On 5 July 2018, the Securities and Futures Commission (SFC) issued a consultation paper on proposals to amend the Guideline on Anti-Money Laundering and Counter-Terrorist Financing (Main Guideline) and the Prevention of Money Laundering and Terrorist Financing Guideline issued by the Securities and Futures Commission for Associated Entities (Guideline for AEs). Comments on the proposals are required to be submitted by 9 August 2018.
This is one of many initiatives taken by the Hong Kong government and the financial services regulators (including the SFC) in recent years to enhance the anti-money laundering and counter financing of terrorists (AML/CFT) regime in Hong Kong, in light of the upcoming evaluation of the regime by the Financial Action Task Force (FATF). Other initiatives include, for example, supervisory circulars such as the SFC’s circular of January 2017 highlighting AML/CFT deficiencies identified in inspections (see our briefing here), SFC and Hong Kong Monetary Authority (HKMA) enforcement actions over AML/CFT breaches (see our briefing on some of the 2017 actions here), the recent government report detailing the money laundering and terrorist financing (ML/TF) risk assessment of Hong Kong (see our briefing here), and legislative changes to expand the AML/CFT regime to various types of non-financial businesses and professions.
The proposed amended Main Guideline is set out in appendices 5A and 5B of the consultation paper (marked-up and clean versions). A summary of the proposed amendments to the Main Guideline (on a chapter by chapter basis) is provided in appendix 1 of the consultation paper. A marked-up version of the proposed amended Guideline for AEs is in appendix 6 of the consultation paper.
Following the consultation period, the SFC aims to finalise the guideline amendments by early October 2018 and implement the revised guidelines on 1 November 2018, around the time of the FATF onsite visit to Hong Kong scheduled for October/November 2018.
In addition, late last week, the SFC also issued a circular to provide more flexibility to paragraph 5.1 of the Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission (Code of Conduct) with regards to online client onboarding.
Key objectives of the proposed amendments to the Main Guideline
The SFC has indicated that in formulating the proposed amendments, it has adopted a balanced regulatory approach to give firms flexibility while ensuring that its requirements are effective to prevent ML/TF.
The key objectives of the amendments are to:
align the Main Guideline with the latest FATF AML/CFT standards;
provide increased flexibility under the risk-based approach;
provide additional guidance on the existing AML/CFT requirements.
Proposed amendments to align Main Guideline with latest FATF AML/CFT standards
Politically exposed persons (PEPs)
Due to growing international concerns about corruption in both local and cross-border contexts over the years, the SFC proposes to:
expand the types of PEPs to include persons who have been entrusted with prominent functions by international organisations (such as the United Nations and the World Trade Organisation) (international organisation PEPs);
extend the special measures for foreign PEPs to high risk business relationships with domestic PEPs and international organisation PEPs;
allow licensed corporations (LCs) to determine the extent of the above special measures commensurate with the risk identified using a risk-based approach;
provide additional guidance on how to establish the source of funds and source of wealth of PEPs.
Group-wide AML/CFT systems
The SFC proposes to:
require Hong Kong-incorporated LCs to implement group-wide AML/CFT systems which feature the elements recommended by FATF for themselves as well as their overseas branches and subsidiary undertakings that carry on the same business as financial institutions;
require these systems to include information sharing and provision of information to group-level functions, subject to adequate safeguards;
if the AML/CFT requirements in the jurisdiction where the branches or subsidiary undertakings of the LCs are located differ from those set out in the Main Guideline, require the LCs to require that those branches or subsidiary undertakings apply the higher of the two requirements.
AML/CFT risks from use of new technologies
The SFC proposes to require LCs to identify and assess the ML/TF risks that may arise from the use of new or developing technologies for new as well as pre-existing products, prior to the use of such new or developing technologies.
Customer due diligence and tipping-off
The SFC proposes to allow LCs to stop pursuing the customer due diligence process if they reasonably believe that pursuing such process will tip-off the customer, and require such LCs to make a suspicious transaction report to the Joint Financial Intelligence Unit.
