Latest news with #FinancialIntelligenceCentreAct
The Citizen
3 days ago
- Business
- The Citizen
Postbank responds to card cloning scam
POSTBANK has issued an urgent advisory to all social grant beneficiaries following an increase in reports of card cloning fraud. The bank is calling on affected individuals to immediately report any suspicious activity or suspected card cloning to its fraud department. This comes after an 84-year-old pensioner from Montclair lost R8400 of her grant in a suspected card cloning scam. The SUN published a story about Laurel Prangley's financial loss last week. To read more click here. Also read: Help spread the warmth with Pick n Pay's Soup for South Africa campaign Postbank has urged grant beneficiaries to report suspected fraud and unauthorised transactions directly to its fraud department, which is responsible for investigating and resolving such matters. 'Postbank has implemented a multi-layered fraud prevention framework aligned with banking industry standards and legal requirements under the Banks Act and the Financial Intelligence Centre Act. This includes card chip security, internal controls, and ongoing customer due diligence. 'The creation of robust customer awareness is also amongst the initiatives we are undertaking, given that some bank fraud incidents are perpetrated by criminals through scams that take advantage of customers,' read the statement. Prangley's daughter Rene Gleisner told The SUN that the issue was discovered in February when her husband attempted to withdraw the pension from an ATM but received a slip indicating insufficient funds. She believes the fraud may be linked to the card transition process. 'It's suspicious that this started while I was changing my mother's Sassa gold card to the new black Postbank card,' she said. The family had visited Chatsworth shopping centre early this year, where two employees believed to be Sassa officials were assisting beneficiaries with the card switchover. Also read: Pressure mounts for surveillance cameras in crime hotspot areas However, Postbank stated that it has not yet received a formal complaint from either the pensioner or her daughter. 'No formal report has been submitted to the Postbank fraud department regarding Prangley's card. As such, we cannot confirm any deactivation until the appropriate process has been followed. We have contacted the client and advised her to complete necessary documentation in line with our internal processes to enable necessary investigations,' said Postbank. Postbank said once an investigation is initiated they: Take various remedial steps including blocking the compromised card, Issue a replacement card, and safeguarding account credentials. 'These steps are guided by internal fraud protocols and customer protection measures,' Postbank said in a statement. In February, Sassa and Postbank announced the transition from the gold card to a new black card system. Postbank could not comment on whether Prangle's ID or card details had been cloned or compromised during the card migration process. 'This possibility cannot be confirmed without a formal report and investigation. However, the card migration process adheres to stringent encryption and security protocols, including Payment Card Industry Data Security Standard and chip-based security features, to mitigate cloning risks,' Postbank said. What steps are being taken to ensure the pensioner receives her next grant payment securely? Once a report is received, Postbank can implement remedial actions such as account or card blocking, issue a new card, and ensure secure disbursement of future grants. Is it possible to issue a new card with a different account number immediately? Once an investigation is initiated, Postbank takes various remedial steps including blocking the compromised card, issuing a replacement card, and safeguarding account credentials. What is the expected timeline for resolving such issues? Clients typically receive an acknowledgement and reference number within 48 hours of submitting a valid complaint. The overall resolution timeframe depends on the complexity and available evidence, but regular updates are provided throughout the process. Does the client receive updates or reference numbers during the investigation? Once a case is formally lodged, Postbank will issue a reference number and provide ongoing updates to the client throughout the investigation, in line with our customer communication protocols and conduct standards. For any suspected fraudulent activities, the public are urged to: Report to Postbank's fraud team via fraud@ Or call fraud hotline on 0800 53 54 55. Postbank advised clients who are not satisfied with the outcome of their investigation to escalate the matter to the National Financial Ombudsman. For more Southlands Sun news, follow us on Facebook, Twitter and Instagram. You can also check out our videos on our YouTube channel or follow us on TikTok. Subscribe to our free weekly newsletter and get news delivered straight to your inbox. At Caxton, we employ humans to generate daily fresh news, not AI intervention. Happy reading!
