Payroll, legal & compliance actions require human approval before execution.
Human-controlled
D
What does our RMCP need to include for a small legal firm?
RMCP Requirements for a Small Legal Firm
As an accountable institution under FICA, your Risk Management and Compliance Programme must include:
1. Risk Assessment
- Client risk rating methodology (Low / Medium / High)
- PEP and sanctions screening process
- Source of funds verification procedures
2. Internal Rules & Policies
- Customer Due Diligence (CDD) standards
- Enhanced Due Diligence (EDD) for high-risk clients
- Record-keeping obligations (minimum 5 years)
3. Reporting Structure
- Designated FICA Compliance Officer
- Suspicious Transaction Report (STR) escalation path
- Cash Threshold Reports (CTR) for transactions >R24 999.99
4. Training
- Annual FICA training for all staff handling client funds
- Record of training completion
Approval required: Your RMCP must be approved by senior management and reviewed annually. No exceptions.
Enter to send · Shift+Enter for new line · All outputs require human review