FSCA Communication 9 of 2024: Adoption of the Legal Entity Identifier in South Africa

1 FSCA COMMUNICATION 9 OF 2024 (GENERAL) ADOPTION OF THE LEGAL ENTITY IDENTIFIER IN SOUTH AFRICA

1. PURPOSE The purpose of this Communication is to set out the view of the Financial Sector Conduct Authority (FSCA) of the importance and benefits of adopting a Legal Entity Identifier (LEI) and to encourage regulated entities to implement LEIs.
2. BACKGROUND 2.1 The LEI is a 20-digit, alpha-numeric code, which connects to key reference information and is used to uniquely identify legally distinct institutions that engage in financial transactions. An LEI, in its simplest form, is a global identity number of a legal entity. The LEI definition currently relies on a standard published by the International Organisation for Standardisation (ISO) on 30 May 2012 (ISO 17442:2012, Financial Services). 2.2 LEIs are issued by “Local Operating Units” (LOUs) and accredited by the Global Legal Entity Identifier Foundation (GLEIF). The GLEIF is tasked to support the implementation and use of LEIs. The GLEIF is backed and overseen by the LEI Regulatory Oversight Committee (ROC), representing public authorities from around the globe that have come together to jointly drive forward transparency within the global financial markets. 2.3 LEIs were introduced following the Global Financial Crisis of 2008 so that all participants and financial institutions/ or legal entities in the financial system would be easily identifiable in order to facilitate assessment and monitoring of financial stability. The global LEI initiative is driven by the Financial Stability Board (FSB) and the Group of Twenty (G20) was created in order to, inter alia: (a) meet the G20 objectives of improved transparency, mitigation of systemic risk and protection against market abuse; (b) assist regulatory authorities in conducting market surveillance and enforcement, supervision of market participants and resolution activities in preparing high quality financial data for regulatory purposes; (c) facilitate Over-the-Counter (OTC) derivatives central reporting to Trade Repositories (TR) by market participants; and (d) support improved risk management, increased operational efficiency and accurate calculations of exposure.

2 2.4 A globally unique identification system for legal entities may benefit market participants and authorities in several ways, once it is broadly adopted. Transparency requirements for financial institutions to publish information with their own LEI makes it easier for market participants, including investors, to retrieve the information and match it with other information in their own risk analysis. The use of the LEI could also enhance banks’ management of information across legal entities, facilitate a comprehensive assessment of risk exposures at the global consolidated level and improve the speed at which information is available internally, especially after a merger or acquisition. 2.5 There is a considerable degree of interconnectedness among legal entities operating in a global economy, both within the financial sector and between the financial and non-financial sectors. This interconnectedness needs to be monitored to understand risk and its build up, thereby assisting in enhancing financial stability. 2.6 In particular, the ability to uniquely identify entities, along with knowledge of how entities are interlinked, is necessary to measure and manage the risk of contagion among entities, sectors and countries. At the global level, the LEI has been given the important role of unequivocally identifying legal entities involved in financial transactions. The LEI is valuable to regulators and other authorities for evaluating systemic risk (particularly in times of crises), conducting market surveillance and enforcement, supervising market participants, implementing resolution decisions, preparing high quality financial data and undertaking other public functions. 2.7 Other advantages are also available to the wider financial industry, non-financial industry and academics. The LEI allows the private sector to foster improved risk management, increased operational efficiency and more accurate calculation of exposures, as well as addressing other needs. The LEI has benefits over other identifiers that currently exist at national or regional level. The global nature of the LEI is important because (i) trade and financial streams do not stop at the border of a country and (ii) many South African entities are part of, or otherwise directly connected to, entities in other parts of the world. Properly identifying (parties within) such group structures is only possible with a global identifier. 2.8 LEIs can support the global work on Anti-money Laundering/Counter-Terrorist Financing/Countering Proliferation Financing by enabling the efficient identification and verification of legal entities through a single global identity number, which can also provide added information on, for example, Beneficial Ownership. 3. SOUTH AFRICAN DEVELOPMENTS 3.1 The FSCA serves on the LEI ROC Plenary and Executive Committee and, before the establishment of the GLEIF, acted as a Sponsoring Authority, which entailed being responsible for the submission of applications by South African pre-LOUs to the ROC and providing confirmation to the ROC that all pre-LOU endorsement requirements have been complied with, both at the time of the application and on an on-going basis. 3.2 Apart from the FSCA’s role in the ROC, there are various other local developments surrounding the implementation of LEIs in South Africa that should be noted:

