Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS COMPANY POLICIES and PROCEDURES Contents COMPANY POLICIES and PROCEDURES. 1 Treating Customers Fairly 2 Code of Ethics 6 Code of Conduct ... Disciplinary Policy and Procedures .10 Conflict of Interest Management Policy and Procedures 31 Fit and Proper Policy... .38 Debarment Policy and Procedures .. .51 Protection of Personal Information Policy and Procedures ... .55 Whistle Blowing Policy .. .59 Personal Account Trading Policy... .63 Complaints Management Policy and Procedure.. .69 Compliance Policy .. .74 Enterprise Risk Management Policy and Framework .75 PAIA Manual .95 FICA Rules 106 CLIENT TYPE . .110 INFORMATION REQUIRED. .110 VERIFICATION DOCUMENTATION ... .110 All policies relating to Market Conduct. 128 ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Treating Customers Fairly Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Treating Customers Fairly Scope Independent Investment Solutions has adopted the Financial Services Board's framework for Treating Customers Fairly ("TCF"). TCF in essence provides a framework within which we are required to conduct business, so as to ensure the supply of appropriate financial products and services to customers and enhanced transparency, resulting in improved customer confidence and relations. This policy therefore in turn provides a framework to Independent Investment Solutions and to each employee for the fair treatment of our customers, and our management and employees are required to apply the principles of TCF in their daily tasks, irrespective of their roles. Purpose The purpose of this policy is to ensure that customers' expectations are appropriately met through sustainable business practices which are aimed at: . Enhanced customer confidence; The supply of appropriate products and services; and Total transparency when dealing with customers. Policy At Independent Investment Solutions, we understand that our customers are at the heart of our business and that the fair treatment of each and every customer is essential to our success. As part of our overall approach we are fully committed to treating our customers fairly and as such we endeavour to consistently deliver fair outcomes to our customers and take responsibility for the company and staff. We recognise that our employees, irrespective of their role, are critical to delivering a positive customer experience and ensuring our customers are treated fairly and our culture and values encourage and support our employees to deliver this. As a Financial Services Provider, we take all regulatory requirements seriously, in particular, the requirement to treat customers fairly. ---PAGE END--- Confidential Our policy is based on the following fairness outcomes: * Outcome 1: Customers who are confident that they are dealing with companies where the fair treatment of customers is central to the company culture. XOutcome 2: Our products and or services marketed and sold in the retail market are designed to meet the needs of identified customer groups and are targeted accordingly. Outcome 3: Customers are given clear and sufficient information and are kept appropriately informed before, during and after the time of contracting. x Outcome 4: Where customers receive advice, the advice is suitable and takes account of their circumstances. X Outcome 5: Customers are provided with products that perform as we have led them to expect, and the associated service is both of an acceptable standard and what customers have been led to expect. X Outcome 6: Customers do not face unreasonable post-sale barriers to change the product, switch provider, submit a claim or lodge a complaint. Procedure Our TCF culture Management and the Board TCF is considered at the highest levels of our company. The subject of TCF is a standing item on the agenda of the meeting of our Board of Directors. Business strategy TCF is considered at all stages and forms an integral part of any strategic planning processes. Employee involvement Employees are frequently encouraged to consider the TCF outcomes and continually provide feedback, concerns, observations or suggestions on how our treatment of our customers might be further enhanced. It is of utmost importance for each employee to realise and acknowledge that, notwithstanding their specific roles within Independent Investment Solutions, their actions and daily tasks will ultimately influence the customer's experience when dealing with Independent Investment Solutions, whether directly or indirectly. Interaction with customers We interact closely with our customers and target market. Our products, service and business is shaped by listening to our customers' needs and understanding what is important to them. As part of this process we become aware of any further needs that we can help with. Decision making When making decisions, of any kind, we consider the impact on our clients first. Decisions are taken in the interests of the clients. Continuous development To ensure success and provision of excellent customer service, employees receive appropriate training and are aware that TCF is at the heart of Independent Investment Solutions' culture. ---PAGE END--- Confidential Our Products and Services Management and employees are accordingly required to consider the above outcomes at all stages of their relationship with a customer and to demonstrate that they are consistently treating their customers fairly. The stages of a customer relationship can best be illustrated with reference to the typical product life cycle: Product Promotion Point Information Complaints and and Advice of after point of and claims service marketing Sale sale handling design Applying the 6 fairness outcomes, in no particular order, to the stages of the typical product life cycle, provides some specific guidelines for the fair treatment of customers: Product and service design: Products and services - and the distribution strategies chosen to bring them to market - are designed and developed for specific target markets, based on a clear understanding of the likely needs and financial capability of each customer group. Promotion and marketing: Products are marketed to specific target groups, through clear and fair communications that are not misleading and are appropriate to the target group. Advice / Intermediary services: Business units and employees need to ensure that, where advice or an intermediary service is provided, advisers are fully equipped to provide such services in a manner suitable to the needs of the customer concerned, balancing the commercial objective of increasing sales with the objectives of TCF and avoiding conflicts of interest. Point-of-sale: Business units and employees need to provide clear and fair information to enable customers to make informed decisions about transacting with the firm, its products and services. This means that product risks, commitments, limitations and charges must be transparent. Disclosure around bundled products must enable customers to understand the different components of the bundle. Information after point-of-sale: Business units and employees need to provide customers with ongoing relevant information to enable them to monitor whether the product or service continues to meet their needs and expectations, and provide acceptable levels of service for post- sale transactions or enquiries. Business units and employees must also monitor and respond to changes in the wider environment that may affect products and impact on particular groups of customers. Complaints and claims handling: Business units and employees need to honour representations, assurances and promises that lead to legitimate customer expectations. Legitimate expectations must not be frustrated by unreasonable post-sale barriers. There is a requirement for fair and consistent handling of claims and a mechanism to deal with complaints timeously and fairly. ---PAGE END--- Confidential Business units and employees should undertake to identify common underlying causes of complaints and take action to eliminate the root cause. TCF internal reporting The TCF performance measures to be discussed during management meetings are without limitation, the following: U Outcome 1 -- TCF culture: Fit and proper requirements for management, audit, risk and compliance requirements, management structures, strategy, governance and internal controls, whistle-blower protection rules, management incentives, staff training and communication; 0 Outcome 2 -- Appropriately targeted design and marketing of products and services: Product features, charging structures, product governance and approval processes, unfair terms, undesirable business practices, regimes for particular consumers such as products aimed at addressing inclusion, and marketing and advertising restrictions and standards; Outcome 3 -- Clear information: Specific disclosure obligations, disclosure standards, plain language, language policies, electronic and telephonic communications, appropriate representations; . Outcome 4 -- Suitable advice: Financial advisory obligations (primarily under FAIS), distribution models, legal relationships between intermediaries and product suppliers, management of conflicts of interest (under FAIS and more broadly), adviser remuneration; 0 Outcome 5 - Products perform as expected and acceptable service: Product and performance monitoring, ongoing communication, reasonable benefit expectations, service levels, operational ability and capacity, outsourced suppliers, business continuity, record keeping, information security, fraud risk management, succession planning; Outcome 6 - No unreasonable post sale barriers: Access to information, complaints handling, claims handling, alternative dispute resolution, product flexibility, product portability, termination charges, replacement of financial products. In evaluating performance against the above measures, the focus should not only be on the market segment or specific stage of the product life cycle that we are involved in, but should also take responsibility for ensuring that the fairness outcomes are achieved in other market segments / stages of the product life cycle where we are not directly involved. Consequences of Non-Adherence The management and staff of Independent Investment Solutions is required to adhere to this policy and disciplinary action will be taken in terms of individuals who do not comply with the requirements described in this policy. Training and Awareness All staff will receive training on the outcomes in this policy and will also be given access to this policy. Review This policy will be reviewed as and when required, but at least annually. ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Code of Ethics Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Code of Ethics Scope Maintaining the trust and confidence of all our stakeholders is the responsibility of every employee. In all of our actions, the values and associated behaviours must be applied to guide and direct the way we conduct ourselves. Purpose The purpose of this Code of Ethics Policy is to guide Independent Investment Solutions and its employees to display the highest standards of ethical conduct. The Ethics Policy outlines our core ethical values, ideals and principles. Background Ethics involve applying moral standards -- standards of good, right and fair conduct -- which are supported by values that shape the decisions and actions of individuals within the organization in the pursuit of our business objectives. Policy Independent Investment Solutions commits itself to maintaining the highest standards of competence, integrity and ethical behaviour, thereby ensuring that its reputation is beyond reproach in all its actions and activities. We recognise our obligations to all our stakeholders -- particularly shareholders, clients, employees, business partners, the authorities and the wider community and has therefore adopted principles described below. Independent Investment Solutions will monitor ethical performance continuously in order to ensure that irregular or unethical business practices are eliminated. This Ethics Policy is supported by other company policies and procedures relating to specific issues, processes and situations. Core Values and Principles ---PAGE END--- Confidential Client Centricity - we are committed to deliver customer value and placing our client's interests first. Integrity entails acting consistently with our values, i.e. to be honest, trustworthy and open, and to always act in accordance with the highest ethical standards. All employees are therefore expected to act with the highest integrity. Accountability means that we must be prepared to take responsibility for our work, make commitments, find solutions and be held accountable for delivery and results. Fairness - requires providing clients with what they have been lead to expect, before, during and after a transaction is concluded. It involves disclosure of material conflicts of interest, and managing one's own feelings, prejudices and desires to achieve a proper balance of interests. Fairness is treating others as you would want to be treated. Professionalism means that we must be honest and act transparently. We must render services of the highest standard, and act with skill, care and diligence and we must understand and comply with all applicable law, rules and regulations and the codes of conduct issued by the regulatory authorities that govern us. Competence -- mean that we will maintain the abilities, skills and knowledge necessary to provide competent professional services. Confidentiality -requires client and other personal information we may come across be protected and maintained in such a way that access is only allowed to those who are authorised or entitled, according to the laws of the Republic of South Africa. Consequences of Non-Adherence Any contravention of the Code is grounds for disciplinary action. In the interpretation of the Code, a zero- tolerance approach to fraud and corruption will be taken. Training and Awareness All staff will be given access to our code of ethics on employment and commit themselves to abide by this policy by becoming an employee of Independent Investment Solutions. Review This policy will be reviewed as and when required, but at least annually. ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Code of Conduct Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Code of Conduct Scope It is the duty of all employees to adhere to this code of conduct, to exercise due care and skill in their work, and to avoid conflicts of interest with their employer and clients. It is the general duty of Independent Investment Solutions to consider the best interests of its stakeholders, and to exercise due care and skill in strategic decision making. Purpose The purpose of this Code of Conduct is to provide a practical guide to decision making and to provide guidance in terms of expected behaviour to Independent Investment Solutions and its employees. Background The company has developed and implemented internal policies and procedures to guide, conduct and enforce compliance to minimum standards. These standards are designed to be in accordance with South African legislation, regulations and industry practices. Practical decision-making, however, often requires the balancing of competing interests, particularly when dealing with unforeseen circumstances. This means we need to balance the interests of our key stakeholders when making decisions in accordance with our values. In the event of uncertainty as to the most appropriate course of action, it is recommended that guidance should be obtained from senior management. Code of Conduct Independent Investment Solutions and its employees will endeavour to at all times Maintain executive accountability for decision making on material matters Conduct business honestly, fairly and responsibly Constantly strive to improve the quality of our products and services Protect the confidentiality of information in accordance with the law and prescribed practices Communicate and act in an open, clear, timely, honest and transparent manner ---PAGE END--- Confidential Endeavour to always treat our clients fairly Provide a healthy and safe working environment Always conduct ourselves in a professional and courteous manner Behave in a way that will result in us conducting ourselves with dignity, integrity and credibility, whether acting in a professional or personal capacity Conduct our business in an ethical and professional manner Build long term relationships based on honesty and fairness Afford suppliers of goods, services and capital fair opportunity to compete for our business on the grounds of capability, competitive pricing, quality and service. Recognise and discharge our responsibility to uphold all laws and regulations Consequences of Non-Adherence All employees are expected to be familiar with their role and duties and Independent Investment Solutions' internal policies and procedures, as failure to comply with them may be considered to be misconduct and employees may be subject to disciplinary action that could lead to dismissal. Furthermore, note that the Code of Conduct is not intended to comprise an exhaustive list of what constitutes ethical and acceptable conduct, nor is it intended to contain a comprehensive list of offences or contraventions on which Independent Investment Solutions will take appropriate legal action. Training and Awareness All employees will receive be given access to this policy on employment. In the event of uncertainty as to the most appropriate course of action, it is recommended that guidance should be obtained from senior management. Review This policy will be reviewed as and when required, but on an at least annual basis. ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Disciplinary Policy and Procedures Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Disciplinary Policy and Procedures Scope This policy applies to all staff and describes procedures to be followed in all disciplinary matters. Purpose The purpose of a disciplinary code and procedures is to regulate standards of conduct and incapacity within this organization. The aim of this policy is to facilitate the correction of unacceptable behaviour or work delivery, and adopt a progressive approach to discipline in the workplace. The objectives of this procedure are therefore the following: Assist employees to overcome poor performance and to perform to the standard expected of them Promote efficient and effective performance by employees; Enable the employer to function efficiently and effectively; and Provide guidance on appropriate disciplinary procedures. Policy Independent Investment Solutions expects all employees to conduct themselves in an appropriate manner in their day to day work, including in their dealings with colleagues, clients and other stakeholders, and shall not conduct themselves in a way that may bring Independent Investment Solutions' reputation into dispute. Where employee conduct falls short of these standards, management will attempt to resolve the matter through informal means where appropriate so that employees are given the opportunity to improve. If these actions do not provide a resolution, then the formal disciplinary procedure set out in this document should be followed. Where necessary, for business related purposes, and in situations where Independent Investment Solutions management feels the need to investigate possible misconduct, we reserve the right to intercept and examine or inspect the electronic communications, received on Independent Investment Solutions equipment, of any person who is employed by Independent Investment ---PAGE END--- Confidential Solutions or who acts on behalf of Independent Investment Solutions, or any other person to whom this Code might apply record any of our telephone lines and/or conversations of any person who is employed by us, or acts on behalf of ourselves, or any other person to whom this Code might apply. record, by video surveillance, the activities of any person who is employed by RMBSI, or acts on behalf of RMBSI, or any other person to whom this Code might apply. Independent Investment Solutions aims to deal with all disciplinary issues in a fair and consistent manner. Procedure It is the responsibility of the employer to decide when it is necessary to apply this procedure. Discipline must, wherever feasible, be applied progressively. The repeated committing of a similar or related offence will therefore usually result in progressively more severe action being taken, particularly where a clear pattern or ongoing trend is indicated by the employee's misconduct. Disciplinary action process This procedure summarizes the disciplinary action process only and must be supported by detailed documentation that must be completed. The inadequate completion of the appropriate documentation (e.g. warning forms) may render any disciplinary action taken challengeable or even unfair. The process that is generally followed in applying disciplinary action can be summarized as follows: 1. Contravention / alleged contravention Receipt of a complaint, or an observation or report of an act of misconduct may trigger corrective and/or disciplinary action. 2. Investigation The manager of the employee investigate the complaint and consider whether corrective measures and/or any disciplinary action, is appropriate. This initial process usually takes the form of an informal investigation by the relevant manager to determine whether or not the incident warrants disciplinary action. This investigation should wherever possible also entail giving the employee(s) involved an opportunity to give their own version/explanation of their behaviour. 3. Disciplinary action Types of disciplinary actions available to Independent Investment Solutions include: Verbal warning; Written warning; Final written warning; Demotion, as an alternative to dismissal only; and Dismissal After investigation, if the infringement is considered to be of a nature that does not require severe action, the Manager should counsel the employee, and / or issue an appropriate warning to the employee(s), if a warning is considered appropriate (Verbal-, written- or final warning). Conducting a hearing procedure is therefore not a pre-requisite for the issuing of a warning to an employee. A Final Written Warning is generally only imposed by a senior manager if the offence concerned was serious but did not warrant dismissal, or if an offence occurs which is similar to a previous infringement for which a written warning was already issued and has not expired. ---PAGE END--- Confidential When a serious offence possibly warranting dismissal is suspected / alleged or committed, or an offence for which a final warning is valid reoccurs, Management is generally required to conduct a formal Disciplinary Enquiry. Disciplinary Enquiry ("Hearing") The intention of the hearing process is to properly and transparently investigate the incident, to provide an opportunity for the employee to challenge allegations being made, and to enable the hearing chairperson to determine an appropriate action. The investigating manager convenes the disciplinary enquiry, using the relevant notification form, and this is given to the employee concerned. This notification must ensure that the employee is fully informed of the company's allegations regarding misconduct. The handing over of the notification should be witnessed by a third party. How to conduct a Disciplinary Enquiry ("Hearing") The conducting of a formal Disciplinary Enquiry is an integral part of the disciplinary process if dismissal is being contemplated. This hearing must be presided over by a competent and reasonably objective Enquiry Chairperson who will be responsible for leading and managing the entire hearing process, and for making the two critical decisions i.e. VERDICT: the guilt or innocence of the employee, relative to the allegations made by the company and only thereafter, if the employee was found guilty of the alleged misconduct, the decision of SANCTION: the appropriate penalty, after considering mitigating and aggravating factors relevant to the case. To ensure that the disciplinary enquiry procedure is properly and fairly conducted, all hearings should be conducted according to the guidelines for conducting hearings (Annexure A). This record reflects the steps required for a disciplinary enquiry to be procedurally fair. After completion of the necessary enquiry procedures, any decision by the Chairperson must be motivated and supported by a written finding. This finding must be provided to the employee (and any recognised representative), generally within 5 (five) working days of the conclusion of the enquiry process. The employee must also be informed that there is no in-house appeal process; and that dismissals may only be contested at the CCMA. The company must retain copies of all completed hearing related documentation for any further action required and safekeeping. Notes: The Employee(s) accused of the offence must be notified of the enquiry at least 48 hours (i.e. two full working days) before the scheduled hearing to provide the employee with sufficient time to adequately prepare their case and defence. If the employee is suspended on full pay until the enquiry is conducted, a written notice of suspension must also then be given to the employee confirming their suspension. Failure to suspend an employee accused of serious or gross misconduct, pending a disciplinary hearing, may call into doubt the seriousness of the misconduct. ---PAGE END--- Confidential The Employee is advised that he/she is expected to attend the enquiry as their non-attendance may prejudice their case, and even result in the enquiry being held in their absence. The Employee must be advised of the serious nature of the allegations against them, and the possibility of dismissal, should they be found guilty of the charges laid against them. Specific Infringements and the related Disciplinary steps to be followed: Poor Work Performance If an employee is alleged not to be performing to the required standard, the Head of Department (HOD) must investigate whether this is the case. In the course of this investigation the HOD must meet with the employee concerned to establish whether: The employee is aware of the required standard; The employee has failed to meet the standard and The reasons for the poor performance. If the reason for the poor performance is that the employee requires training, which the employer can reasonably be expected to provide, the employer must take steps to provide such training. If it appears on the basis of the investigation that the employee can reasonably be expected to meet a standard and is failing to do so, the HOD must counsel the employee regarding the steps the employee must take to reach the required performance standard, and the period of time within which he employee is expected to reach this performance standard. If, after counselling, the employee does not meet the required performance standard within a reasonable period of time, the appropriate HOD must convene a meeting with the employee. The object of the meeting is to inform the employee that this is so, and to give the employee an opportunity to respond. The employer may decide to: Further counsel the employee; Issue the employee with a written warning for poor performance; Issue the employee with a final written warning for poor performance; or Serve notice on the employee to attend a poor performance hearing. Written Warning for Poor Performance The written warning for poor performance must briefly describe in what respects the employee's performance is considered unsatisfactory, the steps the employer has already taken to bring this to the employee's attention and the steps the employee is expected to take to remedy the situation. A reasonable time period must be specified within which the employee must meet the performance standard. Final Written Warning for Poor Performance In the event that an employee has not achieved the required performance standard within a reasonable period of time/specified period of time, the appropriate HOD may convene a further meeting with the employee. The object of the meeting is the same as in the previous stage. If in the opinion of the HOD it is necessary to do so, the HOD may: Hold a further training session with the employee Issue a further written warning for poor performance to the employee Issue a final written warning to the employee for poor performance. A final written warning for poor performance must indicate, in addition to the information required in a written warning, that if the ---PAGE END--- Confidential employee does not achieve the required standard within a defined period the employee may be dismissed; or Convene a poor performance hearing. Poor Performance Hearing A hearing for poor performance must be held if the HOD is of the opinion that action stronger than a final written warning may be warranted. A poor performance hearing must be convened and conducted in the same manner as a disciplinary hearing, subject to the proviso that the object of the hearing is to determine whether the employee failed to meet a performance standard, and whether the employee could reasonably be expected to meet the performance standard in question. The HOD must give the employee not less than three (3) working days' notice of the time and date of the hearing, and details of the standard the employee is alleged not to have met. The following persons may be present at such a hearing: A chairperson; A representative of the employer (HOD) or his/her nominee, who will present the evidence against the employee who has not met the required performance standard; The employee who is alleged not to have met the required performance standard; The employee's representative - if so required a fellow employee; Any witnesses the employer or the employee wishes to call; and An interpreter, if the employee requires one. At the hearing the chairperson must ensure that the employee who is alleged to have failed to meet the required performance standard and the employee's representative are given a full opportunity to present the employee's case. At the conclusion of the hearing the chairperson must decide whether the employee is able to meet the required performance standard or not. If the chairperson finds that the employee is not able to meet the required performance standard the chairperson may ask both the employee and the employee's representative and the employer to make submissions on the appropriate outcome of the enquiry. The Chairperson must decide on the appropriate action and inform the employee accordingly. If an employee is determined to have failed to meet a performance standard that the employee could reasonably be expected to have met, the chairperson must consider whether there is any action that could remedy the situation other than dismissal. If there is not, the employee may be dismissed with notice, in terms of the notice periods prescribed in the employee's conditions of employment. The failure of the employee charged or the employee's representative to attend the hearing shall not invalidate the proceedings, except if good cause can be shown for not attending. Absence and Desertion The onus is on the employee to inform the employer on his/her absence from work. This must be done via a telephone call to the HOD on the first day of the employee's absence. Absence from work for 5 consecutive days, without notifying the employer, constitutes reasons to proceed with disciplinary action for desertion as follows: 1. The employer undertakes to contact the employee via telephone call, email, a personal visit. ---PAGE END--- Confidential 2. SSend a letter of intent, or email notifying employee of disciplinary action. 