The SFC proposes to require LCs to keep all records obtained throughout the client due diligence and ongoing monitoring processes, including the results of any analysis undertaken (for example, for establishing the background and purpose of complex, unusual large transactions).
Further details of the proposed amendments and the related FATF guidance are set out in appendix 2 of the consultation paper.
Proposed amendments to Main Guideline to provide increased flexibility under risk-based approach
The SFC proposes the following in light of the latest FATF standards, prevailing practices in other jurisdictions and local industry feedback. Further details are set out in appendix 3 of the consultation paper.
Verification of identity of natural persons
Provided that the principal aspects of a natural person customer’s identity (ie, the full name and date of birth at the minimum) are verified against a reliable and independent source, LCs will be allowed to adopt reasonable risk-based measures and determine whether to verify other identification information.
The SFC also proposes to standardise identity verification requirements for all types of natural person customers regardless of residency status.
Verification of identity of legal persons
Obtaining a company search report will no longer be mandated as the only means for LCs to verify the existence of a customer which is a locally incorporated company.
LCs will be allowed to verify the name, legal form and existence of a legal person customer, and the powers that regulate and bind the customer, by obtaining one or a combination of documents provided by a reliable and independent source.
Determination of persons purporting to act on behalf of customers (PPTA)
The SFC proposes to remove the requirement that LCs must identify those persons authorised to give instructions for the movement of funds or assets as PPTA and verify their identities.
In determining whether a natural person is considered to be a PPTA, one should consider the nature of the person’s roles and the activities which s/he is authorised to conduct (and the ML/TF risks associated with them). Dealers and traders authorised to act on behalf of investment banks or asset managers would not ordinarily be considered to be PPTA.
Proposed amendments to Main Guideline to provide additional guidance on existing requirements
In light of requests from the industry, the SFC proposes to provide additional guidance on the following areas:
- further supplementary measures which may be taken to mitigate the risks associated with customers who are not physically present for identification purposes, or in similar situations, such as where persons are acting on behalf of a legal person customer in opening an account via a non-face-to-face channel (Note that late last week on 12 July 2018, the SFC issued a circular to provide more flexibility to the requirements under paragraph 5.1 of the Code of Conduct, in relation to verification of client identity and client agreement execution where the client is onboarded online, pending a future review of the requirements);
illustrative and non-exhaustive examples of simplified and enhanced client due diligence measures under a risk-based approach (given that guidance from the FATF on the risk-based approach for the securities sector is yet to be published (tentatively scheduled for October 2018), the SFC proposes to provide examples for the time being for the industry’s reference);
how to adopt a risk-based approach to determine whether a domestic PEP or international organisation PEP should continue to be treated as such if the person is no longer entrusted with a prominent public function or a prominent function;
where no natural person ultimately owns or controls a legal person customer, LCs should identify the natural persons holding the position of senior managing official in the legal person, and take reasonable measures to verify their identities;
additional examples on the areas which LCs should consider when performing regular audits of their AML/CFT systems to ensure effectiveness;
how to handle requests from law enforcement agencies.
Further details of the above proposed amendments can be found in appendix 3 of the consultation paper. The SFC has also taken the opportunity to improve clarity and readability, such as reducing duplicate text, using simpler language and merging or reordering paragraphs.
The proposed amendments to the Guideline for AEs are few and are mainly to update references to the Main Guideline and to tidy up wording.
Given that implementation is targeted for 1 November 2018, LCs and associated entities should review the proposed amendments as soon as possible and assess whether any enhancements or adjustments are required to their policies, as well as systems and controls.
The SFC has indicated that it has been working closely with other regulators (including the HKMA and the Insurance Authority, who are also updating their guidelines) to ensure consistency across the financial services sectors. The areas of differences between the SFC’s guidelines and the other regulators’ guidelines are highlighted in paragraph 14 of the consultation paper.