What is NamCode and is it mandatory?

NamCode (the Corporate Governance Code for Namibia) was introduced in 2014 by the Namibia Institute of Corporate Governance (NICG). It is based on South Africa's King III principles, adapted for the Namibian context. While there is no statutory obligation on all companies to comply, the Namibian Stock Exchange (NSX) requires listed companies to apply NamCode principles on an apply-or-explain basis. For banking institutions and NAMFISA-regulated entities, governance expectations align closely with NamCode principles. In practice, NamCode represents the accepted governance standard for Namibian organisations with public interest obligations.

Does Namibia have data protection legislation?

Namibia does not yet have enacted comprehensive data protection legislation. The Draft Data Protection Bill 2021 proposes establishing a Data Protection Supervisory Authority and regulating personal information processing, but it remains in draft form. Currently, data protection is governed by constitutional privacy rights and sector-specific regulations. However, NamCode addresses IT governance and information security as governance obligations, and many Namibian organisations proactively implement data protection practices aligned to POPIA or GDPR due to cross-border operations.

What is NAMFISA and who does it regulate?

The Namibia Financial Institutions Supervisory Authority (NAMFISA), established under the NAMFISA Act 2021, regulates and supervises non-bank financial institutions in Namibia. This includes insurance companies, pension funds, friendly societies, medical aid funds, unit trusts, stock exchanges, and capital market participants. NAMFISA employs a risk-based approach to supervision, assessing financial performance, risk management systems, and governance structures. It works in coordination with the Bank of Namibia through a Memorandum of Agreement for joint oversight of the financial sector.

Can Dimeri handle both Bank of Namibia and NAMFISA compliance?

Yes. Dimeri provides a unified compliance platform that tracks obligations across both Bank of Namibia (banking sector) and NAMFISA (non-bank financial sector) simultaneously. For organisations that operate across both sectors — such as financial groups with banking, insurance, and asset management arms — Dimeri ensures consistent governance documentation that satisfies both supervisors' requirements and is ready for the joint inspections and coordinated oversight activities enabled by the Bank of Namibia–NAMFISA cooperation agreement.

Dimeri for Namibia

GRC Software for Namibian Organisations

Namibia's corporate governance framework is built on the Corporate Governance Code for Namibia (NamCode), introduced in 2014 and modelled on South Africa's King III principles with Namibian-specific adaptations.

Try Dimeri Talk to Sales

Dimeri Risk Intelligence Platform✦ AI Active

Risk RegisterControlsIncidentsGovernanceStrategic

2Critical

4High Priority

5Active Risks

68%Avg Control

Risk Heat Map — 5×5 Matrix

← Low Likelihood High →

Active Risk Items

CriticalNamCode — Risk Governance Committee Effectiveness Gap

58%

CriticalBank of Namibia — Capital Adequacy Ratio Pressure

62%

HighNAMFISA — Solvency Margin Shortfall

66%

Industry Risk Landscape

Understanding the Risk Environment

Namibia's corporate governance landscape centres on the Corporate Governance Code for Namibia (NamCode), published in 2014 by the Namibia Institute of Corporate Governance (NICG).

Key risk areas covered

NamCode Governance & Board Reporting
Bank of Namibia Prudential Compliance
NAMFISA Risk-Based Supervision Compliance
IT Governance & Cybersecurity Risk

Key Frameworks & Standards

NamCodeBank of Namibia GuidelinesNAMFISA Act 2021NSX ListingsISO 31000COSO ERMIIA Three Lines

See how Dimeri maps your risks to the right frameworks automatically.

Book a Demo →

Core Risk Use Cases

Built for How Your Industry Actually Works

NamCode Governance & Board Reporting

NamCode requires organisations to demonstrate governance outcomes across ethical leadership, board effectiveness, risk governance, IT governance, compliance, internal audit, and stakeholder management.

Dimeri maps every risk in your register to the relevant NamCode principle, tracks the status of each governance outcome, and generates disclosure reports aligned to the apply-or-explain approach.
Board members and governance committee chairs can see at a glance which NamCode principles are fully addressed, which have gaps, and what remediation actions are underway.

Bank of Namibia Prudential Compliance

The Bank of Namibia requires banking institutions to maintain enterprise risk management frameworks with capital adequacy compliance, credit risk management, liquidity risk monitoring, and operational risk controls.

Dimeri provides a structured risk register that maps directly to Bank of Namibia prudential categories, tracks capital adequacy ratios in real time, monitors risk concentration limits, and generates regulatory reports in the format expected by Bank of Namibia supervisory teams.
When examination teams request evidence of risk governance, the entire framework is documented and auditable in a single platform.

NAMFISA Risk-Based Supervision Compliance

NAMFISA regulates non-bank financial institutions using a risk-based supervision approach, assessing financial performance, risk management systems, governance structures, and AML/CFT compliance.

