Big changes for anyone trading crypto in South Africa – especially over R5,000

 ·15 Nov 2024

The Financial Intelligence Centre (FIC) has gazetted a new directive related to crypto trades in South Africa, which aims to hold crypto asset service providers (CASPs) accountable for tracking the origin and destination of transfers.

The directive relates to the so-called “Travel Rule” of trades, and is directly tied to the Financial Action Task Force’s (FATF’s) recommendations to clamp down on crypto as a means of money laundering and terrorist financing.

South Africa is currently on the FATF’s grey list, and has been tightening regulations to root out loop holes and pathways for money laundering and terrorist financing.

The directive will come into operation on 30 April 2025.

The FIC has been consulting on the directive for years and published a draft directive on April 2024.

Broadly, the new directive is tightening regulation, and requires crypto asset service providers (CASPs) to track and verify various details on both sides of a trade and ensure there is full information from origin to destination.

This applies to ordering CASPs (origin accounts), receiving CASPs (destination accounts) and even intermediary CASPs who manage the transaction all along the chain.

Before South Africa authorities switched positions on crypto assets in 2021, cryto trades were unregulated and outside the various laws put in place to track illicit activities. However, in 2024, crypto assets are taxable, and trades are becoming increasingly regulated.

The directive

According to the FIC, under the directive, ordering CASPs must transmit identifying data to the receiving CASPs, concerning the originator of a qualifying transfer (ie, the sender) and the receiver (ie, beneficiary). This includes details such as:

  • Full name (or registered name if a legal person);
  • Identity number (if a South African citizen or resident) or passport number or foreign national identity number, and date of birth, if the originator is not a South African citizen or resident;
  • Residential (or registered) address, if such an address is readily available, or country of birth, if the residential address is not readily available;
  • The originator’s distributed ledger address associated with the transfer, if the transfer is registered on a network using distributed ledger or similar technology; and
  • The originator’s crypto asset account number with the ordering crypto asset service provider, if such an account is used to process the transaction, or a unique transaction reference number, if such an account number is not available.

The ordering CASP also needs to supply information about the destination or beneficiary, including their full name, distributed ledger address, and the crypto asset account number to the receiving CASP.

The directive puts the onus squarely on CAPS to do the due diligence on trades and to ensure that they do not involve bad actors—if they cannot verify information, the trade should not be allowed.

With intermediary CASPs, they must also ensure that all originator and beneficiary information that pertains to a cross-border or domestic crypto asset transfers is transmitted to the receiving CASP (or other intermediary CASP in the chain).

A recipient CASP must also take reasonable measures to identify transfers that lack required information, which may include post-event monitoring or real-time monitoring where feasible, the FIC said.

Transfers under R5,000

The FIC sets a R5,000 limit on where verification processes kick in, with caveats.

If a transfer is a single transaction of less than R5,000, the ordering CASP still has to track the details, but won’t have to verify the information—”unless there is a suspicion of money laundering or terrorist financing,” the FIC said.

If there is a suspicion of illicit activity, the ordering CASP must verify the information pertaining to the originator, it said.

Nevertheless, the same set of details must be transmitted, as a minimum:

  • The full name of the originator and beneficiary
  • The originator’s and beneficiary’s distributed ledger address associated with the transfer, if the transfer is registered on a network using distributed ledger or similar technology; and
  • The originator’s and beneficiary’s crypto asset account number with the ordering and receiving CASP, if such an account is used to process the transaction, or a unique transaction reference number, if such an account is not available.

In respect of an inward transfer that is a single transaction valued at less than R5,000 from an originator in a high-risk or other monitored jurisdiction, a recipient CASP must verify the accuracy of the beneficiary information.

What about private wallets?

The FIC said that all ordering and recipient CASPs must comply with the directive – and as such must develop risk-based policies and procedures for the treatment of crypto asset transfers that involve “unhosted wallets”.

Unhosted wallets are a type of crypto wallet where the user has exclusive control of the private keys.

Any CASP dealing with transfers from or to these wallets need to develop a process by which further information on the unhosted wallet is obtained—specifically in the case where the CASP determines that there is a higher money laundering, terrorist financing or proliferation financing risk.

The directive does not specify or dictate how this should be done, but this will be a risk factor any service provider or platform will have to determine for themselves when dealing with unhosted wallets.

The rub is that the FIC will consider any CASP that does not comply with the directive by the date of implementation non-compliant and subject to administrative sanctions.

The full directive can be read below:


Read: SARS issues major warning to 6 million taxpayers

Show comments
Subscribe to our daily newsletter