3. Have a disciplinary hearing 4. Dismissal. Incapacity: III health or injury Incapacity on the grounds of ill health or injury may be temporary or permanent. If an employee is temporarily unable to work in these circumstances, the employer should investigate the extent of the incapacity or injury. Reports from specialists should be obtained. If the employee is likely to be absent for a time that is unreasonably long in the circumstances, the employer should investigate all the possible alternatives short of dismissal. When alternatives are considered, relevant factors might include the nature of the job, the period of absence, the seriousness of the illness or injury and the possibility of securing a temporary replacement for the ill or injured employee. In cases of permanent incapacity, the employer should ascertain the possibility of securing alternative employment, or adapting the duties or work circumstances in order to accommodate the employee's disability. In the process of the investigation referred to above, the employee should be allowed the opportunity to state his/her case in response and to be assisted by a fellow employee. The degree of incapacity is relevant to the fairness of any dismissal. The cause of the incapacity may also be relevant. In the case of certain kinds of incapacity, for example alcoholism or drug abuse, counselling and rehabilitation may be appropriate steps for an employer to consider. Particular consideration should be given to employees who are injured at work or who are incapacitated by work-related illness. Dismissal An employee who is dismissed must be informed that he/she has the right to refer a dispute against the employer in terms of the Labour Relations Act of 1995 as amended, within 30 days of the date on which the employee was dismissed. Training and Awareness Each employee of Independent Investment Solutions will receive a copy of this policy and needs to ensure that he/she is familiar with the relevant disciplinary standards in the workplace and that he/she complies with the disciplinary code and procedure at the workplace. Review This policy will be reviewed as and when required but at least annually. Annexures Annexure A: Guidelines for conducting hearings Annexure B: First written warning template (guidelines) Annexure C: Second written warning template (guidelines) Annexure D: Final written warning template (guidelines) Annexure E: Dismissal with one month notice Annexure F: Summary Dismissal Annexure G: Suspension with Pay Annexure H: Corrective Counselling ---PAGE END--- Confidential ---PAGE END--- Confidential ANNEXURE A: GUIDELINES FOR CONDUCTING HEARINGS Hearings should be arranged within 3 working days of the completion of an investigation. The complainant and HR Representative should agree the content of the letter to be given to the employee, which advises the following: Brief details of the alleged misconduct The date, time and venue for the hearing The right to call witnesses and to cross-examine any witnesses that company may call. . The right to be represented by a willing fellow employee. Hearings are attended by an impartial Chairperson, the complainant (usually the line manager), the employee, a scribe who may either take notes or operate the tape recorder, and an HR representative. An interpreter may also be required. The process is as follows: Step The Disciplinary Hearing Process 1. The Chairperson introduces the parties, explains the purpose of the enquiry, establishes whether an interpreter is required, checks if notice of enquiry was received 3 days before hearing, explains the procedure to be followed and the employees' rights. Chairman reads out the allegations and asks employee whether the allegations are true or false. Chairman then asks for opening statements from the complainant and then from employee. 2. The Chairman asks the complainant to present evidence and/or lead witnesses to substantiate the allegation(s) against the employee. 3. The employee and/or his or her representative will be given an opportunity to cross-question the complainant and witnesses. 4. The employee will be asked to respond to the allegation(s) and present his or her evidence and/or lead witnesses. 5. The complainant may cross-question the employee and his or her witnesses. 6. The Chairperson may also ask clarifying questions. 7. After the employee and/or his or her representative have stated and presented what they wished to, they will be asked to present closing arguments. 8. The Chairperson will summarise evidence led and test understanding. 9. The Chairperson adjourns the meeting to make his finding. 10. The Chairman reconvenes the meeting, reviews the case and gives reasons for his finding. 11. If the employee is found guilty, the Chairperson asks the employee to present factors that should be taken into account when the sanction/disciplinary action is considered (mitigating factors). These could include long service, clean disciplinary record, or any other factors relating to employment. The HR Representative may also provide information. 12. The Chairperson will ask the complainant to state any aggravating factors. These include factors such as: 0 transgression has been repeated, that corrective action was instituted, 0 that the employee is a senior member of staff and should be an example to the rest of NEF etc. 13. The Chairman adjourns the meeting, and compiles a detailed Hearing report, noting whether the employee is guilty or not guilty, and the sanction. If the employee is found guilty 14. The Chairperson will adjourn the meeting to review all the evidence presented and request the HR representative to confirm details such as date of employment, whether the employee has been disciplined before, the performance rating of the employee and whether there are any other factors he should consider, before arriving at a decision. ---PAGE END--- Confidential 15. The chairperson will reconvene the hearing, and presents the sanction. The sanction can be one of the following: Final Written Warning -- valid for 12 months Demotion -- to one or two levels below the current level Termination with one months' notice : Termination without notice Summary dismissal : Dismissal The Chairman's decision is final. 16. The Chairperson will instruct the HR Representative to compile the relevant letter (e.g. first warning), and requests the employee to sign acknowledgement of receipt. The employee will be advised of the right to an appeal, which must be lodged with the HR Representative within 5 working days after the outcome of the Disciplinary Hearing. If the employee is found not guilty 17. The hearing will be closed after the chairperson has given reasons for finding the employee "not guilty". The notes or recording will be transcribed and issued to all parties as soon as possible for signed agreement to the content by the employee. If the employee feels that there are misunderstandings or omissions, these should be advised in writing to the line manager and copied to the HR representative within 3 working days of the hearing. Tape recordings of proceedings may therefore be permitted for record purposes. ---PAGE END--- Confidential ANNEXURE B: FIRST WRITTEN WARNING Dear Sir/Madam On the (insert date) you were involved in (insert description of misconduct) which is/are unacceptable to management. This letter serves as a 1st written warning and you are notified that, should any further unacceptable behaviour be reported within the next three (3) months ending (insert calculated date) then further action will be taken against you, either in the form of a 2nd written warning or consideration of the possible termination of your services after an appropriate disciplinary hearing/enquiry. If you receive no further warnings immediately after the expiry of the three (3) months period, from the date of this letter, this letter will be removed from your personal file. You are requested to sign an acknowledgement of receipt of this letter. We hope that you will regard this letter as an opportunity for improving your situation. Yours faithfully Signature: ACKNOWLEDGEMENT OF RECEIPT: I (insert employee name) herewith acknowledge receipt of the notice of my letter of a written warning letter issued to me on the (insert day of receipt)) Signature Date ---PAGE END--- Confidential ANNEXURE C: SECOND WRITTEN WARNING Dear Sir/Madam On the (insert date) you were involved in (insert description of misconduct) which is/are unacceptable to management. This letter serves as a 1st written warning and you are notified that, should any further unacceptable behaviour be reported within the next six (6) months ending (insert calculated date) then further action will be taken against you, either in the form of a 2nd written warning or consideration of the possible termination of your services after an appropriate disciplinary hearing/enquiry. If you receive no further warnings immediately after the expiry of the six (6) months period, from the date of this letter, this letter will be removed from your personal file. You are requested to sign an acknowledgement of receipt of this letter. We hope that you will regard this letter as an opportunity for improving your situation. Yours faithfully Signature Date ACKNOWLEDGEMENT OF RECEIPT: I (insert employee name) herewith acknowledge receipt of the notice of my letter of a written warning letter issued to me on the ((insert day of receipt)) Signature Date ---PAGE END--- Confidential ANNEXURE D: FINAL WARNING Dear Sir/Madam On the (insert date) you were involved in ((insert reason)) which is/are unacceptable to management. This letter serves as a final warning and you are notified that, should any further unacceptable behaviour be reported within the next twelve (12) months ending (insert calculated date) then further action will be taken against you in the form of consideration of the possible termination of your services after an appropriate disciplinary hearing/enquiry. If no further unacceptable behaviour is reported from the date of this letter, this letter will be removed from your personal file immediately after the expiry of the 12 (twelve) months period. You are requested to sign an acknowledgement of receipt of this letter. Yours faithfully Signature Date ACKNOWLEDGEMENT OF RECEIPT I ((insert employee name)) herewith acknowledge receipt of a final written warning letter issued to me on the ((insert date)) day of ((insert month) (insert year)) ---PAGE END--- Confidential ANNEXURE E: DISMISSAL WITH ONE MONTH NOTICE Dear Sir/Madam At a Disciplinary Enquiry which took place on the (insert date), you were found guilty of .... The sanction handed down by the Chairman is dismissal with one months' notice. Your service with company will therefore be terminated with effect from ..... Should you disagree with the finding and/or sanction imposed upon you, you have the right to refer the dispute to the CCMA within 30 (thirty) days from the date of your dismissal. Yours faithfully Signature Date ACKNOWLEDGEMENT OF RECEIPT herewith acknowledge receipt of the notice of my Summary Dismissal on (Date) Signature Date ---PAGE END--- Confidential ANNEXURE F: SUMMARY DISMISSAL Dear Sir / Madam At a Disciplinary Enquiry which took place on (date) ... you were found guilty . The sanction handed down by the Chairman is summary dismissal and therefore your service with Company. has been terminated with immediate effect. Should you disagree with the finding and/or sanction imposed upon you, you have the right to refer the dispute to the CCMA within 30 (thirty) days from the date of your dismissal. Yours faithfully Signature Date ACKNOWLEDGEMENT OF RECEIPT herewith acknowledge receipt of the notice of my Summary Dismissal on Signature Date ---PAGE END--- Confidential ANNEXURE G: SUSPENSION WITH PAY Dear Sir / Madam You are hereby notified that your services with Company. have been temporarily suspended with immediate effect on full pay. Your suspension is subject to the finalisation of an internal investigation regarding your alleged involvement in ... The following conditions apply: You may not enter the premises of Company. You are to make yourself available at all times for questioning during your suspension You are to contact (insert name) (Daily/weekly). You may not contact any employee of Company without prior authorisation from your manager We confirm that the suspension of your services does not imply that your services have been terminated; and therefore are still subject to the procedures and policies of Company. Yours faithfully Signature Date ACKNOWLEDGEMENT OF RECEIPT: hereby acknowledge receipt of the notice of my letter of suspension with pay on the Signature Date ---PAGE END--- Confidential ANNEXUREH: CORRECTIVE COUNSELLING This document serves to confirm that a counselling session has been held with: Name of staff member: Date: Reason for counselling: Agreed course of action: Follow up dates: Signature of employee Signature of manager: Date: ---PAGE END--- Confidential ANNEXURE I: RECOMMENDED PENALTIES FOR OFFENCES Note: Repeated offences will attract a more serious disciplinary action. Three (3) Verbal warnings -- constitute 1 written warning Three Final warnings for different offences result in summary dismissal Recommended Penalty Nature of offence First Offence Second Offence Subsequent Offence Providing client with incorrect information, e.g. send incorrect Verbal warning First Written Implement report to client Warning disciplinary procedure. Unchecked correspondence sent out with negligent errors Verbal warning First Written Implement Warning disciplinary procedure. Verbal warning First Written Implement Negligent errors i.e. not changing address on systems, not Warning disciplinary changing w/d or d/o amounts, forgetting to deliver telephone procedure. messages, etc. Verbal warning First Written Implement Not forwarding information to correct departments. Warning disciplinary procedure. Verbal warning First Written Implement Failure to act upon a request from HOD. Warning disciplinary procedure. Verbal warning First Written Implement Failure to contact your HOD when ill, not able to work etc. Warning disciplinary procedure. Verbal warning First Written Implement Failure to meet deadlines due to lack of planning Warning disciplinary procedure. Verbal warning First Written Implement Unauthorized use of company equipment -- telephones, fax, Warning disciplinary copying procedure. Verbal warning First Written Implement Abusing the internet facility for private use Warning disciplinary procedure. First Written Implement Unprofessional behaviour towards fellow-employee, client or Warning disciplinary Financial Adviser procedure. First Written Implement Failure to produce a medical certificate when required Warning disciplinary procedure. Verbal warning First Written Implement Indolent or slow work Warning disciplinary procedure. First Written Implement Sleep while on duty Warning disciplinary procedure. ---PAGE END--- Confidential Abuse of sick leave Implement disciplinary procedure. Verbal warning First Written Implement Failure to perform duties Warning disciplinary procedure. Verbal warning First Written Implement Not switching on time/switching incorrectly Warning disciplinary procedure. Verbal warning First Written Implement Not notifying other department heads of changes in investments Warning disciplinary i.e. transfer of investment at PRODUCT PROVIDER from one procedure. policy to another Verbal warning First Written Implement Not notifying department heads of incorrect holdings - other Warning disciplinary funds instead of Funds of Funds procedure. Verbal warning First Written Implement Not notifying HOD when an investment is 100% in cash. Warning disciplinary procedure. Verbal warning First Written Implement Forgetting to add a client to the portfolio management systems. Warning disciplinary procedure. Verbal warning First Written Implement Repeatedly making system errors. Warning disciplinary procedure. Verbal warning First Written Implement Not adding Ad Hoc investment or Withdrawal Warning disciplinary procedure. Unauthorized absenteeism Implement disciplinary procedure. Verbal warning First Written Implement Negligence regarding health and safety, non-compliance with a Warning disciplinary safety or health measure or with a lawful instruction regarding procedure. health and safety or failure to report an incident or unsafe situation Verbal warning First Written Implement Any conduct affecting the employer/employee relationship Warning disciplinary detrimentally procedure. Verbal warning First Written Implement Acting in contravention of company policy guidelines Warning disciplinary procedure. Intentional or negligent causing of damage to the employer, co- Implement worker or clients of the employer disciplinary procedure. ---PAGE END--- Confidential Dishonesty (including but not limited to the submission of a false Implement medical certificate, pretending to be ill to obtain exemption from disciplinary duty and submitting false information to obtain family procedure. responsibility leave, or providing false information on FAIS questionnaire(s)) Intentional endangering of others' safety Implement disciplinary procedure. Causing of damage due to negligence Implement disciplinary procedure. Distribution of unauthorized or obscene publications Implement disciplinary procedure. Intentional or reckless interference with health and safety Implement measures or the serious abuse of health and safety equipment disciplinary procedure. Theft Implement disciplinary procedure. Partaking in illegal activities Implement disciplinary procedure. Coercing fellow-employees to partake in activities that fall Implement outside the scope of work disciplinary procedure. Disclosing confidential information - with colleagues or any Implement person, firm or corporation. disciplinary procedure. Sharing company procedures, processes and plans with any Implement person, firm or corporation disciplinary procedure. Drinking on duty or on the premises (This excludes social Implement functions held on the premises). disciplinary procedure. Arriving on duty under the influence of alcohol. Implement disciplinary procedure. ---PAGE END--- Confidential Caught using illegal substances on duty or on the premises Implement disciplinary procedure. Using any information provided by clients, Financial Advisers or Implement the operational system, for personal gains disciplinary procedure. Submitting false documentation, reports, evidence, allegations Implement or information regarding previous employment, criminal disciplinary convictions or misconduct that impacts upon the relationship ofIpprocedure. trust. Assault (actual or threatened) of a co-worker, client or third Implement party disciplinary procedure. Sabotage, malicious or wilful damage to property or assets. Implement disciplinary procedure. Gross insubordination, refusal to comply with a reasonable and Implement lawful instruction or directive disciplinary procedure. Sexual or co-worker harassment, gender abuse, behaviour Implement considered degrading or insulting by another. disciplinary Making racist, lewd, suggestive or inappropriate gestures, procedure. statements or innuendoes to a co-worker, client Unauthorised possession, removal (attempted or actual), Implement misappropriations, unauthorised "borrowing", use and/or abuse disciplinary of Company or client property or facilities. procedure. First Written Implement Soliciting or accepting gifts from any third party without Warning disciplinary authorisation or consent. procedure. Having undisclosed personal or other interests that are a conflict Implement of interest, and contrary to the interests of the company disciplinary procedure. Desertion (intentional or implicit) -abandoning the Implement employment relationship /wilful repudiation of contract, refusal disciplinary to resume employment, extended unexplained absence for no procedure. good reason (period of absence in excess of 5 working days) Persistent timekeeping offences, late return from lunch, abuse Implement of smoke-breaks, leaving work early without permission, disciplinary excessive time-off. procedure. ---PAGE END--- Confidential Gross insolence, adopting a disrespectful attitude toward any Verbal warning First Written Implement superior or client / supplier. Warning disciplinary Uncooperative or obstructive behaviour. procedure. Verbal warning First Written Implement Smoking in a non-smoking area, or refusing to make use of Warning disciplinary designated smoking areas. procedure. Implement Non-compliance with Fit and Proper requirements (Financial disciplinary advisory and intermediary services Act) procedure. ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Conflict of Interest Management Policy and Procedures Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Conflict of Interest Management Policy and Procedures Scope The General Code of Conduct for Authorised Financial Services Providers and Representatives ("The Code") issued under the Financial Advisory and Intermediary Services Act, 2000 (Act 37 of 2002) ("FAIS"), requires financial service providers to have a Conflict of Interest Management Policy to ensure that conflicts of interest are managed appropriately within the business. This notion concerns Independent Investment Solutions, all individuals working for Independent Investment Solutions (employees, associates, service providers, etc.), and the Independent Investment Solutions businesses (major shareholders, companies controlled by the Group, etc.). Purpose This purpose of this policy is to assist Independent Investment Solutions and related individuals to identify potential and actual conflicts of interest and manage it appropriately. It describes the procedures to be followed to ensure that conflict of interest situations do not cause Independent Investment Solutions to act in contravention of the FAIS Act and General Code of Conduct which requires that a provider must at all times render financial services honestly, fairly, with due skill, care and diligence, and in the interests of clients and the integrity of the financial services industry. Background A conflict of interest situation arise when a staff member(s) experience a situation in which their own interest or the interests of Independent Investment Solutions, or one of its associates in the exercise of its activities, are directly or indirectly in competition with, or may significantly prejudice a client's interests. Such a situation may, in the rendering of a financial service to a client, a. influence an individual in the objective performance of his, her or its obligations to that client; or b. prevent a provider or representative from rendering an unbiased and fair financial service to that client, or from acting in the interests of that client. A conflicting interest may include, but are not limited to ---PAGE END--- Confidential a real or perceived financial gain resulting from recommendations to clients that may prejudice the client an outcome of service delivery or transaction that may not best serve the interests of the client non-cash incentives that may be received by the Company as a result of effecting any predetermined transaction and/ or product effecting a transaction and/ or product that may benefit a party other than the client Conflicts of interest may be recognised (actually identified) or be potential or perceived (conceivable) and most often arise because of an actual or possible financial interest. Policy Independent Investment Solutions is committed to avoiding and where this is not possible mitigating any conflict of interest that may arise between ourselves, as a financial services provider, and our clients when rendering a financial service. Where such a conflict of interest cannot be avoided the situation will be explained to the effected client(s). Allowable financial interests The following allowable financial interests have to be disclosed to clients in writing before any transaction takes place: : Fees as provided for in any applicable legislation, if these fees are reasonably commensurate to the service being offered. Fees for rendering a financial service which are not provided for in any legislation or regulations, provided the client has specifically agreed to fees in writing and has a discretion to stop them at any time. The following allowable financial interests have to be disclosed internally in the company's gift register: Promotional items (with a value of no more than R1000.00 per FAIS representative / key individual in any given year) Any other financial interest with a determinable monetary value not exceeding R1000.00 per FAIS representative / key individual in any given year The following allowable financial interests have to be disclosed internally in the company's conflicts of register and to affected clients: Ownership interest Directorships The following allowable financial interests have to be disclosed internally in the company's training register: Training that is not restricted to a selected group of providers and FAIS representatives on products and legalities thereof; general financial and industry information; specialised technological systems (of a third party) necessary for rendering a financial service. Disallowed financial interests The following financial interests are disallowed: ---PAGE END--- Confidential Financial interest to a representative or to the provider for giving preference to a quantity of business to the exclusion of quality to the client, preference to a specific product supplier or preference to a specific product. Cash, cash equivalent, voucher, gift, service, advantage, benefit, discount, domestic or foreign travel, hospitality, accommodation, sponsorship and any other incentive or valuable consideration not mentioned above, including travel and accommodation associated with allowed training. Any financial interest other than allowable financial interests listed above with a determinable monetary value exceeding R1000.00 per FAIS representative / key individual in any given