Liability, Tax and Financial Reporting Requirements in South Africa

Legal Entity

Limited companies are, by law, legal entities that have a (perpetual) life of their own, irrespective of the owners/shareholders of the company. As stated by Atrill & McLaney (2011), this means that the company itself can be sued, or can sue another person/entity in its own capacity, irrespective of the owners. This is in direct contrast with sole proprietorships where, unlike the accounting (where the owner and the business is separate), the owner and the company are legally treated as the same entity, therefore the owner is the one who is liable if any legal issues arise.

Limited Liability

Perhaps one of the most important features of a company is that the shareholders of the company have a liability that is limited only to the equity (shares) they have in the business. If the company has a large outstanding debt which it is unable to repay, by law only the assets/equity the business itself owns can be liquidated to repay the outstanding amount, and the shareholders are not liable for any repayment in their personal capacities. Again this is in direct contrast, as mentioned above, with sole proprietorship where the sole proprietor themselves would be liable for any bad debts in their personal capacity and therefore even their “non-business” assets may be liquidated to fulfil debt payments.


Due to the two points mentioned above, a limited company therefore must be taxed as an entity. Most countries have separate taxation percentages for legal entities. These taxes are charged to the company and this does not exempt shareholders from their personal tax requirements, for example; receiving a dividend pay-out from the already taxed profits does not mean the shareholder doesn’t have to pay tax on the dividend pay-out as the dividend pay-out is a taxable income to them personally, the tax the company has paid is for the company.

South Africa – Accounting and Financial Reporting

South Africa currently has limited companies as well as another form of entity called a close corporation. Closed corporations are much easier to incorporate than regular companies and do not require full accounting audits, but have a number of other limitations compared with regular limited companies which are represented by (Pty) Ltd (eCompanies, n.d.). Close corporations in South Africa have, however, been phased out as of this year.  Regulations for limited companies in South Africa, as mentioned, require the financials to be audited by a firm of Chartered Accountants.  With effect from July 1, 2010, a new legislation amendment has been made to the companies act that states financial reporting standards “must be consistent with the International Financial Reporting Standards of the International Accounting Standards Board” (eStandardsForum, 2009).


Atrill, P. & McLaney, E. (2011) Accounting and Finance for Non-specialists. 7th Edition. England: Pearson Education Limited.

eCompanies (n.d.) What is a close corporation? [Online]. Available from: (Accessed: 16 April 2011).

eStandardsForum (2009) South Africa – International Financial Reporting Standards [Online]. Available from: (Accessed: 16 April 2011).

Electronic Bullying or Freedom of Speech?

Raskauskas (2007) mentions that with the advent of the Internet and the increasing availability thereof, has come a new form of bullying involving text messages, web sites, emails and instant messaging. Raskauskas’s study is researching two sides of the electronic bullying demographic which I think are both quite feasible. The first being that the likelihood of a real life bully becoming an electronic bully is quite high, but secondly that the victims of bullying could turn to electronics to become bullies themselves due to the anonymity. I think this is entirely likely, anyone who has spent time on the internet during their youth, in chat rooms more than likely, have come across the typical cyber bully, using their authority (access level/user rights) to persecute other users.

As far as responsibilities go, it is my personal belief that (in the case of students) it is both the school and the parents who should be intervening and trying to control the situation. Stavros and Androniki (2010) mention that schools should involve the entire faculty along with the students in producing a policy against cyber bullying, that cell phone use should be prohibited in school and punishments should be clearly defined and explained to all parties. They also mention that all students and parents should sign and accept the policy on cyber-bullying in schools, I believe this will increase accountability and make the seriousness of the situation more accepted instead of it being looked at as a trivial or perhaps humorous act.

Greg (2009) has written a blog post on a student who made a YouTube defamatory video about another student. The student was suspended from school for two days. A judge ruled that the school had no right to suspend the child from school as it did not cause any disruption of the school’s activities. The judge wrote that “The court cannot uphold school discipline of student speech simply because young persons are unpredictable or immature”. In Greg’s article he describes the freedom of speech as a rule to protect bullies, while this is probably not the case, there does rein some truth.

Masnick (2010) has a similar article on cyber bullying regarding comments made against a student on his website. In this story the California court said that the online bullying was not protected free speech. This shows that there are still some issues to be revisited when it comes to free speech laws, clearly, is has been a difficult task due to differing opinions of hate speech and arguments against freedom of speech.

I don’t believe that electronic bullying in the workplace falls far from school bullying. Morrall and Urquhart (2004) write that harassment, whether in or out of the workplace is punishable by law. Under the UK Public Order Act of 1986 “a criminal offence is committed where a person intentionally harasses another by using threatening or abusive language, whether orally or in writing, which causes another person harassment, alarm or distress”.



