Several local and international banks have been slapped with administrative fines by the South African Reserve Bank, for weak anti-money laundering and combating of financing terrorism controls.
The banks include Investec, Absa, Standard Chartered, as well as Habib Overseas Bank.
Overall, banks were fined a total of R46.5-million.
Absa was fined R10-million for weaknesses related to their transaction monitoring. Investec received the largest fine of R20-million. This was due to their failure to implement adequate processes to screen the related parties of customers.
Meanwhile, Habib bank was fined R1-million for “inadequate controls and working methods pertaining to the reporting of suspicious and unusual transactions”, the Reserve Bank said in its banking supervision report released on Friday.
The decision to pose the penalties was not as a result of evidence that any of the banks had facilitated illegal activity the SARB said, but rather because of the weakness of their control measures.
These banks have been issued with a directive to take remedial action.
Habib Overseas Bank was the target of a fraught acquisition bid by a company with links to Gupta family associate Salim Essa.
In March, Vardospan went to court to try and force the Reserve Bank, the registrar of banks and the finance minister to clear its purchase of Habib.
Vardospan accused the regulators and treasury of dragging their feet in authorising the purchase.
The Mail & Guardian has previously reported how Vardospan concluded a share purchase deal to become the majority shareholder in Habib Bank in August last year.
The deal came shortly after the country’s four major banks closed the accounts of the Gupta family and their related companies.
Vardospan is owned by CINQ Holdings and Pearl Capital Holdings. Vardospan director Hamza Farooqui owns 100% of the shares in Pearl Capital, which has a 33.33% stake in Vardospan. Essa owns 100% of CINQ, which holds the other 66.67% in Vardospan.
The court struck down Vardospan’s attempts to force the authorities hand. Incidentally, the court’s decision came hours after President Jacob Zuma axed former finance minister Pravin Gordhan in a major Cabinet reshuffle late on March 30.
The decision on the application now rests with new finance minister Malusi Gigaba.
By Lynley Donnelly for www.mg.co.za
Employers constantly complain that labour law does not allow them to fire employees for breaking the rules. However, employers need to understand that:
• Labour law definitely does allow employers to dismiss employees.
• The CCMA has frequently upheld the dismissal of employees fired for misconduct. We have been directly involved in a great many cases where employees have been fired and, after appealing to the CCMA, have remained fired.
• It is not the firing of employees that the law has a problem with. Instead, it is unfair dismissals that result in the employer being forced to reinstate the employee and/or being forced to pay the employee exorbitant amounts of money in compensation.
• In order to be free to fire employees who deserve dismissal employers need to understand and accept the difference between fair and unfair dismissal. This is because, if the employer has an employee who is causing mayhem or is costing the employer money or is otherwise undesirable, the employer cannot afford for the employee to be reinstated. The reason for this is that it is exceptionally difficult later to dismiss or discipline an employee who has been reinstated by the CCMA or other tribunal.
So while the law does allow dismissals it also requires the employer to be able to prove that the dismissal was both procedurally and substantively fair.
“Procedurally fair” relates to whether the employee was given a fair hearing.
Whether a dismissal is “substantively fair” relates to the fairness of the dismissal decision itself rather than to the disciplinary procedures. Specifically the employer would have to show that:
• The employee really did break the rule
• The rule was a fair one
• The penalty of dismissal was a fitting one in the light of the severity of the offence. AND
• The employee knew or should have known the rule.
Properly trained CCMA arbitrators consider all the above factors together with the circumstances of each individual case in deciding if a dismissal was fair and whether the employee should stay dismissed or should be reinstated.
In the case of Mundell vs Caledon Casino, Hotel and Spa (Sunday Times 15 May 2005) the employee was dismissed for two reasons. Viz:
• She distributed a R15000 tip amongst her colleagues
• She allowed a colleague to take home five cans of cool drink
It was reported that:
• The rule requiring employees to hand in tips to management to go into a monthly kitty had not been given to Mundell
• Mundell had no way of knowing that she was not allowed to distribute the tip money herself
• The tip had been given by the client at an open gathering
• A number of managers were involved in sharing out the tip
• The cool drinks had been intended by the client for consumption by the staff
• Giving the cool drinks to the employee was not serious enough to merit dismissal
• The employer’s failure to prove that the employee knew of this rule rendered the dismissal unfair
• The employer was required to pay the employee six months remuneration in compensation.
