(1) | The Regulatory Board must in respect of personal information in its possession or under its control comply with the Protection of Personal Information Act, 2013 (Act No. 4 of 2013). |
(2) | A member of the Regulatory Board, a member of any committee envisaged in this Act, an employee of the Regulatory Board or an authorised person referred to in section 48A(1), may not disclose to any person not in the service of the Regulatory Board any information obtained in the performance of functions under this Act except— |
(a) | for the purpose of enforcing compliance with this Act or any decision made in terms of this Act; |
(b) | when required to do so by a court; |
(c) | at the written request of, and to, any appropriate regulator which requires it for the institution or an investigation with a view to the institution of any disciplinary process or criminal prosecution; |
(d) | at the written request of, and to, any appropriate international regulator of audits and auditors that requires such information for the purpose of investigation or a disciplinary process; or |
(e) | for purposes of referring a non-audit matter in terms of section 48(1A). |
[Section 57A inserted by section 21 of the Auditing Profession Amendment Act, 2021 (Act No. 5 of 2021), Notice No. 228 of GG44493, dated 26 April 2021]