The Citizen
4 days ago
- Business
- The Citizen
Rising scam alert: Fake FICA notices and extortion tactics target bank customers
There has been a significant rise in extortion, email, and text scams (phishing) targeting banking customers in recent months. Standard Bank's Head of Fraud Risk Management, Adv. Athaly Khan, warns against the growing sophistication of these schemes, with fraudsters continually adapting their tactics to deceive individuals into sharing sensitive information. In some cases, victims are even coerced into transferring money into the fraudsters' accounts. Standard Bank offered these general tips to avoid falling victim to fraudsters: Verify authenticity: Always verify the authenticity of any app or communication claiming to be from a financial institution. Always verify the authenticity of any app or communication claiming to be from a financial institution. Do not share confidential information: Never share credentials such as PINs, passwords and one-time passwords (OTPs) with any third-party. Never share credentials such as PINs, passwords and one-time passwords (OTPs) with any third-party. Report suspicious activity: If you encounter any suspicious activity or believe you have been targeted by a scam, report it immediately to your financial institution and the relevant authorities. If you encounter any suspicious activity or believe you have been targeted by a scam, report it immediately to your financial institution and the relevant authorities. Use strong passwords: Ensure that you use strong and unique passwords for your online or digital banking platforms. Ensure that you use strong and unique passwords for your online or digital banking platforms. Enable two-factor authentication: Where possible, enable two-factor authentication for an added layer of security. Here are common tactics used by scammers in recent months and ways to protect yourself: Fake non-compliance notifications Fraudsters are exploiting the bank's need for compliance with the Financial Intelligence Centre Act (FICA). They are purporting to be the bank, sending customer's emails and SMSs, claiming that their accounts are not FICA compliant. 'Their emails and SMSs include malicious links, urging customers to click on or risk their account being blocked or closed,' Khan explained. 'Upon clicking on the link, customers may be routed to a fake login site or prompted to capture sensitive information such as their card number, expiry date, customer verification value (CVV), or One-Time-Pin (OTP). In some instances, the link may cause disruption on the customer's device, giving the fraudsters remote access and total control.' Extortion Scams Extortion scams often involve threats to harm individuals, expose sensitive personal information about them or tarnish their reputations unless a ransom is paid. 'We're increasingly seeing fraudsters impersonate respected bodies such as the South African Reserve Bank (SARB), SARS or the SAPS,' Khan explained. 'They claim to be investigating customers for serious offences, anything from fraud to money-laundering. In some schemes, victims are given a fake account number and instructed to transfer all their funds for the duration of the investigation. In others, the criminals allege they possess compromising material such as private photographs, financial records or other personal details, and demand payment in exchange for keeping it confidential.' Khan further said that these fraudsters go to extreme lengths to convince the targeted individual that they are from legitimate authorities. This includes telephone calls, emails, documents and they sometimes suggest physical meetings. 'The internet has become a prime hunting ground for fraudsters. Customers need to be wary of information they share on social media platforms as cybercriminals are becoming increasingly sophisticated in their orchestration,' Khan added. What to do if you are targeted: Stay calm, do not panic. Fraudsters often use fear to manipulate victims. Take time to verify the legitimacy of the claims. Never send money or click on a link in response to unsolicited messages. Legitimate organisations, including banks, will never ask for payments or sensitive information this way. If you believe your bank account may be compromised, contact your bank's fraud department right away. They can help you secure your account and investigate the issue. Regularly review your bank and credit card statements and report any suspicious activity. Read original story on At Caxton, we employ humans to generate daily fresh news, not AI intervention. Happy reading!
The Citizen
5 days ago
- Business
- The Citizen
The actual cost of non-compliance with Fica
'Any accountable institution, whether in property, legal, crypto or lending, is at risk if compliance lapses occur.' In the past 18 months, institutions in banking, legal, and financial services have faced steep penalties for non-compliance with the Financial Intelligence Centre Act (Fica). Some South African commercial banks have been sanctioned with fines ranging from R7.7 million to more than R50 million. These are not outliers, they reflect a clear regulatory shift toward stricter enforcement. Sameer Kumandan, MD of SearchWorks360, said that while much has been said about Fica obligations, less attention is paid to what happens when businesses fall short. 'The penalties are not limited to financial institutions. Any accountable institution, whether in property, legal, crypto or lending, is at risk if compliance lapses occur.' ALSO READ: FSCA fines 3 financial services providers R1.2 million for Fica non-compliance How Fica penalties are determined He said the type of punishment depends on the severity of the violation. Regulators apply a structured framework that considers both mandatory and discretionary factors. 