year. Training restricted to a selected group of providers and FAIS representatives on products and legalities thereof; general financial and industry information; specialised technological systems (of a third party) necessary for rendering a financial service. Procedure Measures for avoidance or mitigation of conflicts of interest and control measures Reporting and record keeping i. Both a Gifts Register for allowable financial interests (Annexure A) and a Conflicts of Interest Register for Ownership interests, Directorships and Disallowed financial interests (Annexure B) have been implemented. ii. The Company's Managing Director will act as the custodian of both the Conflicts of Interest register and the Gifts register. iii. Each Representative has a duty to report any such an immaterial financial interest provided or received to the custodian of the Gifts Register (within a week of giving / receiving such a gift) who shall report to the Managing Director of the Company as soon as the aggregate financial interest given or received by any one representative from that product provider or third party reaches R1 000.00 in that particular year. Key Individual Authorisation i. A financial interest with a monetary value of between R1000.01 and R10 000.00 constitutes a material conflict, and will prior to giving, or the acceptance of the financial interest, require the written consent of the Managing Director of Independent Investment Solutions and must be recorded in the relevant Conflict of Interest register. ii. In exercising his discretion the Managing Director must consider: this conflict of interest policy and the requirements for updating the conflicts of interest register; any applicable legislation which may be breached by the receipt of such a gift or entertainment; a written statement form the giver explaining the reason for and purpose of the entertainment or gift the extent of the conflict; the estimated direct financial impact that a particular situation or activity would have on the Company; the effect that the financial interest is likely to have on the client; Annual Key Individual and Representative disclosure ---PAGE END--- Confidential i. All the Key Individuals and Representatives will be required to also complete the'Conflicts of Interest Questionnaire' as provided for in Annexure C of this policy. ii.The conflict of interest register will be updated and reviewed by the Key Individual(s). iii. IIf it has been established that a particular situation or activity gives rise to a conflict of interest, such a situation must be avoided. iv. If such a conflict of interest is inevitable it is the responsibility of the Managing Director to ensure that the effect if the conflict is mitigated by disclosing the conflict of interest to the relevant client(s). Further reporting of conflicts of interest All activities that resulted in conflict of interest situations must be reported to the company's compliance officer on a bi-annual basis. Consequences of non-adherence Violation of this Policy and procedures described herein will result in disciplinary action. Training and awareness A copy of the policy will be provided to each staff member and representative, and updated versions will be circulated. All the Company's staff will be trained on this policy and related procedures. Clients will be made aware of the existence of this policy. Review This policy shall be reviewed annually and any changes to this policy shall be communicated to all staff. Annexures Annexure A1 Gifts Register: Gifts Received Annexure A2 Gifts Register: Gifts Given Annexure B Conflicts of Interest Register Annexure C Conflicts of Interest Questionnaire ---PAGE END--- Confidential ANNEXURE A1: GIFTS REGISTER: GIFTS RECEIVED (For all immaterial financial interests) GIFT REGISTER - PERIOD ENDING . : GIFTS GIVEN Date Value of Name of gift recipient Company Name (and FSP no. if Describe gift and the gift applicable) giving this gift reason for being given Annexure A2: GIFTS REGISTER: GIFTS GIVEN (For all immaterial financial interests) GIFT REGISTER - PERIOD ENDING .: GIFTS GIVEN Date Value of Name of gift recipient and Name of employee giving the Describe gift and the gift Company (incl. FSP no. if gift reason for being applicable) given ---PAGE END--- Confidential ANNEXURE B: CONFLICTS OF INTEREST REGISTER CONFLICTS OF INTEREST REGISTER Date Nature of the Will this What measures will be What impact will Has the captured Conflict conflict be taken to Avoid / mitigate this conflict have Managing avoided / this conflict on clients Director mitigated What impact will this approved conflict have on clients this conflict? ---PAGE END--- Confidential ANNEXURE C: CONFLICTS OF INTEREST QUESTIONNAIRE Annual Conflicts of Interest questionnaire to be completed by all Key Individuals and Representatives Please respond to the following questions to the best of your knowledge: 1 .Please list all corporations, partnerships, associations or other organizations of which you are an officer, director, trustee, partner, or employee, and describe your affiliation with such entity. 2. In terms of the FAIS Code of Conduct you must disclose to the client the existence of any personal interest in a relevant service, or of any circumstances which gives rise to annual or potential conflict of interest in relation to such service, and take all reasonable steps to ensure the fair treatment of the client. Please list any such conflicts- or potential conflicts of interest which you are aware of or which you perceive may possibly exist. 3. Non-cash incentives offered and/or other indirect consideration payable by another provider, a product supplier or any other person to the provider could be viewed as a potential conflict of interest. Please list any such incentives received by yourself, your family members and or family entities during the last 12 months (can include incentive trips, sponsorships, gifts that amount to material benefits, business services, entertainment expenses, access of preferential, differentiated service/training/advice facilities, shareholdings, sales quota obligations, product biases etc.) 4. Please list all corporations, partnerships, or other entities in which you have a material financial interest (shareholding of 25% or more). 5. Are you aware of any other relationships, arrangements, transactions, or matters which could create a conflict of interest or the appearance of conflict? If so, please describe I have read the Conflicts of Interest Policy and accordingly hereby confirm that I currently comply with and agree to remain in compliance with the Policy. Signed at. on this day of 20 Signature: Name: ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Fit and Proper Policy and Procedures Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Fit and Proper Policy Scope The Fit and Proper requirements apply to all "Responsible Persons" within Independent Investment Solutions, being: Directors of the Group, Managing Executives and Public Officers Heads of each Control Function (Risk Management, Compliance, Internal Audit and Actuarial) Significant Owners (shareholders who individually or together with their associates hold 25% or more of the companies' shares) External Auditor FAIS Representatives and Key Individuals FAIS Compliance Officer(s) Responsible Persons should adhere to high internal standards of ethics and integrity that promote sound governance and have the relevant knowledge, skills and experience to bring judgment to bear on the business Of the Group. All Responsible Persons will be subject to this Fit and Proper Policy, and will acknowledge this in writing and provide written consent for information to be collected as part of the assessment process described below. The written consent will be provided on the date of appointment. Purpose This policy also provides guidance to the staff of Independent Investment Solutions on processes related to the Fit and Proper requirement including but not limited to the Fit and Proper assessment process created to support continuous compliance. Background Fit and Proper Requirements dealt with in this policy can be found in: : Long term Insurance Act of 52 of 1998 and the Short Term Insurance Act 53 of 1998 ---PAGE END--- Confidential 0 Board Notice 158 of 2014 - Governance and Risk Management Framework for Insurers issued by the Registrar of Long-term and Short-term Insurance 0 Board Notice 158 of 2015 -- Fit and Proper Requirements issued by the Registrar of Long-term and Short-term Insurance Financial Advisory and Intermediary Services Act 0 Board Notice 106 of 2008 (and as amended) - The Determination of Fit and Proper Requirements for Financial Services Providers issued by the Financial Services Board under Financial Intermediary and Advisory Act of 2002 (FAIS) 0 Board Notice 127 of 2010 - Qualifications, Experience and Criteria for Approval as a Compliance Officer Companies Act 71 of 2008 (as amended) Section 69 The Fit and Proper requirements covered can broadly be divided into the following categories: a) Honesty and Integrity; b) Competency ; c) Financial Standing; and d) Operational Ability. Competency is classified further into (i) Experience, (ii) Qualifications, (ii) Regulatory Exams and (iv) Continuous Professional Development. Please refer to Annexure B for the specific Fit and Proper requirements. Policy XXX Procedure XXX Assessment Process 1. The Compliance Officer will perform a Fit & Proper assessment before the appointment of a Responsible Person. 2. The assessment will be performed by: a. requesting that each Responsible Person complete a Fit and Proper Declaration as well as an Assessment Form. The templates will require high level information, and enable the Compliance Officer to identify areas to be investigated. Additional information will be requested in terms of such areas and if relevant this will be presented to the Risk and Compliance Committee for further evaluation; b. requesting that each Responsible Person complete a consent form in order for verifications to be conducted; c. verifying the qualifications, experience and financial standing information received from the Responsible Person through an independent verification agency; d. conducting an internet search in terms of the Responsible Person's work history and the related entities, to determine if any such entities were liquidated (etc.); and ---PAGE END--- Confidential e. conducting an internet search in terms of the Responsible Person as an individual to determine if the person's relationship with the Group may increase the Group's reputational risk. 3. The Compliance Officer will thereafter annually: a.request completed Fit and Proper Declarations from Responsible Persons; b. request updated information from Responsible Persons; review Fit and Proper information received to ensure that Responsible Persons still comply with the Fit and Proper requirements; and d. p perform financial standing verifications through an independent verification service. 4. The Compliance Officer will keep a Responsible Persons Register. The Register will at least contain the following: Name of the Responsible Person; Identification or passport number of the Responsible Person; A description of the Responsible Person's role classification in terms of this policy e.g. Director, Manager, Auditor, Head of Control, Significant Owner, Key Individual or Representative; The entity(s) in the Group the Responsible Person's responsibilities relates to; The fact that the initial / on appointment Fit and Proper assessment form and declaration has been completed and received from each Responsible Person; The fact that the Fit and Proper assessment information for each Responsible Person has been verified and the declaration re-signed annually; A list of qualifications obtained from each Responsible Person and an indication that the verification of such qualifications took place and the outcome of such verification process; An indication of any areas discovered during the assessment process that are being / had to be investigated further and the outcome of such investigations; An indication of any areas escalated to the Board and the outcome of the escalation process; and Areas verified and the outcome obtained from the verification exercise. The Responsible Persons Register will be updated with information collected and verified: on appointment of a new Responsible Person; on the promotion of an internal staff member to a position where they will be acting as a Responsible Person; During the annual Fit and Proper processes described above (where relevant). The Responsible Persons Register and information contained in the Register will be treated with the utmost confidentiality. Consequences of Non-Adherence will conduct an initial investigation of any cases of non-compliance discovered during the Fit and Proper assessment processes. Findings will then be presented to the Managing Director to evaluate the merits of the relevant case, and to advise on the further course of action. Cases where such non-compliance is found to be not acceptable to the Board, or cases in terms of Independent Investment Solutions' debarment policy may lead to disciplinary action including but not limited to termination of services, debarment and/or dismissal. Training and Awareness ---PAGE END--- Confidential All staff will be given access to this policy. Review This policy will be updated as and when required, but at least annually. Annexures Annexure A: Definitions Annexure B: Fit and Proper Requirements (Summary) Annexure C: Fit and Proper Assessment Form Annexure D: Fit and Proper Declaration Form ---PAGE END--- Confidential Annexure A: Definitions "Debarment" in terms of the FAIS Act means that the provider prevents the representative concerned from rendering further financial services and removes his or her name form the representative register in certain specific circumstances. Debarment has certain ramifications such as the fact that a person who is debarred may not render financial services in the industry. Representatives and Key Individuals must be debarred when they no Ionger meet the Fit and Proper requirements as detailed in Board Notice 106 of 2008, as amended. "FAIS" refers to the Financial Advisory and Intermediary Services Act 37 of 2002 "Head of a Means the person appointed by an insurer to ensure the performance of control function" the responsibilities of a control function, and includes a person to whom a control function is outsourced. "Key Individual" in relation to an authorised financial services provider, or a representative, carrying on business as: A corporate or unincorporated body, a trust or a partnership, means any natural person responsible for managing or overseeing, either alone or together with other so responsible persons, the activities of the body, trust or partnership relating to the rendering of any financial service; or b) A corporate body or trust consisting of only one natural person as member, director, shareholder or trustee means any such natural person. "Representative" in terms of FAIS refers to any person who renders a financial service for or on behalf of a financial services provider, in terms of conditions of employment or any other mandatory agreement, but excludes a person rendering technical, administrative, legal or accounting service, which service does not require judgment on the part of that person, or does not lead a client to any specific transaction in respect of a financial product in response to general enquiries. "Significant Refers for the purposes of this policy to a person who, directly or Owner" indirectly, alone or with a related party (as defined in the act) exercise control over any of the entities within the Group, or over the entire Group holds shares issued by any of the entities within the Group or issued by the Group which amounts to 25 per cent or more of the total nominal value of all of the issued shares ---PAGE END--- Confidential Annexure B: Fit and Proper Requirements 1. Honesty and Integrity 1.1. Companies Act 71 of 2008 Directors, managing executives and public officers should be in a position to answer "no" to all the following questions: A person is disqualified to be a director, managing executive or public officer of a company if-- a) a court has prohibited that person to be a director, or declared the person to be delinquent in terms of section 162, or in terms of section 47 of the Close Corporations Act, 1984 (Act No. 69 of 1984); or b) subject to subsections (9) to (12) of the Companies Act, the person-- (i) is an un-rehabilitated insolvent; (ii) is prohibited in terms of any public regulation to be a director of the company; (iii) has been removed from an office of trust, on the grounds of misconduct involving dishonesty; or (iv) has been convicted, in the Republic or elsewhere, and imprisoned without the option of a fine, or fined more than the prescribed amount, for theft, fraud, forgery, perjury or an offence-- 0 involving fraud, misrepresentation or dishonesty; 0 in connection with the promotion, formation or management of a company, or in connection with any act contemplated in subsection (2) or (5); or 0 under this Act, the Insolvency Act, 1936 (Act No. 24 of 1936), the Close Corporations Act, 1984, the Competition Act, the Financial Intelligence Centre Act, 2001 (Act No. 38 of 2001), the Securities Services Act, 2004 (Act No. 36 of 2004), or Chapter 2 of the Prevention and Combating of Corruption Activities Act, 2004 (Act No. 12 of 2004)." (v) These disqualification criteria apply equally to all responsible persons of the RMB-SI Investments Group. 1.2 Industry Specific Requirements Long Term Insurance Act and Short Term Insurance Act Any of the following constitutes prima facie evidence that a Responsible Person does not have integrity: a. he or she has been convicted (and that conviction has not been expunged) or is the subject of any pending proceedings which may lead to such a conviction under any law in any jurisdiction of -- (i) an offence under a law relating to the regulation or supervision of a financial institution as defined in the Financial Institutions (Protection of Funds) Act, 2001 (Act No. 28 of 2001) or a corresponding offence under the law of a foreign country; theft, fraud, forgery, uttering a forged document, perjury or an offence involving dishonesty; or (iii) an offence under the Prevention of Corruption Act, 1958 (Act No. 6 of 1958), the Corruption Act, 1992 (Act No. 94 of 1992) or Parts 1 to 4, or section 17, 20 or 21, of the Prevention and Combating of Corrupt Activities Act, 2004 (Act No. 12 of 2004), or a corresponding offence under the law of a foreign country; where the penalty imposed for the offence was or may be -- :imprisonment without the option of a fine; or aa significant fine; b. he or she has been convicted (and that conviction has not been expunged) or is the subject of any pending proceedings which may lead to a conviction of any other offence committed after the Constitution of the Republic of South Africa, 1996, took effect, where the penalty imposed for the offence was or may be imprisonment without the option of a fine; c. he or she has accepted civil liability for, or has been the subject of a civil judgment in respect of, theft, fraud, forgery, uttering a forged document, misrepresentation or dishonesty under any law; d. he or she has been the subject of frequent or severe preventative, remedial or enforcement actions by the Registrar or a regulatory authority; ---PAGE END--- Confidential e. he or she has been removed from an office of trust for theft, fraud, forgery, uttering a forged document, misrepresentation or dishonesty; f. he or she has breached a fiduciary duty; he or she has an impaired ability to discharge his or her duties in respect of the insurance business of the insurer because of a conflict of interest or any other reason; h. he or she has seriously or persistently failed to or is failing to manage any of his or her financial obligations (including debts) satisfactorily, including -- (i) having been the subject of a civil judgment in respect of unpaid debts, which debt remains unpaid or be the subject of any pending proceedings which may lead to such a judgment; or (ii) having been sequestrated or being the subject of any pending proceedings which may lead thereto under the Insolvency Act, 1936 (Act No. 24 of 1936) or a corresponding law of a foreign country, and has not been rehabilitated in terms of that Act or law; i. he or she has been or is being suspended, dismissed or disqualified from acting as a director, managing executive, public officer, auditor or statutory actuary (or his or her alternate) under any law; or j. he or she has been refused a registration, authorisation or licence to carry out a trade, business or profession, or has had that registration, authorisation or licence revoked, withdrawn or terminated by a regulatory authority; k. he or she has been denied registration or membership of any professional body or has had that registration or membership revoked, withdrawn or terminated by a professional body because of matters relating to honesty, integrity, or business conduct; 1. he or she has been or is being disciplined, reprimanded, disqualified, or removed m. in relation to matters relating to honesty, integrity or business conduct by a -- (i) professional body; or (ii) regulatory authority; n. he or she has knowingly been untruthful or provided false or misleading information to, or been uncooperative in any dealings with, the Registrar or a regulatory authority; o. he or she has demonstrated a lack of readiness and willingness to comply with legal, regulatory or professional requirements and standards; he or she has been found to be not fit and proper by the Registrar or a regulatory authority in any previous assessments of fit and properness and the reasons for being found not fit and proper have not been remedied; or q. he or she has been involved or is involved as a director or managing executive, or is concerned in the management, of a business that has been -- (i) the subject of any matter referred to in subparagraphs (a), (c), (d), (j), (I)(ii), (m), (n) or (o); or (ii) placed in liquidation or business rescue while that person has been connected with that organisation or within one year of that connection. In the case of a legal person, any of the following constitutes prima facie evidence that it does not have integrity: a.aany of its direct or indirect significant owners that are natural persons fail to meet the requirements relating to integrity referred to above b.i it has been placed in business rescue or is the subject of any pending placement in business rescue; or C. it has entered into or is entering into a scheme of arrangement with creditors within the meaning of the Companies Act or a corresponding law of a foreign country. ---PAGE END--- Confidential 1.3. Industry Specific Requirements: Financial Advisory and Intermediary Services Act An FSP, Key Individual or Representative is deemed to not have integrity if they have: a. within a period of five years preceding the date of application or the proposed date of appointment or approval, as the case may be, been found guilty in any criminal proceedings or liable in any civil proceedings by a court of law (whether in the Republic or elsewhere) of having acted fraudulently, dishonestly, unprofessionally, dishonourably or in breach of a fiduciary duty; b. within a period of five years preceding the date of application or the proposed date of appointment or approval, as the case may be, been found guilty by any statutory professional body or voluntary professional body (whether in the Republic or elsewhere) recognised by the Board, of an act of dishonesty, negligence, incompetence or mismanagement, sufficiently serious to impugn the honesty and integrity of the FSP, key individual or representative; c. within a period of five years preceding the date of application or the proposed date of appointment or approval, as the case may be, been denied membership of any Body referred to in subparagraph (b) on account of an act of dishonesty, negligence, incompetence or mismanagement, sufficiently serious to impugn the honesty and integrity of the FSP, key individual or representative; d. within a period of five years preceding the date of application, or the proposed date of appointment or approval, as the case may be - 0 been found guilty by any regulatory or supervisory body (whether in the Republic or elsewhere), recognised by the Board; or 0 had its authorisation to carry on business refused, suspended or withdrawn by any such body, on account of an act of dishonesty, negligence, incompetence or mismanagement sufficiently serious to impugn the honesty and integrity of the FSP, key individual or representative; e. within a period of five years preceding the date of application, appointment or approval, as the case may be, had any licence granted to the financial services provider by any regulatory or supervisory Body referred to in subparagraph (d) suspended or withdrawn by such Body on account of an act of dishonesty, negligence, incompetence or mismanagement, sufficiently serious to impugn the honesty and integrity of the FSP, key individual or representative; or f. at any time prior to the date of application, appointment or approval, as the case may be, been disqualified or prohibited by any court of law (whether in the Republic or elsewhere) from taking part in the management of any company or other statutorily created, recognised or regulated body, irrespective whether such disqualification has since been lifted or not. g. In accordance with Board Notice 127 and the FAIS Act the appointed Compliance Officer(s) must also comply with integrity requirements. 2. Competency A Responsible Person or any of their alternates, at all times, must have: a satisfactory educational qualification, the experience or expertise, and; the relevant skills and knowledge in respect of the duties that that person must perform. Responsible Persons who are appointed as Key Individuals and Representatives must: comply with the applicable minimum experience requirements as prescribed by the FAIS Act; have the relevant qualification as prescribed by the FAIS Act; ---PAGE END--- Confidential have successfully passed the relevant first and/or second level Regulatory Examination(s); comply with the CPD requirements as set out in the FAIS Act. 3. Financial Standing The Financial Soundness principles to be adhered to by Responsible Persons have been included in the Honesty and Integrity requirements as set out above. Specifically a significant owner must be in good financial standing. Any of the following constitutes prima facie evidence that a significant owner is not in good financial standing: (i) he, she or it does not have adequate financing or funding and future access to capital; (ii)he, she or it is not able or likely to be able to meet any of its financial obligations (including debts) as they fall due; or (iii) he, she or it has been the subject of a civil judgment in respect of unpaid debts, which debt remains unpaid, or is the subject of any pending proceedings which may lead to such a judgment. 4. Operational Ability A Responsible Person must have and be able to maintain the operational ability to fulfil the responsibilities imposed by the Law, including the oversight of business operations and financial services rendered. ---PAGE END--- Confidential Annexure C: Fit and Proper Assessments of Responsible Persons Fit and Proper Assessment form for Responsible Persons The RMBSI Group has adopted, implemented and documented a governance framework that provides for the prudent management and oversight of its insurance business and adequately controls and protects the interests of its policy holders. The Governance Framework includes specific 'Fit and Proper' requirements applicable to our Directors, Key Persons heading up control functions, Significant Owners, Auditors and Compliance Officers as detailed in the Companies Act and various Board Notices issued by the Financial Services Board under the Financial Advisory and Intermediary Services Act 53 of 2002, the Long-term Insurance Act 52 of 1998 and the Short-term Insurance Act 53 of 1998. Please complete the information required below to assist us in performing our Fit and Proper assessment process as detailed in our company's Enterprise Risk Management: Fit and Proper Requirements for Responsible Persons Policy. 1. Personal details of Responsible Person Name and Surname Identification Number Role (or role applied for ) in the Organisations 2. Fit and Proper Requirement 2.1 Please list qualifications obtained: Please enclose certified copies of certificates of qualifications obtained and completed above. 