific tools and processes an AI requires to remain compliant — from basic identity verification to comprehensive enhanced due diligence workflows — will differ from one institution to the next.

This variance makes it essential for every Accountable Institution to conduct a thorough and honest assessment of its own risk exposure, rather than applying a generic compliance template that may leave genuine risks unaddressed.

What Are the Penalties for Non-Compliance?

The consequences of failing to comply with FICA as an Accountable Institution are serious. The FIC has broad powers to impose administrative sanctions on non-compliant businesses, and these sanctions can include substantial financial penalties. In more serious cases — particularly where non-compliance is found to have actively facilitated financial crime — criminal prosecution is possible, with the potential for custodial sentences. Non-compliance also carries significant reputational risk that can cause lasting damage to a business's client relationships and commercial standing.

Which Clients Are Affected by an AI's Obligations?

The FICA compliance obligations of an Accountable Institution extend to all clients and consumers who enter into either a single transaction or an ongoing business relationship with the AI. The categories of clients affected include natural persons acting on their own behalf, natural persons acting on behalf of another, foreign nationals, close corporations, South African companies, foreign companies, legal persons, partnerships, and trusts.

Accountable Institution Compliance Solutions for South African Businesses

As South Africa's leading provider of world-class identity verification, KYC, AML screening, and due diligence solutions, ThisIsMe gives Accountable Institutions the tools they need to meet every compliance obligation established by FICA — efficiently, accurately, and at scale. From real-time identity verification and AML risk screening to ongoing customer monitoring, our suite of solutions is designed to make FICA compliance straightforward for businesses of every size and category. To discover how we can empower your business to meet its regulatory obligations with confidence, contact our team here.