'These include the nature, duration, seriousness and extent of the contravention, as well as whether the conduct was intentional, reckless or negligent. 'The regulator will also assess whether the entity gained any financial or commercial benefit from the non-compliance and if there was any remedial action taken once the issue was identified.' A business's compliance history matters too. Institutions with prior contraventions or those seen as repeat offenders can expect harsher sanctions, as can those found to have obstructed investigations or withheld key information. Fica sanctions Kumandan said sanctions range from a written caution or public reprimand to a remediation directive, restriction or suspension of business activities, and administrative fines of up to R10 million for individuals and R50 million for companies. For more serious breaches, particularly those involving an element of intent, criminal charges may be brought, with potential fines of up to R100 million or imprisonment up to 15 years. Senior managers, directors and employees involved in the breach may be held personally liable. ALSO READ: Prudential authority fines Absa R10 million for FICA non-compliance Common non-compliance issues 'Most Fica penalties stem from recurring failures such as inadequate or generic risk management and compliance programmes (RMCPs), poor customer due diligence, incomplete recordkeeping, failure to submit reports like cash threshold reports and insufficient training,' said Kumandan. 'These are not technicalities – they are central to the act and form the basis of most enforcement actions. In one case, a legal firm was fined R7.7 million for failing to implement an RMCP or train its staff. 'A financial services provider was penalised for failing to report suspicious transactions in a timely manner. These are the kinds of 'basic' oversights that now carry serious consequences.' The pressure is industry-wide He added that the uptick in enforcement isn't limited to large financial institutions. In recent months, law firms, insurers, financial advisers and crypto platforms have all faced enforcement actions. 'Fica applies across sectors and smaller firms are not immune. If you deal with money, you are accountable.' Avoiding penalties requires more than good intentions Fortunately, regulated entities have access to automated compliance platforms that facilitate the prevention of fraud, money laundering and regulatory breaches. He said these tools reduce manual oversight, simplify regulatory reporting and ensure Popia-compliant data handling. They also automate Know Your Customer (KYC)/Know Your Business (KYB) verification processes and can generate suspicious transaction and compliance reports as requested by regulators. 'One of the big selling points of automating Fica compliance is ongoing monitoring. Often, a business will conduct its due diligence at the start of a relationship with a client, only for that client to engage in illicit and illegal activities down the line. 'Ongoing monitoring helps accountable institutions to assess and manage risks continuously, during the onboarding process and throughout the business relationship. 'By tracking client profiles daily, accountable organisations keep tabs on all transactions as they happen and they are alerted to any changes that might indicate a compliance risk.' NOW READ: The risks of doing business with politically exposed persons
IOL News
6 days ago
- Business
- IOL News
How to spot and avoid banking scams: fake threats and extortion explained
Momentum Group, a prominent player in South Africa's financial services sector, has alerted the public to an alarming increase in scams leveraging the power of 'deepfake' technology. Discover the alarming rise in banking scams targeting customers through fake compliance threats and extortion tactics. Image: File photo. There has been a significant rise in extortion, email, and text scams (phishing) targeting banking customers, resulting in considerable financial and emotional distress for thousands in recent months. The growing sophistication of these schemes, with fraudsters continually adapting their tactics to deceive individuals into sharing sensitive information. In some cases, victims are even coerced into transferring money into the fraudsters' accounts. Here are common tactics used by scammers in recent months and ways to protect yourself: Fake non-compliance notifications Fraudsters are exploiting the bank's need for compliance with the Financial Intelligence Centre Act (FICA). They are purporting to be the bank, sending our customers emails and SMSs, claiming that their accounts are not FICA compliant. Their emails and SMSs include malicious links, urging customers to click on them or risk their accounts being blocked or closed. Upon clicking on the link, customers may be routed to a fake login site or prompted to capture sensitive information such as their card number, expiry date, customer verification value (CVV), or One-Time-Pin (OTP). In some instances, the link may disrupt the customer's device, giving the fraudsters remote access and total control. Extortion scams Extortion scams often involve threats to harm individuals, expose sensitive personal information about them, or tarnish their reputations unless a ransom is paid. We're increasingly seeing fraudsters impersonate respected bodies such as the South African Reserve Bank (SARB), Sars, or the SAPS. They claim to be investigating customers for serious offences, anything from fraud to money laundering. In some schemes, victims are given a fake account number and instructed to transfer all their funds for the duration of the 'investigation.' In others, the criminals allege they possess compromising material such as private