SupraLex

17/01/2022

Check out our latest verification offerings. Contact us today.

[email protected]

16/07/2021

https://www.linkedin.com/posts/supra-lex-70456316a_cybersecurity-gdpr-compliance-activity-6820671942920691712-XV2p

Data Privacy - Lessons from Europe - Luxemborg The DPA imposed a fine of EUR 15,000 on a company. During an investigation, the DPA found that the controller...

27/05/2021

POPI COMPLIANCE – Data Destruction

Regulation will require responsible parties to destroy or delete information or de–identify it as soon as reasonably practicable after the responsible party is no longer authorised to retain the record.

Do you have a data management cycle for your data processing?
Do you have a policy framework that covers the duration of your processing and your data destruction processes?

What are your thoughts?

26/05/2021

Topic – Occupational Health and Safety
According to Section 17 of the Occupational Health and Safety Act (Act 85 of 1993), employers who employ 20 or more workers on premises must appoint representatives to monitor health and safety conditions. One of the key principals of the OHS Act is that work related hazards, risks and dangers should be addressed through good communication between management and employees. Appointed representatives represent workers regarding safety and health matters to management. Representative's forms part of an important link between management and the rest of the organisations employees.

The appointment of health and safety representatives is a legal requirement; representatives need to be designated in writing, for a specified period of time. It is important to note that the appointment of representatives should be done in accordance with the agreement as contemplated in the General Administrative Regulations of the Occupational Health and Safety Act.
General Administrative Regulation 6 stipulates that after commencing business, the employer in any workplace where there must be a health and safety representative, must meet with the registered trade unions in order to enter into negotiations to conclude a collective agreement. Where there is no registered trade union, the employer must enter into consultation with all employee representatives of the workplace.

During these negotiations the following issues must be discussed in order to reach a collective agreement:
• Nomination or election of health and safety representatives
• Terms of office, circumstances and matter in which they can be removed
• Manner in which vacancies are to be filled
• Manner in which health and safety representatives must perform their functions in terms of the act
• Facilities, training and assistance that must be provided to a health and safety representative

But how many representatives should actually be appointed for the workplace?
According to section 17 of the OHS Act, shops and offices must have at least 1 representative for every 100 workers or part thereof. All other workplaces must have at least 1 representative for every 50 workers or part thereof.

Who should be to appointed?
The same section stipulates that representatives should be full-time workers who are familiar with the workplace.

When should representation activities be performed?
According to the Act, representation activities must be performed during ordinary working hours.

Functions of Health and Safety Representatives (Section 18 of the OHS Act)
It is the employer's duty to ensure that representatives are properly empowered to perform their duties as health and safety representatives.Representatives are entitled to attend incident investigations and enquiries, inspect documents and participate in internal health and safety audits.

Representatives may:
• Review effectiveness of health and safety measures
• Identify potential hazards and major incidents
• Examine causes of incidents
• Investigate complaints
• Advise the committee and the employer

Representatives shall be entitled to:
• Visit incidents sites and attend inspections
• Attend any investigation or formal inquiry
• Inspect any document related to health and safety matters
• Accompany an inspector
• Be accompanied by technical advisor if approved by the employer
• Participate in internal audits

Liability:
A representative shall not incur any civil liability if he failed to do any thing which he may do or is required to do. I trust that the above mentioned information would be helpful.

Credit - https://www.labourguide.co.za/health-and-safety/633-the-appointment-of-health-and-safety-representatives-for-the-workplace

26/05/2021

Regulation of Crypto Assets

The Financial Sector Condcut Authority seeks to regulate the provision of advice or rendering of intermediary services in relation to crypto assets or currrency.
This in turn means that business providing such services will need to comply with certain codes of conduct in the industry and meet fit and proper requirements applicable to the provision of this type of financial sector service.
The COFI Bill is expected to give further effect to the regulation of the activities of crypto assets or currency by including these activities as a licensed activity. Additionally, if the COFI Bill repeals the FAIS Act, as indicated in the second draft of the COFI Bill, the Declaration will fall within the COFI Bill framework. For these reasons, the FSCA has motivated that the Draft Declaration will contribute towards the gradual implementation of existing proposals and does not pre-empt broader policy developments regarding crypto assets.

08/05/2021

King IV Principle 12 recommends Governing Bodies should-
• assume responsibility by setting the direction for how the organisation should approach and address information and technology (IT),
• approve policy to give effect to the direction,
• delegate to management the responsibility to manage IT,
• oversee the management of IT, including overseeing:

-IT risks are integrated into organisation-wide risk management,
the organisation is resilient,
-management responds to security and social media incidents with a breach coach,
-IT is used ethically and responsibly through an IT Policy Framework,
-IT Laws are complied with,
-Information management sustains and enhances the intellectual property protection of the organisation,
-an enabling and supportive IT architecture exists,
-data protection
-information security law aspects to the sourcing of IT in IT contracts are managed,
-the organisation responds to disruptive technologies,

• consider receiving periodic independent assurances on the organisation’s IT arrangements, including outsourced services,
• disclose the governance and management of IT by the organisation, including disclosing an overview, focus areas, actions taken and plans.

08/05/2021

POPI - commencement date 1 July 2021

Some of the key focus areas of Data Governance include the availability, usability, consistency, integrity and security of data. Data Governance can also include establishing processes to ensure effective data management throughout the enterprise such as accountability for the adverse effects of poor data quality or data management.

08/05/2021

POPI_Data Governance a corporate culture of the future.

Data Governance is a data management concept focusing on organisational capacity to ensure that high data quality exists throughout the complete lifecycle of the data together with data controls which are implemented to support business objectives.

Data in some form or another is the life source of an organisation. Data hits at all areas of a business from clients, service providers to employees and much more. The introduction of the Protection of Personal Information Act, 2013 has presented us with the notion of data governance within corporate entities as part of the responsible management of the personal information of data subjects. As data is central to most modern businesses there is a growing need to provide a framework for the oversight of how the data cycles within an organisation are managed.

Data Governance has its roots in the knowledge that the data management processes and policies within an organisation are sound and compliant. Organisations should form reporting lines that establish oversight from the Board of Directors to the data controllers themselves. Data rich organisations should consider specialist knowledge and expertise within the Data Governance structures of the organisation.

Some of the key focus areas of Data Governance include the availability, usability, consistency, integrity and security of data. Data Governance can also include establishing processes to ensure effective data management throughout the enterprise such as accountability for the adverse effects of poor data quality or data management.

At SupraLex we advise our clients on the establishment or progression of their Data Governance structures. We create a think tank with a specialist view to data and how your organisation manages it. Once an organisation has sound structures in place to manage data the road to compliance becomes clear and manageable.

Contact us today for further insights and information on our offerings [email protected].

26/04/2021

COMPLIANCE - FIT AND PROPER VERIFICATION

The Financial Sector poses a number of challenges and hurdles some easier to deal with than others. One such challenge we at SupraLex view as an opportunity. Key individuals (Senior Management), Executive Directors and Board members have to comply with fit and proper standards in order to gain entry into and maintain their positions with institutions in the financial sector.

Fitness and propriety takes many forms and our financial codes and standards require compliance with -

1. Academic Qualification,
2. Financial Soundness,
3. Criminal history,
4. Executive history,
5. Board History.

At SupraLex we assist clients with the verification of eligible candidates to determine their fitness and propriety. We provide comprehensive reports detailing their candidate’s performance in terms of the various requirements.

Our reports have a proven risk management track record and enable effective decision making and personnel management.

Contact us today to find out more about our offerings [email protected].