When it comes to financial crime, the warning signs are almost always there, but not always spotted in time. In South Africa’s current, tightened regulatory environment, failing to detect red flags early can expose accountable institutions to reputational, operational, and legal fallout that far outweighs the cost of vigilance.
Despite investing heavily in client due diligence processes post greylisting, many businesses are still getting blindsided by illicit behaviour that could have been detected earlier – something a lot of recent case studies are highlighting.
The need for better approaches isn’t about the obvious fraudsters, it’s about the client who looked legitimate, until a bombshell reveals their illicit shell companies. The law firm that unknowingly handled property transactions for a politically connected fixer or the broker who missed a small inconsistency in identity document (ID) verification that turned out to be a synthetic identity.
In the Spotlight
A clear example is the high-profile case of Zingai Dhliwayo, an alleged illicit gold trader who spent over R4.2 million on luxury assets – including six vehicles and two properties – in the course of just seven months. Dhliwayo had used a stolen identity since 2018 by placing his own photograph onto the ID of a 39-year old unemployed man from Mpumalanga, named Bethuel Ngobeni. With the stolen identity he had established a multimillion-rand illegal gold trading syndicate operating in Gauteng’s West Rand from 2018 to 2023.
Despite the scale of his cash purchases, none of the accountable institutions involved in the long line of transactions flagged his conduct. It wasn’t a failure of paperwork; it was a failure to spot the pattern – one that had been slowly getting redder over time. Large cash payments with no economic logic, a mismatch between lifestyle and income, and structured transactions to avoid thresholds all should have raised alarm bells but they didn’t.
Common Red Flags in Everyday Business Activities
The Financial Intelligence Centre (FIC) has issued extensive guidance around certain behavioural and transactional signs including:
- Structured cash deposits just under the R49 999.99 FIC Act (FICA) reporting threshold
- Cash refund requests after a high-value purchase
- Clients unwilling to provide standard identification documentation
- Payments from or to high-risk jurisdictions known for weak anti-money laundering (AML) and counter financing of terrorism (CFT) controls
- Unusual transactions that make no commercial or economic sense
- Goods purchased far from a client’s residential or business address
- Clients transacting in sectors unrelated to their known activity, with no history or stated rationale
Legal, Property, and High-Value Goods Sector
Criminals tend to gravitate toward legal firms, estate agents, and high-value goods dealers because they offer:- Professional legitimacy that can mask criminal intent
- Access to large transaction flows
- Relatively weaker scrutiny compared to banks
In 2024, law firm Kunene Ramapala Inc. was issued a R7.7 million fine by the FIC for failing to comply with various FICA obligations including screening clients against the targeted financial sanctions (TFS) list, developing and implementing a risk management and compliance programme and timeously submitting the risk and compliance return as per Directive 6. The Appeal Board deemed the firm’s conduct “egregious”, highlighting how non-compliance is just as serious when it’s about negligence as it is when it’s malicious.
How Can you Protect your Business?
Gathering comprehensive customer information at onboarding is incredibly important, but the real risk often lies in failing to reassess clients over time. Risk, after all, isn’t static.
A client who seemed (or was) low-risk at onboarding might become high-risk after a change in ownership, media exposure, or jurisdiction.
At nCino KYC Africa we’ve seen firsthand that dynamic, real-time risk monitoring – through identity triangulation, biometric liveness detection, and adverse media scanning – gives institutions the ability to reassess clients continuously. This is particularly important for industries prone to so-called "gatekeeper abuse", where professionals are unknowingly used to legitimise criminal transactions.
So how can institutions better protect themselves?- Automate onboarding and screening processes to reduce human error
- Use biometric and digital identity verification to detect fraud
- Monitor clients on an ongoing basis, not just at sign-up
- Be on the lookout for adverse media on clients to detect reputational risk before formal sanctions arise
- Ensure senior sign-off on high-risk clients, with evidence of enhanced due diligence
The Risk of Complacency
A common misconception is that small institutions are unlikely targets. In reality, criminals prefer smaller firms that, more likely than not, have less robust compliance systems than their bigger counterparts.
The cost of non-compliance? In South Africa, penalties range from R10 million for individuals to R50 million for corporate entities, and in serious cases, up to 15 years of imprisonment. Operational disruption – including frozen accounts or suspended licences – can also cripple a business.
In a time of heightened risk and scrutiny, these steps have become survival tools and not merely compliance boosters.
How can nCino KYC Assist?
Our seamless digital onboarding enables real-time client verification, making it simple and easy to collect and verify facial data, client identification, and required documents. To learn more about our solution, reach out to our team.
About the author:
Hawken McEwan
Hawken has over 25 years' experience in financial crime compliance, regulatory operations, banking operations, risk and change. Specialising in FICA and Anti-Money Laundering, Hawken is an FSCA approved Compliance Officer, FAIS Key Individual and an advisor to BankSETA around AML due diligence and transaction monitoring. He holds a Masters from the University of Edinburgh, a PGCE from the University of Sunderland and is a certified Anti-Money Laundering Specialist.
