South Africa long-awaited Conduct of Financial Institutions (COFI) Bill is set to reshape how every major financial player treats customers and runs its business. Built on the Twin Peaks regulatory model, COFI will place market-conduct supervision under the Financial Sector Conduct Authority (FSCA) and prudential oversight under the South African Reserve Bank Prudential Authority.
Table of Contents
A headline change for retirement funds is the Bill sharper focus on “rogue employers” those who deduct pension contributions from employees but fail to pay them into the fund. Under COFI, regulators will gain clearer powers to issue directives, investigate, and even remove directors where there are serious conduct failures, including defaulted contributions.
This rewritten guide explains what COFI does, how it changes licensing, what employers, funds, trustees, and administrators must prepare for, and when the framework is expected to bite.
Quick Summary Table (Vertical)
Key Item |
Summary |
|---|---|
What is COFI |
A single, sector-wide market-conduct law that harmonises and strengthens rules for fair treatment of customers |
Twin Peaks split |
FSCA: conduct and consumer protection; Prudential Authority: financial stability and solvency |
Big retirement-fund change |
Stronger regulatory levers against unpaid pension contributions; employers participating in funds treated as supervised entities for conduct purposes |
New enforcement tools |
Directives, investigations, public interventions, and potential removal of directors for serious persistent breaches |
From registration to licensing |
Every financial institution (funds, administrators, insurers, asset managers) must obtain a COFI licence covering main and sub-activities |
Governance lift |
Higher bar for honesty, integrity, and competence for trustees, principal officers, and executives |
Cost/complexity |
More administrative and reporting layers; even public-sector funds must align with COFI |
Timing |
Treasury initially targeted early 2026; implementation may slip, but conduct standards could arrive sooner with transitional phases |
Why it matters |
Member protection, better disclosure, fewer barriers to product switching, and more consistent treatment across the sector |
Official site |
Why COFI and Why Now?
A series of market-conduct failures and widely reported arrears in pension contributions prompted a rethink of fragmented rules spread across multiple Acts. The FSCA has already named non-compliant employers publicly, and the Pension Funds Adjudicator continues to receive a high volume of Section 13A complaints relating to unpaid contributions. COFI consolidates conduct standards and gives supervisors a clearer, more agile toolbox to correct harm and deter repeat offenders.
Twin Peaks: Who Does What
- FSCA (Market Conduct): Fair treatment of customers, disclosure standards, advertising and advice rules, product governance, complaints handling, and conduct action where funds or employers mistreat members (e.g., through contribution defaults or poor communication).
- Prudential Authority (Stability): Capital, solvency and risk frameworks for regulated institutions to reduce systemic risk and protect beneficiaries from failure.
Working together, the peaks close gaps that previously allowed poor governance, opaque communications, and contribution leakages to persist.
Stopping “Rogue Employers”: What Changes Under COFI
COFI recognises that employers who participate in a retirement fund can influence members’ fair outcomes. Under the Bill:
- Employers who default on contributions can face directives to remedy arrears and improve systems.
- The FSCA can investigate suspected misconduct and, in serious or persistent cases, move against responsible individuals, including removal of directors.
- Funds will face stricter communication duties to notify members promptly about missed or short-paid contributions and the steps being taken to recover arrears.
- Expect clear escalation pathways (fund → administrator → FSCA/prudential escalation) to resolve contribution shortfalls before they become prescribed or irrecoverable.
Why this matters: Missing contributions can permanently shrink members’ retirement outcomes. Earlier detection and regulatory teeth make it harder for arrears to linger for years.
From Registration to Licensing: A New Gatekeeper Model
COFI replaces and rationalises parts of several Acts (including FAIS and the insurance laws) and moves the sector from “registration” to “licensing.” Every institution will need a COFI licence that specifies:
- A main activity (e.g., underwriting, administration, fund operation, asset management), and
- One or more sub-activities (similar in spirit to FAIS categories).
