When was the last time you made a voice call? For most consumers, voice calls have taken a backseat as data usage and Whatsapp calls surge. With traditional revenue streams shrinking, telecommunication companies are capitalising on their vast networks and customer bases to tap into the growing demand for digital payments and financial transactions as they diversify into financial and other services.
Telecos are becoming increasingly client oriented and by loaning money, offering money transfers, selling insurance products, airtime and electricity and making e-commerce payments seamless, they are acting like banks. In some cases, banks will view telecos as competitors.
Therefore, as mobile devices act as a gateway to financial services, telecommunications firms should be held to the same regulatory standards as financial institutions
For instance, banks are subject to stringent “Know Your Customer” (KYC) regulations under the Financial Intelligence Centre Act (FICA), ensuring that they can identify and verify the identities of their clients. Such regulations aim to prevent money laundering and the financing of illegal activities. By contrast, the telecommunications industry—despite providing the infrastructure for mobile banking and money transfers—does not face the same level of scrutiny. Specifically, SIM cards, a critical component of mobile communication and payment verification, often bypass these rigorous standards.
Consumers can easily access SIM cards that are not linked to them, offering anonymity for financial transactions in certain instances.
One troubling practice is the pre-registration, or “pre-RICAing,” of SIM cards. In South Africa, the Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA) mandates that SIM cards must be registered with valid user identification including their identity book and proof of address. SIM card registration, however, is not linked to the Department of Home Affairs database. SIM cards are often distributed in an unsecured form.
Instead, SIM cards, especially prepaid cards, are mass registered by third party distributors often to incorrect or non-existent users, making it easier for consumers in the informal economy to easily access cards without registration documents. Distributors earn commission on airtime that is linked to the SIM cards they sell and are thus incentivised to distribute them widely and with ease.
There is a loophole in the RICA act that allows the mass registering of SIM cards.
Section 40 of RICA allows a customer who has registered a SIM card to sell or give it to someone else. This would allow a parent, for example, to RICA a card for their child.
But large-scale SIM card distributors are considered customers buying cards from telecommunications firms. They use this designation to register SIM cards in bulk and then sell them on to everyday users.
The onus, in terms of the law, is on the end-consumer to update the telecommunication firm with their details and this often doesn’t take place. Millions of customers with incorrectly RICA’ed SIMs have no reason to approach telecommunications firms and re-register them.
This makes it hard to track who is really using the card with some estimates suggesting that nearly all prepaid SIM cards released each year are not correctly registered, making it nearly impossible to trace who is behind a particular financial transaction or mobile communication.
This issue is not merely hypothetical. In 2023, a report by the Sunday Times uncovered illicit money flows of over R300m into Uganda and Kenya facilitated by 300 SIM cards and money transfer services. The scheme exploited the lack of regulation and accountability around SIM cards to move massive amounts of money, in small amounts under R5000, across borders without detection. This type of financial crime is exactly what international regulatory bodies like the Financial Action Task Force (FATF) aim to prevent.
In February 2023, South Africa was placed on the FATF greylist, in part due to weaknesses in the country’s ability to combat money laundering and other financial crimes.
The FATF highlights countries with inadequate measures to combat money laundering and terrorist financing in two public reports published three times a year. If the country wants to be removed from this international grey list, it must address the ease with which financial crimes can take place.
As South Africa works to strengthen its anti-money laundering framework and regain credibility on the international stage, closing this loophole is a necessary step.
In short, telecommunications firms must be held to the same standards as financial institutions, and SIM cards, should be distributed with security measures that match that of bank cards.
SIM cards should be distributed in sealed and tamper-proof packaging and properly RICA’ed. There could even be requirements that the person using the SIM card would need to sign on receipt of the card – as is the case with bank cards.
Properly enforced RICA and better control of SIM cards would prevent anonymous transactions and ensure greater accountability. Such measures would also benefit consumers by protecting them from SIM card cloning and identity theft, both of which are growing concerns in the digital age.
The intersection of telecommunications and finance is no longer a futuristic concept; it is happening now. As mobile banking continues to expand, the regulatory framework governing these industries must evolve to meet the new challenges it brings. If left unchecked, the unregulated distribution of SIM cards will continue to be a weak link in the global financial system, offering an easy avenue for money laundering and crime.
- Khan is an independent telecommunications consultant who has worked for leading global telecommunications firms.