Dimeri tracks every NAMFISA governance obligation, monitors compliance across board composition, risk management effectiveness, and capital requirements, and generates reports aligned to NAMFISA supervisory expectations.
For organisations regulated by both Bank of Namibia and NAMFISA, Dimeri provides a unified view of compliance across both supervisors — ensuring consistent governance documentation for joint inspections.

IT Governance & Cybersecurity Risk

NamCode requires boards to govern IT as an integral part of the company's risk management strategy.

This includes oversight of IT strategy alignment, information security, business continuity, and IT risk management.
Dimeri maps IT risks to NamCode IT governance principles, tracks cybersecurity controls and their effectiveness, monitors IT governance maturity, and provides boards with structured reporting on technology risk posture.

Digital Risk Register

GRC Register — Namibian Regulatory View

✦ Powered by AI

Risk IDRisk DescriptionOwnerScoreControl %

NA-001NamCode — Risk Governance Committee Effectiveness GapCompany Secretary16

58%

NA-002Bank of Namibia — Capital Adequacy Ratio PressureChief Financial Officer18

62%

NA-003NAMFISA — Solvency Margin ShortfallChief Actuary15

66%

NA-004NamCode — IT Governance GapChief Information Officer12

70%

NA-005NSX — Integrated Reporting DelayHead of Investor Relations8

82%

✦AI analysis has identified that the NamCode risk governance committee effectiveness gap (NA-001) and the IT governance gap (NA-004) share a common root cause: insufficient board-level reporting on technology risks. The risk governance committee lacks structured input on IT risk posture, cybersecurity incidents, and IT control effectiveness — creating gaps in both general risk governance and specific IT governance oversight. Implementing a structured IT risk reporting framework to the risk committee would reduce residual risk scores for both items by an estimated 35%.

Control & Incident Tracking

Three Lines of Defence — Tracked and Tested

Every risk in your register links to preventive, detective, and corrective controls. Effectiveness percentages update as evidence is logged. Full audit trail for regulators.

Preventive

Multi-Regulator Obligation Mapping

Every applicable Namibian regulation — NamCode governance principles, Bank of Namibia prudential guidelines, NAMFISA governance rules, and NSX listing requirements — is mapped to the specific risks and controls in your register. When a new regulatory directive or supervisory communication is published, Dimeri identifies which existing risks are affected and flags any gaps in your control coverage. The mapping reflects the coordinated oversight between Bank of Namibia and NAMFISA, ensuring consistent compliance documentation for joint supervisory activities.

Effectiveness: 86%

Detective

Governance & Compliance Scorecard

A single-screen traffic-light scorecard shows your compliance status against every NamCode governance principle, Bank of Namibia prudential requirement, and NAMFISA governance obligation. Each item is rated green, amber, or red based on current evidence and control effectiveness, with trend arrows showing whether compliance is improving or deteriorating. The scorecard updates automatically as assurance activities are completed and evidence is uploaded.

Effectiveness: 83%

Corrective

Remediation Workflow & Board Reporting

When a governance gap, regulatory breach, or audit finding is identified, Dimeri creates a structured remediation workflow with assigned owners, due dates, and evidence requirements. Progress is tracked through to closure with a full audit trail. Board and committee reports are generated automatically from current data — showing risk profile changes, remediation progress, emerging risks, and compliance status in the format expected by Namibian boards, Bank of Namibia examination teams, and NAMFISA supervisors.

Effectiveness: 78%

Risk Register Software vs Excel

Why Spreadsheets Fail in This Industry

Spreadsheets cannot handle the complexity, volume, and real-time demands of modern industrial risk management. Here is where they consistently break down — and what Dimeri does instead.

Spreadsheet ProblemDimeri Solution

✗NamCode governance mapping maintained in static documents that cannot demonstrate apply-or-explain compliance to NSX or regulators

✓Living governance register that maps risks to NamCode principles in real time, with structured apply-or-explain evidence updated automatically

✗Bank of Namibia and NAMFISA compliance tracked in separate spreadsheets with no unified view for joint supervisory activities

✓Unified multi-regulator dashboard showing compliance across Bank of Namibia and NAMFISA requirements — ready for coordinated oversight reviews

✗IT governance and cybersecurity risk managed informally without structured reporting to the board

✓Structured IT governance framework mapped to NamCode IT principles with automated board reporting on technology risk posture

✗Board risk reports compiled manually over weeks from multiple departmental sources

✓Board-ready governance reports generated in minutes from live data, aligned to NamCode disclosure expectations and NSX requirements

✗No visibility into connections between governance gaps across NamCode, Bank of Namibia, and NAMFISA

✓AI identifies cross-regulator linkages — a governance gap affecting both banking and insurance operations is flagged once and remediated holistically

Frequently Asked Questions

Common Questions

Related Resources

Deepen Your Knowledge

TemplateNamibia Risk Management Template→TemplateKing IV Corporate Governance Framework→GuideWhat Is GRC? Explained for African Businesses→PageGRC Software South Africa→PageGRC Software Botswana→PageGRC Software Nigeria→

Try Dimeri Talk to Sales