What this means for you:
- Retirement funds and administrators must submit fuller evidence of governance, systems, controls, and fair-treatment frameworks not just “rules” for approval.
- Insurers and asset managers should align product design, disclosure, advice and distribution oversight, and complaints handling with COFI standards.
- Public-sector funds (e.g., GEPF) also need to demonstrate alignment.
Governance, Ethics, and Competence: The People Standard Rises
COFI codifies a higher fitness and propriety bar. Boards, trustees, principal officers, and senior managers must show:
- Honesty and integrity (disclosure of conflicts and past conduct events),
- Competence (fit skills/experience for role), and
- Effective oversight (evidence of monitoring, MI, and remedial actions).
Expect structured due-diligence, role profiling, documented induction and CPD, and board evaluation cycles that stand up to supervisory scrutiny.
Costs, Complexity and Why It Still Worth It
Industry voices anticipate material compliance costs: multiple licensing layers, ongoing reporting, product governance files, enhanced member communication, and remediation planning. But the benefits member protection, fewer mis-selling risks, cleaner contributions, and better comparability across providers support long-term confidence in the system.
Timelines, Transitional Periods, and What Might Happen First
Although early 2026 was initially floated for promulgation, the Bill still needs to pass through state law advisors, Cabinet, and Parliament. Realistically:
- Conduct standards (subordinate rules) may be issued early, nudging the market toward compliance before full enactment.
- A transitional window (previously discussed around three years) could be shortened if the industry is already largely aligned with early standards.
Practical takeaway: Don’t wait for the Act to be signed start mapping and closing gaps now.
Action Plan: What Each Stakeholder Should Do Now
For Employers (Participating in Funds)
- Audit payroll-to-fund reconciliation; fix breaks in deduction and payment processes.
- Put in place alerts/escalations if contributions are late or short.
- Document responsible persons and board oversight of contribution compliance.
For Retirement Funds and Administrators
- Refresh member-communication playbooks for contribution arrears.
- Build a COFI licence pack: governance map, product/benefit governance, complaints MI, conduct risk register, remediation plans.
- Test Section 13A enforcement and recovery steps; keep evidence trails.
For Insurers/Asset Managers/Advisers
- Align product design, target-market statements, distribution oversight, and fair value assessments with COFI.
- Enhance complaints analytics and root-cause remediation frameworks.
Frequently Asked Questions (FAQs)
1) What is the single biggest change COFI brings for pension funds?
A unified conduct framework with stronger enforcement against contribution arrears and clearer duties to inform members and remedy harm.
2) Can the FSCA act directly against employer directors?
Yes COFI clarifies the ability to investigate, direct, and in serious cases remove directors linked to repeated or egregious conduct failures.
3) Will my fund or firm need a new licence?
Yes. COFI replaces registration with a comprehensive licensing regime covering main and sub-activities.
4) Does COFI apply to public-sector funds?
Yes. Public-sector funds are expected to align with COFI licensing and conduct standards.
5) Will compliance be costly?
There will be administrative and financial impacts (licensing, reporting, governance uplift). Early preparation can spread cost and reduce disruption.
6) When will COFI take effect?
Government initially pointed to early 2026, but timing may slip. Conduct standards could arrive before final promulgation.
7) What happens to employers who keep missing contributions?
They face directives, investigations, public censure, recovery actions and in severe cases, director-level consequences.
8) How does COFI interact with the Two-Pot system?
COFI governs conduct; Two-Pot is a benefit design reform. Funds must comply with both: treat members fairly and implement Two-Pot rules correctly.
9) What governance evidence will regulators expect?
Clear policies, MI, board minutes, risk registers, product governance files, complaints RCA, and documented remediation outcomes.
10) What should we do first?
Run a COFI gap assessment, prioritise contribution-arrears controls, update member communications, and prepare a licensing roadmap.
For More Information Click HERE
