As South Africa tightens its crypto regulations, Crypto Asset Service Providers (CASPs) need to act quickly to avoid falling out of compliance. Starting April 30, 2025,
Directive 9 will enforce stricter rules on tracking and reporting crypto transactions. A major part of this is the ‘travel rule,’ which requires client details to accompany both local and international crypto transfers.
For transactions over R5000, this includes the sender’s full name, identity or passport number, birthdate and place, address (if available), and wallet address.
South Africa’s greylisting by the Financial Action Task Force (FATF) has sparked tougher regulations. Directive 9 aims to prevent crypto transactions from being used for money laundering, terrorism financing, or other illegal activities.
It holds CASPs accountable, including the ‘ordering CASP’ (the sender’s service provider), the ‘recipient CASP’ (the one receiving the assets), and any intermediaries involved.
Why CASPs Should Pay Attention
In 2022, South Africa’s Financial Sector Conduct Authority (FSCA) recognized crypto assets as financial products, and CASPs became regulated institutions. They now have to follow the Financial Intelligence Centre Act (FICA), which includes verifying customer identities before processing transactions.
Because crypto allows quick, cross-border transfers, it’s harder to track who’s behind transactions, leaving it open to misuse for criminal activity.
To avoid fines and reputational harm, CASPs should implement strong compliance measures, like real-time watchlist checks, video call verifications, and biometric scans (e.g., having customers blink or smile during ID checks). But even after verification, the work doesn’t stop.
CASPs must monitor transactions for unusual patterns linked to illegal activity. They need to keep thorough records and assess risk, considering external factors like geopolitical events that may push people to use crypto for illicit purposes. CASPs must also know when to reject or suspend cross-border transactions and how to follow up on them.
While some welcome the directive, concerns about privacy arise due to South Africa’s Protection of Personal Information Act (POPIA), which restricts transferring personal data outside the country. The travel rule could require sharing data with countries lacking strong privacy protections, and it may clash with POPIA’s rule to only collect necessary data for the transaction.
As the regulatory environment evolves, CASPs must stay on top of changing requirements to reduce risks. VOCA, powered by SearchWorks, is designed to help businesses comply with FICA, AML, CFT, FATF, and POPIA regulations. This automated platform simplifies compliance by offering real-time identity verification, risk assessments, and transaction monitoring to prevent fraud and ensure regulatory adherence.
One exciting new feature of VOCA is ongoing monitoring, which tracks customer profiles daily and sends alerts for any risk changes. It also automates reporting to ensure that any suspicious activities are documented as required by regulators.
With Directive 9 in effect, CASPs need to act now to avoid administrative sanctions and align with these new compliance requirements.
Watch this space for updates in the Techology category on Running Wolf’s Rant.
Like what you just read? Buy us a coffee or Subscribe To Our Newsletter.
Living in South Africa and looking for a new smartphone? Check out Mondo Mobile - They partner with major networks to offer competitive deals, making it easy to find affordable options for your connectivity needs.
Feel free to explore our website, check out our Featured Articles or scroll down to see the articles that are related to this article below. We've been around since 2008, so there's plenty of content.
If you're in South Africa and looking for something to do, check out The SA Gig Guide (on our sister site SA Music Zone).
If getting more knowledge is part of your DNA - Check out the latest posts on Interesting Facts.