Greg (2009) Freedom of Speech vs. Bullying [Online]. Available from: (Accessed: 26 December 2010).

Masnick, M (2010) California Court Says Online Bullying Is Not Protected Free Speech [Online]. Available from: (Accessed: 26 December 2010).

Morrall, S & Urquhart, C (2004) ‘Bullying and Harassment in the Workplace’ Legal Information Management; Autumn 2004, 4 (3), pp.164-167, EBSCO [Online]. Available from: (Accessed: 26 December 2010).

Raskauskas, J (2007) ‘Involvement in traditional and electronic bullying among adolescents’ Developmental Psychology, 43 (3), pp.564-575, EBSCO [Online]. Available from: (Accessed: 26 December 2010).

Stavros, K & Androniki K (2010) ‘Cyberbullying: A Review of the Literature on Harrassment Through the Internet and Other Electronic Means’ Family & Community Health, 33 (2), OvidSP [Online]. Available from: (Accessed: 26 December 2010).

Responsibilities for Computing Professionals in Developing Material for the Internet

Responsibilities of the Computing Professional

The responsibilities of the computing professional, as covered in my previous posts, are both ethical and legal. It is our duty to inform and guide from our experience and expertise. The cliché of using our ‘powers’ for ‘good’ and not ‘evil’ can be broadly applied; as with almost any other profession.

Responsibilities Relating to Development of Internet Material

The word development here has a double connotation. Firstly the actual programming of “material” which could constitute any system that generates content or systems available on the internet or allows the generation of content on the internet. As discussed by Adams and McCrindle (2008, p.352), a number of malicious examples of software, created by computing professionals, are readily available on the Internet.

I’d like to briefly outline the relevant examples.

  1. Trojan Horses: These are quite literally as their name suggests, programs that pose as something innocent (most of the time), but hold inside them harmful code that will potentially damage your data or perform some other illicit task.
  2. Virus: This is a term many use to encompass all forms of malicious software, but is itself a specific type of malicious software. It can be carried with a Trojan Horse and usually replicates itself to other files and programs on the computer. Most of the time the program carries out a task that usually causes harm to data and possibly even hardware.
  3. Worm: These infections ‘worm’ their way through a network without requiring the means of a Trojan Horse or Virus to spread. If they are to spread outside of the current network they may also be carried via Trojan Horses.
  4. Zombie: These are programs designed to allow ‘back doors’ to a system so that it can be remotely accessed to perform a number of tasks (often used for Distributed Denial of Service attacks).

Secondly, perhaps a less direct means of our responsibility as computing professionals can be the “written” (typed) information we spread across the internet. Publicly releasing knowledge that could jeopardise systems is an ethical issue we need to take seriously. Sometimes, this may be a difficult decision to make but it is always something that should not be taken lightly.

Responsibilities Relating to the Usage of the Internet

Due to the global nature of the internet, its reach going into many secure facilities, government agencies, banks and other authorities; we must ensure that securing the implementations of these systems is a top priority. Adams and McCrindle (2008, p.368) describe black, white and grey hat crackers and the controversial issue of whether grey hat techniques are in the best interests of the organisation or not. Personally I am partial to both it being wrong and right as it really boils down to the situation at hand. If they grey-hat techniques simply identify back doors or other security threats without interfering or having negative effects on the current system, and provided the grey hat crackers do not plaster the vulnerabilities all over the internet – it may be acceptable. A paper by the Electronic Frontier Foundation mentions that grey-hat techniques may violate a number of laws such as the Computer Fraud and Abuse Act, Anti-Circumvention Provisions of the DMCA, Copyright Law and other state laws, so it is probably best to either secure your research or request permission beforehand when doing such techniques.


Adams, A & McCrindle, J (2008) Pandora’s Box: Social and professional issues of the information age. England: John Wiley & Sons Ltd.

Electronic Frontier Foundation (n.d.) A “Grey Hat” Guide [Online]. Available from: (Accessed: 5 December 2010).

The WIPO Copyright Treaty & Feasibility of Copyrights

As discussed by Adams and McCrindle (2008, p.423), the WIPO Copyright Treaty includes an increased moral right to the author of the work, as per their example in Germany and France that income derived from an authors work must always partially flow back to the author. Also mentioned repeatedly by Adams and McCrindle the development of patents and copyrights were brought about to encourage creativity and reward innovation. The basis of this I am in full agreement of and I do believe that creators of new innovations and ideas must be accredited and compensated for their work. In the WIPO Copyright Treaty (Adams and McCrindle, 2008, p.422), the copyright law extends to the life of the author plus 70 years after the authors death.