3 (a) Endorsement of pre-LOU: On 18 December 2015, the ROC endorsed Strate (Pty) Ltd (Strate) as a pre-LOU. As of the date of this endorsement, all certified codes issued by Strate are globally recognised by the ROC for reporting purposes. Strate (as a pre-LOU) went live with the LEI application program in February 2016. Strate was fully accredited as an LOU by the GLEIF Accreditation Team effective 31 May 2018. (b) FMA Conduct Standard 3 of 2018: In South Africa the use of LEIs by OTC Derivatives Providers to report transactions to a Trade Repository was mandated in FMA Conduct Standard 3 of 2018: Conduct Standard for Reporting Obligations in Respect of Transactions in Over-The-Counter Derivatives, which was published on 11 October 2018. (c) International Securities Identification Number (ISIN): 1 The global initiative2 of linking ISINs and LEIs maps new and legacy ISINs to their corresponding LEIs. By linking the two ISO standards together, firms will be able to aggregate the data required to gain a clear view of their securities exposure within a given issuer and its related entities. Once implemented, the ISIN-to-LEI mapping table will be made freely available to all, without restriction, on both the GLEIF and the Association of National Numbering Agencies (ANNA) websites. The JSE Limited, as the National Numbering Agency in South Africa, signed in April 2020 the formal agreement with ANNA to join the ISIN-LEI mapping initiative. As part of their ANNA obligation, they are currently requesting an LEI from the Issuer, for every ISIN issued. This LEI/ISIN data is uploaded to the Global ASB (ANNA Service Bureau) database for reporting to GLEIF. (d) Reporting and Disclosure of Short Sales: The use of a LEI is proposed to be mandated in the Draft Conduct Standard – Requirements relating to the Reporting and Disclosure of Short Sales, which was published for public comment on 31 March 2023. The final Conduct Standard will be published in due course. (e) Reporting of transactions in core funding markets: The South African Reserve Bank requires commercial banks to include the LEIs of counterparties in qualifying money market transactions reported daily. The reporting instructions are detailed in the SARB’s Money Market Data Collection Framework, which will be expanded to include foreign exchange market transactions in 2024. (f) Securities Finance Transactions (SFT): As part of the policies identified by the FSB to increase transparency across SFTs, the FSCA is in the process of formulating a Conduct Standard for the SFT market in South Africa. The proposed Conduct Standard will include a number of new rules for market participants, including a requirement for counterparties to SFTs to report the details of any SFTs they have concluded, as well as any modification or 1 The ISIN uniquely identifies a security. Its structure is defined in ISO 6166. Securities for which ISINs are issued include bonds, notes, certificates of deposit, commercial paper, stocks and warrants. The ISIN code is a 12-character alpha-numerical code that does not contain information characterising financial instruments but serves for uniform identification of a security at trading and settlement. 2 On 4 September 2018 ANNA and the GLEIF announced the signing of a new initiative to link International Securities Identification Numbers.

4 termination thereof, to the FSCA. It is envisaged that in the reporting of SFT transactions, the Conduct Standard will require the use of an LEI. 4. GLOBAL DEVELOPMENTS The use of an LEI is already required under a number of European Union (EU) regulations and directives such as: (a) European Markets Infrastructure Regulation (EMIR) – counterparties to derivatives contracts as well as beneficiaries, brokers, Central Counterparties and clearing members; (b) Market Abuse Regulation (MAR) – issuers of financial instruments, entities responsible for reporting suspicious transactions; (c) Capital Requirements Regulation (CRR) – credit and financial institutions; (d) Alternative Investment Funds Directive (AIFMD) – funds and fund managers; (e) Credit Rating Agencies Regulation (CRAR) – credit rating agencies and rated entities; (f) Solvency II – pension funds and insurance companies; (g) Central Securities Depositories Regulation (CSDR) – CSDs, CSDs’ participants; (h) Transparency Directive – issuers of financial instruments listed on regulated markets; (i) Securities Financing Transactions Regulation (SFTR) – parties involved in securities financing transactions and the beneficiaries of the rights and obligations arising from these. (j) Prospectus Regulation – issuers of securities offered to the public or admitted to trading on a regulated market situated or operating within an EU member State; and (k) Markets in Financial Instruments Directive II (MiFID II)/Markets in Financial Instruments Regulation (MiFIR). 5. FREQUENTLY ASKED QUESTIONS To support further understanding and adoption, Appendix A hereto attached contains a list of frequently asked questions in relation to the implementation of an LEI. The frequently asked questions provide more information on the background, benefits and global developments surrounding LEI. 6. CONCLUSION AND ENQUIRIES 6.1 Regulatory use of the LEI has been expanded to other industries and business cases. Additional rules implementing the LEI have been issued in several jurisdictions. New regulations introduced the LEI into banking supervision (Australia and China), for credit rating agencies (China), in the insurance sector, corporate credit and non￾derivatives sectors (India), for asset management and market surveillance (in the EU), in securities markets (in China for certain securities issuers, investors and in order to open a securities custody account) and securitisation (in the EU), for statistical purposes (in China for reporting loans and foreign assets and liabilities for statistical purposes) and for foreign exchange and physical trade (China). Some countries have also issued a roadmap for the implementation of the LEI in the coming years, such as China for its impact on cross-border payments. 6.2 GLEIF, in cooperation with the ROC, has several initiatives to promote LEI adoption more broadly, including bulk LEI registration by intermediaries and business registries – which could both lead to a significant reduction of per capita fees and increase network effects – and additional LEI features that could incentivise voluntary adoption,

