Combating South African financial crime with RegTech

Issue 2/3 2023 Financial (Industry), Security Services & Risk Management

Luke Machowski.

RegTech South Africa is an emerging and dynamic industry with new regulations being consistently added and the need for compliance being more important than ever. With the recent Greylist announcement of South Africa, by FATF, compliance with international standards and regulations cannot be ignored. Understanding the automation of regulations through personalised payment systems is the best way to alleviate the compliance anxiety of businesses within the financial sector.

During the FinTech Summit 2022, a panel discussion was held to discuss South Africa’s current RegTech trends, challenges, opportunities, and what we can look forward to in the future within this space. Luke Machowski, Head of Regulatory Products at Synthesis, was part of the panel discussion addressing Synthesis’s role in bringing regulation and technology together which is shared in this article.


Understanding the term ‘RegTech’ encompasses cybersecurity, data quality, compliance, and money laundering prevention that all play a part in our fight against financial crime. Using technology to create innovative ways of automating regulation processes is where Synthesis fits in. The uptake from the financial sector has been relatively low however, a spotlight has been placed in the past year on compliance with AML/CFT policies and working with FATF for better regulation practices. Special attention to updating frameworks to adopt financial sanctions and the improvement of risk-based supervision across all levels of an organisation are key areas to focus on.

Key challenges for regulators

Advancements in the RegTech space include better monitoring of reporting and personalised due diligence. The shift of regulations has allowed digital banks to grow that much faster with automated systems that make managing processes easier. Data quality plays a pivotal role in creating a business case for regulation management and processes, where the personalisation of systems contributes effectively to compliance automation.

The impact of poor national governance has definitely had its impact on regulations and regulators with a massive skills gap when it comes to understanding regulation within the IT and finance sectors. Some of the key challenges that regulators are faced with are highlighted below:

• The South African financial crisis and instability result in a lack of financial resources available for investment opportunities to automate regulation and compliance processes.

• Not having a centralised system to manage payments, especially within the financial sector, causes instability and exposes organisations to a lack of cybersecurity and a greater threat of financial crime.

• The lack of education around regulation makes it difficult for decision-makers to understand the risk involved in non-compliance, money laundering, and other financial crime implications. Bringing onboard a regulator to map out a RegTech strategy can provide you with a risk analysis thereby addressing the risk factor. Remember having an online digital payment system exposes you to greater risk so you need to understand this risk to mitigate it.

The future of RegTech

The RegTech sector is still in the adoption stage within South Africa. Data and skills sharing are what is needed to take things to the next level. Through data sharing, data pooling, and co-operative analytics, organisations can leverage each other to do joint analysis and assess risk within the financial sector.

Stakeholder and relationship management will create a collaborative environment to succeed. Organisations need to create data literacy to grow and develop. This will enable the compliance process where data science will influence pipelines and data will be valued as an asset. Regulators will need to be involved in outlining business strategies for data elements to ensure that they fit into compliance. One thing that will always be a requirement is the need for people to be innovative. As much as technology will continue to advance and processes will be automated, the human element and excitement around creating something extraordinary will never die.

At Synthesis, our culture focuses on putting people first by getting our team excited about challenges and the problem-solving process. We use innovative strategies to join the dots between data, regulation, and technology. Synthesis has a proven track record across the full software development stack to provide our clients with the following benefits:

• Guaranteed technical superiority and value during each regulatory reporting season to bring together people, processes and tools.

• Access to functionality and features that are specialised to regulatory reporting where the cost of development is amortized across the market. This gives each user the benefit of the features without any single client paying the full cost of developing that feature themselves.

Success stories

• Tyme Bank – We got their regulatory reporting system integrated and running within 1 month and saved them 104 working days in year three of working with them. We have been getting them reporting on time ever since despite their incredible hyper-growth as a bank.

• Large Bank – Implemented a centralised FinSurv reporting solution to the SARB. This has given the client value through a seamless reporting solution across multiple channels to the client at a quality level they haven’t had before.

Synthesis uses innovative technology solutions to provide businesses with a competitive edge today. Synthesis focuses on banking and financial institutions, retail, healthcare, and telecommunications sectors in South Africa and other emerging markets.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Proactive strategies against payment fraud
Financial (Industry) Security Services & Risk Management
Amid a spate of high-profile payment fraud cases in South Africa, the need for robust fraud payment prevention measures has never been more apparent, says Ryan Mer, CEO of eftsure Africa.

How to prevent and survive fires
Fire & Safety Security Services & Risk Management
Since its launch in August 2023, Fidelity SecureFire, a division of the Fidelity Services Group, has been making significant strides in revolutionising fire response services in South Africa.

A long career in mining security
Technews Publishing Editor's Choice Security Services & Risk Management Mining (Industry)
Nash Lutchman recently retired from a security and law enforcement career, initially as a police officer, and for the past 16 years as a leader of risk and security operations in the mining industry.

Risk management: There's an app for that
Editor's Choice News & Events Security Services & Risk Management
Zulu Consulting has streamlined the corporate risk management process with the launch of Risk-IO, a web-based app designed to consolidate and guide risk managers through the process, monitoring progress as one proceeds.

Integrated information platform for risk management
Editor's Choice News & Events Security Services & Risk Management
Online Intelligence recently launched version 7 of its CiiMS risk and security platform. Speaking to SMART Security Solutions after the launch event, the company’s Arnold van den Bout described the enhancements in version 7.

Global Identity Fraud Report revealing eight-month ‘mega-attack’
Editor's Choice Security Services & Risk Management
AU10TIX recently released its Q4 Global Identity Fraud Report, with the research identifying two never-before-seen attack patterns, with the worst case involving 22 000+ AI-generated variations of a single U.S. passport.

Linking of security officers by security businesses
PSiRA (Private Security Ind. Regulatory Authority) News & Events Security Services & Risk Management
[Sponsored] By law, all security businesses are required to declare their employees to PSiRA so that they can be accounted for administratively. Failure to link employees by security businesses is a contravention of the Code of Conduct and a criminal offence.

Understanding the power of digital identity
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
The way we perceive business flourishing is undergoing a paradigm shift, as digital identity and consumer consent redefine the dynamics of transactions, says Shanaaz Trethewey.

What you can expect from digital identity in 2024
Access Control & Identity Management Security Services & Risk Management
As biometric identity becomes a central tenet in secure access to finance, government, telecommunications, healthcare services and more, 2024 is expected to be a year where biometrics evolve and important regulatory conversations occur.