According to court documents in Moneyweb's possession the way the scam worked was as follows: Duplicates of well-known companies were set up on the CIPRO system. Bank accounts were then set up in the duplicates' names by individuals using fraudulent company and identity documents.

Members of the syndicate then hacked into the central Sars system. The bank account details of the legitimate companies were changed to those of the duplicates. When Sars paid out tax refunds these went to the accounts of the duplicate companies, not the real ones.
That doesn't say much for the effectiveness of FICA!