2.2 Please provide a summarised work history (you may also attached your full CV) If you are to be appointed as a FAIS Key Individual or Representative please also provide us with a signed consent form which will enable us to request your 'Date of First Appointment per Product' from the FSB. 2.3 If you are to be appointed as a FAIS Representative or Key Individual please list the regulatory exams you have completed successfully Please enclose copies of certificates of qualifications obtained and completed above. 2.4 Please provide details of Continuous Professional Development activities undertaken ---PAGE END--- Confidential Fit and Proper Declaration form for Responsible Persons The RMBSI Group has adopted, implemented and documented a governance framework that provides for the prudent management and oversight of its insurance business and adequately controls and protects the interests of its policy holders. The Governance Framework includes specific 'Fit and Proper' requirements applicable to our Directors, Key Persons and Significant Owners as detailed in Board Notice 158 issued by the Financial Services Board during 2014, under the Long-term Insurance Act 52 of 1998 and the Short-term Insurance Act 53 of 1998. The 'Fit and Proper' requirements for Responsible Persons can broadly be divided into the following categories: Honesty and Integrity Competence Financial Standing Operational Ability This questionnaire has been developed as part of the Honesty and Integrity assessment process detailed in our Fit and Proper policy. Please complete the declaration below and indicate your answer to each question in the boxes provided ('Y' for 'Yes' and 'N' for 'No"). Please attach details to this declaration on submission if the answer is 'Yes' to any of the questions below. Honesty and Integrity Declaration 1. Have you ever been involved with a corporation, which has been censured, disciplined, suspended or refused membership or registration by a stock exchange, futures exchange, other market or regulatory authority? 2. Have you ever been denied membership of any relevant membership body on account of an act of dishonesty, negligence, incompetence or mismanagement? 3. Have you been refused the right to, or been restricted from carrying on a trade, business or profession for which a specific license, registration or other authority is required by law in any country? 4.Have you ever been refused a license or registration in any place under any law, which requires licensing or registration in relation to securities, futures, leveraged foreign exchange activities? 5.Have you ever been refused authorization to carry on business by any regulatory body (whether in the Republic or elsewhere) recognized by the Financial Services Board or has such authorization ever been suspended or revoked by any such body because of negligence, incompetence or mismanagement? 6.HHave you been the subject of any investigation or disciplinary proceedings by any regulatory authority (whether in the Republic or elsewhere) or exchange, professional body or government body or agency? 7. Have you ever been disqualified or prohibited by any court of law (whether in the Republic or elsewhere) from taking part in the management of any company or other ---PAGE END--- Confidential statutorily created, recognized or regulated body, irrespective whether such disqualification has since been lifted or not? 8. Have you been issued with a prohibition order under any Act administrated by the Financial Services Board or been prohibited by other regulatory bodies form operating in the financial services industry? 9. Have you been found guilty by any regulatory, supervisory, professional or financial services industry body (whether in the Republic of SA or elsewhere) of an act of dishonesty, negligence, incompetence or mismanagement or has the authorization to carry on business ever been refused, suspended or withdrawn by any such body? 10. Has an adverse finding been made against you in any civil or criminal proceeding by a court of law (whether in the Republic of SA or elsewhere) in which you were found to have acted fraudulently, dishonestly, unprofessionally, dishonourably or in breach of your fiduciary duty? 11. Are there any proceedings now pending which may lead to such a judgment? 12. Have you ever knowingly or negligently aided or abetted other persons in the breaching of any laws, regulations, exchange rules and / or codes of conduct 13. Have you ever been a controlling shareholder, director of a company or member of a close corporation at the time it was placed under judicial management or in provisional or final liquidation? 14. Has your estate ever been sequestrated? 15. Do you have any additional information, which should be brought to the Registrar's attention, which may have an impact on the evaluation, by the Registrar of your good character and integrity? Operational Ability 1. Do you feel that you have the necessary operational ability to perform your duties sufficiently? I, the undersigned, confirm that the information I have provided by means of the above questionnaire is true and correct in all respects. I will notify the RMBSI compliance division within a period of 24 hours of any changes that may affect my standing in terms of the Fit and Proper regulations, specifically including changes in terms of the various circumstances listed above. I understand that failure to honestly disclose the requested information and related changes mean that I am acting dishonestly and therefore fail to comply with the Fit and Proper requirements. Signature: ---PAGE END--- Confidential Print Name: Date: ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Debarment Policy and Procedures Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Debarment Policy and Procedures Scope This document describes the policy and procedure to be followed by Independent Investment Solutions when debarring a Representative as defined in the Financial Advisory and Intermediary Services Act 37 of 2002 ("FAIS Act"). The debarment process applies to any Representative appointed by Independent Investment Solutions in terms of section 13 of the FAIS Act, but not a Key Individual, unless that Key Individual is also appointed as a Representative. Purpose The Representatives of Independent Investment Solutions are responsible for ensuring that they obtain and maintain their Fit and Proper status to be in line with FSB requirements. The purpose of this policy is to make Representatives aware of situations that may cause Independent Investment Solutions to debar them, and to provide internal staff with guidance in terms of debarment procedures. Background Section 14 of the FAIS Act places an obligation on FSP'S to notify the FSB to debar a Representative who does not comply with the fit and proper requirements, as referred to in the Determination of Fit & Proper Requirements for FSP'S and Representatives. In the event of non-compliance, the FSP must prohibit such person from rendering any further financial services and remove such debarred Representative from the register of Representatives that an FSP must maintain in terms of the FAIS Act. In terms of this policy, a Representative may be debarred for any of the following reasons: Material contravention or non-compliance with any provisions of the FAIS Act; and Non-compliance with the Fit and Proper requirements provided for in the FAIS Act, namely: (i) Honesty and integrity; or (ii) Competency ---PAGE END--- Confidential (examples of non-compliance include, without limitation, (a) the failure by a Representative to meet the deadlines with respect to qualifications and/or Regulatory Examinations; (b) Evidence of dishonesty or misrepresentation; and (c) personal behaviour which is detrimental to the financial services industry (hereinafter referred to as a "Section 14 Debarment"). In addition to the reasons for debarment referred to above, the Registrar may notify Independent Investment Solutions in terms of section 14A(3) of the FAIS Act that a Representative currently employed by the company, has been debarred by the Registrar due to a contravention of, or non-compliance with any of the provisions of the FAIS Act, prior to the Representative joining Independent Investment Solutions. Upon receipt of such a notice, Independent Investment Solutions shall be legally obliged to similarly remove that Representative from the register of representatives that the FSP must maintain in terms of the FAIS Act (hereinafter referred to as a "Section 14A debarment"). Policy Independent Investment Solutions must continuously ensure that its Representatives meet the requisite Fit and Proper requirements. For this purpose, Independent Investment Solutions shall maintain records, including copies of their qualifications, a training register and annually signed fit and proper declarations, proving each Representative's Fit and Proper status. Independent Investment Solutions will ensure that every Representative who no longer complies with the relevant Fit & Proper requirements, or with any other provision of the Act, is immediately debarred and removed from the register of representatives, and must take the necessary steps to ensure that the debarment does not prejudice a client and that any unfinished business is duly concluded. Similarly, Independent Investment Solutions must ensure that any Representative, in respect of whom a Section14A Debarment notice have been issued by the Registrar, is removed from the company's internal register of Representatives and is thereafter prohibited from acting in any way whatsoever under the Independent Investment Solutions' FSP license. Any Representative who has been debarred or removed, as the case may be, from Independent Investment Solutions' FSP license, may be subject to a comprehensive disciplinary process, as more fully provided for in the Company's HR policies. Procedure Section 14 Debarment Independent Investment Solutions must keep a clear audit trail of the processes followed before a Representative is debarred. These processes may include the following: Ensure that the Representative is fully aware of and understands all contractual and regulatory obligations; Get the facts and ensure that all parties have a clear and concise description of the alleged misconduct which could be a reason for possible disbarment; Ensure that the service contract or mandate between the Company and the Representative is up-to- date; Arrange a disciplinary hearing in terms of the Company's HR policies, if necessary; Include a forensic investigation report, if required; Include documentary or other evidence substantiating the alleged misconduct; ---PAGE END--- Confidential Allow for witness affidavits, if applicable; Allow for witness statements, only where it was not possible to obtain affidavits; Include a report from handwriting experts, if required; Make a transcript of the disciplinary hearing, if applicable; If the disciplinary hearing concludes that misconduct warranting debarment has occurred, complete and submit the "Form and Manner of Notification to the Registrar of FSP'S" regarding the debarment of the Representative to the Registrar. The form can be sent via electronic mail to: debarment@fsb.co.za; by fax to: 012: 422 2973; by hand delivery to: Riverwalk Office Park; 41 Matroosberg Road; Ashlea Gardens; If the hearing concludes that no further action is required, then document the proceedings and place in the HR file for the representative. Independent Investment Solutions must within 15 days after the removal of the name of the Representative or Key Individual from its Representative Register, inform the Registrar in writing thereof and provide the Registrar with reasons for the debarment, in such format as the Registrar may require. Section 14A Debarment Independent Investment Solutions must, within 5 days of receipt of a notice from the Registrar in terms of Section 14A(3), remove the Representative in respect of whom the notice have been issued, from its Representative Register and ensure, as far as reasonably possible, that the Representative no longer acts under authority of the Company's FSP license. In the event that we, after termination of a Representative's employment contract / mandate, discovers conduct on the part of the Representative that contravenes any of the provisions of the FAIS Act and which would have required the debarment of the Representative had he / she still been employed / mandated by Independent Investment Solutions, we will immediately inform the Registrar of such conduct and shall ensure compliance with the Guideline on Section 14A Debarment Process, issued by the Registrar on 3 March 2011. Acknowledgement of Debarment Policy and Procedures Every Representative appointed by Independent Investment Solutions in terms of FAIS will be required to sign the Representative Acknowledgement included in Annexure A to this policy. Review This policy will be reviewed as and when required, but at least on an annual basis. Annexures Annexure A: Acknowledgement -- Debarment Policy and Procedures ---PAGE END--- Confidential ANNEXURE A: ACKNOWLEDGEMENT - DEBARMENT POLICY AND PROCEDURES Dear. By signing this policy in your capacity as a FAIS Representative of Independent Investment Solutions, you acknowledge receipt and confirm your understanding of the Debarment rules and procedures provided for in this Policy. You furthermore agree that this policy shall be regarded an integral part of your employment agreement or mandate, as the case may be, with Independent Investment Solutions and that compliance with specifically the Fit and Proper requirements, as provided for in the Determination of Fit & Proper Requirements for FSP'S and Representatives, is a precondition of your continued employment by, or authorisation to act on behalf of, Independent Investment Solutions, as the case may be. You therefore acknowledge that failure by yourself to comply with any of the Fit and Proper requirements may result in the immediate termination of your employment agreement or mandate, as more fully provided for in Independent Investment Solutions' Disciplinary policy. Signature Print Name: Date: ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Protection of Personal Information Policy and Procedures Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Protection of Personal Information Policy and Procedures Scope Independent Investment Solutions is an authorised financial services provider who is obliged to comply with the Protection of Personal Information Act ("POPI"). All the employees of Independent Investment Solutions will be required to comply with this policy. Purpose This Policy set out how Independent Investment Solutions deals with their client's Personal Information and in addition for what purpose the said information is used. Background POPI requires Independent Investment Solutions to inform their clients as to how their Personal Information is used, disclosed and destroyed. POPI states that Personal Information may only be processed if - given the purpose for which it is processed - it is adequate, relevant and not excessive. Policy Independent Investment Solutions is committed to protecting our client's privacy and ensuring their Personal Information is used appropriately, transparently, securely and in accordance with applicable laws. Procedure Personal Information Collected Independent Investment Solutions collects and processes clients' Personal Information pertaining to clients' needs. The type of information will depend on the need for which it is collected and will be processed for that purpose only. Whenever possible, we will assist clients with distinguishing between optional information requests and required information requests. Examples of the Personal Information we collect includes but is not limited to: ---PAGE END--- Confidential Information relating to the race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, age, physical or mental health, well-being, disability, language and birth of the client/policy holder; Information relating to the education or the medical, financial, criminal or employment history of the client/policy holder; Identifying number, symbol, e-mail address, physical address, telephone number, location information or other particular assignment to the client/policy holder; Biometric information of the client/policy holder; Correspondence sent by the client/policy holder that is implicitly or explicitly of a private or confidential nature or further correspondence that would reveal the contents of the original correspondence; The views or opinions of another individual about the client/policy holder; and The name of the client/policy holder/investor if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the client/policy holder; The same details as referred to above as they relate to Employees We have agreements in place with all our products suppliers, insurers and third party service providers to ensure there is a mutual understanding with regard to the protection of client Personal Information. Our suppliers are subject to the same regulations as we are. We may also supplement the information provided with information we receive from other providers in order to offer a more consistent and personalised experience in clients' interaction with us. For purposes of this Policy, clients include potential and existing clients/policy holders. How personal information is used Clients Personal Information will only be used for the purpose for which it was collected and agreed. This may include: Providing products or services to clients and to carry out the transactions requested; For underwriting purposes; Assessing and processing claims; Conducting credit reference searches or verification; Confirming, verifying and updating clients details; For purposes of claims history; For the detection and prevention of fraud, crime, money laundering or other malpractice; Conducting market or customer satisfaction research; For audit and record keeping purposes; In connection with legal proceedings Providing our services to clients to carry out the services requested and to maintain and constantly improve the relationship; Providing communications in respect of (FSP) and regulatory matters that may affect clients; and In connection with and to comply with legal and regulatory requirements or when it is otherwise allowed by law. In terms of the provisions of POPI, Personal Information may only be processed if certain conditions are met, which are listed below, along with supporting information for (FSP) processing for Personal Information: ---PAGE END--- Confidential Client consents to the processing -- consent only required where the information will be used for something other than the intended use for which the information is supplied by the client; The processing is necessary -- in order to provide the client with the required insurance product; Processing complies with an obligation imposed by law on (FSP). Processing protects the legitimate interest of the client. Processing is necessary for pursuing the legitimate interest of (FSP) or of a third party to whom information is supplied. In order to provide our clients with products we need certain personal information from clients to provide expert products. Disclosure of Personal Information We may disclose clients' Personal Information to our providers whose services or products clients elect to use. We have agreements in place to ensure that they comply with confidentiality and privacy conditions. We may also share client Personal Information with, and obtain information about clients from third parties for the reasons already discussed in 2.4 above. We may also disclose client's information where we have a duty or a right to disclose in terms of applicable legislation, the law or where it is may be necessary to protect our rights. Safeguarding client information It is a requirement of POPI to adequately protect the Personal Information we hold and to avoid unauthorised access and use of your Personal Information. We will continuously review our security controls and processes to ensure that your personal Information is secure. When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that your Personal Information is kept secure. We may need to transfer your Personal Information to another country for processing or storage. We will ensure that anyone to whom we pass your personal information agrees to treat your information with a similar level of protection as afforded to you by us. Access and correction of Personal Information Clients have the right to access the Personal Information we hold about them. Clients also have the right to request us to update, correct or delete their Personal Information on reasonable grounds. Once a client objects to the processing of their Personal Information, (FSP) may no longer process said Personal Information. We will take all reasonable steps to confirm our clients' identity before providing details of their Personal Information or making changes to their personal Information The details of our Information Officer and head office are as follows: Information Officer Details Peter James Hewett Managing Director ---PAGE END--- Confidential Head Office Details Telephone Number: 0105976687 Fax Number: 0115348401 Postal Address: P.O. Box 1211, Ruimsig, 1732 Physical Address: Unit 16B, Willowbrook Office Park, Van Hoof Street, Johannesburg, 1700 Email Address: info@i2solutions.co.za Website: www.i2solutions.co.za Consequences of Non-Adherence Staff members who do not treat client information with the utmost confidentiality will be subject to disciplinary procedures. Training and Awareness All staff will be given access to and training on this policy. This policy will be available to clients of Independent Investment Solutions via our website / upon request. Review This policy will be reviewed as and when required or at least once a year. Where material changes take place clients will be informed. ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Whistle Blowing Policy Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Whistle Blowing Policy Scope The policy is designed to deal with concerns raised in relation to specific issues, which are in the public interest, as set out hereunder, but fall outside Independent Investment Solutions' other policies and procedures. This policy does not apply to personal grievances concerning an individual's terms of employment or other aspects of the working relationship, or disciplinary matters. This policy deals with specific concerns, which are in the public interest and may include: An unlawful civil or criminal offence; Failure to comply with statutory obligations/requirements; Financial or non-financial mismanagement, fraud and corruption, including bribery; A risk (including a potential risk) to health and safety of any individual; Environmental damage; Unfair discrimination as contemplated in the Promotion of Equality and Prevention of Unfair Discrimination Act, No. 4 of 2000; or Attempts to conceal or suppress information relating to the above. If it is determined during an investigation that the concern raised in terms of this policy does relate to an employment issue, the appropriate disciplinary procedures will be implemented. Purpose The aim of the whistle-blowing procedure is to provide a formal framework for employees to raise concerns where they believe that there is misconduct or illegal activities within Independent Investment Solutions (Pty) Ltd. The rules and procedures are designed to ensure a fair and consistent method of dealing with whistle-blowing issues raised by all staff and contractors. Background ---PAGE END--- Confidential Employees are often the first to realise that there may be "something seriously wrong" in the company for which they work. However, should they decide not to express their concerns because they may feel that speaking up would be disloyal to their colleagues or that it may be easier to ignore the concern rather than report what may just be a suspicion of misconduct, they could also be guilty of a serious offence. An employee making disclosure in terms of this Policy may does so without fear or victimisation and/or subsequent discrimination. Policy Independent Investment Solutions is committed to the highest standards of transparency and accountability. It is therefore expected that all employees (including third parties) who have serious concerns about Independent Investment Solutions' business practices, to come forward and voice those concerns. Harassment or Victimisation Independent Investment Solutions acknowledges the fact that the decision to report a concern can be a difficult one to make, not least because of fear of reprisal from those responsible for the irregularity. We will not tolerate harassment or victimisation and will take action to protect employees when they raise a concern in good faith. This does not mean that if an employee is already the subject of disciplinary or other action, that action will be halted as a result of their whistle blowing. Confidentiality Independent Investment Solutions will take all necessary steps to protect an individual's identity when he/she raises a concern and does not want their identity to be disclosed. It must be appreciated, however, that the investigation process may reveal the source of the information and a statement by the employee may be required as part of the evidence. Anonymous Allegations Independent Investment Solutions encourages employees to put their names to allegations. Concerns expressed anonymously are difficult to investigate; nevertheless, they will be followed up at the discretion of Independent Investment Solutions. This discretion will be applied by taking into account the following: the seriousness of the issue raised; the credibility of the concern; and the likelihood of confirming the allegation. Procedure Reporting and recording of disclosures The first step will be for the employee to approach their immediate manager unless he/she or senior management is the subject of the complaint, in which case a member of the Managing Director should be informed. Concerns are better raised in writing. The background and history of the concern, giving names, dates and places where possible should be set out and the reason why the individual is particularly concerned about the situation. ---PAGE END--- Confidential Employees are not expected to prove the truth of an allegation; they will need to demonstrate to the person contacted that there are sufficient grounds for concern. Our response Initial enquiries will be made to decide whether an investigation is appropriate and, if so, what form it should take. This will be done individually on a case by case basis. The matters raised will either: Be investigated internally by management, internal audit, or through the disciplinary process; or Be referred to an independent outside service provider with the necessary specialist expertise and experience in dealing with the type of disclosure made. Some concerns may be resolved by agreed action without the need for formal investigations. If urgent action is required, this will be taken, as far as is practicable, before any investigations are conducted. The investigation and the duration thereof will depend on the nature of the matters raised, the difficulties involved and the level of detail of the information provided. If necessary and if the whistle blower consents thereto, further information will be sought from the whistle blower. The investigations will, to the extent that it is possible, be handled in a confidential manner and will not be disclosed or discussed with any persons other than those with a legitimate right to such information. Appropriate feedback will be provided to the whistle blower upon request. Untrue Allegations All managers should discourage employees or other parties from making allegations, which are false and made with malicious intentions. Where such malicious, vexatious, or false allegations are discovered, the person who made the allegations will be subjected to firm disciplinary action, or other appropriate action in the case of external parties. Reporting of Lesser Concerns For some minor issues (e.g. personal use of Independent Investment Solutions equipment etc.), employees should raise the concerns with their immediate manager. In general, however, the whistle blowing procedure is expected to be used for potentially more serious and sensitive issues (e.g. fraud and corruption). Consequences of Non-Adherence Employees who become aware of serious wrongdoing and do not report it, may themselves become guilty of an offence. Training and Awareness All staff will be given access to this policy. Review This policy will be reviewed as and when required. ---PAGE END--- Confidential ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Personal Account Trading Policy Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Personal Account Trading Policy Scope Independent Investment Solutions is a registered financial service provider. As a financial service provider we provide a wide range of financial services as provided for by the Financial Services