arrow_back Back to Simply SaaS The Problem Platform Security Impact Book a walkthrough
location_onBuilt for FSCA-regulated FSPs in South Africa

Fit & Proper
Compliance Management

Safeguards the FSP · Enlightens the Compliance Officer · Empowers the Key Individual · Informs the Representative
hub FAIS Compliance Universe — every fit & proper obligation, connected

Your compliance is only as strong as
the system behind it

Board Notice 194 of 2017 created personal liability for the Key Individuals and compliance officers responsible for meeting its requirements. For most firms, the system holding all of this together is a spreadsheet.

warning_amber

Audit risk is real

FSCA findings increasingly cite inadequate record-keeping, lapsed fit and proper status, and incomplete audit trails. A finding against the FSP is a finding against the person who signed the licence.

table_chart

Spreadsheets age badly

Manual tracking creates visibility gaps the moment someone forgets to update a row. CPD cycles, RE deadlines, qualification expiries, declaration periods — one mistake and the record is wrong.

schedule

Compliance officers are administrators

The hours spent chasing CPD certificates, collating evidence for reviews, and maintaining manual registers are hours not spent on actual compliance work. That cost is real — and invisible in most firms.

"What compliance officers lose sleep over isn't a lack of knowledge about the requirements — it's a lack of visibility into whether they're being met. Who has lapsed? Who is about to? Can we prove it if asked today?"

One platform.
Every stakeholder.

Complii Next was built to serve every person in the compliance chain — each with a different need, each with something to lose when the system fails.

security
Safeguards
the FSP

Audit-ready records and cryptographic evidence that protect the licence — and the person whose name is on it. An audit is a morning's work, not a fortnight of reconstruction.

visibility
Enlightens
the Compliance Officer

Real-time visibility across the entire firm. Deadlines tracked automatically. Gaps surfaced before they become findings. No more reactive compliance — only proactive control.

key
Empowers
the Key Individual

Personal regulatory liability managed proactively. Evidence on hand before the inspector asks. The KI can go home Friday knowing the firm's records are accurate, auditable, and defensible.

info
Informs
the Representative

A clear personal compliance dashboard from day one. CPD progress, RE status, declaration obligations — all visible. No compliance surprises. No missed deadlines because no-one told them.

The shift from reactive
to proactive

Click any scenario to see what changes.

New representative onboarding
See the difference
Before

HR notifies compliance. Spreadsheet updated manually. CPD target calculated by hand. Declaration list updated. Outlook reminder set. RE deadline noted in a separate tracker.

CPD deadline season
See the difference
Before

Compliance officer emails all reps. Chases non-responses individually. Updates the spreadsheet with confirmations. Exports a summary manually for management.

Qualification or CoB verification
See the difference
Before

Staff member emails a scanned certificate. Compliance officer downloads, reviews, replies by email, updates the spreadsheet. Certificate stored in an email thread.

FSCA supervisory review
See the difference
Before

Compliance officer spends days collating records across spreadsheets, email archives, and shared drives. Data gaps discovered under pressure.

The compliance burden doesn't disappear. It becomes manageable — and auditable.
That is the difference between a finding and a clean audit.

SaaS — not a capital project

No upfront investment. No implementation project. No version lock. Simply SaaS hosts, maintains, secures, and updates Complii Next — so your team uses the platform, not manages it.

01

Operational expenditure — not capital commitment

Subscription-based, sized to your representative and KI count. Grows with your firm. Predictable cost, no procurement cycles, no board approval for an upgrade.

02

Always on the latest version

New features, regulatory updates, and extended integrations — available to all clients without upgrade projects or additional licence negotiation.

03

No implementation risk

No six-month deployment project, no dedicated project manager, no systems integrator. Firms are operational in weeks, not quarters.

04

Infrastructure managed for you

Hosting, maintenance, security patching, backups, and uptime are Simply SaaS's responsibility — on Microsoft Azure's South African infrastructure, governed by a Service Level Agreement.

The alternative to a SaaS compliance platform is not "no cost." It is the hidden cost of spreadsheet maintenance, manual tracking, staff time spent on administration, and the personal liability that accumulates when records fall behind.

Subscription-based pricing on enquiry — sized to your firm.

A compliance platform
must itself be defensible

location_onZA
Hosted in South Africa. On Microsoft Azure. Your firm's data never leaves South Africa. For firms with POPIA obligations, data residency is a compliance requirement in its own right. Azure's South African infrastructure provides enterprise-grade uptime, automated backups, and geographically redundant storage.
check
Encryption in transit and at rest HTTPS enforced with HSTS. All data at rest encrypted at infrastructure level. Database connections require SSL.
check
Mandatory MFA — every user, every login Email OTP, 6 digits, 5-minute expiry, hashed at rest. 3 wrong attempts = locked. 10 failed passwords = account locked. Admin invite only — no public sign-up.
check
Layer-scoped role-based access control Permissions are discrete capabilities. A Gauteng compliance officer cannot access Western Cape records. Representatives see only their own profile.
check
Immutable audit trail Every change logged: what changed, from what, when, and by whom. Cannot be silently overwritten. Real administrator identity always recorded.
check
Cryptographic evidence integrity Declarations and supervision records stored with HMAC-SHA256 hash, server-side IP, and timestamp. "Hash matches" or "Tamper detected" on demand.
check
Aligned with POPIA principles Personal information accessible only within permissioned scope. No PII passed to AI systems. Sensitive data not exposed in URLs, logs, or error messages.
We do not claim certifications we do not hold. The security posture of this platform was designed to be defensible — because the firms using it need it to be. All critical and high findings from the most recent full-codebase security review (May 2026) have been resolved.

Built in South Africa.
For South African FSPs.

Simply SaaS builds compliance and operations platforms for FSCA-regulated financial services firms. We build for the South African market — not for a generic international market that includes South Africa as an afterthought.

Our products are designed around FAIS legislation, FSCA supervisory requirements, and the operational reality of compliance teams in South African FSPs. Complii Next is our Fit & Proper management platform — and it is built on a modular foundation that grows with your firm's needs.

Complii Next is built on Google's Material Design 3 standard — the same design language used across millions of business applications worldwide. Staff encounter a clean, familiar interface from day one. Dark mode supported throughout.

A Simply SaaS Product
Hosted in South Africa
Microsoft Azure Infrastructure

Ready to take the next step?

No slide deck. No scripted pitch. Just the platform, running on your questions.

Book a 20-minute walkthrough

We'll show you Complii Next working against a realistic FSP scenario — your team size, your compliance obligations, your regulatory context.

Request a walkthrough →
check_circle Subscription-based pricing on enquiry
check_circle No capital investment required
check_circle Operational in weeks, not quarters
check_circle South African data residency
check_circle Microsoft Azure infrastructure
check_circle Built for Board Notice 194 of 2017