5 such as the verifiable LEI (vLEI), i.e. a digitally verifiable credential containing the LEI. Further improvement in the quality of LEI data remains a GLEIF and ROC priority to enhance the effective use of the LEI and broaden adoption. 6.3 If you have any questions about this Communication, do not hesitate to contact Ms Elmarie Hamman: Head of Market Risk and Transparency at the FSCA at elmarie.hamman@fsca.co.za. OLANO MAKHUBELA DIVISIONAL EXECUTIVE: MARKET INTEGRITY AND DECISION SCIENCES FINANCIAL SECTOR CONDUCT AUTHORITY Date of publication: 20 March 2024

6 APPENDIX A LEGAL ENTITY IDENTIFIER (LEI) FREQUENTLY ASKED QUESTIONS (FAQ)

1. What is a Legal Entity Identifier (LEI)? The Legal Entity Identifier (LEI) is a 20-character reference code to uniquely identify legally distinct entities that engage in financial transactions and associated reference data. Two fundamental principles of the LEI code are: (a) Uniqueness: an LEI is assigned to a unique entity. Once assigned to an entity, and even if this entity has for instance ceased to exist, a code should never be assigned to another entity. (b) Exclusivity: a legal entity that has obtained an LEI cannot obtain another one. Entities may port the maintenance of their LEI from one operator to another. The LEI remains unchanged in the process. The LEI definition currently relies on a standard published by the International Organisation for Standardisation (ISO) on 30 May 2012 (ISO 17442:2012, Financial Services). The LEI number itself has no embedded meaning. The two last characters are check digits, contributing for instance to avoid typing errors. The reference data (LEI) currently associated in the database with each entity includes: (a) The official name of the legal entity; (b) The address of the headquarters of the legal entity; (c) The address of legal formation; (d) The date of the first LEI assignment; (e) The date of last update of the LEI; (f) The date of expiry, if applicable; (g) For entities with a date of expiry, the reason for the expiry should be recorded, and if applicable, the LEI of the entity that acquired the expired entity; (h) The official business registry where the foundation of the legal entity is mandated to be recorded on formation of the entity, where applicable; and (i) The reference in the official business registry to the registered entity, where applicable. Additional information may be registered as agreed between the legal entity and its LEI issuing organisation.
2. What entities are required to have an LEI? ISO standard 17442 specifies the elements of an unambiguous LEI scheme to identify the legal entities relevant to any financial transaction. The term "legal entities" includes, but is not limited to, unique parties that are legally or financially responsible for the performance of financial transactions or have the legal right in their jurisdiction to enter independently into legal contracts, regardless of whether they are incorporated or constituted in some other way (e.g., trust, partnership, contractual). It excludes natural persons, but includes individuals acting in a business capacity. It also includes governmental organisations and supranational Institutions. 1 1 Supranational institutions are those owned or established by governments of two or more countries. They are usually established by international treaties to pursue specified policy objectives and are generally not subject to commercial law.