photographs, financial records, or other personal details, and demand payment in exchange for keeping it confidential. These fraudsters go to extreme lengths to convince the targeted individual that they are from legitimate authorities. This includes telephone calls, emails, and documents and they sometimes suggest physical meetings. The internet has become a prime hunting ground for fraudsters. Customers need to be wary of the information they share on social media platforms as cybercriminals are becoming increasingly sophisticated in their orchestration. What to do if you are targeted Stay calm, do not panic. Fraudsters often use fear to manipulate victims. Take time to verify the legitimacy of the claims. Never send money or click on a link in response to unsolicited messages. Legitimate organizations, including banks, will never ask for payments or sensitive information this way. If you believe your bank account may be compromised, contact your bank's fraud department right away. They can help you secure your account and investigate the issue. Regularly review your bank and credit card statements and report any suspicious activity. Standard Bank encourages its customers to stay informed on the latest scams, and adopt and enable features on their banking app to help protect themselves. Khan is the head of fraud risk management at Standard Bank. PERSONAL FINANCE
Daily Maverick
16-05-2025
- Business
- Daily Maverick
Suspected crime boss Stanfield's wife, Nicole Johnson, spends R5m on Sea Point flat while in prison
Nicole Johnson, the wife of suspected organised crime boss Ralph Stanfield and herself accused of racketeering and helping run a violent criminal enterprise, bought an unbonded R5-million flat on the Atlantic Seaboard from a renowned Cape Town property developer. The transaction raises questions about the extent to which property deals remain vulnerable to money laundering, especially in a time of increased focus on estate agents and lawyers meeting anti-money laundering obligations. Investigations by amaBhungane have highlighted a legal loophole whereby developers who make direct sales without using estate agents as intermediaries seemingly do not have to be registered with the Financial Intelligence Centre (FIC) as accountable institutions. These developers, therefore, have no obligation to perform any due diligence on clients, although they do still need to report transactions they have reason to believe are suspicious. While the criminal reputation of Stanfield and Johnson precedes them, neither the conveyancers, Smith Tabata Buchanan Boyes (STBB), nor the property developer, Blok, which was directly involved in last year's sale, appear to have been put off by the couple's notoriety or the fact that Johnson purchased her Sea Point flat while in prison awaiting trial. Johnson and Stanfield, who have been charged under the Prevention of Organised Crime Act, have been held in Cape Town's Pollsmoor and Brandvlei prisons respectively since their highly publicised arrest in September 2023. They were arrested at their multimillion-rand Constantia home in Cape Town on suspicion of running a criminal enterprise, which has allegedly ensnared several senior local government officials. Collectively they face more than 100 criminal charges, including racketeering, money laundering, corruption, fraud, theft, extortion, murder, attempted murder and the illegal possession of firearms and ammunition. Some of the charges relate to their alleged involvement in a R1-billion social housing development tender fraud scheme for the construction of homes in some of Cape Town's poorest communities. Johnson runs numerous companies, including Glomix House Brokers (GHB), which the couple allegedly used to secure contracts linked to the tender. In March 2024 the National Treasury blacklisted GHB from doing business with the government for 10 years. The blacklisting was loudly trumpeted by the City of Cape Town as a major success in its fightback campaign against the construction mafia, which for years has laid siege to its infrastructure development projects. AmaBhungane has learnt that six months later, on 2 September 2024, Johnson bought a two-bedroom apartment in Sea Point from Blok, one of Cape Town's most renowned urban renewal property developers. She was able to do this while sitting in Pollsmoor as a prisoner awaiting trial. While amaBhungane is not suggesting that STBB or Blok failed to comply with any Financial Intelligence Centre Act (Fica) money-laundering reporting obligations, or that the money Johnson used to buy her flat was from the proceeds of crime, the sale shines a light on estate agents' – and potentially property developers' – compliance levels with laws to combat money laundering and terrorism financing, as well as the current difficulties the Financial Intelligence Centre (FIC) faces in ensuring such compliance and the gaps in legislation specifically designed to combat these crimes. The source of the money, as well as whether it was paid directly by Johnson from her bank account or via a third party, is unknown. Her lawyer, Luzuko Guma, did not respond to amaBhungane's email and WhatsApp requests for comment. Blok and STBB would not discuss any details of the transaction, citing client confidentiality and FIC secrecy provisions while insisting that they had complied with their obligations. As we'll see, however, what these were in the case of Blok may be somewhat unclear. The sale Since its founding in 2014 by father and son Marco and Jacques van Embden, Blok has become known for its award-winning projects, with the company specialising in high-end compact apartment developments in Cape Town's City Bowl and Sea Point. Of the company's 20 developments, it was its Eighty2 on M apartment building that caught