South Africa’s Prudential Authority sanctions Discovery Bank following AML/CFT compliance breaches
The South African Prudential Authority (PA) has imposed an administrative penalty of R3 million on Discovery Bank Limited for breaches of the Financial Intelligence Centre Act (FICA), following a supervisory inspection that revealed deficiencies in the bank’s anti–money laundering (AML) and counter-financing of terrorism (CFT) compliance framework.
The penalty — announced on 8 November 2025 — includes R1 million conditionally suspended for 36 months, contingent on the bank avoiding further contraventions of FICA within that period.
Key findings
The PA’s inspection, covering activities during 2021, identified multiple areas of non-compliance, including:
- Delayed suspicious transaction reporting: 24 suspicious or unusual transaction reports were not submitted to the Financial Intelligence Centre (FIC) within the prescribed timelines.
- Training gaps: 84 out of 155 new employees and 2 out of 6 senior managers had not received mandatory AML/CFT training as required under the Act.
- Unresolved monitoring alerts: Over 2,200 automated transaction alerts were not reviewed within the required 48-hour window.
- Weaknesses in governance and documentation: The bank’s Risk Management and Compliance Programme (RMCP) lacked adequate detail and periodic review triggers.
In addition to the monetary penalty, the PA issued four formal cautions directing Discovery Bank not to repeat the identified breaches.
Bank response
Discovery Bank stated that it had fully remediated the deficiencies by the time of the sanction and emphasised that no evidence of money laundering or illicit transactions was identified during the inspection.
In a public statement, the bank reaffirmed its commitment to strengthening its AML/CFT controls and maintaining a robust compliance culture in line with FICA and the Prudential Authority’s expectations.
Regulatory perspective
The enforcement action underscores the South African regulators’ continued emphasis on AML/CFT compliance effectiveness, particularly around timely suspicious activity reporting, staff training, and alert management. It follows a trend of more visible enforcement from the PA and the Financial Sector Conduct Authority (FSCA) in the wake of South Africa’s efforts to sustain compliance improvements post-FATF grey listing.
The case serves as a reminder that procedural compliance alone is not sufficient — supervisory authorities expect institutions to demonstrate active, ongoing monitoring and governance over their AML/CFT programmes.
💡 StudyAML Insight
Ongoing training, documented escalation procedures, and automated alert management reviews remain among the most common weaknesses identified by regulators globally. Financial institutions should ensure their AML frameworks are not only compliant on paper but demonstrably effective in practice.