7 It is important to distinguish between being eligible for an LEI and being required to have one. As defined in ISO standard 17442, any legal entity that enters into a financial transaction is eligible for an LEI. Any legal requirement to have an LEI will come from national financial regulators. The use of an LEI is already required under a number of EU regulations and directives such as: (a) European Markets Infrastructure Regulation (EMIR) – counterparties to derivatives contracts as well as beneficiaries, brokers, CCPs and clearing members. (b) Market Abuse Regulation (MAR) – issuers of financial instruments; entities responsible for reporting suspicious transactions. (c) Capital Requirements Regulation (CRR) – credit and financial institutions. (d) Alternative Investment Funds Directive (AIFMD) – funds and fund managers. (e) Credit Rating Agencies Regulation (CRAR) – credit rating agencies and rated entities. (f) Solvency II – pension funds and insurance companies. (g) Central Securities Depositories Regulation (CSDR) – CSDs, CSDs’ participants. (h) Transparency Directive – issuers of financial instruments listed on Regulated Markets. (i) Securities Financing Transactions Regulation (SFTR) – parties involved in securities financing transactions and the beneficiaries of the rights and obligations arising from these. (j) Prospectus Regulation – issuers of securities offered to the public or admitted to trading on a regulated market situated or operating within an EU member State; and (k) Markets in Financial Instruments Directive II (MiFID II)/Markets in Financial Instruments Regulation (MiFIR). 3. What is the process for obtaining an LEI? The legal entity is responsible for applying and maintaining their LEI code. LEIs are allocated by Local Operation Units (LOU)’s. Strate Limited is endorsed by the GLEIF and sponsored by FSCA as an LOU. The website https://request.lei-strate.co.za allows users to access the LEI Register of Strate. 4. How long does an LEI remain valid? An LEI is valid for one year. All LEIs must be renewed every year to remain active and valid and to ensure that all data is accurate. Any LEI that is not actively renewed within one year of its creation will cause the LEI to lapse, which will lead to disruptions with trading in financial instruments. 5. What is the purpose and benefits of an LEI? The Global LEI system (GLIES) was set up by regulatory authorities (including G20 and the Financial Stability Board) in response to the global financial crisis. The LEI is designed to enable the identification and linking of legal entities. It will also assist in managing counterparty risk by enhancing the effectiveness of tools risk managers use in aggregating financial institutions’ exposures across the globe. The main aim of the LEI is to help improve the measuring and monitoring of systemic risk and support more cost-effective compliance with regulatory reporting requirements. The LEI is effectively an international ‘proof of identity’ for legal entities dealing in financial transactions. Also, without a comprehensive LEI system it will be difficult for regulatory authorities across the globe to discharge their supervisory functions effectively. The adoption and implementation of universal LEIs will enable regulators to more accurately and rapidly aggregate data across different

8 jurisdictions to better understand the total exposure of a corporate or financial entity and to facilitate monitoring of systemic risk. 6. Why do Legal Entities need to obtain an LEI now? The Markets in Financial Instruments Regulation (MiFIR) obliges European Union (EU) investment firms to identify their clients that are legal persons, with LEIs for the purpose of Markets in Financial Instruments Directive (MiFID II) transaction reporting. In effect, this requires all relevant counterparties to have LEIs no matter where they are located. Trading venues equally are obliged to identify each issuer of a financial instrument traded on their systems with an LEI code when making daily data submission to the Financial Instruments Reference Data System (FIRDS). The Association of National Numbering Agencies (ANNA) also added an obligation under ISIN guidelines to all ANNAs to request LEI from any Issuer upon requesting an ISIN. 7. What kind of information is identifiable with an LEI? The LEI connects to key reference information that enables clear and unique identification of legal entities participating in financial transactions. Simply put, the publicly available LEI data pool can be regarded as a global directory, which greatly enhances transparency in the global marketplace. 8. Is the LEI data publicly available? Yes. The GLEIF has published the Global LEI Index. It provides information, updated daily, on all LEIs issued to date. Any interested party can easily access and search the complete LEI data pool free of charge on the GLEIF website using the web-based LEI search tool developed by GLEIF. 9. Can individuals obtain an LEI? No. It should be noted however, that on 30 September 2015, the LEI Regulatory Oversight Committee published a statement clarifying the conditions under which individuals acting in a business capacity are eligible to obtain LEIs. 10. Will an LEI be the same for all classes of assets (bonds, mortgages, etc.)? Yes. The LEI is a unique identifier for any given legal entity. It is not an identifier for instruments. As a result, that legal entity will use its LEI for reporting of any type of financial transaction it enters into regardless of the asset class or when the particular asset was issued. Note that within a group of different legal entities, they can issue various equity instruments and debt instruments, but the legal entities may have the same parent or ultimate parent LEI. 11. What if there is an error in an LEI data record? The content of the LEI data record is referred to as the legal entity reference data. LEI owners are responsible for keeping the LEI issuing organisation aware of updates to the legal entity reference data. Also, any LEI data user may challenge an LEI and/or its legal entity reference data. A challenge triggers a review of the record by the respective LEI issuing organisation to determine the validity of the updated information being submitted.