Johnson's eye. According to the company's website, the block on Sea Point's Main Road is an 'apartment hotel… where luxury meets sustainability' and offers 'bold architectural design, energy-efficient living spaces and community-oriented features'. The majority of the apartments in the building are rented out as short-term stays. While the exact details of the transaction through which Johnson purchased her eighth-floor unit facing Lion's Head and Signal Hill are unknown, what amaBhungane has gleaned is that she paid R5,016,000 for the 77m² flat, that the purchase was unbonded and made through a cash transfer, and that the unit was registered in her name on 20 November 2024. Property records show that Johnson bought the unit from Blok's Urban Living 4, which is registered as a separate business entity and which developed the Eighty2 on M apartment building. When developing apartments, Blok appears to register separate business entities. The company's registered estate agency business, Blok Urban Apartment Living (UAL), is responsible for marketing and facilitating the sale of units in the group's different developments. In trying to unpack the transaction and determine whether the financial reporting legislation was complied with, amaBhungane looked at whether Blok is registered with the FIC as an accountable institution. Accountable? Fica compels accountable institutions to carry out in-depth know-your-client analyses, understand the nature of their clients' different business relationships, alert the FIC to any suspicious transactions and, importantly, assess, mitigate and report potential money laundering or terror financing risks their businesses may face from transactions. Compliance is crucial in the government's effort to remove SA from the global Financial Action Task Force (FATF) grey list. The FATF grey list identifies countries that have deficiencies in their legislative systems that hamper the combating of money laundering and terror financing. SA was placed on the grey list in February 2023 and in February of this year, the National Treasury announced that it aimed to have SA removed from the list by October. One of the biggest stumbling blocks in removing SA from the list is the lack of successful prosecutions of money laundering cases, as well as poor Fica compliance by certain accountable institutions. In April, the FIC complained in a press release that it was struggling to get estate agents and lawyers to comply with all important Fica risk and compliance reporting obligations. The problem is compounded by a gap in the legislation. Under Fica, estate agencies are 'accountable institutions' but property developers who sell units directly to buyers without using estate agents as intermediaries fall outside the current definitions. That gap was partially closed with the repeal of the former Estate Agency Affairs Act and its replacement in February 2022 with the Property Practitioners Act, which includes property developers that perform estate agency activities by selling their developments directly to buyers. Fica, however, still needs to be amended to include the wider definition of 'property practitioners'. Back to Blok This legal blurriness was evident in our attempts to get clarity from Blok as to what extent it had considered – or even recognised – the potential red flags of a cash sale to Johnson, a prisoner awaiting trial. STBB and Blok sidestepped detailed questions, citing Fica non-disclosure provisions and the Protection of Personal Information Act. STBB director Steven Borwick, responding on behalf of Blok, said that 'in the event that our client had incurred an obligation to report an activity associated with Ms Johnson to the FIC, it will [in] any event, be precluded … by the FIC Act from disclosing such a fact to anyone. To do so constitutes a criminal offence …' Questioned on whether Blok had any Fica responsibilities, Borwick said the specific development company, Blok Urban Living 4, was 'not an accountable institution in terms of the FIC Act'. He said STBB is registered with the FIC as an accountable institution and that the company takes its responsibilities seriously. Borwick said Blok's marketing arm, UAL, provided the company with its estate agency services, but it is not clear whether UAL was involved in the Johnson transaction and, initially at least, amaBhungane was not able to get Blok to confirm that UAL was registered with the FIC. A search of the Property Practitioners Regulatory Authority website shows that UAL is a registered estate agency. As such, Fica requires, if not Blok as a whole, then at least UAL to be registered as an accountable institution. Eventually Borwick confirmed this, noting: 'I am instructed the entity is registered with FIC, registration took place in approximately 2018. Blok will not comment on business strategy and we cannot disclose details of a specific transaction without all parties' consent. No further emails or calls will be responded to.' When amaBhungane approached the FIC with the same question, the entity threw up a bureaucratic wall, saying that its register of accountable institutions was 'not a public registry'. 'The purpose of the registry … is to facilitate [the] regulation of accountable institution compliance with the FIC Act, including with their reporting obligations, in line with the FIC's mandate. 'As such, the FIC is obliged to maintain [the] confidentiality of the regulatory information that is provided to it. Furthermore, the FIC Act provides for the protection of the confidential information which the FIC holds.' This legally questionable stance, which precludes the public from knowing whether companies are complying with their mandatory responsibility to register, helps no -one – except perhaps people like Johnson. DM
