Contributed By A&O Shearman
Banking Regulation
The South African Reserve Bank (SARB), which is South Africa’s central bank, was established by the South African Reserve Bank Act, 1989, and is the primary regulator of banking in South Africa. The SARB administers the Banks Act, 1990 (“Banks Act”), which is the primary statute governing banking. Subsidiary legislation promulgated under the Banks Act, including the Regulations Relating to Banks, 2012 (“Bank Regulations”), set out a comprehensive framework of prudential regulation of banking activities. The SARB additionally regulates mutual banks, which are owned by their depositors, in accordance with the Mutual Banks Act, 1993, and co-operative banks in accordance with the Co-operative Banks Act, 2007, but these entities are not the focus of this chapter.
The Prudential Authority (PA) operates within the administration of the SARB and is the direct licensing authority and supervisor of the domestic activities of South African banks and their foreign branches, as well as representative offices and domestic branches of foreign banks. It was formed as the first peak of the “Twin Peaks” reform, splitting bank and financial services regulation into prudential and conduct regulation. The PA is tasked with ensuring the financial stability and soundness of banks in South Africa and ensures the application of international regulatory and supervisory standards. To that end, the SARB is designated as the resolution authority in respect of the resolution of designated financial institutions, including banks, under Chapter 12A of the Financial Sector Regulation Act, 2017 (FSRA).
The National Treasury Department of the Republic of South Africa (“Treasury”) is vested with responsibility for a system of exchange controls founded in the Currency and Exchanges Act, 1933, and the exchange control regulations thereunder (“Exchange Control Regulations”). The Treasury has delegated that responsibility to the SARB. The Financial Surveillance Department of the SARB (FinSurv) is responsible for the day-to-day administration of the Exchange Control Regulations, which are implemented in practice by banks that have been designated as “Authorised Dealers” under the Exchange Control Regulations.
Company Legislation
The Companies Act, 2008 (“Companies Act”), will apply to a registered bank in South Africa because a bank must be a public company. The Companies and Intellectual Property Commission (CIPC), together with the Takeover Regulation Panel in respect of mergers and other changes in control, are the regulators tasked with enforcing the Companies Act. In practice, most often the public company (being the bank itself or the controlling company of the bank) will be listed, and therefore the Listing Requirements and Equities Rules of the Main Board of the exchange operated by JSE Limited, known as the Johannesburg Stock Exchange (JSE), will also apply to the bank, particularly in respect of questions of corporate governance.
AML and CFT
The Financial Intelligence Centre (FIC) regulates, inter alia, banks as accountable institutions, ensuring compliance with the Financial Intelligence Centre Act, 2001 (FICA). The Prevention of Organised Crime Act, 1998 (POCA), the Prevention and Combating of Corrupt Activities Act, 2004, and the Protection of Constitutional Democracy against Terrorist and Related Activities Act, 2004, also form part of the AML/CFT regime applicable to banks.
Market Conduct
The FSRA also established the Financial Sector Conduct Authority (FSCA), which is the dedicated market conduct regulator for the financial services sector. The FSCA administers the Financial Advisory and Intermediary Services Act, 2002 (FAIS), which regulates the provision of advice and intermediary services in relation to financial products, including deposits. Banks must be authorised under the FAIS to market deposits or other financial products in South Africa, and compliance with the FAIS is overseen by the FSCA.
Retail Credit
The National Credit Act, 2005, established the National Credit Regulator (NCR), which is the primary regulator of South African credit providers. The NCR oversees the registration and conduct of credit providers, credit bureaus and debt counsellors.
Data Protection
The Protection of Personal Information Act, 2013 (POPIA), established the Information Regulator (Information Regulator), which is responsible for ensuring compliance by public and private bodies, including banks, with data protection rules in South Africa.
Licences, Activities
Conducting the business of a bank may only be undertaken by a public company (incorporated under the Companies Act) that is registered/licensed as a bank under the Banks Act or a branch of a foreign bank registered under Section 18A of the Banks Act. Possession of a registration certificate entitles the bank or branch of a foreign bank to conduct the business of a bank in South Africa – in particular to solicit for and conduct deposit-taking activities and to use deposits to grant loans, for investment or to finance business activities.
A foreign bank can alternatively register a representative office, but a representative office cannot conduct the business of a bank.