Provider Licence as amended from time to time and available via our website on www.i2solutions.co.za. The rules apply to any dealing in affected securities by an employee For their own account For the account of a connected person, if the employee controls, materially influences, and/or has sole discretion to operate the connected party account. Purpose The aim of this policy is to ensure that PA (Personal Account) trading is conducted in adherence with relevant guidelines and regulations. In addition, this policy aims to ensure adherence to industry standards and regulations in terms of personal account trading, and that our clients' best interests are put first at all times. Independent Investment Solutions has PA Dealing rules to: Ensure that Independent Investment Solutions and its employees are protected from the sanction which may result from the misuse of privileged or confidential information; Avoid potential conflicts of interests between employees, Independent Investment Solutions and its clients; Ensure that the personal account dealing of the employees at Independent Investment Solutions complies with applicable laws, regulations and good practice; Ensure that personal account dealings do not infringe on the normal activities and responsibilities of employees; Monitor personal account dealings that may potentially cause financial embarrassment to the employee and to the reputation of Investec. ---PAGE END--- Confidential Policy The South African Reserve Bank (SARB) and the Financial Services Board (FSB) have noted the inherent risks posed by Personal Account (PA) Dealing including trading based on inside information and apparent conflicts of interest. To address their concerns the SARB and the FSB have set out industry guidelines according to which financial institutions are expected to manage PA Dealing. Independent Investment Solutions recognises the interests of employees in conducting dealings for their personal accounts while recognising the inherent risks outlined by the regulators and potential conflicts of interest that may arise with both Independent Investment Solutions and its clients. Accordingly PA Dealing will be permitted only where it is conducted in accordance with the rules and procedures set out below. Employees are also expected to conduct themselves within the Independent Investment Solutions values framework. Although the intention of the rules is to set out in full the position in relation to PA Dealing, it is possible that not every potential situation is covered. Given the serious consequences of non-compliance, and ultimately for their own protection, employees should consult the Managing Director if they are in any doubt about their position. Procedure Personal Account (PA) Dealing describes the non-discretionary trading, purchases and sales, of all listed and unlisted shares undertaken by an employee of Independent Investment Solutions for their own account or for the account of a connected person if the employee controls, materially influences, and/or has sole discretion to operate the connected party account. Employee refers to directors, permanent and temporary staff and contractors; Connected person refers to a spouse, co-habitee, parent, child, sibling, close relative, dependent of the employee, company, close corporation, trust, investment club or other entity which the employee controls, materially influences and/or has sole discretion to operate or is a beneficiary of. PA dealing by employees exposes Mai Capital and its employees to the perception of various market abuses such as insider trading, misuse of privileged information and allegations that the employees have an inherent conflict of interest. The PA dealing rules form part of the Independent Investment Solutions company policies and every employee is thus bound to abide by the terms of this policy. All employees are required to sign a PA Dealing Undertaking, on which they are required to declare whether they have any accounts with either any stockbroker(s), and in terms of which they undertake to comply with the PA Dealing rules. If the employee declares that they do have such accounts, the Managing Director or his nominee will subsequently contact them to request that they complete a PA Dealing Declaration which requires employees to provide the company with the account details and additional documentation. Employees are required to ensure that the information disclosed on their PA Dealing Declaration remains accurate and up to date by performing a review, at least annually, of the information disclosed. Any changes should be noted on the PA Dealing Addendum and submitted to the Managing Director. ---PAGE END--- Confidential An employee will be deemed not to have a control or material influence where any one or all of the decisions to deal are taken without consultation with, or other involvement of, the employee or has been delegated to a full discretionary fund manager and the decision forms part of a documented and approved investment mandate and strategy. The rules apply to all dealings in an affected security. For the purpose of these rules, 'affected security' includes a. All of the following instruments regardless of whether they are listed on a local or foreign exchange b.A Any listed or unlisted equity securities including ordinary and preference shares and any derivatives thereof (for example warrants, instalment shares, single stock futures, CFDs) C.Any listed or unlisted debt securities including debentures, debenture stock, loan stock, bonds, certificates of deposit, commercial paper and any other instruments creating or acknowledging indebtedness and any derivatives d. Any listed or unlisted financial instrument entitling the holder to subscribe for equity and debt securities and any derivatives thereof (for example rights or nil paid letters) Any certificates representing equity and debt securities, and any derivatives thereof, which confer property rights in or over the investment (for example American depository receipts or global depository receipts, listed or structured notes) f. Any new listings of equity securities (in new or existing companies) Any private and public placing of new or existing equity securities (in new or existing companies) h.Any other financial instrument creating rights or profit/losses by result of such instrument being referenced to fluctuations in the value or price of any securities, or basket of securities falling within any of the instruments listed above, or index, or interest rate or other factor designated for that purpose in the contract (for example contracts for differences, equity swaps, spread betting) listed on an exchange or over the counter i. Any other instrument traded on an exchange (subject to the exclusions below) An 'affected security' excludes a. Regulated local or offshore collective investment schemes (including local or foreign Exchange Traded Funds ('ETFs') but excluding Single Stock Futures on those ETFs), unit trusts or mutual funds, local or offshore, managed in terms of a formally documented full discretionary mandate on a solely discretionary basis on behalf of the employee b. Foreign currency, according to rules and limits prescribed by the relevant exchange control regulations, orders and rules issued by the Minister of Finance from time to time (for example travel and offshore allowances) C. Currency futures d.CCall or fixed deposits, bankers acceptances, treasury bills, commercial paper and negotiable certificates of deposit e. Life insurance or endowment policies managed by an unconnected third party on a solely discretionary basis on behalf of the employee f. Any other security specifically exempted by Group Compliance. The type of accounts that these rules apply to The rules apply to an employee's account (and the accounts of a connected party if the employee controls, materially influences, and/or has sole discretion to operate the connected party accounts) that are managed in terms of a non-discretionary mandate. Accordingly, any discretionary investment account managed by an ---PAGE END--- Confidential independent investment manager, where transactions are conducted without consulting the employee, is not subject to these rules. For more detail see section 2 above. Responsible Person has been assigned to oversee these rules and the related processes. This includes: Approval of all PA trades dealings in financial instruments Keeping of proper records of all such transactions Reporting to the compliance officer, audit committee, and the board of directors, Reporting any material transgressions to the appropriate regulator, and Closing positions entered into in contravention of the rules. Prior Written Approval 2.3.2 Prior written approval a. All employees of EFH are required to obtain written approval before entering into any transaction (including for a connected person). b. The written approval must have an expiry or review date. C. The employee has to declare the following: i. The intent of the PA transaction, stating whether the transaction is for speculative or for investment purposes, ii. The type of security iii. The nature of the transaction (i.e. Purchase or sale, quantity, and proposed date and time, etc.) iv. That they are in a position to meet the financial obligations V.That they are not trading the said instrument on any portfolio at the point in time of the personal account trade thus resulting in a conflict of interest excluding ALSI 40 Index futures, ALSI 40 40 futures and ALSI 40 shares. vi. The broking firm through which the transaction will be executed (Off-market trades in listed securities should be prohibited), vii. The identity of the counterparty for unlisted securities. 2.3.3 Conditions of Employment a. On signing of this document, this document, "PA Trading Rules" becomes an attachment to your conditions of employment. 2.3.4 Conflict of Interest a.The trader of the company must trade PA securities through the appropriate trading desk of his own financial institution or through an appointed, recognised and approved third party. b.The rules must ensure that conflict of interests between the employee and clients is prevented. This is particularly relevant in a situation where the employee is acting as a discretionary portfolio manager. C. The trader or portfolio manager is not be allowed to conduct PA trading in the same counter he or she is trading for clients or his employer within 24 hours of such client or proprietary trades without specific prior approval. This specific approval must be from the compliance officer and senior dealer to ensure that all relevant client and proprietary trades have been concluded prior to his or her PA trading in that counter. d. Employees may not request or accept any credit or special dealing facilities with external parties. 2.3.5 New Listings a. The above rules apply to all new listings 2.3.6 Application of Rules a. The rules are applicable to all employees, including senior management b. Disciplinary action is provided for in the disciplinary process and procedures of the company. ---PAGE END--- Confidential 2.3.7 Underwriting a. The employee may not act as an underwriter or sub-underwriter of securities if the financial institution is acting in that capacity, or if the employee knows that the financial institution will be offered a participation, underwriting or sub-underwriting in that security. 2.3.8 Dealing staff Dealing staff are obliged to hold their positions for a minimum period of 30 days. Dealing staff will be exempted from the prescribed minimum holding periods when trading in: a. Index futures b. ALSI 40 equity shares C. Equity or other exposures less than R20 000.00 Subject to the following: a. All trades are pre-approved as described in 2.3.1 and 2.3.2 b. All trades are declared in the formal trading register c. The Chief Investment Officer is informed in writing of the intended trade 2.3.9 Glossary a. Connected person means: i. A spouse or partner; ii. Minor children; iii. Any person in a business or profit sharing relationship with the employee, including partners in an investment club; iv. A trust in which the employee or any person mentioned in (i) or (ii) is a beneficiary; V. Trustees of a trust in which the employee or any person mentioned in (i) or (ii) is a beneficiary; vi. A company in which the employee or any person mentioned in (i), (ii) or (iv) is a shareholder; vii. A pension fund (other than a pension fund managed by the institution) of which the employee or any person mentioned in (i), (ii) and (iii) is a beneficiary; and viii. Or any other accounts where the person has a direct or indirect benefit. b. Employee means: i. Any person employed by the institution or any of its subsidiaries 1. Including persons dealing on behalf of the institution or its clients, 2. Any person who is privy to confidential or proprietary information which could result in a conflict of interest if the employee used the information to his/her advantage, and 3. Includes a person on secondment or contract, and connected persons. c. Rules means: i. The personal account trading rules enforced by the institution from time to time and which comply with the minimum standard set out in this document d. Securities means i. Includes "securities and financial instruments" as defined in the Financial Markets Control Act, (Act 55 of 1989), the Stock Exchanges Control Act (Act 1 of 1985) respectively, and any unlisted instruments such as bonds, futures, options, forward rate agreements, swaps, equities and derivatives of any of these, but excludes all unit trusts other than unit trusts listed on a recognised exchange or with assets under management by the institution. Satrix products are defined as Unit Trusts for the purpose of the PA trading Rules. e. For the purposes of clause 2 of this agreement the term "Dealing staff" means: Any member of staff in any way involved in the "dealing" (i.e. purchase or sale) of listed shares for Group clients, whether directly or indirectly, and all staff in a position that may enable them to overhear or read the dealing transactions of such staff. f. For the purpose of clause 4.a the term "approved third party" shall mean any registered stockbroker approved by any Director of EFH. Consequences of non-adherence The PA Dealing Rules (the rules) are contained in Independent Investment Solutions Policies and Procedures Manual and as such form part of every employee's contract of employment. Failure to comply with these rules is a serious misconduct which could result in disciplinary action against the employee including termination of employment. ---PAGE END--- Confidential Failure to comply with the PA Dealing rules (specifically including but not limited to not disclosing PA trades timeously) also exposes employees to the risk of contravening legislation governing market abuse and insider trading. As such, failure to comply with these rules could result in disciplinary action by a regulatory body which could impose sanctions against the employee, as well as criminal and/or civil prosecution of the employee. Training and Awareness On employment All employees are required to familiarise themselves with these policies and to comply with the relevant procedures. Review As and when but at least annually Annexures Annexure A: PA Dealing disclosure docs ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Complaints Management Policy and Procedure Version 17072017 Approval Board Meeting - 17 July 2017 Effective Date: 17 July 2017 Revised Date: Not applicable Complaints Management Policy and Procedure Scope The General Code of Conduct for Authorised Financial Services Providers and Representatives ("The Code") issued under the Financial Advisory and Intermediary Services Act, 2000 (Act 37 of 2002) ("FAIS"), requires financial service providers to maintain an internal complaints resolution system and procedures based on the following: i. maintenance of a comprehensive complaints policy: outlining the provider's commitment to, and system and procedures for, internal resolution of complaints; ii. transparency and visibility: ensuring that clients have full knowledge of the procedures for resolution of their complaints; iii. accessibility of facilities: ensuring the existence of easy access to such procedures at any office or branch of the provider open to clients, or through ancillary postal, fax, telephone or electronic helpdesk support; iv. classification and analysis of complaints and corrective actions implemented; V. fairness: ensuring that a resolution of a complaint can during, and by means of, the resolution process be effected which is fair to both clients and the provider and its staff. This notion concerns all clients and prospective clients of Independent Investment Solutions. Purpose The purpose of this policy is to document this complaints resolution system and procedures, and to assist staff with effectively facilitating complaints management and following the correct procedures when a complaint is received. Background Types of Complaints Complaints dealt with by FAIS traditionally related to a financial service rendered by a financial services provider or representative, and in which complaint it is alleged that the provider or representative: has contravened or failed to comply with a provision of this Act and that as a result thereof, the complainant has suffered, or is likely to suffer, financial prejudice or damage; ---PAGE END--- Confidential has wilfully or negligently rendered a financial service to the complainant which has caused prejudice or damage to the complainant or which is likely to result in such prejudice or damage; or has treated the complainant unfairly. Complaints in terms of this policy also refers to any of the following categories: Product design and pricing (e.g. inadequate or too expensive); Lead generation (e.g. no response to lead); Sales and on-boarding (e.g. staff conduct); Fulfilment (e.g. documents not received); Premium Collections; Policy Maintenance (e.g. data capture errors); Underwriting (e.g. premium increase); Claims (e.g. process time); Cancellations (e.g. penalties applied); Retention (e.g. unable to renew / staff conduct); and/or Third parties and where applicable recoveries. Policy 3.1 Policy Statement Independent Investment Solutions (Pty) Ltd is dedicated to ensuring that all complaints received are resolved as quickly as possible in a fair and equitable manner. 3.2 How to Lodge a Complaint Please lodge your complaint in writing to our Jean Le Roux at jean@i2solutions.co.za. The complaint should contain sufficient details, including: the client details and the policy, account or member numbers that relate to the complaint; specific details about the nature of the complaint e.g. facts, dates and supporting documentation (i.e. letters, quotations, previous correspondence etc.) to enable us to deal with the complaint quickly and fairly; proof of any losses sustained; the solution / remedial action you believe is required to resolve the complaint. 3.3 Complaints Resolution We will acknowledge receipt of the complaint in writing as soon as possible after receiving the complaint. Where any complaint received pertains to something out of our control, e.g. product information or investment performance, we will forward the complaint to the product provider concerned and, where possible, facilitate the resolution process. We will also investigate the complaint to ascertain whether the complaint can be resolved immediately: If the complaint can be resolved immediately, we will take the necessary action and advise accordingly. If the complaint cannot be resolved immediately, we will send you a written summary of the steps to be taken to resolve the matter and the expected date of resolution. The complaint will be investigated and we will revert with our findings within three working days. ---PAGE END--- Confidential In the event that you are not satisfied with our solution, you may refer the complaint to Peter Hewett at peter@i2solutions.co.za who may amend the solution or confirm it. After the complaint has been referred to our Managing Director and you are still not satisfied with the outcome, we will regard the complaint as being unsatisfactorily resolved. You may under such circumstances approach the office of the Ombud for Financial Services Providers or take such other steps as may be advised by your legal representatives. 3.4 Unresolved Complaints In instances where we have not been able to arrive at a resolution within six weeks after you have lodged your complaint to us, the matter may automatically be referred to the Ombud. Such a matter must be referred to the Ombud within a period of six months. The Ombud will not adjudicate in matters exceeding a value of R800 000.00. The Ombud for Financial Services Providers may be contacted as follows: Telephone: +27 12 762 5000 / +27 12 470 9080 Facsimile: +27 86 764 1422 / +27 12 348 3447 E-mail Address: info@faisombud.co.za Website: www.faisombud.co.za Physical Address: Sussex Office Park, Ground Floor, Block B, 473 Lynnwood Road Cnr. Lynnwood Road & Sussex Ave, Lynnwood, 0081 3.5 Recordkeeping We will keep record of the complaint and maintain a full record of each complaint received. This record as well as all subsequent correspondence will be kept for 5 years as prescribed by relevant legislation. Procedures Complaints Resolution If the complaint is not in writing, sufficient information will be obtained verbally from the client to be submitted on the client's behalf. Report the complaint to the Compliance Officer / Accountant / Key Individual within the Company to immediately: Acknowledge receipt of the complaint; Determine if the complaint can be resolved immediately; ---PAGE END--- Confidential Capture the complaint in the Complaints Register; Classify the complaint according to the complaint categories. Thereafter the Compliance Officer / Accountant / Key Individual will: Investigate the complaint further; Resolve the complaint immediately or take the necessary action and advise the client of steps taken and expected date of resolution; Update the complaints register with all developments / activities. After 3 weeks the client will be informed in writing of the resolution of the complaint and the outcome, or of the progress if the complaint require further investigation. The client must be notified of the final outcome by no later than 6 weeks since the complaint was received. If the complaint cannot be resolved / is not resolved to the client's satisfaction, we will advise the client of their right to lodge the complaint to the FAIS Ombud. The Ombud's contact details must be provided and the client must be informed that they have a limited period of 6 months to lodge the complaint with the Ombud. Complaints Management The complaints register will provide valuable information which requires root cause analysis of complaints common to certain categories. This analysis will enable us to identify failings in control systems and poor staff or service provider performance, as well as the lack of skills or misconduct, in order for us to develop possible solutions. The register will also enable us to track our TCF delivery. Consequences of Non-Adherence Disciplinary action will be taken against staff members who do not comply with this policy and related procedures. Training and Awareness Staff members will receive a copy of this policy on employment and will receive training on this policy if complaints management and handling falls in their scope of duties. Review This policy will be reviewed as and when required. Annexures Annexure A: Complaints register ---PAGE END--- Confidential Annexure A: Independent Investment Solutions (Pty) Ltd Complaints Register Complaint type (FSB) Product Name& 5-day 3- 6-week Redres RFC raised? (see below) file ref (A/O/F) wee (O*/F) s (Yes/No) (L) k (L) (A or R) (O/F) (L) 0*: ongoing RFC: Recommendation following complaint J: Complaint considered justified? (Y/N) Redress: A(apology) R(amount) A, O, F: Acknowledgement/Ongoing/Final L: Reply not sent within deadline Complaint types (FSB categories): Outcome 2: Complaints relating to the design of a product or service (e.g. inadequate or too expensive) Outcome 3: Complaints relating to information provided (e.g. misleading advertising) Outcome 4: Complaints relating to advice Outcome 5(a): Complaints relating to product performance (incl. 3rd party providers) Outcome 5(b): Complaints relating to customer service (e.g. no response to lead, staff conduct, documents not received, delays, failure to carry out instructions, premium collections, policy maintenance, etc.) Outcome 6(a): Complaints relating to product accessibility, changes or switches (incl. penalties on cancellation, challenges with renewals etc.) Outcome 6(b): Complaints relating to complaints handling Outcome 6(c): Complaints relating to insurance claims Other complaints ---PAGE END--- Confidential S INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Compliance Policy Version 17072017 Approval Board Meeting - xxxxxxxx 20xx Effective Date: Xxxxxxxx 20xx Revised Date: Not applicable Compliance Policy Scope XXXX Purpose Xxx Background XXX Policy XXX Procedure XXX Consequences of Non-Adherence XXX Training and Awareness Xxx Review XXXX ---PAGE END--- Confidential IS INDEPENDENT INDEPENDENT INVESTMENT SOLUTIONS (PTY) LTD INVESTMENT FSP 48201 SOLUTIONS Title Enterprise Risk Management Policy and Framework Version 17072017 Approval Board Meeting - xxxxxxxxxxxx 20xx Effective Date: Xxxxxxxxx 20xx Revised Date: Not applicable Enterprise Risk Management Policy and Framework Scope This policy applies to all plans, activities, business processes, policies, procedures, employees and property of Independent Investment Solutions. Purpose The purpose of the Independent Investment Solutions Risk Management Policy and Framework is to describe the risk management process we follow and to categorise the various risks we face. The policy also assign accountability for risk management by allocating various responsibilities and governs the oversight of risk management activities to provide assurance to the board and management that risks are being appropriately managed. This policy serves as a cohesive umbrella for all of the risk management programs currently in place. Background As a financial services provider we are obliged to at all times have and effectively employ the resources, procedures and appropriate technological systems that can reasonably be expected to eliminate as far as reasonably possible, the risks that clients, product suppliers and other providers or representatives will suffer financial loss through theft, fraud, other dishonest acts, poor administration, negligence, professional misconduct or culpable omissions. This policy address such a control measure - Enterprise Risk Management (ERM) - the process of planning, organizing, leading, and controlling the activities of an organization in order to minimize the effects of risk on an organization's capital and earnings. Enterprise risk management expands the process to include not just risks associated with accidental losses, but also financial, strategic, operational, and other risks. In order for an organisation to keep track and prioritise the myriad of risks that it is typically exposed to during the course of its operational activities; it becomes important to collate potential risks into a central point that can then be reviewed and monitored. This generally takes the form of a Risk Management Plan (RMP). ---PAGE END--- Confidential A Risk Management Plan should at its least, identify the controls, the mitigation factors and details when it was Iast reviewed. It is important that an RMP is reviewed on at least a bi-annual basis to ensure that the risks remain current and the mitigation factors and control are also up-to-date. Policy Independent Investment Solutions recognises the importance of ongoing identification and management of risk in order to maintain a sound financial status and reputation. Risk management will be incorporated as part of our culture and strategic planning processes and will influence decision making and resource allocation on both operational and strategic levels. Appropriate measures will be put in place to address unfavourable impacts pre-empted through our risk identification processes, and risks will be monitored on a regular basis. We further commit ourselves to providing sufficient personnel and resources to ensure the full and successful implementation of the risk management plan(s). Framework Risk management process Our risk management incorporates a number of steps and can be illustrated as follows: 1.Risk 2.Risk 3.Risk 4.Risk Identification Assessment Mitigation Monitoring Figure 1 Phase1: Risk Identification Our management team is uniquely qualified to, with the guidance of the template provided, identify the various risks we face, and will therefore meet on an at least annual basis to discuss the various risks Independent