Now in the new year, companies and their representatives find themselves faced with unexpected, and unchartered compliance requirements, which they have no idea how to fulfil.
CIPC Raises the Compliance Bar
The CIPC migration to enhanced E-Services and BizPortal platforms was aimed at automating numerous CIPC functions, including company registrations, annual return filings and other company changes. In doing so, the new paperless system catered for users no longer requiring hard copy documentation and lengthy manual submissions, whilst being more cost effective for start-ups.
On or about 4 December 2023, the CIPC upgraded its system by introducing some additional, and more stringent verification steps, one of which is a multifactor authentication. The multifactor authentication system is specifically required for director amendments and makes use of an OTP in order to improve data security, whilst simultaneously enhancing data driven compliance insights. The CIPC has reasoned that these additional security checks are an attempt to combat corruption, money laundering and other corporate crimes which have contributed to South Africa’s greylisted status.
The Pros and Cons of Multi-Factor Authentication
The new enhanced system provides directors with twin-factor authentication in the form of both SMS and email OTPs for authorisation of all amendments to a company’s directorship, including new appointments, removals and resignations:
Example of OTP submission form on CIPC
Whilst the CIPC’s objective of introducing this authentication process was to improve data security, thus far, and with bugs to still be worked out, all it has served to do is frustrate the directorship amendment process. Aside from the obvious submission of 2 OTPs, it does not create user-friendly information updating opportunities; meaning if a director has, since appointment, changed their contact details, this must first be updated. The CIPC has itself reported a noticeable backlog in processing amendments much to the disdain of corporate secretaries and administrative staff who are often the ones tasked with navigating these E-services and BizPortal platforms.
The backlog was initially caused on account of users bypassing the new CIPC system by submitting old system applications, forcing the CIPC to complete those applications first to avoid situations of data corruption and other system errors.
The real challenge begins when companies have foreign directors that need to authorize these director changes. The CIPC implemented a Foreigner Assurance service which is an additional step for foreign directors. This step requires that all foreign directors must be verified by submitting a certified copy of their passport. The problem is that this doesn’t seem to be a once-off verification and a foreign director may even be required to re-certify and verify their passport on a quarterly basis. The process creates further confusion when foreign directors do not receive their OTPs or do not respond to requests timeously.
Beneficial Ownership – SARS and CIPC Join Forces
If you hold “Beneficial Ownership” in relation to a company, you should already be aware of the “Beneficial Ownership Register” functionality on the CIPC E-Services platform; especially considering updating this Register needed to have been done in October 2023 for existing companies!
CIPC Beneficial Ownership Form
For entities incorporated after the promulgation of the amended Companies Regulations, it is required that they file beneficial ownership information within 10 business days after date of incorporation. Entities incorporated before this promulgation will also have to file beneficial ownership information before effecting any changes.
With the support of SARS, the “Beneficial Ownership Register” must tie in to the ITR14 declaration on shareholding – remember, in light of automatic exchanges of information in place with a number of foreign jurisdictions, it is likely that SARS are already privy to all interests held by taxpayers, both locally, and offshore.
In casting their net as wide as possible, the concept, and required disclosures of Beneficial Ownership, extends to an assortment of legal entities, including profit companies, non-profit companies, external companies, non-exempt state-owned companies, listed companies and close corporations.
Over and above the register itself, being created, and maintained on a regular basis, where any person holds more than 5% Beneficial Ownership in a legal entity, full disclosure on their Beneficial Ownership is required by both the CIPC, and SARS.
To ensure your company does not fall foul of these new enhanced compliance processes, and keep your focus on your business’s continued success, it is recommended these administrative functions be outsourced to CIPC experts. Time is money and it only makes sense to use a seasoned CIPC specialist who understands how to navigate the new system seamlessly.
However, where you have already violated these new requirements, or are wholly uncertain of your, or your company’s compliance status, it is prudent to approach an astute corporate and tax attorney, to run a diagnostic on both your CIPC and SARS affairs. Not only does this ensure legal professional privilege on all disclosures, but also being specialists in their own right, guarantees the correct remedial measures are executed post-haste.