top of page

Beneficial Ownership

Everything you Need to Know 

In March 2023, South Africa was placed on the Financial Action Task Force (FATF)’s “grey list” of countries with strategic deficiencies in their anti-money laundering and counter-terrorist financing (AML/CTF) regimes. This means that the FATF has identified weaknesses in South Africa’s AML/CTF regime that need to be addressed.

The above resulted that on the 29 December 2022, the South African government published the General Laws (Anti-Money Laundering and Combating Terrorism Financing) Amendment Act 22 of 2022 including amendments to the Companies Act 71 of 2008 that came into effect on 1 April 2023.

These amendments include the requirement to keep a register of Beneficial Owners updated at CIPC together with its standard compliance requirements.

What is a Beneficial Ownership?

A Beneficial owner in respect of a company, means an individual who, directly or indirectly, ultimately owns that company or exercises effective control of that company.

Here’s an example:

Let’s say Paul owns 60% of the shares in Company ABC, giving him a majority vote in company decisions and the power to appoint or remove board members. Additionally, through a chain of ownership involving a holding company, he can influence the management and strategies of Company ABC. Therefore, Paul is considered the ‘beneficial owner’ of Company ABC and his details will be on the Beneficial Ownership Register.

Who Are the Beneficial Owners?

  • Private Company ((PTY) LTD) - Individuals holding 5% or more of the issued shares.  Companies with beneficial owners holding beneficial interest of 5% or more in a subsidiary company.

  • Close Corporation (CC) - Members holding 5% interest or more of the close corporation.

  • Non Profit Company with members (NPC) - The members would be the beneficial owners.

  • Non Profit Company without members (NPC) - The directors would be the beneficial owners.

  • State-Owned Company (SOC) - Where a shareholder is a minster, the minister would be the beneficial owner.

  • Trust with beneficiaries - Although this is not required by CIPC as it's submitted to the Master of the High Court.

Why was Beneficial Ownership Regulations implemented in South Africa?

Before these new regulations, companies were not required to disclose their Beneficial Ownership or shareholding information to entities like the CIPC. These issues were treated as confidential matters and were managed internally by the company through its share register, share holder agreements and the like.

However, in response to these fresh regulations set out by the SA Government, the CIPC has made it clear that they have collaborated closely with various regulatory and law enforcement bodies to establish a system for “gathering Beneficial Ownership information with the aim of cross-referencing this information.” These regulatory and law enforcement entities encompass the South African Revenue Service (SARS), the Financial Intelligence Centre (FIC), and the Financial Sector Conduct Authority (FSCA).

The recent obligation has put companies in the spotlight, forcing them to disclose their Beneficial Ownership to the CIPC. Consequently, the era when individuals with hidden interests in a company could go unnoticed is now over. This has various consequences for anyone holding valuable assets or involved in intricate ownership arrangements. The new regulations empowers government bodies such as SARS to go through your ownership structures with a fine tooth comb and take you to task.

When is the Beneficial Ownership filing deadline at CIPC?

The deadline for submitting the first round of Beneficial Ownership register with the CIPC is 1 October 2023 (6 months after the regulation was announced). Companies have little time to finalize their ownership structures and comply with beneficial ownership requirements. Failing which they might find themselves being made an example of.

The CIPC noted that failure to file beneficial ownership information will constitute non-compliance and may result in a court-ordered administrative fine of either 10% of the non-complying company’s turnover or R1 million, whichever amount is greater.

This ads a significant burden on South African Businesses.

Fortunately, our team of specialist can assist to file Beneficial Ownership register with CIPC at minimal cost.

Search
Laetitia Hattingh

POPI Act

The POPI Act what compliance means for your business


What POPI compliance means for your business

​​​All businesses with employees, customers and suppliers must comply with POPIA, which comes into effect on 1 July 2021. Here’s a practical guide to the most important aspects.


With the commencement date of the Protection of Personal Information Act 4 of 2013 (POPI) of 1 July 2021 fast approaching, businesses should be reviewing their use of personal information to determine if it complies with the Act. It is important to understand that any business that has employees, customers and suppliers must comply with POPI when dealing with personal information. Below are a few tips on ways businesses can kick-start their compliance exercise.

  • Figure out what personal information you process and why

Under POPI, a business must be able to justify why it holds personal information based on one of the several justifications set out in POPI. This is a good opportunity for a business to assess what information it collects (whether from employees, customers, services providers or other third parties such as credit bureaus) and review whether that information is actually necessary for the purposes for which it was collected. In this regard, minimality is key – business should not collect more personal information than is required. Importantly, the term “personal information” is defined very broadly to mean any information that can be used to identify an individual person or another business entity.

  • Get rid of what you don’t need

Under POPI, a business cannot keep a record of personal information once the reason for which it was collected no longer exists, unless required by law. For example, unless required by law, a business should not keep personal information of any former supplier when the relationship has ended. Businesses should therefore check whether they are holding onto any old records of personal information that they no longer need and dispose of them in a secure manner. It is important to note that more data means more risk and it is best to purge what is not required.

  • Look at security

Correct management of personal information means appropriate security must be in place to protect it. POPI requires a business to put in place “appropriate, reasonable technical and organisational measures” to prevent loss, theft or damage to personal information. The suitability of security measures will depend on the business and the type of personal information it holds.

  • Marketing

Opt-out marketing emails and SMSs are a thing of the past under POPI. Unless a person is an existing customer, a business cannot send him or her marketing emails or SMSes without first getting consent from the person. Any request for marketing consent must include language that is set out in Regulations to POPI. Businesses should therefore review their direct marketing practices.

  • Go for the easy-wins

POPI compliance may seem like a daunting task but there are some “easy wins” when it comes to compliance. ​Basic documents used by the business will likely need updating for POPI compliance. These include company privacy policies and employee and supplier contracts. All of these documents should aid the business in proving its compliance with POPI.

[My Office News, Tech News By Wendy Tembedza for Webber Wentzel]

20 views0 comments

Recent Posts

See All

Comments


bottom of page