Investment Solutions is exposed to. Phase 2: Risk Assessment/Measurement Risks will be assessed in terms of the following factors: Likelihood -- chance of the risk happening. Impact -- the amount of loss or damage if the risk happened. Likelihood X Impact = level of risk (risk score). The probability and impact factors will be combined to provide one an overall measure of the risk posed to the entity. Likelihood This is a qualitative assessment will indicate the likelihood that the risk event might occur and is determined by the effectiveness of control measures implemented. This will provide us with the 'Probability' that and 'Frequency' with which we expect such a risk event to occur. ---PAGE END--- Confidential This measure will be influenced by: Newness; Complexity; Policies and Procedures; People; Systems / Technology. Table 1: Likelihood Scale Frequency Rating Likelihood of risk Very Likely High Almost certain, it will probably occur several times a year. Likely Medium High probability it will happen once a year. Unlikely Low Unlikely, but not impossible. Impact / Seriousness Criteria This is a quantitative assessment that indicate the potentially negative impact that risk event will have on business as a whole. This measure will be influenced by: Monetary Loss: Fines, Claims, Inability to enforce contracts; Reputation: Damage; Business Operations / Financial Soundness / Objectives: Loss of License. Table 2: Impact Scale Consequence Rating Impact of the risk Major High Huge consequence. Moderate Medium Moderate level. Minor Low Minor or negligible. Level of risk By combining the Likelihood and the Impact of a risk event, a risk level score can be obtained. Table 3: Risk Matrix Medium High High Very 2 3 3 Likely Acceptable risk Unacceptable risk Unacceptable risk Low Medium High 1 Likely 1 2 3 Acceptable risk Acceptable risk Unacceptable risk Low Low Medium Unlikely 1 1 2 Acceptable risk Acceptable risk Acceptable risk Minor Moderate Major Impact (seriousness of risk) ---PAGE END--- Confidential Phase 3 Risk Mitigation / Treatment The board of Independent Investment Solutions will decide on the company's risk appetite, and will decide which risks to avoid, mitigate, insure / transfer or accept. Control measures to mitigate risk should be recorded in the risk management plan, with responsible persons and target dates for achievement where applicable. Phase 4: Risk Reporting and Monitoring Risk owners as per the risk management plan(s) must monitor risks within the risk management plan(s) identified and report the following to the management of Independent Investment Solutions on an at least bi-annual basis: Highly probable risks with a potential serious impact Other highly probable risks Other risks that require Board action Audits or assessments should also be performed in terms of risk management procedures and implementation progress and effectiveness. This may involve internal audit, scenario planning or testing exercises. Risk management plans The following risk management plans has been developed to assist risk owners in Independent Investment Solutions with the management of the various risks identified: Operational Risk Management including for e.g. HR and IT risk (Annexure A) Business Continuity Plan to address for example natural disasters like floods (Annexure B) Succession Plan in terms of the license and business operations (Annexure C) FAIS Compliance Risk Management Plan (Annexure D) Training and Awareness Risk owners will be involved in all four phases of the risk management process. Review We will maintain this policy and framework to coordinate the many aspects of risk, and will review the risk management plan(s) and the policy as and when required, but on an at least annual basis. Annexures Annexure A: Operational Risk Management Plan Annexure B: Business Continuity Plan Annexure C: Succession Plan Annexure D: FAIS Compliance Risk Management Plan Annexure E: IT Disaster Recovery Plan ---PAGE END--- Confidential Annexure A: Operational Risk Management Plan Introduction The purpose of this risk management plan is to assist Independent Investment Solutions with identifying vulnerabilities, to guide risk owners in terms of mitigation measures to be taken and provide a framework for monitoring and reporting on risk control measures. Scope The scope of this plan is limited to the company's existing operations and to risks that can be reasonably be expected to occur. Aim and Objectives The aim will be to identify risks, document risk assessment outcomes, assign ownership of each risk and to document the necessary control measures to be implemented to prevent certain risk events. The objectives of this plan include the following: Ensure the organization's ability to service its clients Minimize financial loss Preserve and maintain relationships with clients Mitigate negative publicity Prevent/Minimize reputational damage ---PAGE END--- Confidential ENTITY EVALUATION OF REVIEW INFORMATION SECURITY RESPONSIBLE SIGNIFICANCE OF RISK CONTROLS DATE/NOTES/ COMMENTS RISKS (DATA SECURITY) PERSON RISK/RISK ASSESSMENT MONITORING OUTCOME RISK DESCRIPTION individual user accounts for client databases; access rights/ contracts/ information sharing agreements in place/ Written Office controls- policies/procedures in place-is Passwords/User accounts there a desk policy in place/ Vetting to ensure staff not vulnerable to temptation of data theft Secure Waste Bins for confidential paper; secure secure disposal of confidential disposal of confidential information, using shredders or information, using shredders disposal services or disposal services Filing cabinets Secure locks, safe from destruction checks to ensure 3rd party suppliers (IT vendors, Due diligence questionnaire/access cleaners) have equally robust restrictions (door buzzers, CCTV) systems/trustworthy staff -Does your staff understand the importance of data security and know how to keep customer data Training around data security secure? Effective Communication policies to clients /publicise a privacy policy ---PAGE END--- Confidential Credit checks and criminal record Staff recruitment measures checks on staff with access to large amounts of client data Back-up and storage of client Agreed and consistent procedures data for the back-up of client data ENTITY EVALUATION OF REVIEW TECHNOLOGICAL RISK (INCL. RESPONSIBLE SIGNIFICANCE OF RISK CONTROLS DATE/NOTES/ COMMENTS IT RISK) PERSON RISK/RISK ASSESSMENT MONITORING OUTCOME RISK DESCRIPTION Incl. anti-intrusion software; (incl. System Entry Controls spyware, anti-virus etc.) Software (licensing) and Appropriate systems in place Hardware (Infrastructure) Disaster recovery "DR"/ Effective DR programme in place? Business Disruption & Stress testing of IT systems Systems Failures Client data and transactions are timeously captured and updated- Record Keeping of Client Data All electronic records are accessible and Transactions and can readily be reduced to printing - Confidentiality agreements with 3rd party providers - Confidentiality clause part of staff employment contracts and Access to and Protection of representatives mandates. Client Data - Access to client data is password protected- audit trail is printed regularly to review data captured and/or updated ---PAGE END--- Confidential Performance checks to ensure all Audit Trail and Review of data is correctly and timeously Client Data captured - Regular back-ups of electronic records - Back-ups are consistently tested to ensure that information was Back-up Procedure and correctly backed up and is Storage Facilities retrievable within acceptable timeframes - Offsite storing facilities are regularly inspected Staff training register is updated Staff IT Training with in-house and external training Virus protection and firewalls are included in the contract from the ISP (updated daily)- contract with Internet and E-mail the internet service provider Policy/disaster recovery provides for assistance during programme for IT system system failures within reasonable failure time- Process to allow for formal IT audits-internet access restrictions for staff members Monitor software and systems adequacy. IT not aligned to business - Keep abreast of latest technology. objectives - Adapt to a significantly changing business ENTITY EVALUATION OF REVIEW HUMAN RESOURCE RISK (HR RESPONSIBLE SIGNIFICANCE OF RISK CONTROLS DATE/NOTES/ COMMENTS RISKS) PERSON RISK/RISK ASSESSMENT MONITORING OUTCOME RISK DESCRIPTION ---PAGE END--- Confidential Employment contracts that comply to the requirements of employment legislation/documented Staff Employment Contracts appointment process/ clear definition and division of duties/ Contracts to include restraint of trade for staff with direct access to staff (Consultants). Correct procedures are followed as described by Labour legislation.- Employment Termination Process to consult with Labour Lawyer if necessary Ongoing training regarding regulations, operational and administrative functions as well as Staff Training and technical knowledge/ Staff training development plans (incl. register kept up to date with in- supervision) house and external training/ attract and retain skilled resources (staff retention)/ formal administration training manuals Documented continuity plan to Business Continuity/HR ensure that key functions are considerations should drive performed when a key person is succession (strategic risk) absent or leaves the employ of the FSP Guidelines and parameters around Email. Computer, network the use and etiquette of company and internet use electronic tools, applications and computer network General Disciplinary Written Policies/procedures in procedures & processes- place in line with employment and grievance procedures-poor labour legislation ---PAGE END--- Confidential performance management- retrenchment Written policy that covers the prevention, detection and Anti-fraud measures and management of fraud and fair complaints handling dealing in matters pertaining to fraud within FSP Workplace Safety/ Compliance with Occupational discrimination, workers Health and Safety compensation, employee legislation/policies/questionnaires health and safety ENTITY EVALUATION OF REVIEW FINANCIAL RISKS (INCL. TAX RESPONSIBLE SIGNIFICANCE OF RISK CONTROLS DATE/NOTES/ COMMENTS COMPLIANCE) PERSON RISK/RISK ASSESSMENT MONITORING OUTCOME RISK DESCRIPTION To ensure assets over liability in terms of legislative requirements/ Solvency Requirements financial controls, procedures and policies Records kept up to date and stored Record Keeping-financial safe from destruction/regulatory reporting reporting-timeous submissions Income tax-VAT/ On-time Process to submit VAT and Income Submission Tax within the prescribed period Failure to address personal Insurances indemnity and fidelity guarantee cover limits of authority Limits of authority clearly laid out Boundary controls / communication between admin / Boundary controls consulting / finance documented/ communication strategy between ---PAGE END--- Confidential finance and the rest of the business Succession Plans-risk of sustainability of a business being dependent on a key Succession Plan in place; person/Buy-and- Sell agreements in place agreements with business partners ENTITY EVALUATION OF COMPLIANCE-REGULATORY REVIEW RESPONSIBLE SIGNIFICANCE OF RISKS , incl. marketing-New RISK CONTROLS DATE/NOTES/ COMMENTS PERSON RISK/RISK ASSESSMENT Business-Advice Risk MONITORING OUTCOME RISK DESCRIPTION Refer to primary legislation check or monitor all contracts, contracts, policies and policies and agreements agreements thoroughly adequate liaison with regulators Cooperation (regulatory) and law makers Formal controls in place Examples- Maintain / implement strong internal controls. Compliance with the Formal administration training legislative environment. manuals. Lack of control measures to administer claims. Investment mismatch. Inadequate implementation of identify and respond to legislative changes. changes in legislation Inadequate briefing of staff on legislative changes. ---PAGE END--- Confidential Insufficient understanding of how legislative changes affect administration. Lack of reaction to new legislation. Delays in implementing new legislation. Inadequate identification of relevant legislation. Non-compliance in business processes: - Failure to ensure strict Compliance function. Refer to adherence to FAIS/FICA separate risk management legislation in monitoring plans devised by advice/consulting Compli-Serve SA environment. Lack of procedures for new business and terminations Skilled and experienced key persons/representatives Client Service risks Sufficient product knowledge. Fit & proper Sufficient staff training. Refer to compliance risk management plans for FAIS ENTITY EVALUATION OF REVIEW RESPONSIBLE SIGNIFICANCE OF MONEY LAUNDERING RISK RISK CONTROLS DATE/NOTES/ COMMENTS PERSON RISK/RISK ASSESSMENT MONITORING OUTCOME RISK DESCRIPTION Refer to primary legislation-FICA KYC- Know your client Internal rules, procedures and relates to obtaining and using processes information about a client for ---PAGE END--- Confidential anti-money laundering Perform due diligence before purposes taking on of a new client and obtain documentation as prescribed in the FICA Internal Rules Employ additional due diligence where necessary- proof of employment, source of wealth (for PEP's) How a client is using a FSP's products and services and how this Anti-money laundering may point to possible money monitoring/MLRO role Iaundering/internal rules Detection/suspicious transaction reports (STR's) Process to establish whether the client is a politically exposed Politically exposed persons person and due care to obtain "PEPS" verification documents and proof of source of funds (geographic considerations incl.) Process to verify the nature and Recurring/ Ad hoc frequency of occasional Transactions transactions Process to maintain the following: : FICA Internal Rules Process for Reporting Suspicious Transactions Recordkeeping and staff Staff training register training FICA Training Manual and registers Records are stored safe from destruction. ---PAGE END--- Confidential Records are kept for a period as stipulated by legislation. ---PAGE END--- Confidential Annexure B: Business Continuity Plan Introduction The purpose of this business continuity plan is to prepare Independent Investment Solutions in the event of extended service outages caused by factors beyond our control (e.g., natural disasters, load shedding etc.), and to restore services to the widest extent possible in a minimum time frame. It is expected to implement preventive measures whenever possible to minimize network failure and to recover as rapidly as possible when a failure occurs. The plan identifies vulnerabilities and recommends necessary measures to prevent extended service outages. It is a plan that encompasses all of Independent Investment Solutions' operations. Scope The scope of this plan is limited to the company's existing operations and to risks that can be reasonably be expected to occur. Aim and Objectives The aim of this Risk Management Plan will be to identify key processes involving staff, systems, interfaces to other companies and communications and will then: serve as a guide for the Independent Investment Solutions recovery team provide procedures and resources needed to assist in recovery identify vendors and customers that must be notified in the event of a disaster assist in avoiding confusion experienced during a crisis by documenting, testing and reviewing recovery procedures identify alternate sources for supplies, resources and locations document storage, safeguarding and retrieval procedures for vital records The objectives of this plan include the following: Ensuring the health and safety of all staff Minimizing interruptions to the organization's ability to provide its products and services Minimizing financial loss Limit the time lapsed after a specified disaster needed to resume critical operations Preserve and maintain relationships with clients Mitigate negative publicity and reputational damage Emergency Notification Contacts Name Address Home Mobile/Cell Phone Fire Department Ambulance Services Police Electricity department Emergency Services Etc. ---PAGE END--- Confidential Probability: Mitigation: Likelihood of Exposure: Degree to Severity: occurrence, Frequency which risk OVERALL Impact on the given Procedures to address/prevent disaster-possible procedures Threat: Possible /duration is LEVEL OF organization: procedures in (Examples for completion) consequence of mitigated RISK place, and exposure or current controlled circumstances Risk: 1 Risk: 3 Weakened workforce/ Risk: 4 Risk: 2 Staff will be required to work from home if the disease is contagious, to. Temporary Happens staff unable to perform Continuously Some eliminate contact with each other. Systems are of such a nature that all staff Disease deterioration of infrequently LOW as usual (24 hours a controls in will be able to connect from home via VPN connection amend as appropriate to profitability (here or [day) place your business and/or cash flow elsewhere) Data is backed up and stored off-site. Insurance on computer hardware and other office equipment and furniture. Can secure new premises in short period of time, If fire or smoke is present in the facility, evaluate the situation and determine the severity, categorize the fire as Major or Cause utility outages Minor and take the appropriate action as defined in this section. (electricity, Call xxx as soon as possible if the situation warrants it. Risk: 1 telecommunications) Risk: 4 Risk: 2 Temporary Risk: 1 Personnel are to attempt to extinguish minor fires (e.g. single Fire Continuously Some deterioration of Highly unlikely LOW hardware component or paper fires) using hand-held fire Damage/destroy (24 hours a controls in profitability but possible. [day) extinguishers located at the facility. Any other fire or smoke Premises place and/or cash flow situation will be handled by qualified building personnel until Staff injuries/casualties the local fire department arrives. In the event of a major fire, call Xxx and immediately evacuate the area. In the event of any emergency situation, system site security and personal safety are the major concern. If possible, the operations supervisor should remain present at the facility until the fire department has arrived. Cause utility outages Uninjured staff will be able to work from home. (Water, electricity, Systems are of such a nature that all staff will be able to connect from home telecommunications) Risk: 1-2 via VPN connection Risk: 4 Risk: 2 Earthquakes, (Depends on Risk: 1 Disruption of transport Continuously Some Floods (natural geographical Highly unlikely LOW Create an image of the system and files disasters) services (24 hours a controls in area and severity but possible. Back up critical system elements day) place of quake) Verify backup generator fuel status and operation Premises Create backups of e-mail, file servers, etc. amend as appropriate to your business Staff injuries/casualties IT Policy -- Virus and Firewall protection in place. Full and incremental backups preserve corporate information assets and are performed on a regular basis for audit logs and files that are Risk: 2 irreplaceable, have a high replacement cost, or are considered Steal client database Risk: 4 Risk: 2 critical. Backup media stored in a secure, geographically separate Cyber-attacks/ Sustained Risk: 1 Continuously Some location from the original and isolated from environmental hazards. Technological deterioration of Highly unlikely LOW Damage operations of (24 hours a controls in risk profitability but possible. day) information systems. place and/or cash flow Data and document retention policies are in accordance with applicable legislation which specifies what records must be retained and for how long. ---PAGE END--- Confidential IT Technical Support- Facilitate technology recovery and restoration activities, providing guidance on replacement equipment and systems, as required. Coordinate removal of salvageable equipment at disaster site that may be used for alternate site operations. amend as appropriate to your business Risk: 4 Risk is eliminated Water: swimming pool available with water to ensure public health and safety Water Risk: 1 Risk: 2 as temporary measure. Risk: 4 Electricity Temporary Some Generator in place for unforeseen electricity shortages, and UPS's for each PC Electricity Risk: 4 Continuously deterioration of controls in LOW to minimize data loss. interruptions Happens often (24 hours a Telecommunications profitability place Staff has cell phones as an alternative form of communication when necessary day) and/or cash flow Risk: 0 No amend as appropriate to your business mitigation or control. Bad publicity Risk: 2 Risk: 4 Risk: 2 Key Individuals signed Honesty and Integrity declarations, criminal record Sustained Risk: 1 Reputational Continuously Some checks in process, Executive Service Agreements in place deterioration of Highly unlikely LOW damage Inappropriate actions (24 hours a controls in profitability but possible. day) key/public person place amend as appropriate to your business and/or cash flow Utility outages Risk: 1 See Utility Outages above. Risk: 4 Risk: 2 Disruption of transport Temporary Risk: 1 Most of our staff members will also be able to work from home, or don't make Continuously Some Political Unrest services deterioration of Highly unlikely LOW use of public transport services. (24 hours a controls in profitability but possible. [day) place Staff injuries/casualties and/or cash flow amend as appropriate to your business Cause utility outages (Water, electricity, telecommunications) Risk: 1 See Utility Outages above. Risk: 4 Risk: 2 Temporary Risk: 1 Most of our staff members will also be able to work from home, or don't make Terrorism incl. Continuously Some Disruption of transport deterioration of Highly unlikely LOW use of public transport services terror attack (24 hours a controls in services profitability but possible. [day) place and/or cash flow amend as appropriate to your business Staff injuries/casualties ---PAGE END--- Confidential The Independent Investment Solutions Response Team: The response team consist of: Employee Job Title Contact Details The response team will be responsible for the following: 1. Emergency/Incident Management Team 2. Public relationship management 3. Operations Management 1. Emergency/Incident Management Incident Management includes the following measures: notifying management, employees, and other stakeholders assuming control identifying the range and scope of damage implementing business continuity plans identifying infrastructure outages coordinating support from internal and external sources 2. Public relationship management Communications management is essential to control rumours, maintain contact with the media, emergency services and vendors, and other stakeholders, and assure employees and the wider public. The directors are designated as the principal contacts with the media (radio, television, and print), regulatory agency, government agencies and other external organizations following a formal disaster declaration. 3. Operations Management An emergency operations center must be elected, from where operations can be managed in the event of a disruption. Operations management will include recovering and restoration. Decisions must be taken whether to repair the facility, relocate to an alternate location, or build new facility. Employees must be re-deployed, and additional resources must be acquired, to restore business operations. ---PAGE END--- Confidential Annexure C: Succession Plan To address license succession and operational succession (key staff members) and to focus on continued client service. Succession Succession Planning Succession: Position Title / Readiness Priorities Incumbent Name Criticality staff member Comments Critical function (Immediately I (Low / name 1 year) Medium / High) e.g. Key Individual on 1 all Products e.g. CEO 1 Criticality: 1: Critical - Must "hit the ground running" 2: Very Important - Fully functional within 6 months ---PAGE END--- Confidential Annexure D: FAIS Compliance Risk Management Plan The monitoring of our compliance risk management plan has been outsourced to Compli-Serve and a copy of this risk management Annexure E: IT Disaster Recovery Plan ---PAGE END--- Manual - Promotion of Access to Information 96 PROTECTION OF PERSONAL INFORMATION MANUAL Act 2 of 2000 The Promotion of Access to Information Prepared in accordance with Section 51 of the Promotion of Access to Information Act, No. 2 of 2000 Effective Date: 31 December 2015 ---PAGE END--- Manual - Promotion of Access to Information 97 1. INTRODUCTION The Promotion to Access to Information Act, No 2 of 2000 ("the Act") gives effect to the constitutional right of access to any information in records held by public (government) or private (non-government) bodies that is required for the exercise of protection of any rights. Where a request is made in terms of the Act, XXXXXXX is obliged to release the information, except where the Act expressly provides that the information may or must not be released. This manual informs requesters of procedural and other requirements which a request must meet as prescribed by the Act. It is important to note that the Act recognises certain limitations to the right of access to information, including but not limited to, limitations aimed at reasonable protection of privacy, commercial confidentiality, and effective, efficient and good governance, and in a manner which balances that right with any other rights, including such rights contained in the Bill of Rights in the Constitution. 2. PART I - PARTICULARS OF THE PRIVATE BODY (Information required under section 51(1)(a) of the Act): a. Name of the Body XXXXXXXXXXX b. Head of the Body (Information Officer) XXXXXXXXXXXX c. Postal Address XXXXXXXXXXXXX d. Street Address XXXXXXXXXXXXXX e. Telephone Number +27 21 f. Fax Number +27 21 g. Web Address XXXXXXXXXXXXX h. Contact Details of Information Officer Email: XXXXXXXXXXXXXX Phone: +27 21 Fax: +27 21 3. PART II - GUIDE OF SOUTH AFRICAN HUMAN RIGHTS COMMISSION The South African Human Rights Commission is required in terms of the Act to compile a guide in every official language, in an easily comprehensible form and manner, as may be required by a person who wishes to exercise any right contemplated in the Act. Any enquiries regarding this guide should be directed to: Postal Address: The South African Human Rights Commission ---PAGE END--- Manual - Promotion of Access to Information 98 PAIA Unit The Research and Documentation Department Private Bag X2700 HOUGHTON 2041 Telephone Number: +27 (0) 11 484 8300 Fax Number: +27 (0) 11 484 0582 Email Address: paia@sahrc.org.za Website: http://www.sahrc.org.za 4. PART IIL - VOLUNTARY DISCLOSURE AND AUTOMATIC AVAILABILITY OF CERTAIN RECORDS The accessibility of the documents below may be subject to the grounds of refusal set out in this manual: Personnel Records. Client Related Records. Private Body Records (Financial and Company Secretarial). 5. PART IV - RECORDS AVAILABLE IN ACCORDANCE WITH ANY OTHER LEGISLATION A requester may also request information that is available in terms of other legislation. Legislation (select Acts applicable to your company and tick in the corresponding block) Tick 1 Administration of Estates Act, No. 66 of 1965 2 Arbitration Act No. 42 of 1965 3 Basic Conditions of Employment No. 75 of1997 4 Companies Act No. 61 of 1973 5 Compensation for Occupational Injuries and Health Diseases Act No.130 of 1993 6 Consumer Affairs (Unfair Business Practices) Act No. 71 of 1988 7 Copyright Act No. 98 of 1978 8 Credit Agreements Act No. 75 of 1980 9 Currency and Exchanges Act No. 9 of 1933 10 Debtor Collectors Act No. 114 of 1998 11 Employment Equity Act No. 55 of 1998 12 Finance Act No. 35 of 2000 13 Financial Services Board Act No. 97 of 1990 14 Financial Relations Act No. 65 of 1976 15 Harmful Business Practices Act No. 23 of 1999 16 Income Tax Act No. 95 of 1967 17 Insolvency Act No. 24 of 1936 18 Insurance Act No 27 of 1943 ---PAGE END--- Manual - Promotion of Access to Information 99 19 Intellectual Property Laws Amendments Act No. 38 of 1997 20 Labour Relations Act No. 66 of 1995 21 Long Term Insurance Act No. 52 of 1998 22 Medical Schemes Act No. 131 of 1998 23 Occupational Health & Safety Act No. 85 of 1993 24 Pension Funds Act No. 24 of 1956 25 Post Office Act No. 44 of 1958 26 Protection of Businesses Act No. 99 of 1978 27 Regional Services Councils Act No. 109 of 1985 28 SA Reserve Bank Act No. 90 of 1989 29 Short Term Insurance Act No. 53 of 1998 30 Skills Development Levies Act No. 9 of 1999 31 Skills Development Act No. 97 of 1998 32 Stamp Duties Act No. 77 of 1968 33 Stock Exchange Control Act No. 1 of 1985 34 Tax on Retirement Funds Act No. 38 of 1996 35 Trade Marks Act No. 194 of 1993 36 Unemployment Contributions Act No. 4 of 2002 37 Unemployment Insurance Act No. 63 of 2001 38 Usury Act No 73 of 1968 39 Value Added Tax Act No. 89 of 1991 6. PART V - ACCESS TO INFORMATION XXXXXXXX may refuse a request for information in respect of information detailed below: 6.1 Commercial and Legal 6.1.1 Contracts and Agreements. 