Conditions for Authorisation
A prospective bank may, but is not required to, initiate the application process by setting up a meeting with the PA to discuss business plans, the licensing process and the application requirements. The first requirement for any prospective new bank is to apply to the PA for authorisation to establish a bank. As mentioned in 1.1 Key Laws and Regulations, only a public company may register as a bank. However, the CIPC cannot register a company’s memorandum of incorporation (MOI) unless the application for registration is accompanied by the PA’s approval.
Process for Authorisation
An application to the PA for authorisation to establish a bank must be made in the required form and contain the information prescribed by the Bank Regulations and any further information the PA requires. The PA grants such approval if it believes that the prospective bank is likely to be eligible for registration as a bank.
The prospective bank can apply for registration as a bank during the 12 months after the date of the authorisation. Again, the application must be made in the required form, and contain the information required in Section 16(2) of the Banks Act and any further information deemed necessary by the PA. The PA can revoke authorisation if any false or misleading information is found to have been provided, or the bank is not formed within 12 months of the date of the authorisation.
The PA can grant, refuse or conditionally grant registration as a bank. The PA will only grant registration if the criteria in Sections 13(2) and 17(1) of the Banks Act have been met, including that:
Finally, an applicant must also prove compliance with the minimum share capital and unimpaired reserved funds requirements of the Banks Act relating to the specific business that the bank conducts. The calculation formulas differ depending on the bank’s activities. For example, Section 70 of the Banks Act distinguishes between banks that trade solely in financial instruments, banks that trade in financial instruments as part of their business, and banks that do not trade in financial instruments.
Obtaining registration as a bank generally entails significant interaction with the PA and is likely to take between ten and 16 months from the date of application to receipt of a certificate of registration. Once a licence is obtained, it must be renewed annually.
Licensed Activities and Restrictions
A banking licence permits its holder to engage in ‘the business of a bank’, as that term is defined in the Banks Act. Such business includes, inter alia, soliciting and accepting deposits from the general public, issuing notes, using money accepted by way of deposit or the issuance of notes for granting loans, investing and/or financing others’ business activities. Section 78 of the Banks Act lists a number of ‘undesirable practices’, in which a bank must refrain from participating. The undesirable practices include, inter alia, holding shares in its parent, lending money against security of its own (or its parent’s) shares and entering into repurchase agreements in respect of assets created by simulated transactions.
Ancillary Activities and Required Authorisations
In South Africa, licensed banks participate in the financial markets in various capacities for which additional permissions are required.
Branches and Cross-border Services
South Africa does not recognise European Union passporting for banks or financial services. For a foreign bank to obtain authorisation to operate a branch, the applicant must submit a completed form accompanied by the prescribed fee. The PA can request such further information and documentation as it deems necessary. A foreign bank establishing a branch must meet several criteria, including that the foreign bank must:
The PA will also consider certain aspects of the foreign bank’s regulatory regime and its compatibility with the PA’s requirements. In addition, the branch will be required, inter alia, to have capital exceeding certain thresholds, maintain a minimum reserve balance with the SARB, and comply with the minimum liquid assets requirement in the Banks Act.
Application fees and annual licence fees are payable.
Change in Control
The Banks Act prohibits any person (other than the bank’s controlling company) from acquiring (including with concert parties) shares in a bank or controlling company amounting to more than 15% of the total value or voting rights of the bank’s issued shares without permission of the PA or the Minister of Finance (MoF). This includes an acquisition which, together with shares already held by that person or an associate of that person, amounts to more than 15% of the total nominal value or total voting rights of the bank’s issued shares.
The PA can authorise a person who has for 12 months, or any shorter period the PA determines:
The MoF, acting through the PA, can authorise a person who has for 12 months, or any shorter period the MoF determines:
The above rules also apply to foreign ownership of banks.
To grant authorisation, the PA and/or the MoF must be satisfied that the proposed acquisition is not contrary to the interests of the public or the bank, its depositors or its controlling company.
Further, the Banks Act prohibits any person other than a registered bank controlling company, a bank or an institution approved by the PA and conducting a business like the business of a bank in a country other than South Africa from exercising control over a bank.
