Vitalis Group SA — Regulatory, Legal & Compliance Framework
The insurance licensing and prudential framework, the Prudential Authority and FSCA requirements, conduct and data-protection compliance, and the legal structure.
Section 10 · Business Plan
Regulatory, Legal & Compliance Framework
The insurance licensing and prudential framework, the Prudential Authority and FSCA requirements, conduct and data-protection compliance, and the legal structure.
10.1 Regulatory Landscape
South Africa operates a Twin Peaks regulatory framework, with
prudential supervision by the Prudential Authority (housed within the
South African Reserve Bank) and market-conduct supervision by the
Financial Sector Conduct Authority (FSCA). This framework, in force
since 2018, aligns South Africa with international best practice and
provides regulatory predictability over the planning horizon.
| Regulator | Mandate as it Affects Vitalis |
|---|---|
| Prudential Authority (PA) | Licences insurers, sets prudential standards (capital, governance, reporting), supervises solvency under SAM |
| Financial Sector Conduct Authority (FSCA) | Licences financial service providers, oversees market conduct, TCF and disclosure, supervises advisors |
| Council for Medical Schemes (CMS) | Regulates registered medical schemes (Vitalis Health structured as a health insurance product, not a scheme) |
| South African Reserve Bank (SARB) | Supervises Vitalis Bank under the Banks Act 1990 |
| Information Regulator | Supervises POPIA compliance |
| SARS | Tax compliance including premium tax, banking levies |
| Competition Commission | Reviews material acquisitions and partnerships |
10.2 Licensing Plan
The Company will pursue four primary licences in parallel, sequenced
to support the product launch plan. Pre-application engagement with the
PA and FSCA commenced in Q3 2025; the formal application process targets
first licence issuance within 6 months of financial close.
| Licence | Regulator | Target Filing | Target Approval |
|---|---|---|---|
| Long-term Insurance Class V (Risk) & VI (Investment) | Prudential Authority | M+1 | M+6 |
| Non-life (Short-term) Insurer | Prudential Authority | M+1 | M+6 |
| Health insurance demarcation product | FSCA / CMS | M+2 | M+5 |
| Banking licence (Tier 2) | PA / SARB | M+9 | M+18 |
| FSP Cat I (Investments) | FSCA | M+12 | M+15 |
| Reinsurance acceptance authorisation | Prudential Authority | M+3 | M+8 |
10.3 Solvency and Capital Framework
Vitalis will operate under the Solvency Assessment and Management
(SAM) framework — South Africa’s adaptation of Solvency II. Under SAM,
insurers must maintain assets sufficient to cover the Solvency Capital
Requirement (SCR), calculated using either the standard formula or an
internal model. Vitalis will use the standard formula at launch with a
long-term plan to develop an internal model for material risk pools.
| Year | SCR (R M) | Eligible Capital (R M) | Coverage Ratio | Buffer over 150% (R M) |
|---|---|---|---|---|
| Year 1 | 250 | 485 | 194% | 110 |
| Year 2 | 335 | 530 | 158% | 28 |
| Year 3 | 460 | 720 | 157% | 30 |
| Year 4 | 630 | 1,180 | 187% | 235 |
| Year 5 | 820 | 1,750 | 213% | 520 |
10.4 Conduct, TCF and Customer Outcomes
Vitalis embeds the FSCA’s Treating Customers Fairly (TCF) framework
into product design, distribution and after-sales servicing. The six TCF
outcomes — fair treatment central to culture; products meet identified
needs; clear information; suitable advice; products perform as expected;
no post-sale barriers to changing product, switching provider,
submitting a claim or making a complaint — are operationalised through a
Conduct Committee chaired by the COO and reporting quarterly to the
Board Conduct & Customer Committee.
10.5 Data Protection and POPIA
The Protection of Personal Information Act (POPIA) imposes
comprehensive obligations on the collection, processing and cross-border
transfer of personal information. Given the data-intensive nature of the
Vitalis platform, POPIA compliance is treated as both a legal and a
commercial imperative. An external Information Officer has been
appointed; data-protection impact assessments precede every new product
and material vendor onboarding; and aggregate data analytics use only
de-identified data sets.
10.6 Anti-Money Laundering and Sanctions
Vitalis is an accountable institution under the Financial
Intelligence Centre Act (FICA). The compliance programme includes
risk-based customer due diligence, ongoing transaction monitoring,
sanctions screening (UN, OFAC, EU and domestic lists), and timely
reporting of suspicious and unusual transactions. The programme is
supervised by a Money-Laundering Reporting Officer (MLRO) with direct
escalation to the CEO and Board.
Confidential — this business plan is provided to prospective investors and lenders for evaluation purposes only and may not be reproduced or distributed without the written consent of Vitalis Group South Africa (Pty) Ltd.