6.1.2 Company Confidential -- Historical significance. 6.1.3 Meeting Minutes. 6.1.4 Shareholders. 6.1.5 Property Leases and Agreements. 6.1.6 Trademark. 6.1.7 Insurance. 6.1.8 Resolutions -- Directors. 6.1.9 Correspondence. 6.2 Financial 6.2.1 Financial Yearend Results. 6.2.2 Financial Analysis and Reports. 6.2.3 Budgets. 6.2.4 Tax and Levies. 6.3 Human Resources ---PAGE END--- Manual - Promotion of Access to Information 100 6.3.1 Employees Personal Information. 6.3.2 Employees History (skills and experience). 6.3.3 Educational Background. 6.3.4 Training and Development. 6.3.5 Health. 6.3.6 Salaries and Wages. 6.3.7 Contracts and Agreements 6.3.8 Employment Equity. ---PAGE END--- Manual - Promotion of Access to Information 101 6.4 Marketing 6.4.1 Advertising. 6.4.2 Contracts with Suppliers. 6.4.3 Product Ranges and Pricing 6.5 Health and Safety 6.5.1 Policies. 6.5.2 Accidents and Incidents Reports. 7. REQUEST PROCEDURE 7.1 A requester requiring access to information from XXXXXXXXXXXXXX must complete the prescribed Form C. 7.2 Submit the completed form to the Information Officer at the postal or physical address, fax number or email address detailed above. 7.3 XXXXXXXXX will process the request within 30 days. 7.4 The requester will be informed in writing whether or not access has been granted. 7.5 The requester must pay the prescribed fee, if applicable, before any further processing takes place. APPENDIX - 1 PRESCRIBED FORM TO BE COMPLETED BY REQUESTER Form B REQUEST TO ACCESS RECORDS OF A PRIVATE BODY Section 53(1) of the Promotion of Access to Information Act, No 2 of 2000 (Regulation 4) A. PARTICULARS OF A PRIVATE BODY The Head: B. PARTICULARS OF PERSON REQUESTING ACCESS TO THE RECORD (a) The particulars of the person who requests access to the records must be recorded below. (b) Furnish an address and/or fax number in the Republic to which information must be sent. (c) Proof of capacity in which the request is made, if applicable, must be attached. Full Name and Surname: Identity Number: ---PAGE END--- Manual - Promotion of Access to Information 102 Postal Address: Telephone Number: Fax Number: Email Address: Capacity in which request is made when made on behalf of another person: C. PARTICULARS OF PERSON ON WHOSE BEHALF REQUEST IS MADE This section must be completed only if a request for information is made on behalf of another person. Full Name and Surname: Identity Number: D. PARTICULARS OF RECORD (a) Provide full particulars of the record to which access is requested, including the reference number if that is known to you, to enable the record to be located. (b) If the provided space is inadequate, please continue on a separate folio and attach it to this form. The requester must sign all the additional folios. 1. Description of the record or relevant part of the record 2. Reference number, if applicable: 3. Any further particulars of the record: ---PAGE END--- Manual - Promotion of Access to Information 103 E. FEES (a) A request for access to a record, other than a record containing personal information about yourself, will be processed only after a request fee has been paid. (b) You will be notified of the amount of the request fee. (c) The fee payable for access to a record depends on the form in which the access is required and the reasonable time required to search for and prepare a record. (d) If you qualify for exemption of the payment of any fee, please state the reason therefore. Reason for exemption of payment of the fee: F. FORM OF ACCESS TO THE RECORD If you are prevented by a disability to read, view or listen to the record in the form of access provided for in 1 to 4 hereunder, state your disability and indicated in which form the record is required: ---PAGE END--- Manual - Promotion of Access to Information 104 Disability: Form in which record is required: Notes: (a) Your indication as to the required form of access depends on the form in which the record is (b) available. Access in the form requested, may be refused in certain circumstances. In such a case you will (c) be informed if access will be granted in another form. The fee payable for access to the record, if any, will be determined partly by the form in which access is requested. Mark the appropriate box with an "X": 1. If the record is in written or printed form: Copy of Record Inspection of Record 2. If the record consists of visual images: (This includes photographs, slides, video recordings, computer-generated images, sketches, etc). View the images Copy of the images Transcription of the images 3. If the record consists of recorded words or information which can be reproduced in sound: Listen to the soundtrack (audio casse[ Transcription of soundtrack (written or printed document) 4. If the Record is held on Computer or in an Electronic or Machine-readable form: Printed copy of record Printed copy of information Copy in computer readable derived from the record form (stiffy or compact disc) YES NO If you requested a copy or transcription of a record (above), do you wish the copy or transcription to be posted to you? A postal fee is payable. G. PARTICULARS OF RIGHT TO BE EXERCISED OR PROTECTED If the provided space is inadequate, please continue on a separate folio and attach it to this form. The requester must sign all the additional folios. 1. Indicate which right is to be exercised or protected: 2. Explain why the requested record is required for the exercising or protection of the aforementioned right: ---PAGE END--- Manual - Promotion of Access to Information 105 H. NOTICE OF DECISION REGARDING REQUEST FOR ACCESS You will be notified in writing whether your request has been approved/denied. If you wish to be informed thereof in another manner, please specify the manner and provide the necessary particulars to enable compliance with your request. How would you prefer to be informed of the decision regarding your request for access to the record? Signed at this day of 20 SIGNATURE OF REQUESTER SIGNATURE OF PERSON ON WHOSE BEHALF REQUEST IS MADE ---PAGE END--- Manual - Promotion of Access to Information 106 FICA Rules THE FINANCIAL INTELLIGENCE CENTRE ACT, 2001 INTERNAL RULES V2.10 IMPORTANT NOTICE: USE OF THIS DOCUMENT IS LIMITED TO AUTHORISED USERS ONLY AND UNDER NO CIRCUMSTANCES SHALL IT SHOWN OR FORWARDED TO UNAUTHORISED PERSONS BY THE INTENDED RECIPIENT OR ANY OTHER PERSONS. RESPONSIBLE COMPLIANCE PERSONS: MLRO (s 43 Compliance Officer) {INSERT NAME} ("the MLRO")is the person appointed in terms of Section 43 (b) of FICA who is responsible to ensure compliance by (i) the employees of {INSERT COMPANY NAME} with provisions of FICA and the internal rules applicable to them (ii) {INSERT COMPANY NAME} with its obligations under FICA. {INSERT NAME} ("the MLRO") is contactable on {INSERT PHONE NUMBER} and/or {INSERT EMAIL}. FAIS Compliance Officer The person responsible for monitoring FAIS compliance in terms of Section 17 of the Financial Advisory and Intermediary Services Act, 37 of 2002 ("FAIS") at {INSERT COMPANY NAME} is ("The FAIS Compliance Officer") who is contactable on {INSERT PHONE NUMBER} and/or {INSERT EMAIL}. Please note that an externally appointed FAIS Compliance Officer cannot also have the role of a MLRO. Key FICA Obligations (in terms of Chapter 3 of the FIC Act) FICA imposes the following obligations on those institutions designated as accountable in terms of Schedule 1 of FICA: "Know your client" obligations (various identification and verification requirements must be met before a business relationship is formed or transaction entered into with a client; Record keeping obligations; Reporting obligations (to the Financial Intelligence Centre) ; Development and implementation of internal rules to aid compliance with these obligations which is to contain adequate procedures for: o Client identification and verification; ---PAGE END--- Manual - Promotion of Access to Information 107 Retention of client verification records; 0 Procedures for reporting suspicious activity; o Summary of the act. Training of staff to ensure staff are aware of: 0 Their legal obligations under the Act, e.g. duty to report. 0 The Accountable Institution's rules and procedures related to complying with the Act. 0 How to recognise suspicious or unusual transactions. 0 The steps to be taken when a transaction is considered suspicious. Internal Reporting Procedures and Records Reporting Lines: Reporting lines should be as short as possible, with the minimum number of people between the person with the suspicion and the MLRO. This ensures speed, confidentiality and accessibility to the MLRO. However, in line with accepted practice, some financial sector businesses may choose to require that such unusual or suspicious transactions be drawn initially to the attention of supervisory management to ensure that there are no known facts that will negate the suspicion before further reporting to the MLRO or an appointed deputy. Supervisors: Supervisors should also be aware of their own legal obligations. An additional fact, supplied by the supervisor, may negate the suspicion in the mind of the person making the initial report, but not in the mind of the supervisor. The supervisor then has a legal obligation to report to the MLRO. Reported Suspicions: All suspicious transactions reported to the MLRO should be documented (in urgent cases this may follow an initial discussion by telephone). It may be possible for the person with the suspicion to discuss it with the MLRO and for the report to be prepared jointly. The report should include full details of the customer and a full statement of the information giving rise to the suspicion. Receiving a Suspicious Transaction Report: The MLRO must acknowledge receipt of the report and at the same time provide a reminder of the obligation to do nothing that might prejudice enquiries, i.e. "tipping off". All internal enquiries made in relation to the report, and the reason behind whether or not to submit the report to the authorities, should be documented. This information may be required to supplement the initial report or as evidence of good practice and best endeavours if, at some future date, there is an investigation and the suspicions are confirmed. On-going Communication: Communication between the MLRO and the reporting person/department is important. The reporting person, department or branch should be informed of the MLROs decision, particularly if the report is believed to be invalid. At the end of an investigation, consideration should be given to advising all members of staff concerned of the outcome. ---PAGE END--- Manual - Promotion of Access to Information 108 Records of Suspicions: Suspicious transactions which were raised internally with the MLRO but not disclosed to the authorities should be retained for five years from the date of the transaction. Records of suspicions which the reporting authority has advised are of no interest should be retained for a similar period. Records of suspicions that assist with investigations should be retained until the financial institution is informed by the investigating officer that they are no longer needed. INTERNAL RULES: (OBLIGATIONS IN TERMS OF PART 4 SECTION 42 OF FICA) The purpose of the internal rules is to describe the procedures, which are to be followed by all staff given the obligations placed upon (FSP NAME) as an accountable institution in terms of FICA. A copy of the internal rules must be made available to every employee involved in transactions to which FICA applies and on request to the FIC and to the FSB. The rules provide for the following: The establishment and verification of the identity of all clients (new and existing) entering or having entered into a single transaction or a business relationship with (FSP NAME) The steps to be taken to maintain the correctness of particulars in respect to the verification of identities, which are susceptible to change. The information which must be recorded in terms of FICA and how and where those records must be kept. The steps to be taken to determine when a suspicious or unusual transaction is reportable to ensure that (FSP NAME) complies with its reporting duties under FICA. The responsibility of the management of the accountable institution in respect to compliance with the FICA and POCDATARA Acts, the regulations and the internal rules of the accountable institution. The allocation of responsibilities and accountability to ensure that staff duties concerning FICA and POCDATARA are complied with. The provision of disciplinary steps against relevant staff members for non-compliance with FICA and POCDATARA. The institution to remain up to date with relevant guidance notes and information provided by FiC. Board of directors'/senior management's approval of an accountable institution's own internal policies and procedures to address money laundering and terrorist financing is critical if an accountable institution wishes to be considered serious about its appreciation of, and willingness to, mitigate money laundering and terrorist- financing risks in its daily operations. The internal anti-money laundering and terrorist financing policies and procedures of an accountable institution should be adopted and approved by the board of directors of that accountable institution. ---PAGE END--- Manual - Promotion of Access to Information 109 DUTY TO IDENTIFY & VERIFY CLIENTS: (OBLIGATION IN TERMS OF CHAPTER 3 PART 1 OF FICA) In terms of section 21(1) of FICA, a FSP may not establish a business relationship or conclude a single transaction with a client or prospective client, unless prescribed steps are taken to establish and verify the identity of the client or prospective client. There are different identification and verification requirements depending on whether the client or prospective client is a company (foreign or local), close corporation, partnership, trust or individual (resident or foreign). The identification information and documentation required is discussed in the table below: ---PAGE END--- Manual - Promotion of Access to Information 110 INFORMATION VERIFICATION CLIENT TYPE REQUIRED DOCUMENTATION NATURAL PERSON -- SA Full names Combination from the list below depending on the information, which needs to be verified. RESIDENT Date of birth Primary Identification: Identity number Valid SA ID Book or Residential address** Utility bill new identification smart Company statement The following information card issued by the DHA does not need to be Recent lease or rental verified: agreement Source of funds Municipal rates and taxes invoice Telkom account Valid TV license etc. NATURAL PERSON -- Full names Combination from the list below depending on the information, which needs to be verified. FOREIGN NATIONALS Date of birth Primary Identification: Passport number Valid Passport Utility bill Nationality Regulation 6(3) of the Company statement Residential address (If non- Regulations provides for Recent lease or rental resident then they do not instances in which an agreement need to submit proof of accountable institution Municipal rates and taxes residential address) deems it reasonably invoice The following information necessary to obtain, in Telkom account does not need to be addition to a person's verified: Valid television license, etc. identity document Residential Address (foreign passport), Source of funds further information or documentation verifying the identity of such a person. In instances when an accountable institution requires further confirmation of the identity of a foreign national, the accountable institution may obtain such confirmation: a letter of confirmation from a person in authority (for example, from the relevant embassy) which confirms authenticity of that person's identity document (passport). Decisions concerning when further confirmation of the ---PAGE END--- Manual - Promotion of Access to Information 111 identity of a foreign national may be required SA COMPANIES Registration name Combination from the list below depending on the information, which needs to be verified. Primary Identification: Registration number Most recent version of Registered address the Certificate of Utility bill Name under which Incorporation (form Company statement business is conducted CM1) and Notice of Recent lease or rental The address from which Registered Office and agreement you operate Postal address (form Municipal rates and taxes Personal details CM22) if applicable, invoice The manager/CEO of the bearing the stamp of the Telkom account company Registrar of Companies The mandate officials who and signed by the are authorized to establish company secretary. a business relationship The following information does not need to be verified: Residential/business address & contact particulars of manager, each natural person who purports to be authorized to establish a business relationship, natural person or legal person, partnership or trust holding more than 25% voting rights ---PAGE END--- Manual - Promotion of Access to Information 112 FOREIGN COMPANIES Name under which Combination from the list below depending on the information, which needs to be verified. Primary Identification: incorporated Official document issued The address where you are by an authority for situated for purposes of Utility bill recording the incorporation Company statement incorporation of the Name under which you Recent lease or rental companies of the country conduct business in the agreement of incorporation of the country where Municipal rates and taxes foreign company, incorporated invoice witnessing its name and Name under which you Telkom account number of incorporation conduct business in the and the address where it Republic is situated for purposes Address where you operate of its incorporation from Address from which you operate from in the Republic Full names, date of birth & ID number or full names, date of birth & nationality The following information does not need to be verified: Residential/business address & contact particulars of manager of affairs in SA, each natural person who purports to be authorized to establish a business relationship, natural person or legal person, partnership or trust holding more than 25% voting rights CLOSED CORPORATIONS Registration name and Combination from the list below depending on the information, which needs to be verified. Primary Identification: number Most recent version of Registered address the Founding Statement The address from which Utility bill and Certificate of you operate Company statement Incorporation (form CK1) Name under which Recent lease or rental Amended Founding business is conducted agreement statement (form CK2) if Personal details of each Municipal rates and taxes applicable, bearing the member invoice stamp of the Registrar of The following information Telkom account Close Corporations and does not need to be signed by the company verified: secretary Residential/business address & contact particulars of each member, each natural person who purports to be ---PAGE END--- Manual - Promotion of Access to Information 113 authorized to establish the relationship. TRUSTS Name of Trust and Trust Combination from the list Primary Identification: Number below depending on the Trust deed or other Address of high Court information which needs to founding document in Master where trust is be verified terms of which the trust registered is created recording the Personal details of the Utility bill trust name, trust founder of the trust Company statement number, and address of Personal Details of each Recent lease or rental the master where the mandated /authorised agreement trust is registered if individual Municipal rates and taxes applicable. Personal Details of each invoice trustee Telkom account Personal Details of each beneficiary The following information does not need to be verified: Residential/business address & contact particulars of each trustee, each natural person who purports to be authorized to establish a business relationship, each beneficiary of the trust referred to by name in the trust deed or other founding document. PARTNERSHIPS Name of Partnership Combination from the list Primary Identification: against partnership below depending on the The most recent version agreement and the terms information which needs to of the partnership under which it was formed be verified agreement. Details of all partners Personal details of the Utility bill A partnership is not a person(s) that exercise Company statement legal entity and cannot executive control over the Recent lease or rental conduct transactions in partnership or mandated to agreement its own name. When a enter into business Municipal rates and taxes person conducts a transactions invoice transaction on behalf of a Telkom account partnership, the This excludes partnerships transaction is conducted formed by qualified on behalf of all partners persons to carry on a in that partnership profession and designated jointly. All partners in a by notice in the gazette by partnership are jointly virtue of Section 30(2) of and the Companies Act 1973 severally liable for the The following information partnership's liabilities does not need to be verified: ---PAGE END--- Manual - Promotion of Access to Information 114 Partnership contact details OTHER LEGAL PERSON- The name of the pension or PENSION FUNDS/ provident fund; PROVIDENT FUNDS the address of the legal entity establishing the fund; the full names, date of birth and ID nr/passport nr of the trustees or any other persons appointed to act on behalf of the pension/provident fund or who purports to establish a business relationship / to enter into a transaction with the accountable institution on behalf of the pension and provident fund; and the residential address of the trustees or any other persons appointed to act on behalf of the pension and provident fund or who purports to establish a business relationship or to enter into a transaction with the accountable institution on behalf of the pension and provident fund. ** Documents that may offer confirmation of residential address include the following: a utility bill reflecting the name and residential address of the person; a bank statement from another bank reflecting the name and residential address of the person if the person previously transacted with a bank registered in terms of the Banks Act; a recent lease or rental agreement reflecting the name and residential address of the person; municipal rates and taxes invoice reflecting the name and residential address of the person; mortgage statement from another institution reflecting the name and residential address of the person; telephone or cellular account reflecting the name and residential address of the person; valid television licence reflecting the name and residential address of the person; recent long-term or short-term insurance policy document issued by an insurance company and reflecting the name and residential address of the person; recent motor vehicle license documentation reflecting the name and residential address of the person; or When a statement of account issued by a retail store that reflects the residential address of the person. When a recent utility bill from a telephone or cellular account, Eskom or a local authority does not identify the physical street address of the property owner (that is, if the bill is sent to a postal address), the utility bill will still be acceptable provided the client's name and the erf/stand and township details are reflected on the utility bill. ---PAGE END--- The following procedure for on-going maintenance of client information: accountable institutions should apply their client identification and verification procedures to existing clients on the basis of materiality and risk, and should conduct due diligence reviews of such existing relationships at appropriate times; accountable institutions need to undertake regular reviews of their existing client records. An appropriate time to do so is when a transaction of significance takes place; or when there is a material change in the way the account is operated; and if an accountable institution becomes aware at any time that it lacks sufficient information about an existing client, it should take steps to ensure that all relevant client identification and verification information is obtained as quickly as possible. Acceptable KYC Procedures for Face-to-Face Verification: Regulation 4 concerning the verification of a person's identity is based on the presumption that the customer is met face-to-face when his or her particulars are obtained. This implies that the original identity document and originals or certified copies of other documents will be sighted as part of the verification process. Copies can be made then for record keeping purposes. The person from the Accountable Institution verifies ID, name and address etc. face-to face. He/she then takes a photocopy of the docs (at least two such docs one of which being either the SA ID book or a valid passport) and writes on the copies the date and signs (plus print name) that the ID doc etc. has been verified. Acceptable KYC Procedures for Non-Face-to-Face Verification: Regulation 18 provides for instances in which client information is obtained in a non-face-to-face situation. In such cases, FSPs must take reasonable steps to confirm the existence of the client and to verify the identity of the natural person, legal person, partnership or trust involved. Additional guidance may be taken from the Core Principles (Basel Committee). In accepting business from non face-to-face customers: FSP should apply customer identification procedures to non face-to-face customers that are as effective as those that were applied to customers who were available for interview; and FSP must have specific and adequate measures in place to mitigate the higher risk that is imminent. According to the Core Principles, examples of measures to mitigate risk include: Certification of documents presented; Requisition of additional documents to complement those that are required for face-to-face customers; Independent contact with customer by the FSP; Third party introduction. Decisions concerning the additional steps to be taken in cases of a non face-to-face situation should be based on a FSP's risk framework. It is highly recommended that identity authentication be conducted for these type ---PAGE END--- When the required outstanding information or documentation is received, it must be verified to ensure it is complete and accurate. There must be consistency in the business as well. The procedures must provide for business transactions concluded on-line and must stipulate the detailed step by step process to be followed. Practical examples that accountable institutions should consider including in their internal rules on the measures to mitigate risk in respect of non-face-to-face clients are: obtaining copies of documents that have been certified by a suitable certifier. Consideration should be given as to whether the certifying person is regulated or is otherwise a professional person subject to some sort of regulation or fit and proper person test who can easily be contacted to verify their certification of the documents; requiring the first payment for the product or service to be drawn from an accountable institution account in the client's name; sending a letter by registered post to validate the address of the client and ensuring that the service is not activated until the signed acknowledgement of receipt is returned; making a telephone call to the telephone number provided that has been independently validated; using electronic verification to confirm documents provided or using two or three documents from different sources to confirm the information set out in each document. The above list is not exhaustive and is intended as a guide. Risk Profiling of Clients and Enhanced Due Diligence (EDD): The application of a risk-based approach to the verification of the relevant particulars implies that an accountable institution can accurately assess the risk involved. It also implies that an accountable institution can take an informed decision on the basis of its risk assessment as to the appropriate methods and levels of verification that should be applied in a given circumstance. A combination of the following factors may be applied to differentiate between high risk, medium risk and low risk clients: product type; business activity; client attributes, for example, whether the client is on the United Nations list, duration of client relationship with the accountable institution, etc.; source of funds; jurisdiction of client; transaction value; type of entity. Definition of