From greylist to readiness: Inside SA’s 2026 anti-money laundering reforms

Sholane Sathu, Founder of Navigate Compliance.

---

While the 2025 FATF greylist exit marked a major milestone, a fresh FATF Mutual Evaluation process is set to commence in mid-2026. This new cycle (the "5th Round") focuses heavily on effectiveness – proving not just that laws exist, but that they are resulting in investigations and prosecutions.

National Treasury published the Draft General Laws (Anti-Money Laundering and Combating Terrorism Financing) Amendment Bill, 2025, a strategic "clean-up" designed to fortify the nation's financial defences ahead of the new round of global evaluations.

Read as a whole, the Bill is not simply a compliance “tightening exercise”. It is a system-strengthening effort aimed at improving effectiveness: better visibility of risk, faster access to information, clearer enforcement routes and stronger consequences for non-compliance.

At the heart of the FIC Act amendments is the formalisation of lifestyle audits. The Financial Intelligence Centre (FIC) will now have the explicit mandate to determine if an individual’s standard of living aligns with their declared legitimate income. This is bolstered by new powers allowing the FIC to access databases held by municipalities and other public entities, creating a "joined up" data ecosystem to track unexplained wealth.

To prevent the exploitation of nonprofits for terrorism financing, the Bill transforms the NPO Directorate from an administrative body into a proactive supervisor.

• Enforcement: The director can now issue compliance notices and impose administrative sanctions.
• Penalties: Fines for non-compliance are set to rise significantly, reaching up to R1 million, with potential imprisonment for up to five years.

The Bill introduces high-stakes consequences for corporate record-keeping and modernises how we define financial products:

• Companies Act: The CIPC will gain the power to deregister companies that fail to submit beneficial ownership registers for two consecutive years.
• FSR Act: Regulators are closing the "wrapper gap". If a product behaves like a financial investment – regardless of whether it uses traditional tech or decentralised blockchain – it falls under the regulatory perimeter.
• Record retention: The FIC Act will extend the mandatory record-keeping period from five to seven years, requiring an immediate archiving uplift for most institutions.

For boards and compliance officers, the window for preparation is brief. Public comments close on 13 February 2026, and the Bill is expected to be fast-tracked through Parliament. 

Organisations should prioritise:

1. Retention uplift: Update systems to accommodate the new seven-year data mandate.
2. Tech-risk assessments: Document-specific risk assessments for new delivery mechanisms (fintech/crypto) before launch.
3. Information playbooks: Refine internal processes to handle FIC requests for relationship verification and lifestyle data.
4. Sanctions operations: Tighten automated screening and freezing protocols to meet heightened UN Security Council standards.
5. Beneficial ownership: Ensure corporate registers are accurate to avoid the risk of administrative de-registration.

This Bill is best understood as South Africa strengthening three things at once: visibility (better information access and sharing), enforceability (firmer sanctions and penalties), and modernity (technology-neutral perimeter and explicit technology risk expectations).

If implemented with the right guidance and capacity, the proposals can materially improve investigative outcomes and strengthen trust in the integrity of the system. Sathu says the most durable success will come from pairing legislative tightening with practical supervisory guidance, transitional timelines and implementation support that prioritises real-world effectiveness over formal compliance.

About the author

Sholane Sathu is the Founder of Navigate Compliance. She is a seasoned governance, risk and compliance (GRC) professional, project manager and board advisor with extensive experience supporting organisations in highly regulated environments. Sathu manages complex compliance projects and advises senior leadership on practical, high-impact regulatory transformation programmes.