Property Practitioner FICA Requirements: PPRA, the FIC Act, and What Changed

Quick context - two laws, two regulators

The Property Practitioners Act of 2019 (in force from 2022) is administered by the Property Practitioners Regulatory Authority (PPRA). It defines who can practice as a property practitioner in South Africa and replaced the older Estate Agency Affairs Act regime.

The Financial Intelligence Centre Act of 2001 is administered by the Financial Intelligence Centre (FIC). It lists Accountable Institutions and the duties they have under South African anti-money-laundering and counter-terror-financing law.

The PPRA regulates how you practice. The FIC regulates what you do for AML and CFT compliance. Both apply to letting agencies and property managers, and the duties stack rather than overlap. The FIC's Public Compliance Communication 56 is the authoritative guidance on how the two laws interact for property practitioners.

Who counts as an Accountable Institution under Schedule 1?

Schedule 1 Item 3 of the FIC Act lists "estate agents" as Accountable Institutions. PCC 56 clarifies how this maps onto the modern category of property practitioners:

• A person registered as an estate agent before February 2022 remains an Accountable Institution under Item 3.
• A person performing the activities of an estate agent - selling, buying, letting, renting - remains an Accountable Institution, regardless of whether they are now called a "property practitioner".
• Not every property practitioner is automatically an Accountable Institution. Property developers, home inspectors, bond facilitators, and some homeowner associations may fall under the PPA without being Accountable Institutions under the FIC Act, unless their activities also match the FIC Act definition.

The point: it is the activity, not the title, that triggers the duty. See the FICA Schedule 1 for property transactions guide for the regulatory backdrop.

What activities trigger Accountable Institution status?

A practical test against the FIC Act:

• Selling property on instruction: yes.
• Buying property on instruction: yes (rare in practice; usually buyer-side conveyancing).
• Letting or renting property on instruction: yes - this captures most letting agencies and property managers.
• Marketing property on instruction, where it includes representing the seller or landlord: yes.
• Developing your own property to sell: generally no - the developer is the principal, not an agent.
• Home inspections: generally no - not selling or letting on instruction.
• Bond facilitation: depends on activities; bond originators may have separate FIC registration paths.

A letting agency that lists, markets, and concludes residential leases on behalf of landlords is an Accountable Institution. A homeowner who lets out a single flat in their own name usually is not, though some choose to apply the same FICA discipline anyway.

What does FICA actually require of an Accountable Institution?

The four core duties:

1. Register with the FICas an Accountable Institution. This is a one-off step done when the firm starts practicing, through the FIC's online portal.
2. Run client due diligence (CDD) on every party to a transaction. For a residential lease, that means tenant, landlord, and any guarantor.
3. Keep records of the CDD and the transaction for at least five years from the end of the business relationship.
4. Report suspicious or unusual transactions to the FIC via the goAML system - cash threshold reports (CTRs) and suspicious transaction reports (STRs).

Three additional obligations sit on top:

• Maintain a Risk Management and Compliance Programme (RMCP). A written document describing how the firm manages its FIC duties.
• Train staff on the RMCP and on the FIC Act duties.
• Cooperate with FIC inspections - be able to produce the records on demand.

The four core duties are the minimum. The three additional obligations are what an inspector asks for first.

Client due diligence - what does that mean in practice?

For a residential lease, CDD on the tenant covers:

• Identification: collecting the data points (ID, address, bank details, PEP declaration, signed declaration).
• Verification: confirming the documents match the natural person.
• Risk-rating: low, medium, or high based on PEP status, source of funds, and transaction profile.
• Beneficial ownership: for corporate or trust applicants, identifying the natural persons behind the legal entity.
• Ongoing monitoring: re-checking at lease renewal, or whenever something material changes.

For a sale, CDD applies to both parties - buyer and seller. For a lease, it applies to tenant, landlord, and any guarantor. The how to FICA a tenant guide walks through the tenant side step by step, and the FICA documents required guide is the document checklist for the same flow.

The Risk Management and Compliance Programme - what does it look like?

Every Accountable Institution must have an RMCP. It must be in writing. It must cover the following at minimum:

• A risk assessment of the firm's client base, products, and channels.
• The CDD procedures - how staff actually run FICA, which documents are collected, which fields are captured, how verification is done.
• The record-keeping procedures - where the records live, how long they are kept, who can access them, how they are protected from tampering.
• The reporting procedures - how staff escalate suspicious activity, who files the CTR or STR, how the firm interacts with goAML.
• The training programme - how often staff are trained, what content is covered, who attends.
• The compliance officer - named, contactable, accountable.

Most letting agencies do not have a written RMCP. At the next FIC inspection that is the first thing the inspector asks for. A tight four-page RMCP is dramatically better than nothing - the regulator wants to see that the firm has thought about its risk and documented its process.

Directive 6 - what is it and why does it matter?

In 2024 the FIC issued Directive 6, which requires Accountable Institutions to register with the FIC by a hard deadline (originally May 2024 for most institutions). Failure to register is an automatic finding at inspection and can lead to administrative penalties.

If the firm has not registered with the FIC, do it now. Registration is free, takes about thirty minutes through the FIC's online portal, and produces a registration number that should appear on the firm's RMCP and on its compliance documentation.

How the FIC, PPRA, and SARS overlap

Practitioners often confuse the regulators. A short clarification:

• FIC: AML and CFT compliance, Accountable Institution duties, the RMCP, CTR and STR reporting through goAML.
• PPRA: practice standards, Fidelity Fund Certificates, the code of conduct for property practitioners, complaints against the firm.
• SARS: tax registration, monthly EMP201 returns, annual income tax filings.
• EAAB: the Estate Agency Affairs Board was replaced by the PPRA in 2022. Legacy registrations carry forward.

The duties stack. Being PPRA-compliant does not make the firm FIC-compliant. Being FIC-compliant does not make the firm SARS-compliant. Plan and budget accordingly.

The realistic compliance posture for a small letting agency

A defensible posture for a single-branch letting agency looks like this:

• One named compliance officer (in a small firm this is usually the principal).
• A four-to-eight-page RMCP, reviewed annually and updated when the business changes.
• A FICA process that captures Schedule 1 data points on every party - tenant, landlord, guarantor.
• An audit trail showing when CDD was done and by whom.
• Records retained for five years from the end of each business relationship.
• One annual training session for the staff, documented in a sign-in register.
• Registration with the FIC and goAML system access for STR and CTR filing.

You do not need a fifty-page document. You need defensible evidence that you do the things the FIC Act requires.

How LetSignal supports the FICA side

LetSignal handles the CDD and record-keeping pieces:

• A mobile-friendly FICA flow capturing the Schedule 1 data points.
• Beneficial ownership capture for corporate and trust applicants.
• A tamper-evident audit trail timestamping every upload and review action.
• Five-year retention configurable per firm.
• Structured PDF reports per party, ready for the audit pack.

What LetSignal does not do, and the firm still has to handle directly:

• Register with the FIC. This is a one-off step done by the firm via the FIC portal.
• Write the RMCP. The firm's specific risk assessment and procedures are the firm's call - templated guidance helps but does not replace the document.
• File CTRs and STRs. These are filed by the firm via goAML.
• Train the staff. The training is the firm's responsibility, though structured FICA tooling reduces what the staff have to remember.

See FICA Verification for the standalone FICA product, and the FICA Schedule 1 guide for the regulatory backdrop.