The Companies Act
In addition to the above, the Companies Act requires that a shareholder must report to an issuer if it acquires or disposes of shares such that the shareholder’s holding crosses, up or down, the 5% threshold or any multiple of 5%. The issuer in turn must report the information on the JSE’s Stock Exchange News Service. Entitlements to a bank’s shares (for example, convertibles and options) must be counted, but not synthetic exposure to a bank’s shares.
Ongoing Obligations
‘Significant owners’ (which generally involves holding at least a 15% stake or having 15% control) in a bank are subject to various fitness and propriety requirements that are set by the FSCA and PA in Joint Standard 1 of 2020, titled ‘Fitness, Propriety and other Matters Related to Significant Owners’. The Joint Standard lists a number of circumstances that may indicate that a natural or juristic significant owner is not fit and proper, such as, inter alia, conviction for a financial crime, being the subject of a civil judgment for theft, fraud, forgery or other acts of dishonesty, removal from an office of trust, or sequestration or liquidation. A significant owner and the relevant bank are obliged to notify the FSCA and the PA of the occurrence of any such circumstances.
Statutory Requirements
The Banks Act requires that a bank’s board of directors and executive officers must establish and maintain an adequate and effective process of corporate governance aimed at achieving the bank’s strategic and business objectives efficiently, effectively, ethically and equitably within acceptable risk parameters. The board and officers must also ensure compliance with all applicable laws and corporate behaviour that is universally recognised as correct and proper. The board and officers must establish mechanisms and procedures to minimise potential conflicts of interest between the bank and the personal interests of directors and officers. The board must retain control over the strategic and business direction of the bank, while allowing executives to manage operations and achievement of objectives.
The Bank Regulations additionally make the board of directors responsible for ensuring that governance includes the maintenance of effective risk management and capital management. The maintenance process must be consistent with the nature, complexity and risk inherent in the bank’s on-balance sheet and off-balance sheet activities, and the board must ensure that the bank’s risk management and capital management are able to respond to changes in the bank’s environment and conditions. The board can appoint supporting committees.
In addition, the PA publishes Guidance Notes, which may provide guidance with respect to corporate governance requirements.
Voluntary Codes
The King Code applies to all organisations in South Africa, including banks. It is voluntary, but companies listed on the JSE (such as banks, which are public companies) must report on their compliance with the King Code. The latest iteration, “King IV”, is a collection of 16 principles (plus one that applies only to institutional investors) promoting “the exercise of ethical and effective leadership by the governing body”. Some of the aspects of governance addressed in King IV are risk governance, audit committee disclosures, performance evaluations of the governing body, and delegation to management and committees.
The Code of Banking Practice, 2012, is a non-binding set of minimum standards established to promote good banking practices. It aims to increase transparency for customers, promote open and fair banking relationships and promote confidence in the banking sector.
Diversity
The Broad-based Black Economic Empowerment Act, 2003 (“BEE Act”), seeks to transform the South African economy by, inter alia, increasing the participation of historically categorised black African, Coloured and Indian South Africans in ownership and management structures. Although the BEE Act does not place legal obligations on banks, the sector codes score businesses based on their contributions to black economic empowerment and places an obligation on organs of state and public entities to conduct procurement in favour of BEE Act compliant businesses.
Code of Conduct
In terms of POPIA, the Banking Association of South Africa (BASA) and the Information Regulator have published a Code of Conduct for the Processing of Personal Information by the Banking Industry (“BASA Code”). The BASA Code aims to ensure compliance with POPIA, and requires BASA members to establish agreements with third parties for the processing of personal information. The BASA Code will be enforced against BASA members by BASA.
Regulatory Approvals
The Banks Act requires that the chief executive officer of a bank (or in relation to the appointment of the chief executive officer, a director designated by the board) must, at least 30 days prior to the proposed date of appointment, give written notice to the PA of any person to be appointed as chief executive officer, director or executive officer. The PA may object (and must provide the grounds for the objection) to the proposed appointment within 20 working days of receipt of the notice. The PA can object to the appointment or continued employment of a chief executive officer, director or executive officer if the PA reasonably believes that the person is not, or is no longer, a fit and proper person to hold the relevant office or if it is not in the public interest for the person to hold or continue to hold the relevant office. Each chief executive officer, director and executive officer of a bank owes towards the bank the duties set out in the Banks Act (including to act bona fide for the benefit of the bank and to avoid conflicts of interest) and the Companies Act. The information to be submitted is found in the Bank Regulations, including form BA 020 together with a curriculum vitae and a criminal background check report.