EDD process "A rigorous and robust process of investigation over and above KYC procedures, that seeks with reasonable assurance to verify and validate the customer's identity; understand and test the customer's profile, business and account activity; identify relevant adverse information and risk assess the potential for money laundering and / or terrorist financing to support actionable decisions to mitigate against financial, regulatory and reputational risk and ensure regulatory compliance." ---PAGE END--- It is the responsibility of the financial services business to risk assess the client and increased monitoring and reporting will be required in respect of all high risk clients and any transactions by them. Senior management sign-off is recommended in respect of any high risk clients. These include: collecting additional information regarding the source of the customer's income and the source of funds the client expects to use; Source of wealth (in addition to source of funds) of the client; obtaining additional identification data, verifying additional aspects of the clients identity, obtaining more information to understand the purpose and intended nature of the business relationship; Google or other search engines to assist in the verification process; Use of specially designated EDD Watch lists and client screening tools. Status of 'Faxed Copies': Faxed copies of documents may be relevant in instances when client information is obtained in a non-face-to- face situation. Documents that are certified as true copies of originals may be accepted, but a FSP would have to take additional steps to confirm that the said documents are in fact those of the client in question. There are doubts when the copy of the faxed document is of such a poor quality that reading is almost impossible (illegible). The other problem is whether to accept faxed copies of documents that do not show the certify stamp of the commissioner of oaths. It is not clear whether an accompanying affidavit would be acceptable in such an instance. Decisions as to how these documents should be verified and accepted should be based on a FSP's risk framework. Client and Premium Payer not the same person In terms of section 21 of FICA, an Accountable institution may not establish a business relationship or conclude a single transaction with a client unless the Accountable institution has taken the prescribed steps to establish and identify the identity of the client or the person representing the client. It is the view of the Financial Intelligence Centre that an Accountable institution should identify and verify both the client and the premium payer in accordance with the provisions of the Financial Intelligence Centre Act, Act No. 38 of 2001. This is due to the fact that the transaction poses a greater risk for money to be laundered through the Accountable institution. Regulation 17 of the Regulations requires an accountable institution to obtain from the person acting on behalf of another person information that provides proof of that person's authority to act on behalf of that other natural person, legal person or trust. The following are examples of documents that may be accepted to confirm the authority of a person to act on behalf of another person and to confirm the particulars of the person authorising the third party to establish ---PAGE END--- power of attorney; written mandate; resolution duly executed by authorised signatories; or a court order authorising the third party to conduct business on behalf of another person. An accountable institution is required to establish and verify the identity of each natural person who purports to be authorised to establish a business relationship or to enter into a transaction with the accountable institution on behalf of a legal person. This authorisation is based on the fact that a natural person may be authorised or mandated to transact on behalf of the legal entity and bind the legal entity in a contractual relationship. The accountable institution must then verify the identities of each of those particular persons as well as their authority to establish a business relationship or conduct transactions with the accountable institution. Exemption 7 of the Exemptions to FICA is product specific. If the product is exempted, then neither the client, nor the premium payer needs to be identified and verified in terms of FICA. Alternative means of Verification if ID has been Lost or Stolen: Regulation 4 provides for exceptional cases in which a person is unable to produce an official identity document. In such instances, the FSP must be satisfied that the client has an acceptable reason for being unable to produce an official identity document. This reason should be noted in the records of the FSP. The note should also reflect the details of the staff member who recorded the information. The FSP may then accept an alternative valid, (i.e. current and unexpired) document, which contains the person's: photograph; full names or initials and surname; date of birth; and identity number. The following are examples of documents that may be accepted in such exceptional circumstances as an alternative form of verification: valid South African driver's license; or valid South African passport. Decisions concerning the reasons for being unable to produce an official identity document, which may be accepted by the FSP and the documents that may be regarded as acceptable alternatives, should be based on the FSP's risk framework. Regulation 4(3) of the Regulations requires that an accountable institution use "information which can reasonably be expected to achieve" verification of an address. It is the view of the Centre that the address slips issued by the Department of Home Affairs do not constitute information that can reasonably be expected to achieve verification of a person's current address. ---PAGE END--- FSPs may explore other means to verify a client's address such as obtaining or accepting an affidavit containing the following particulars from a person co-habiting with the client or an employer of the client: name, residential address, identity number of the client and the deponent of the affidavit; relationship between the client and the deponent of the affidavit; and confirmation of the client's residential address. The affidavit should be from any person who is able to supply the above information or shares the same residential address with the prospective customer. As good practise FSPs can also ask that the deponent of above affidavit attaches his/her utility bill if latter is available. Where none of the above is possible, a visit to the residential address of such a natural person by a staff member, agent, representative or key individual of the FSP is sufficient verification of such an address. The staff member, agent, representative or key individual of the FSP should consult with such a client and inspect the premises during such a visit and complete a form, compile a written report or provide a written declaration confirming the residential address. The declaration applies to verification of address only and not ID verification. POLITICALLY EXPOSED PERSONS A Politically Exposed Person or PEP is the term used for an individual who is or has in the past (preferably 1 year after giving up any political function) been entrusted with prominent public functions in a particular country. The term should be understood to include persons whose current or former position can attract publicity beyond the borders of the country concerned and whose financial circumstances may be the subject of additional public interest. In specific cases, local factors in the country concerned, such as the political and social environment, should be considered when deciding whether a person falls within the definition. The following examples serve as aids in defining PEPs: Heads of State, Heads of Government and cabinet ministers; influential functionaries in nationalised industries and government administration; senior judges; senior political party functionaries; senior and/or influential officials, functionaries and military leaders and people with similar functions in international or supranational organisations; members of ruling or royal families; senior and/or influential representatives of religious organisations (if these functions are connected to political, judicial, military or administrative responsibilities). a current or former senior official in the executive, legislative, administrative, military or judicial branch of any government a senior executive of a government owned commercial business, corporation or any such enterprise/entity an immediate family member, (spouse, parent, brother/sister, child/sibling, in laws), relative, close personal associate of any such individual defined above According to the Wolfsberg principles (Wolfsberg Group of leading international institutions), families and closely associated persons of PEPs should also be given special attention by FSPs. The term "families" includes close family members such as spouses, children, parents and siblings and may also include other blood ---PAGE END--- colleagues and personal advisers/consultants to the PEP as well as persons, who obviously benefit significantly from being close to such a person. FSP should conduct proper due diligence on both a PEP and the persons acting on his or her behalf. Similarly, KYC principles should be applied without exception to PEPs, families of PEPs and closely associated persons to the PEP. In addition: If there is a suspicion that a client is a PEP, employees should obtain senior management approval for establishing business relationships with PEP. When the client has been accepted, the FSP should be required to obtain senior management approval to continue the business relationship; Employees should take reasonable measures to establish the source of wealth and the source of client funds/income and the beneficial owners identified as PEPs; Enhanced on-going monitoring of these business relationships should be conducted. GENERAL EXEMPTIONS Exemption 4 Exemption 4 provides for reliance by one accountable institution on verification done by another accountable institution. If an accountable institution represents a client in a single transaction or business relationship with a second accountable institution, the second accountable institution may rely on the fact that the first accountable institution (primary accountable institution) has confirmed in writing that: it has established and verified the identity of that particular client, or the identity of every client represented by it in transactions with the second accountable institution will have been established and verified in terms of its internal rules and procedures ordinarily applied in the course of establishing business relationships or single transactions. This exemption therefore allows an accountable institution that receives clients from another accountable institution, where the clients' identities have already been established and verified, the option to do its own ---PAGE END--- Exemption 5 -- Foreign Clients According to Exemption 5 a FSP is exempted from compliance with the provisions of section 21 of FICA that require the verification of the identity of a client if: The client is situated in a country, where, to the satisfaction of the relevant su pervisory body, anti-money laundering regulation and supervision of compliance with such anti-money laundering regulation, which is equivalent to that applicable to the FSP, are in force; A person or institution in that country, which is subject to anti- money laundering regulation confirms in writing to the satisfaction of the FSP that the person or institution has verified the particulars concerning that client which the FSP had obtained in accordance with section 21 of FICA; The person or institution in that country undertakes to forward all documents obtained in the course of verifying such particulars to the FSP. The country in which the client is situated has to have anti-money laundering regulation and supervision of compliance with such anti-money laundering regulation in force. All FATF member countries are deemed to have adequate anti-money laundering legislation and supervision of compliance with such legislation in place. There are currently 34 FATF member countries & another 2 countries with observer status. This list can be viewed at www.fatf-gafi.org If a country is not a FATF member country, more careful scrutiny of the anti-money/combating of terrorist financing systems in that country should be undertaken to establish whether the requirements applicable to a specific institution are equivalent to the requirements of the South African legislation. If this is not the case, this exemption does not apply, and the entity has to be identified and verified as stipulated in FICA and the Regulations. TRANSACTIONS EXEMPTED: EXEMPTION 7 FOR INSURANCE AND INVESTMENT PROVIDERS Any long term insurance policy which is a fund policy or a fund member policy as defined in the Long-term Insurance Act, 1998 and the regulations thereto and in respect of which the policyholder is a pension fund, provident fund or retirement annuity fund approved in terms of the Income Tax Act, 1962. Any unit trust or linked product investment effected by a pension fund, provident fund or a retirement annuity fund. Any annuity purchased as a compulsory annuity in terms of the rules of a pension fund, provident fund or a retirement annuity fund. Any reinsurance policy issued to another accountable institution. Assistance policies as defined in the Long-term Insurance Act, 1998. Any long term insurance policy providing benefits only for death, disability, sickness or injury of the life insured. Any long term insurance policy with recurring premiums not exceeding R25 000 per annum. Any long term insurance policy with a single premium not exceeding R50 000. Recurring payments for unit trusts or linked product investments not exceeding R25 000 per annum. Unit trust or linked product investments with a once off payment not exceeding R50 000 per annum. Any long term insurance policy where within the first three years the surrender value does not exceed 20% of the value of the premiums paid in respect of that policy. It is important to remember that these exemptions only apply to the client identification, verification and record keeping of that information. It does not exclude these transactions from the reporting of suspicious or ---PAGE END--- These exemptions only apply to a certain point in time. If certain events occur on a policy, client identification, verification and record keeping must be complied with: Recurring premium on a long term insurance policy increases so that the annual amount exceeds R25 000 or such a policy is surrendered within three years after commencement or the insured offers the policy as security for a loan within three years of commencement. A policy with a single premium not exceeding R50 000 is surrendered within three years of its commencement or such a policy is offered as security for a loan within three years of commencement. The liquidation of the whole or part of an investment in a unit trust or linked investment, where the recurring payments do not amount to R25 000 per annum, within one year after making the first payment. The liquidation of the whole or part of an investment in a unit trust or linked investment, where the once off payment does not exceed R50 000, within one year after making the first payment. The surrender value of any other long term insurance policy, within three years after commencement, exceeds 20% of the value of premiums paid in respect of that policy. DUTY TO KEEP RECORDS: OBLIGATIONS IN TERMS OF CHAPTER 3 PART 2 OF THE FIC ACT FSP's who establish a business relationship or conclude a transaction with a client, should keep records of a single transaction or of additional transactions concluded in the course of a business relationship. All records are confidential in nature and may not be made available to any party unless such party has a right thereto in terms of statutory law and all preliminary steps had been followed by such party. Record Keeping Period: In terms of section 23 of FICA, the documents used to identify and verify clients as well as records of all transactions must be retained for a period of at least five years from the date on which the business relationship was terminated or from the date a single transaction was entered into. Outsourcing Record Keeping: The record keeping obligation may be outsourced to a third party provided the accountable institution is given free and easy access to these records. Note that outsourcing this function to a third party does not discharge a FSP from the record keeping responsibility. Outsourcing of Reporting Obligations is Prohibited It is important to note that section 29 of the FIC Act does not make provision for the reporting of suspicious and unusual transactions to be performed by a party other than the "person who carries on a business or is in charge of or manages a business or who is employed by a business". Section 29 of the FIC Act thus implicitly prohibits the outsourcing of the activity to report such transactions to the Centre. DUTY TO REPORT SUSPICIOUS AND UNUSUAL TRANSACTIONS: OBLIGATIONS IN TERMS OF PART 3 OF THE FIC ACT Anyone who knows or suspects that -- ---PAGE END--- a transaction or series of transactions to which the FSP is party to is taking place or is about to take place, and will facilitate or is likely to facilitate the transfer of proceeds of unlawful activities, has no apparent business or lawful purpose, is conducted for the purpose of avoiding any reporting duty under FiCA, may be relevant to an evasion of any tax, duty or levy administered by SARS, the FSP has been used or is about to be used in any manner for money laundering purposes, must, as soon as possible, but within a period of 15 working days (excluding Saturday, Sunday or Public Holidays) of the knowledge being acquired or suspicion of the transaction arose file a report. Tipping-off: A person involved in the making of a STR may not inform anyone, including the customer or any other person associated with a reported transaction, of the contents of a STR or even the fact that such a report has been made. FICA has a specific approach to "knowledge" and "ought to have known". A suspicious transaction from an Accountable Institution's perspective is any financial transaction involving the Accountable Institution where the institution: Has knowledge that the transaction will have the effect of transferring the proceeds of unlawful activities; Ought reasonably to have known or suspected that the transaction will have the effect of transferring the proceeds of unlawful activities. FICA deems a person to have knowledge of a fact in the following situations: He/she has actual knowledge of that fact. He/she believes that there is a reasonable possibility of the existence of that fact. He/she fails to obtain information to prove or disprove the existence of the fact. FICA deems a person ought reasonably to have known or suspected a fact if a reasonably diligent and vigilant person in that position would logically have been expected to know or suspect that fact. This is based on the knowledge, skill, training and experience that the person in that position is reasonably expected to have. Purpose of Cash Threshold Reporting Section 28 of FICA requires that accountable institutions (schedule 1) and reporting institutions (schedule 3) must, within the prescribed period, report to the FiC the prescribed particulars concerning a transaction concluded with a client if in terms of the transaction an amount of cash in excess of the prescribed amount: (a) Is paid by the accountable institution or reporting institution to the client, or to a person acting on behalf of the client, or to a person on whose behalf the client is acting; or (b) Is received by the accountable institution or reporting institution from the client, or from a person acting on behalf of the client, or from a person on whose behalf the client is acting, ---PAGE END--- Cash is defined in section1 of FICA as: (a) Coin and paper money of the Republic or of another country that is designated as legal tender and that circulates as, and is customarily used and accepted as, a medium of exchange in the country of issue (b) Travellers' cheques Cash, as defined in FICA, does not include negotiable instruments, transfer of funds by means of bank cheque, bank draft, electronic funds transfer, wire transfer or other written order that does not involve the physical transfer of cash. These methods of transferring funds will not be covered by the CTR obligation under section 28 of FICA. When does the Obligation to Report in terms of Section 28 arise? When a cash transaction is concluded where the cash amount exceeds R24 999 and is paid or received by the accountable or reporting institution as well as when it pays or receives it via a third party. For example: 1. The amount is paid by the accountable or reporting institution to the client, or to a person acting on behalf of the client, or to a person on whose behalf the client is acting; or 2. The amount is received by the accountable or reporting institution from the client, or from a person acting on behalf of the client, or from a person on whose behalf the client is acting. Where cash is received or paid by a bank into or from an account held in the name of the asset manager, there is a duty on the bank as well as the asset manager to report such transaction to the Centre under section 28 of ---PAGE END--- Prescribed Amount Regulation 22B: R24 999.99 or the equivalent foreign denomination value (at time of transaction) is the LIMIT. All cash transactions exceeding R24 999.99 (being R25 000 or more) must be reported. Where foreign currency forms part of a cash transaction that requires the completion of a CTR, the institution must apply the exchange rate in effect for the business day of the transaction to calculate the amount in ZAR. Note that aggregation is applied to the threshold amount. The threshold amount can be a single cash transaction to the value of R25 000 or an aggregation, where multiples of smaller amounts would add up to the threshold amount of R25'000. The smaller amounts have to constitute fractions of one transaction. The calculation of aggregated transactions is directional, i.e. either an inward or outward direction of cash, but not a combination of the two. It is either withdrawals (payments) or deposits (receipts). Indicators of when to aggregate: Look at the period within which such a series of smaller transactions take place; repetition of the same type of transaction e.g. cash payments or cash deposits; smaller amount transactions involve the same person or account holder, or relates to the same account. Time Period for Reporting: Regulation 24(4) requires a report to be submitted as soon as possible, BUT no later than 2 (two) days after a natural person or any of his or her employees, or any employees of, or officers of a legal person or other entity, has become aware of the transaction/s. An accountable or reporting institution will be deemed to have knowledge when it: physically receives or pays out cash exceeding R24 999.99; or peruses its bank statement or a bank deposit slip from the client reflecting a transaction that exceeds R24 999.99. READER DECLARATION I, the undersigned, hereby declare that I have read this manual and understand the contents. Name: Signed: ---PAGE END--- ANNEXURE A RISK INDICATORS There are a number of indicators that may indicate that a business relationship or single transaction poses high risk of facilitating money laundering activities, or the presence of the proceeds of unlawful activity such as the following: GENERAL INDICATORS: a client makes cash deposits to a general account of a foreign correspondent bank; a client wishes to have credit and debit cards sent to destinations other than his or her address; a client has numerous accounts and makes or receives cash deposits in each of them amounting to a large aggregated amount; a client frequently exchanges currencies; a client wishes to have unusual access to safe deposit facilities; a client's accounts show virtually no normal business related activities, but are used to receive or disburse large sums; a client has accounts that have a large volume of deposits in bank cheques, postal orders or electronic funds transfers; a client is reluctant to provide complete information regarding the client's activities; a client's financial statements differ noticeably from those of similar businesses; a business client's representatives avoid contact with the branch; a client's deposits to, or withdrawals from, a corporate account are primarily in cash, rather than in the form of debit and credit normally associated with commercial operations; a client maintains a number of trustee accounts or client sub- accounts; a client makes a large volume of seemingly unrelated deposits to several accounts and frequently transfers a major portion of the balances to a single account at the same bank or elsewhere. a client makes a large volume of cash deposits from a business that is not normally cash intensive; a small business in one location makes deposits on the same day at different branches; there is a remarkable transaction volume and a significant change in a client's account balance; a client's accounts show substantial increase in deposits of cash or negotiable instruments by a company offering professional advisory services; a client's accounts show a sudden and inconsistent change in transactions or patterns. transaction may involve several factors which may on its own be insignificant but put together may raise a suspicion; a transaction that differs from the normal financial activity of the client; admits or makes statements about involvement in money laundering activities; has accounts with several financial institutions in one area for no apparent reason; uses an account for transfers only; uses unusual methods of payment or settlement; has an address but changes names of people involved; is accompanied to meetings and watched; curious about internal systems, control measures and FICA policies; has a vague knowledge about amounts of deposits; presents confusing details about transactions; is secretive and reluctant to meet in person; ---PAGE END--- insists that transactions be done quickly; establishes close relationships with different financial institutions; attempts to establish close relationships with staff members; uses a variety of addresses; uses post office box or general delivery address instead of street address; offers money, gratuities or favours for services rendered; Unusual employment of an intermediary in the course of a transaction. IDENTIFICATION & VERIFICATION INDICATORS: provides doubtful or vague information; produces seemingly false, altered or inaccurate identification document; refuses to produce personal identification document; supporting documents lack important details; identity of principal or source of funds is confusing. RECORD KEEPING & REPORTING INDICATORS: is reluctant to complete documentation required for the transaction; has unusual knowledge about legislation in respect of record keeping and reporting duties; seems very conversant about money laundering activities. ECONOMIC INDICATORS: transactions seem inconsistent with client's apparent standing; transactions have an unusual pattern of activities; appears not to be economically viable; seems very complex for stated purpose; investments seem to exceed the client's means; transactions make no good business sense. The circumstances referred to above may be legitimate features of certain categories of businesses, or may make business sense if viewed in the context of the client's business activities. However, it is equally possible that these features would be unexpected in relation to certain categories of businesses, or would have no apparent business purpose, given a particular client's business activities. The purpose of obtaining additional information concerning certain clients in these circumstances is to assist the FSP to more accurately identify truly suspicious behaviour or relationships and transactions that pose a risk of money laundering, on the basis of a broader profile of the client than the mere client identification particulars. The information that an accountable institution must obtain in such circumstances must be adequate to reasonably enable the accountable institution to determine whether transactions involving a client are consistent with the accountable institution's knowledge of that client and that client's business activities and must include particulars concerning: The source of that client's income; and The source of the funds that the particular client expects to use in concluding the single transaction or ---PAGE END---