Cross-border digital public infrastructure (DPI) has become a key driver for expanding financial inclusion and economic integration across the South African Development Community (SADC) region. Building an interoperable, trusted system for identity verification, data exchange and payments is essential to meeting regional financial integrity objectives and for providing access to financial services for millions. This piece explores why a regional DPI should be a top priority for SADC now – and how the groundwork already laid can be leveraged for rapid progress.

One of the strategic objectives of the Committee of Central Bank Governors (CCBG) Payments Systems Subcommittee (PSS) in achieving a balance between financial integrity and financial inclusion within the SADC region is to foster financial integrity by strengthening cross-border identity and document verification, and AML/CFT compliance. This is expressed as a regional electronic know-your-customer (eKYC) framework within its 2023–2026 strategic framework, in line with the G20 goals.

Over the last 10 years, FinMark Trust has supported SADC member states and regional sub-structures in addressing the need for a regional DPI for financial inclusion. This effort was recently supported by funding from the Co-Develop Fund, which led to the insights we explore here.

Regional data exchange is currently happening at a bilateral level. Moving beyond bilateral integrations requires a shared regional data exchange layer that standardises how identity data is requested, verified and trusted across borders. This will involve the harmonisation of legal frameworks and technological standards, a regional consent management system, and an intergovernmental governance structure beyond central banks to transition to a regional data exchange platform that enables access to and use of financial services. The timeframe for achieving these requirements varies from short-term to long-term, but key enabling factors are already in place and can be leveraged.

There are 13 SADC countries with foundational ID adoption levels exceeding 70% of the total population. This positions the national ID as a credential type for verifying citizens and migrants, alongside passports and refugee identification documents. A passport is currently the primary document used by migrants sending money across borders. However, it poses several fundamental challenges. While passports are interoperable across borders under treaties and established standards, passport verification is restricted to certain immigration functions. Financial service providers (FSPs) are therefore unable to verify passports across borders routinely. Linking passports to foundational ID numbers (as mentioned earlier) can enable some level of verification outside of the closed-loop international passport control system. Challenges will, however, remain for non-SADC citizens, as FSPs will still have limited options for verifying passports issued outside the SADC region.

Most SADC countries have a foundational national ID system underpinned by a digital population register, which enables electronic integration and allows verification of biometric and non-biometric attributes.

Some SADC countries have domestic eKYC frameworks characterised by central bank-led middleware. These include the central KYC platform in Mauritius, a wallet-based ID system in Seychelles, digital identity cards in Lesotho, and the use of ID numbers without the need for physical cards, such as the Jamii Namba in Tanzania – all of which have financial services use cases. Only a few SADC countries have a financial sector regulator-led eKYC environment. Some of the countries that have a central bank-led eKYC system or are in the process of building a financial sector-led eKYC platform include Mauritius, Malawi, Tanzania, Zambia, and South Africa. For the other countries, eKYC is driven by the Ministry of Communication or the Ministry of Home Affairs.

The architecture that supports data exchange within the region follows four models.

• Federated, network-centric models that do not keep any data at the centre: FSPs have access to registries without direct integration, using the data exchange mechanism. This data exchange mechanism acts as a centralised authorisation point.
• Wallet-based, user-centric model: the data owner stores verifiable identity documents on a smartphone. This creates data sovereignty for the data owner to control access and assert consent whenever it is required to share ID information.
• ESB model: uses a gateway as the mechanism for FSPs to access ID registries, but this is different from the network-centric model in that some data is stored at the centre. The downside of this is that it creates a single point of failure if the middleware is compromised.
• Bilateral, direct integration between FSPs and ID registries: this model could be unmanageable at scale. However, this is also the common integration model within SADC.

There are various standards for how FSPs integrate with foundational national identification systems in the region, which will require standardisation. Integration modalities range from automated APIs and mature identity platforms that support structured, secure data exchange via TLS-based encryption to more traditional offline batch processing or manual web-portal queries. One of the most important limitations in the region is the lack of standardised authentication mechanisms to obtain explicit citizen consent before identity data is shared.