The limitations of copyrights I can see would be simply up to the copyright owners’ decisions on how to distribute or how much they distribute their work for. As depicted in a discussion on Google Answers (2002), where an author published a book at a very high price and then died leaving the copyright to no heirs – the public must wait 70 years until they are able to reprint the work at a more reasonable price to increase circulation.

In the feasibility of copyright value-adds and levies are really only accurately argued when considered alongside the fees that the publisher/producer etc. are adding on-top. Many argue from an idealist point of view that (commonly the argument is against musicians) artists should be doing what they do to enjoy the art and not to be all about the money; but in the world we live in – money is an important aid to quality of life and enjoyment (note: I am not saying it is what gives quality to life, but it does help a lot when compared to poverty), to quote Adams and McCrindle again, without reward for innovation and creativity, would there be as many innovations and hard work put into developing new medicines and techniques for helping people? Even music and entertainment is something important to this world.

Never mind being rich and famous but just having monetary compensation to pay bills while enhancing the new potentially life-saving innovations is something we should definitely consider feasible.

While some may take advantage of these laws we have to consider the good coming from it.


Adams, A & McCrindle, J (2008) Pandora’s Box: Social and professional issues of the information age. England: John Wiley & Sons Ltd.

Google Answers (2002) Q: Copyrights after an author’s death [Online]. Google: Available from: (Accessed: 28 November 2010).

Privacy and Data Protection laws in South Africa

The South African Bill of Rights states that everyone has the right to privacy which includes the right to not have their person, home or property searched, their posessions seized or the privacy of their communications infringed (South African Government, 2009).

The same Bill of Rights states that everyone has the right of access to any information held by the state and “any information that is held by another person and that is required for the excersize or protection of any rights” (South African Government, 2009).

South Africa also has the “ECT Act” (Electronic Communications and Transactions Act), which covers personal information that has been obtained through electronic transactions, which defines a set of rules between the person the information is about and the person/organisation (“data controller”) who is holding that information. This act states that the data controller must abide by all of the following points:

“(1) A data controller must have the express written permission of the data subject for the collection, collation, processing or disclosure of any personal information on that data subject unless he or she is permitted or required to do so by law.

(2) A data controller may not electronically request, collect, collate, process or store personal information on a data subject which is not necessary for the lawful purpose for which the personal information is required.

(3) The data controller must disclose in writing to the data subject the specific purpose for which any personal information is being requested, collected, collated, processed or stored.

(4) The data controller may not use the personal information for any other purpose than the disclosed purpose without the express written permission of the data subject, unless he or she is permitted or required to do so by law.

(5) The data controller must, for as long as the personal information is used and for a period of at least one year thereafter, keep a record of the personal information and the specific purpose for which the personal information was collected.

(6) A data controller may not disclose any of the personal information held by it to a third party, unless required or permitted by law or specifically authorised to do so in writing by the data subject.

(7) The data controller must, for as long as the personal information is used and for a period of at least one year thereafter, keep a record of any third party to whom the personal information was disclosed and of the date on which and the purpose for which it was disclosed.

(8) The data controller must delete or destroy all personal information which has become obsolete.

(9) A party controlling personal information may use that personal information to compile profiles for statistical purposes and may freely trade with such profiles and statistical data, as long as the profiles or statistical data cannot be linked to any specific data subject by a third party.” (South African Government, 2002).

In contrast to the UK, South Africa does not specifically have a Data Protection Act, if we look at the Data Protection Act 1998 for the United Kingdom (United Kingdom Government) we see that it’s section on “Rights of access to personal data” are almost the same as South Africa’s but contains a much more comprehensive overview on the subject.

Interestingly enough the U.S does not have a specific Data Protection Act. They have the “Privacy Act of 1974” and the “Computer Matching and Privacy Act” but both of which only apply to personal information held by the government and does not include other entities. The U.S has another act, “The Privacy Act” which can be described as follows: “The act set forth some basic principles of “fair information practice,” and provided individuals with the right of access to information about themselves and the right to challenge the contents of records. It requires that personal information may only be disclosed with the individual’s consent or for purposes announced in advance. The act also requires federal agencies to publish an annual list of systems maintained by the agency that contain personal information.” (Stratford & Stratford, 1998).


South African Government (2009) Chapter 2 – Bill of Rights [Online]. Available from: (Accessed: 14 November 2010).

South African Government (2002) Electronic Communications and Transactions Act, 2002, No. 25 of 2002 [Online]. Available from: (Accessed: 14 November 2010).

Stratford, J.S & Stratford, J (1998) ‘Data Protection and Privacy in the United States and Europe’, IASSIST Conference, 21 May, Yale University. New Haven, Connecticut: University of California.

United Kingdom Government (1998) Data Protection Act 1998 [Online]. Available from: (Accessed: 14 November 2010).