The majority of the directors of a bank must not be employees of that bank, its subsidiary or its controlling company. Directors who are employees must not together be entitled to exercise more than 49% of the total vote on the board of the bank.
Roles and Accountability
Directors, the chief executive officer and the executive officers of a bank owe a duty to the bank to act bona fide for the benefit of the bank, avoid conflicts of interest, possess and maintain the knowledge and skill reasonably expected of a person holding a similar role, and exercise care in the carrying out of functions as may reasonably be expected of a diligent person holding the same appointment.
The Banks Act requires a bank’s board of directors to establish a remuneration committee consisting only of non-executive directors. It must assist the board to, inter alia:
In addition, the Bank Regulations require that the board must ensure effective governance with respect to remuneration policies by actively overseeing the design of such policies. The board must monitor the operation of the policies and ensure the policies are aligned with the board-approved tolerance for risk. In particular, the board must ensure that:
FICA is the primary AML/CFT statute in South Africa, and it applies to banks as accountable institutions. Among other things, FICA requires banks and other accountable institutions to:
Banks must take a risk-based approach to their AML policies and adjust their procedures to assess and mitigate specific risks. Recently, the FIC imposed new requirements to screen employees in high-risk roles for competence and integrity prior to their appointment and at least annually during employment. Such screening involves, inter alia, checking for criminal records, particularly in relation to crimes of dishonesty, and past AML/CFT failures while the employee was in a senior decision-making role, and screening for domestic or foreign politically exposed persons.
POCA creates two main money-laundering offences. POCA makes it a crime to, inter alia, assist any person to avoid prosecution or to knowingly enter into a transaction that is likely to have the effect of concealing or disguising the nature, source, location or movement of property. POCA also addresses racketeering by making it a crime to keep any property produced as a result of a pattern of racketeering or, knowing the racketeering origin of property, acquire any interest in the establishment, operation or activities of an enterprise. POCA empowers South African high courts to make orders of forfeiture of property that constitutes the proceeds of unlawful activity.
Requirements
South Africa’s deposit protection regime was recently established and became operational on 1 April 2024. It requires all licensed banks in South Africa to become members of the Corporation for Deposit Insurance (CoDI) and pay an annual levy and monthly premiums into the deposit insurance fund (DIF).
Administrator
CoDI was established as a subsidiary of the SARB on 24 March 2023 and is governed by the FSRA.
Qualifying Deposits and Limits
Qualifying deposits exclude deposits held by a depositor in the capacity of a “financial institution”, which is defined in the FSRA as a financial product provider, a financial service provider, a market infrastructure, a holding company of a financial conglomerate or a person licensed or required to be licensed in terms of a financial sector law. The deposits of non-financial corporates will be qualifying deposits. The DIF will cover each qualifying deposit up to ZAR100,000.
CoDI is able to use the DIF in one of two ways to give covered depositors reasonable access to their funds:
Funding
Funding for the DIF comes from a deposit insurance levy, which will be calculated and payable by banks as a percentage of covered deposits as at the end of each financial year.
South Africa has generally implemented the Basel III risk-based capital regulations consistent with international practice. Elements of Basel III are still coming into effect through 2025.
The Bank Regulations contemplate that the business of a bank entails the management of risks, and the Bank Regulations therefore require banks to develop comprehensive risk-management processes and board-approved policies and procedures to address risks.
A bank’s management must ensure that the risks are managed prudently and appropriately by:
Management must also conduct stress tests to identify events or changes in market conditions that may have an adverse impact on the bank.
South Africa has adopted International Financial Reporting Standards (IFRS) issued by the International Accounting Standards Board. The directors of a bank must make annual reports to the PA addressing, among other things, the integrity of internal controls, the maintenance of ethical standards and material malfunctions of controls.
The Banks Act sets out the prudential requirements for a bank, depending on whether the bank’s business includes trading of financial instruments, consists solely of trading in financial instruments or excludes the trading of financial instruments. The Banks Act imposes different minimum requirements for the share capital and unimpaired reserve funds in each of the above scenarios. In addition, the Banks Act sets certain minimum requirements for the capital and reserve funds of a bank controlling company, and any regulated entity included in a banking group and structured under the controlling company must comply with the requirements of its relevant regulator.