On the legal side, the SADC Model Law on Electronic Transactions and Electronic Commerce, which aims to harmonise e-commerce laws in the region, is in place. However, regulation of the sector remains inadequate . While many SADC countries already have an Electronic Transactions Act and enabling cybersecurity and data protection frameworks, several countries, such as the DRC, Zimbabwe and Lesotho, do not have comprehensive legislation. In countries without the necessary framework, existing laws and regulations for financial services, data protection and cybersecurity have been adapted to create the necessary room for secure digital interactions and the use of electronic credentials in non-face-to-face contexts.

In terms of trust, security and safeguards, political and data security concerns usually dictate that civil registries will not allow data to be replicated outside their control, nor will they allow substantial subsets of the data to be hosted across borders. In addition, most SADC member states' data protection laws mandate that permission be obtained from the data protection agency to hold personal data outside the country, typically to ensure national security interests and comparable protection of the data in the receiving country. Thus, there is a need to revisit the frameworks dealing with data localisation – especially the financial intelligence and data protection frameworks – to ensure that eKYC data can be shared to the extent required by the Financial Action Task Force (FATF) recommendations.

With that said, trusted, interoperable and inclusive digital systems are important for accelerating the SADC digital transformation agenda. Across the region, governments, regulators, financial institutions and development partners are recognising that DPI can play a catalytic role in expanding access to financial services, facilitating regional trade and supporting economic integration. While much of the global conversation around DPI has focused on national or domestic ecosystems, there is growing momentum toward exploring how these capabilities can be extended across borders to support regional integration objectives.

Over the last 15 years, the SADC region has developed several foundational elements that demonstrate the feasibility of a regional DPI ecosystem, including the following:

• Real Time Gross Settlement (RTGS) system : a regional cross-border RTGS system has been operational since 2013. There are 15 SADC countries on the platform with 88 commercial banks and central banks. The system has settled US$ 1.17 billion in transactions as of January 2026.
• Transactions Cleared on Immediate Basis (TCIB) platform: a regional cross-border transfers system between any two TCIB participants of banks and non-banks anywhere in the SADC region. TCIB was launched in 2021 under the ownership of the SADC Payment Systems Oversight Committee (PSOC) to address inefficiencies in cross-border payments and promote regional economic integration and financial inclusion. Since November 2021, TCIB has onboarded 49 participants, including seven live participants, across multiple active corridors in the SADC region.

The governance structure overseeing these two regional payment infrastructures is the CCBG, as supported by the SADC Ministers responsible for national financial matters in July 1995. The PSOC and the Payment Systems Subcommittee (PSS) are specialised bodies that aim to achieve closer cooperation within the region. Other regional sub-structures with mandates supporting regional payments integration include the SADC Banking Association and the SADC Anti-money Laundering Task Team.

The SADC Communications Regulators' Association of Southern Africa (CRASA) also plays a key role within existing regional governance structures, especially in determining regional data governance frameworks.

In addition to the abovementioned DPI payments layer in the SADC regional context, there are also examples of cross-border data sharing between countries. According to the Lesotho Ministry of Home Affairs, South Africa’s Department of Home Affairs conducts electronic verification of Lesotho citizens in South Africa before issuing a Lesotho Exemption Permit (LEP) to the Basotho in South Africa. The LEP was put in place to regularise the stay of Lesotho nationals already residing in South Africa so they can continue to work, study or conduct business legally.

In summary, data exchange for financial use cases is currently happening in the SADC region, but at a bilateral level. For a region-wide interoperable DPI ecosystem, a phased approach is recommended, premised on the priorities outlined in Table 1.

Table 1: Key priorities

The foundations for a regional DPI ecosystem are already in place within SADC. Existing cross-border payment systems, growing adoption of foundational digital identity systems, and emerging data-sharing arrangements demonstrate both the feasibility and strategic value of regional interoperability for financial inclusion. However, achieving a truly integrated cross-border DPI ecosystem will require coordinated action across policy, governance, legal and technical domains.