The outcome of this case proves that the inability of employers to make dismissals stick is not primarily because of the law but rather because of the lack of labour law expertise of many employers.
By lvan lsraelstam, Chief Executive of Labour Law Management Consulting
The Deputy Minister of Justice and Constitutional Development, John Jeffery, said the country’s new Cybercrimes and Cybersecurity Bill will be tabled in Parliament soon.
The Bill has already been approved by Cabinet.
“The Bill aims to put in place a coherent and integrated cybersecurity statutory framework to address various shortcomings which exist in dealing with cybercrime and cybersecurity in the country,” stated the SA Government website.
The purpose of the Cybercrimes and Cybersecurity Bill is to:
- Create offences and prescribe penalties;
- Further regulate jurisdiction;
- Further regulate the powers to investigate, search and gain access to or seize items;
- Further regulate aspects of international cooperation in respect of the investigation of cybercrime;
- Provide for the establishment of a 24/7 point of contact;
- Provide for the establishment of various structures to deal with cybersecurity;
- Regulate the identification and declaration of National Critical Information Infrastructures and provides for measures to protect National Critical Information Infrastructures;
- Further regulate aspects relating to evidence;
- Impose obligations on electronic communications service providers regarding aspects which may impact on cybersecurity;
- Provide that the President may enter into agreements with foreign States to promote cybersecurity; and
- Repeal and amend certain laws.
How it will affect you
Michalsons law firm has published an overview of the Cybercrimes and Cybersecurity Bill, explaining why we need it and who will be affected by it. The bill is aimed at keeping South Africans safe from cybercrime and consolidates the country’s cybercrime laws into one place.
People who will be affected by the new bill include “everyone who uses a computer or the Internet”, along with:
- People involved with IT or POPI compliance;
- Electronic Communications Service Providers;
- Providers of software or hardware tools that could be used to commit offences;
- Financial services providers;
- Owners of copyrights and pirates;
- Information Security experts; and
- Anyone who owns an Information Infrastructure that Government could declare as critical.
What the bill deals with
The bill creates around 50 new offences, which are related to data, messages, computers, and networks, said Michalsons.
These offences include:
- Using personal information or financial information to commit an offence;
- Unlawful interception of data;
- Computer-related forgery and uttering; and
- Extortion or terrorist activity.
The penalties for these offences range from 1-10 years in prison or up to a R10-million fine.
The bill also aims to protect critical infrastructure of a strategic nature from interference and disruption.
This infrastructure includes that which aids in keeping the country’s security, defence, and law enforcement operational; and provides essential services.
Powers to investigate
“The Cybercrimes and Cybersecurity Bill gives the South African Police and the State Security Agency extensive powers to investigate, search, access, and seize just about anything – like a computer, database, or network,” said Michalsons.
As part of the requirements of the bill, the Minister of Police must establish a National Cybercrime Centre and a Cyber Response Committee, of which the chairperson will be the Director-General: State Security.
The Minister of Defence must also establish and operate a Cyber Command, while the Minister of Telecommunications and Postal Services must establish a Cyber Security Hub.
The functions of the Information Regulator include:
- to provide education about the Protection of Personal Information Act, for example, giving advice to data
- subjects in the exercise of their rights;
- to monitor and enforce compliance with POPI;
- to consult with interested parties;
- to handle complaints;
- to conduct research and to report to Parliament;
- to issue codes of conduct and make guidelines to assist bodies to develop codes of conduct; and
- to facilitate cross-border cooperation in the enforcement of privacy laws.
The Information Regulator will have the power to conduct investigations, order publicity of data breaches, and issue administrative fines of up to R10-million.
Regulations must be promulgated under POPI, for example, including regulations setting out the cost of making a subject access request and the prescribed standards for codes of conduct.
The announcement of a commencement date. Organisations will not be liable for fines or non-compliance for a period of 12 months from the commencement date.
If you haven’t started yet, now is the time for organisations to start or ramp up their POPI implementation efforts. Our virtual privacy lawyer, POPI Counsel, can assist with your privacy law questions and provide practical guidance through your implementation process. POPI Counsel produces legal opinions for you on demand, anytime and anywhere. Contact us for more information.
The chairperson, Pansy Tlakula, full-time members, Lebogang Stroom and Johannes Weapond, and part-time members, Tana Pistorius and Sizwe Snail, have been appointed to the Information Regulator with effect from 1 December 2016 and will serve for a period of five years.
By Nerushka Bowan for www.financialinstitutionslegalsnapshot.com