FIC Clarifies Who is a Credit Provider — And the Net Is Wider Than You Think

Written By Eszter Rapanos

This article will count 0.25 units (15 minutes) of unverifiable CPD. Remember to log these units under your membership profile.

If your clients lend money, defer payments, or offer credit facilities, this applies to them — and possibly to you too.

The Financial Intelligence Centre (FIC) published Public Compliance Communication 23A (PCC 23A) on 30 March 2026, providing long-awaited clarity on who qualifies as a "credit provider" under Schedule 1 of the FIC Act. This affects your obligations — and your clients' obligations — around anti-money laundering (AML), counter-terrorist financing (CFT), and compliance registration.

Why Should You Care?

If you are advising clients who provide credit in any form, or if your practice offers any deferred payment arrangements, this guidance directly impacts the compliance work you do. Getting this wrong can trigger FIC enforcement action.

Who Is a Credit Provider?

The FIC's definition is broad. A credit provider includes virtually anyone who regularly lends money or extends credit as a business activity. In practical terms, this covers:

  • Banks and deposit-taking institutions that extend credit

  • Microfinance and fintech lenders

  • Mortgage lenders and housing finance companies

  • Retail credit providers (store cards, instalment finance)

  • Factoring firms and companies that purchase loan books

  • Intragroup lenders (intercompany loans at arm's length)

  • Equipment finance and hire-purchase companies

  • Ad hoc commercial lenders — even one-off loans of a commercial nature.

📌Key point: Even if your client is not registered under the National Credit Act (NCA), they may still be a credit provider under the FIC Act, specifically if their clients are juristic persons (companies) with an asset value or turnover of R1 million or more.

Examples where FIC registration is necessary as a credit provider, although NCA registration is not:

  1. A JSE-listed holding company has three subsidiaries. It regularly advances funds to each subsidiary at arm's length, with formal loan agreements, interest charges, and structured repayment schedules. Each subsidiary has an annual turnover well above R1 million. This falls squarely under Item 11(b). The holding company is carrying on the business of providing credit, regularly, commercially, and under formal credit agreements. It must register with the FIC as an accountable institution and implement a full RMCP, KYC processes, and sanctions screening.

  2. A construction equipment supplier allows its corporate clients to purchase machinery up to R5 million on a deferred payment basis. Clients pay over 24 months, and the supplier charges interest as a standard business practice. All clients are companies (juristic persons) with turnovers exceeding R1 million. The supplier is regularly extending credit, charging interest, and managing repayments as a normal course of business, this qualifies as carrying on the business of a credit provider under Item 11(b), and full FIC obligations apply.

What About Incidental Credit?

This is where many businesses may be caught off guard.

  • A once-off late payment fee (e.g., a doctor charging mora interest) is NOT a credit provider arrangement.

  • But if your client regularly defers payments across multiple clients as part of their business model, the FIC will look at the substance of the activity, not just the label.

  • Structuring transactions to avoid the definition will not work. The FIC has explicitly warned against this.

What Are the Compliance Obligations?

Once classified as a credit provider (accountable institution under item 11), the entity must:

  • Register with the FIC - under Item 11 of Schedule 1. Even if you are already register under another item, you will have to register again under Item 11.

  • Conduct customer due diligence (KYC) on all relevant clients

  • Screen for targeted financial sanctions

  • Develop and maintain a Risk Management and Compliance Programme (RMCP) in line with section 42 of the FIC Act

  • Observe reporting obligations i.e. suspicious transactions to the FIC.

🚩Red Flags to Watch For (Risk Indicators)

The FIC lists several money laundering and terrorist financing red flags relevant to credit providers. Alert your clients to watch for:

  • Loans repaid unusually quickly with no explanation for the source of funds

  • Multiple cash repayments without a clear explanation

  • Clients reluctant to provide personal or business information

  • Loan repayments made by a third party not part of the original deal

  • Mortgage accounts overpaid significantly, with refunds requested shortly after

  • Large crypto asset purchases made on credit by clients with no prior crypto history

  • Credit used by clients involved in dual-use goods or operating in sanctioned jurisdictions

Bottom Line for Accountants

The FIC Act casts a wider net than the NCA. An entity can sit entirely outside NCR registration requirements and still be fully subject to FIC obligations — including KYC, suspicious transaction reporting, sanctions screening, and maintaining a Risk Management and Compliance Programme.

If your client lends money, defers payment regularly, or offers any form of credit facility — they need to assess whether they are a credit provider under the FIC Act. This is not just a big-bank issue. SMEs, property companies, holding groups with intercompany loans, and even professional service firms with structured payment plans could be affected.

Help your clients get this right before the FIC comes knocking.

Eszter Rapanos
Previous

The Crypto Travel Rule Is Live — Is Your Practice Ready?
Next

FIC’s Draft Directive 11: From RMCP Documents to Real Accountability