9 Verification and updates of the LEI and/or its legal entity reference data resulting from challenges are processed free of charge by the managing LEI issuer. The Global GLEIF is responsible for monitoring LEI data quality. The GLEIF data quality management program ensures that the LEI maintains the industry standard, best suited to providing open and reliable data for unique legal entity identification management. 12. What about incorrect data, who is responsible? The legal entity that is identified with an LEI is responsible for correcting inaccurate data. The LEI providers should always be pro-active in seeking to remove inaccurate data as soon as possible. 13. Why did/how could the collapse of Lehman Brothers trigger the legislative initiative on LEI? The global financial crisis of 2008 and the collapse of Lehman Brothers in particular, focused regulatory attention on the stability of the financial system. Key to understanding the health of the financial system is the ability to measure the exposures which are being built up through financial activity, and to unambiguously identify the parties involved in associated financial transactions. Identification, therefore, of legal entities is recognized as a critical element to aid regulators and financial market participants alike in measuring and managing risk, including also at a global level. Following the crisis, legislators began a process to gather and analyze increasing amounts of data from the financial community on the financial transactions to which they are party. To make this data more meaningful, standard and global identifier for the legal entities involved in the reported transactions were seen as being essential. 14. What is the scope of LEI for the future? The initial priority for the allocation of LEIs is to cover the legal parties involved in derivatives transactions. It is anticipated that any legal entity that enters into a financial transaction will be eligible for an LEI. Other participants in financial transactions as deemed necessary in the future (including exchanges) will also be eligible. 15. Which financial institutions need to be concerned with LEIs? LEIs are quickly becoming relevant and will continue so for all financial institutions, who will be expected to have an LEI themselves and to ensure that any of their clients that are legal persons also have an LEI. 16. Is the registration fee for an LEI a one-time fee or is it renewed? There is an initial registration fee and also an annual maintenance fee. 17. Is there a cost attached to checking an LEI? Access to the database will be free of charge without restrictions on use or redistribution. Only registration/certification by an entity and annual data maintenance will be chargeable.

10 18. For the buy side, would each product (fund) issued need to get its own LEI? Where an asset manager trades in an undisclosed fashion on behalf of a pension fund, would the pension fund require an LEI? Each individual fund which is active in transactions that need to be reported using an LEI would need to obtain an LEI. Funds would have their own LEI, which would be constant across any asset managers they deal with. 19. Will there be a mapping of securities issued by an entity back to the LEI? Is that mapping a goal of the standard? The LEI database itself will not have a mapping of LEIs to securities. It is expected that firms and regulators will map the LEI to other existing codes, like Committee on Uniform Security Identification Procedures (CUSIPs), in their internal systems. The LEI only identifies entities and therefore, does not overlap with instrument ids such as CUSIPs. Note that at some point, an instrument record would ideally carry both a CUSIP and the LEI of the issuer. Also, third party vendors may undertake to perform such mappings for firms as a valued added service. 20. Is LEI a replacement for ISIN, Stock Exchange Daily Official List, (SEDOLS), 2 CUSIPs 3 that exist today? If not, could you please explain how these may co-exist and the relationship between them? The LEI is neither intended to replace any instrument codes nor any other existing entity codes. It will be a global reference data standard used for the authoritative identification of legal entities. Firms and regulators will then map the LEI to other existing codes in their internal systems. The LEI only identifies entities and therefore, does not currently overlap with instrument IDs such as CUSIPs. Note that at some point, an instrument record would ideally carry both a CUSIP and the LEI of the issuer as mandated by Dodd-Frank Act in attempt to help identify issuers engaging in financial transactions in different markets both domestically and abroad. As mentioned above it should be noted that the Association of National Numbering Agencies (ANNA) and the GLEIF have also taken initiative to link International Securities Identification Numbers ISINs LEIs in attempt to help improve transparency of exposure by linking the issuer and issuance of securities. 21. If an entity goes through a rename corporate action, will a new LEI be issued? The same LEI will continue to apply and should follow a legal entity through its life regardless of corporate actions or other business or structural changes. 2 A list of security identifiers used in the United Kingdom and Ireland for clearing purposes. SEDOLs serve as the National Securities Identifying Number for all securities issued in the United Kingdom and are therefore part of the security’s ISIN as well, 3 CUSIP stands for Committee on Uniform Securities Identification Procedures. A CUSIP number identifies most financial instruments, including stocks of all registered U.S. and Canadian companies, commercial paper, and U.S. government and municipal bonds