1. Introduction
Brasington Macris Inc (“the Firm”) is committed to upholding the highest standards of legal, regulatory, and ethical compliance in accordance with South African laws, including but not limited to the Legal Practice Act, 2014, the Financial Intelligence Centre Act, 2001 (FICA), the Protection of Personal Information Act, 2013 (POPIA), and other relevant legislation. This Risk and Compliance Programme outlines the policies, procedures, and controls implemented to ensure compliance and mitigate legal, financial, and reputational risks.

2. Regulatory Framework
This Programme is designed to ensure compliance with the following South African laws and regulatory requirements:

• Legal Practice Act, 2014 – Governs legal practitioners and ensures ethical and professional standards.

• Financial Intelligence Centre Act, 2001 (FICA) – Establishes anti-money laundering (AML) and counter-terrorism financing (CTF) obligations.

• Protection of Personal Information Act, 2013 (POPIA) – Regulates the collection, processing, and storage of personal information.

• Companies Act, 2008 – Governs corporate governance and fiduciary responsibilities.

• Any other applicable South African laws and professional rules.

3. Risk Management Approach
The Firm adopts a risk-based approach to identify, assess, and mitigate risks through:

• Regular compliance risk assessments.

• Implementation of internal controls and monitoring systems.

• Employee training on legal and regulatory obligations.

• Ongoing review of policies and procedures.

4. Compliance Governance Structure
The Firm’s compliance responsibilities are assigned as follows:

• Compliance Officer – Oversees compliance with regulatory requirements and internal policies.

• Managing Partners – Ensure implementation and enforcement of compliance measures.

• All Employees – Adhere to compliance policies and report any violations.

5. Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) Compliance
In accordance with FICA, the Firm:

• Conducts client due diligence (CDD) and Know Your Client (KYC) procedures.

• Identifies and reports suspicious transactions to the Financial Intelligence Centre (FIC).

• Maintains records of transactions and client identification for at least five years.

• Provides staff training on AML/CTF requirements.

6. Data Protection and Confidentiality
The Firm complies with POPIA by:

• Implementing policies for the lawful processing of personal data.

• Securing client and employee data against unauthorized access or breaches.

• Providing training on data protection responsibilities.

• Responding to data subject requests in accordance with POPIA.

7. Ethics and Professional Conduct
All legal practitioners and employees must adhere to the Legal Practice Council’s Code of Conduct, ensuring:

• Integrity and professionalism in legal practice.

• Avoidance of conflicts of interest.

• Confidentiality and client privilege protections.

8. Compliance Monitoring and Reporting

• Regular audits and reviews to ensure adherence to compliance policies.

• Internal reporting channels for compliance concerns or violations.

• Disciplinary action for breaches of compliance obligations.

9. Training and Awareness

• Annual compliance training for all employees.

• Updates on regulatory changes and emerging risks.

• Training on AML, data protection, and ethical obligations.

10. Review and Updates
This Risk and Compliance Programme will be reviewed annually or as required by changes in legislation or business operations. Any amendments will be communicated to all employees and stakeholders.

11. Contact Information
For any compliance-related inquiries or reporting concerns, please contact: Compliance Officer: Shano Macris
Email: shano@bmlawinc.co.za
Phone: 087 351 8447
Address: 3rd Floor, Waalburg Building, 28 Wale Street, Cape Town, 8001

By implementing this Programme, the Firm ensures compliance with legal and regulatory obligations while upholding the highest ethical and professional standards in legal practice.