Shake Up For CIS Managers – What Should You Do Now?

On 14 August 2025, the Financial Sector Conduct Authority ("FSCA") published Conduct Standard 3 of 2025 ("CIS") – "Requirements for Managers of Collective Investment Schemes" ("CS 3"), mandating that all CIS Managers in South Africa must be able to evidence full compliance by August 2026. CS 3 embeds an outcomes-based supervisory model built on governance, risk, fair-treatment and disclosure, in line with the Twin Peaks reform commenced with the Financial Sector Regulatory Act and which will culminate in the promulgation of the Conduct of Financial Institutions Bill later this year or early next year. The one-year transitional period offers a valuable opportunity to upgrade frameworks, standard operating procedures, contracts and culture before the FSCA – or investors – ask the tough questions.

During this transitional period, we suggest Managers take the following important pre-emptive steps:

1. Governance architecture

• Map existing policies to the CS 3 obligations. Where gaps exist (for example, a Board charter that omits accountability for approving governance arrangements) draft supplemental policies rather than rewriting everything. Most Managers will already have policies that align with the governance arrangements required by CS 3, but these may need review and adaptation to ensure substantive compliance.
• Ensure Board and committee calendars include the mandatory annual review of governance, risk, and conflicts policies.
• Re-visit Directors & Officers insurance wording to confirm coverage for Control-Function Heads who have increased accountability in terms of CS 3.

2. Key persons, control functions and outsourcing

• Perform a skills-and-authority audit. CS 3 requires the heads of control functions: risk, compliance, and internal audit, must possess both expertise and independence. Where the same individual currently wears multiple hats, consider splitting responsibilities or appointing deputies.
• Ensure that reporting lines or authority frameworks provide for the required independence of relevant personnel and that standard operating procedures are updated to ensure that approval is sought timeously, noting that prior approval is required before appointing a Head of Compliance, 30-day notifications for appointment of risk and audit heads, and 30-day pre-notifications of any termination.
• If any control function is outsourced, test whether this would be considered appropriate. If the outsourcing is appropriate, review the service-level agreement (or if within a group ensure one is in place). Considering the requirements of CS 3 we expect that Managers would need to check reporting lines, unrestricted information access, and manage risk allocation through these contractual arrangements.

3. Risk and compliance frameworks

Align the risk management framework with GN910 and section 5 of CS 3 by incorporating liquidity stress testing, defined risk appetite and conduct-risk indicators. " Ensure that there is a Compliance Risk Management Plan that evidences independence (reporting directly to the Board), resources and escalation protocols.

4. Independent audit oversight

Confirm that the internal audit charter expressly covers the adequacy of accounting systems, internal controls, and governance, and that findings are reported at least quarterly to senior management and the Board.

5. Conflict-of-interest discipline

• Conduct a fresh "COI heat-map" across staff, significant owners, related parties, and business partners.
• Update the Conflicts of Interest Policy to address CS 3 section 12 requirements: identification criteria, avoidance hierarchy, investor disclosure triggers and annual Board review.
• Embed disclosures in onboarding packs and client reporting tools to avoid last-minute scrambles.
• Refresh the Best-Execution Policy. Evidence how price, cost, speed, likelihood of settlement and trade size are balanced – particularly where intra-group brokers are used.
• Draft a "Related-Party Transaction Checklist" to filter all new investments for compliance with section 20 restrictions and trustee oversight requirements.

6. Portfolio development and distribution networks

• Draft a Portfolio Development Framework that sets out design principles, target-market criteria, approval checkpoints, ongoing monitoring, and remedial action. Managers who host the co-named portfolio should particularly consider what disciplines are required to manage this responsibility when engaging with investment managers.
• Review all distribution agreements for compliance with CS 3 section 14(4) obligations: passing through disclosures, identifying churning, and cooperation on remedial action.
• Design an "executive summary worksheet" capturing each portfolio's objective, target market, benchmark, distribution strategy and review date – useful for Board packs and FSCA inspections and as a pre-step to ultimate MDD and prospectus development.

7. Prospectus

Consider a prospectus template now. The FSCA have indicated that they may provide a form or guidance but considering the substance to be included in a prospectus now will ensure smooth adoption. Early drafting allows time to gather static scheme information and ensure processes are in place for future publication. Misrepresentation risk should also be interrogated and managed through any prospectus development process.

8. Contractual alignment

• Consider CS 3 in connection with the contractual appointment of trustees/custodian and sub-custodians. Due diligence duties (section 17), compliance undertakings and information-sharing should be addressed.
• Review indemnities and liability caps to ensure risk sits with the party best able to control it – a point the FSCA may scrutinise under its conduct mandate.

9. Notification and reporting processes

Build a Material Events standard operating procedure linked to Annexure A. Include a catch-all "materiality test" so staff escalate events not listed in Annexure A but still potentially significant for investors.

10. Applying proportionality

CS 3 allows proportionate application, but this is not a licence to ignore core duties. A smaller or emerging Manager might document leaner structures, yet must still show how risks are identified, conflicts managed, and investors treated fairly. Boards should minute the rationale for any scaled-down approach and schedule periodic reassessment as the business grows.

CS 3 delivers a principle-based rulebook that raises the bar for CIS governance and investor protection. The twelve-month runway gives Managers the chance to move from compliance firefighting to strategic readiness: tightening governance, sharpening risk tools, and refreshing documentation. Executed early, these steps not only mitigate regulatory risk but can improve operational resilience and investor confidence. Given the breadth of change – and the personal accountability now placed on key persons – professional legal advice has never been more valuable. Engage your advisers, allocate workstreams and turn CS 3 into a competitive advantage well before the clock runs down.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.