Understanding FICA Compliance in South Africa

A practical FICA compliance guide for South African businesses covering customer due diligence, risk-based checks, record keeping, reporting duties and VerifyNow verification workflows.

Start verifying View services

Understanding FICA Compliance in South Africa

VerifyNow credit-bureau boundary (2026): VerifyNow is not a credit bureau and does not provide credit information, credit scores, credit reports, affordability assessments, or loan decisions. We provide lawful identity, business, bank account and compliance verification services through authorised data suppliers. If your workflow needs credit bureau data, obtain it separately from a registered credit bureau with the required consent, authorisation, or other lawful basis.

What FICA compliance means

FICA, the Financial Intelligence Centre Act, is South Africa's anti-money-laundering and counter-terrorist-financing framework. It requires accountable institutions to understand who they are dealing with, assess risk, monitor certain relationships and keep records of the due-diligence work performed.

For most businesses, the practical challenge is operational: how do you verify identity, company details, bank details and risk signals quickly enough to onboard customers without losing audit quality?

Core FICA obligations

The exact duties depend on whether your business is an accountable institution and on your risk profile, but the common operational controls are:

Customer due diligence: identify and verify the customer before or during onboarding.
Risk-based approach: apply stronger checks where the customer, transaction, geography or product creates higher risk.
Record keeping: retain evidence of what was checked, when, by whom and what decision was made.
Reporting: escalate suspicious or unusual activity through the required reporting channels.
Training and governance: make sure staff know the process and can apply it consistently.

Where VerifyNow fits

VerifyNow does not replace your compliance officer, legal adviser or risk management programme. It supports the evidence layer of the workflow. Depending on your use case, you can run:

ID verification for South African identity checks.
Face match where selfie-to-ID-photo confirmation is needed.
AML/PEP screening for screening workflows.
Company verification for CIPC company checks.
Bank account verification for payment-detail fraud prevention.
Consumer trace or phone trace only where your lawful basis and VerifyNow terms permit the trace purpose.

A useful FICA workflow

Define the customer type: individual, company, trust, employee, supplier or counterparty.
Decide the minimum verification evidence needed for that relationship.
Run the matching VerifyNow checks from the dashboard or API.
Review mismatches and document the decision.
Retain the verification record and revisit higher-risk relationships when your RMCP requires it.

Common mistakes to avoid

Do not treat one check as a complete compliance programme. Do not run trace products for curiosity or marketing. Do not infer unsupported facts from a product result. For example, a vehicle lookup confirms vehicle specifications only; it does not prove ownership, stolen status or finance status. A bank account check is not a full credit report.

Next step

Use the services catalogue to choose the correct verification product for each FICA control, or create an account at /register and start with the checks your onboarding process needs most.