In addition to the above prudential requirements, the Banks Act limits the investments, loans, advances or other credits that a bank, controlling company or branch of a foreign bank can undertake, and in particular:
Banks must build up capital buffers outside periods of stress, which may be drawn upon as losses are incurred during periods of stress specified in writing by the PA. If a bank operates within the capital conservation buffer range, the PA imposes restrictions on capital distributions until such time as the minimum capital adequacy ratio is restored.
Banks are subject to a large exposure framework (LEX) designed to specifically protect banks from material losses resulting from the non-performance of a single counterparty or group of connected counterparties.
Banks must hold liquid assets in South Africa to a value that is at least 20% of their prescribed liabilities. Further, a bank cannot pledge or otherwise encumber any assets that are held by it in compliance with this liquidity requirement, unless the PA has provided an exemption.
Under the Basel III framework, the SARB introduced a leverage ratio to serve as a backstop to the risk-based capital requirement and to prevent build-up of excessive leverage in the financial system. The Bank Regulations provide that every bank and every controlling company must calculate a leverage ratio in accordance with the relevant ratio formula, to supplement the bank or controlling company’s relevant risk-based capital requirements.
LEX requirements for Domestic Systematically Important Banks (D-SIBs) permit lower concentration limits than for other banks.
With effect from 2024, banks must disclose information related to interest rate risk in the banking book (IRRBB) in line with the Basel Committee on Banking Supervision’s (BCBS) consolidated disclosure requirements in the Basel framework.
Resolution and Key Attributes of Effective Resolution Regimes
A framework for resolution of banks became law in South Africa on 1 June 2023, implementing South Africa’s agreement to adopt the Financial Stability Board’s Key Attributes of Effective Resolution Regimes for Financial Institutions. The relevant provisions are contained in the FSRA. The FSRA requires the SARB, based on a risk analysis, to plan for the potential need for the orderly resolution of each bank.
The FSRA creates a point of resolution, which is deemed to be the point when a designated institution is or will probably be unable to meet its obligations (including regulatory requirements) and it is necessary to trigger resolution to protect or maintain financial stability. The SARB is the resolution authority; it can recommend to the MoF that a bank enters resolution if the triggers have been met and the SARB believes that recovery actions have failed or will not be successful. If the MoF agrees, the resolution process and resolution powers will be invoked.
The resolution framework introduces a number of powers to support an orderly resolution of a designated institution. The most significant of these powers is statutory bail-in, under which the SARB is empowered to take one or more of the following actions in relation to a designated institution in resolution:
Statutory bail-in enables the SARB to recapitalise a designated institution at the point of entry into resolution. Banks must maintain a specified level of liabilities that are designated for bail-in in resolution, enabling the SARB to assign first losses to shareholders and creditors with sufficient capacity to also restore the capital of a bank in resolution.
Statutory bail-in can only be applied in resolution and must strictly follow the statutory credit hierarchy and safeguards set out in the relevant provisions of the FSRA.
Additionally, the SARB as resolution authority can transfer assets and liabilities of a bank in resolution, establish a bridge institution, institute temporary moratoria on certain proceedings and the exercise of early termination rights, and suspend obligations of the bank in resolution.
Provisions in certain contracts that provide for acceleration and early termination on entry into resolution or the taking of resolution action are not effective in respect of a bank in resolution. The PA has mandated a contractual recognition approach in this regard, requiring amendments to banks’ agreements that are governed by foreign law.
Creditors are protected by implementation of the “No Creditor Worse Off Rule” and the requirement that claims follow the insolvency hierarchy of claims, while allowing for some flexibility.
Depositor Preference Rules
The FSRA also contains a simple depositor preference regime, which applies only to covered deposits and any bank in respect of which insolvency proceedings are commenced. The regime requires that in insolvency, covered deposits should be paid out of the estate of an institution in resolution before concurrent claims, regulatory capital instruments and shareholders. The FSRA provides that “covered deposits”, together with interest thereon, must be paid after payment of any preferred creditors (including secured creditors, the South African Revenue Services, the salaries and wages of employees, costs of liquidation, costs of execution and special notarial bonds) provided for in the Insolvency Act, but before payment of any other unsecured creditors.
Although relevant sections of the FSRA became effective from 1 June 2023, no deposits will be covered deposits until the DIF becomes operational. Preferred deposits will rank pari passu among themselves.
Guidance Note
In May 2024, the PA published a guidance note (ESG Risk GN) titled ‘Guidance on climate-related governance and risk practices for banks’. The purpose of the ESG Risk GN is to supply guidance to banks regarding climate-related risk management, under the four thematic areas of governance, risk management, and metrics and targets.
Through the ESG Risk GN, the SARB makes a bank’s board of directors responsible for the effective and successful oversight and management of climate-related risks. To do this, the board of directors and senior management should clearly identify and assign responsibilities throughout the bank’s organisation structure for managing climate-related risks.
From a risk management perspective, a bank should be able to demonstrate that climate-related risks have been considered under relevant traditional risk categories such as credit, market, operational and liquidity. A bank’s compliance function should ensure that climate-related risks are identified and accounted for in the compliance management framework. A bank’s internal audit function should review the risk management process for climate-related risks to ensure the adequacy and effectiveness of the process. A bank should ensure that business continuity plans account for physical risks and climate-related risks, both of the bank and of any outsourcing service providers.
A bank should develop key risk indicators and metrics to quantify exposures to climate-related risks, and be able to identify relevant climate-related risk drivers that may materially impair financial conditions. Stress-testing and scenario analysis can be used to assist with risk identification, monitoring and assessment.
A bank’s internal capital adequacy assessment process should explain, inter alia:
Also in May 2024, the SARB published a guidance note relating to climate-related disclosures for banks (ESG Disclosure GN). The purpose of the ESG Disclosure GN is to supply guidance to banks regarding climate-related disclosures, taking into consideration recommendations of the Task Force on Climate-Related Financial Disclosures and the International Sustainability Standards Board, under the four thematic areas of governance, strategy, risk management, and metrics and targets.
The ESG Disclosure GN sets out a list of overarching requirements to fulfil when disclosing climate-related risks and opportunities. The SARB will expect banks to produce climate-related disclosures and reports that, at a minimum, fulfil the following principles:
Additionally, the board should ensure that a bank annually discloses, inter alia, its practices in maintaining oversight and the role of senior management in relation to climate-related risks and opportunities.
From a strategic point of view, a bank should disclose annually the current and expected impacts of climate-related risks and opportunities on the bank’s business, strategy and financial planning.
A bank should describe its risk management policies, processes and controls for identifying, assessing and managing climate-related risks, and incorporating these risks into the bank’s overall risk management.
A bank should disclose metrics and targets that enable stakeholders to evaluate the bank’s exposure to, and measurement and management of, climate-related risk.
There are no hard deadlines for disclosures prescribed in the ESG Disclosure GN, but the PA expects banks to be proactive and not be compliance driven. Mandatory disclosure will rather be determined by, inter alia, non-financial sector disclosure requirements and international standard-setting bodies.
OR Directive
In line with the BCBS paper on principles for operational resilience issued in March 2021 (“BCBS OR Paper”), the PA published the first directive relating to operational resilience in December 2021 with an intended compliance date in June 2023. Then, in June 2023, the PA published a replacement directive (“OR Directive”) titled ‘Principles for operational resilience’. In the introduction, the OR Directive notes that the Bank Regulations require banks to establish and maintain robust processes of corporate governance, including the maintenance of effective risk management and capital management. Operational resilience forms an integral part of the enterprise risk management processes, practices and procedures. According to the Bank Regulations, if the PA determines that a bank’s policies, processes and procedures relating to operational resilience are inadequate, the PA may, inter alia, require the bank to maintain additional capital.
The OR Directive requires banks to do the following on or before 31 December 2024:
Cyber Joint Standard
In June 2024, the FSCA and the PA published Joint Standard 2 of 2024 titled ‘Cybersecurity and cyber resilience requirements for financial institutions’ (Cyber Joint Standard), which will become effective on 1 June 2025.
The Cyber Joint Standard provides detailed guidelines for certain institutions, including banks, to manage and mitigate cybersecurity risk. Under the Cyber Joint Standard, banks must, inter alia:
There are a number of upcoming regulatory developments that may have an impact on South African banks.
6th Floor
90 Grayston
90 Grayston Drive
Sandton
Johannesburg 2196
South Africa
+27 82 853 4312
kelle.gagne@aoshearman.com www.aoshearman.com