To maintain the financial stability and facilitate the economic growth of Hong Kong, regulators have been reviewing different regulations and guidelines regularly. Regulators and financial institutions around the globe may have new developments. In this month, the following has happened:
Key observations and good practices in AML/CFT control measures for remote customer on-boarding initiatives
On 3 June 2020, the Hong Kong Monetary Authority (HKMA) shared key observations and good practices in AML/CFT control measures that have been identified in recent thematic reviews of remote on-boarding initiatives, insights and observations from engagement with authorised institutions (AIs) and technology firms in the Fintech Supervisory Sandbox (FSS) and Chatroom, as well as supervision of virtual banks that have commenced or are in the process of commencing business. It is also in response to industry feedback through the Balanced and Responsive Supervision initiative of the Hong Kong Monetary Authority (HKMA) for sharing supervisory observations and practical issues, and further to our articulation of the key guiding principles of identity authentication and identity matching in February 2019.
More than 10 AIs have launched remote on-boarding, while others are considering or testing similar initiatives. In the light of COVID-19 and the need for social distancing, remote on-boarding and digital delivery of financial services has become more important. The HKMA also welcome AIs to make use of the FSS to test applications leveraging on the government's iAM Smart to enhance the efficiency of customer due diligence (CDD) processes and improve customer experience.
The review examined how AIs conducted assessment of ML/TF risks associated with remote on-boarding; how that understanding underpinned the application of a risk based approach in the design and implementation of control measures to mitigate the identified risks; the extent to which AIs were able to effectively monitor and manage the technology adopted to remotely on-board customers; and how ongoing monitoring took into account vulnerabilities and threats, where these differed from accounts opened for customers in the presence of staff of AIs. AIs and other companies considering to introduce remote on-boarding or enhance existing systems may make reference to the key observations and good practices set out in the following link below.
Read more from the sources:
SFC reprimands and fines Guotai Junan Securities (Hong Kong) Limited $25.2 million for breaches relating to anti-money laundering and other regulatory requirements
On 22 June 2020, the Securities and Futures Commission (SFC) reprimanded and fined Guotai Junan Securities (Hong Kong) Limited (Guotai Junan) $25.2 million for multiple internal control failures and regulatory breaches in connection with anti-money laundering, handling of third party fund transfers and placing activities, as well as detection of wash trades and late reporting.
Third party fund transfers
The SFC investigation found that, between March 2014 and March 2015, Guotai Junan failed to take reasonable measures to ensure that proper safeguards were put in place to mitigate the risks of money laundering and terrorist financing in processing 15,584 third party deposits or withdrawals for its clients, totalling approximately $37.5 billion.
Despite red flags suggesting some of the third party fund transfers were unusual or suspicious, Guotai Junan failed to adequately monitor the activities of its clients, conduct appropriate scrutiny of the fund transfers, identify transactions that were suspicious and report them to the Joint Financial Intelligence Unit in a timely manner.
Guotai Junan also did not ensure that its policies and procedures regarding anti-money laundering (AML) and counter-financing of terrorism (CFT) were properly and effectively implemented with respect to third party fund transfers. Specifically, the SFC found that there were:
- a number of occasions where the reasons for the third party fund transfers, the relationship between the client and the third party, and/or the identity of the third parties were not documented and identified;
- inadequate guidance to its staff on the extent of enquiries they had to make with clients in relation to the third party fund transfers;
- inadequate procedures requiring its money laundering reporting officer to play an active role in identifying suspicious transactions; and
- inadequate communication between its operations and compliance staff to ensure effective monitoring of client activities.
- In addition, Guotai Junan processed 5,406 third party deposits from July 2015 to June 2016 without always documenting the identity of the depositors, their relationship with the account holders, and the reasons for these third party deposits, contrary to the firm's written policies and procedures.
It further failed to identify that two deposits totalling $38.2 million for a share subscription in December 2015 did not come from the relevant client but a third party, nor did it have written procedures for the identification of third party deposits until around September 2016.
While acting as the placing agent for the global offering of a Hong Kong-listed company's shares between December 2015 and January 2016, Guotai Junan failed to take reasonable steps to ascertain whether the clients' subscription applications were consistent with its knowledge of their background and source of funds, and make appropriate enquiries when there were grounds for suspicion.
In particular, the funds used by five clients to subscribe for $28.8 million worth of the listed company's shares were deposited by the same third party into the respective client accounts in amounts far exceeding their self-declared net worth.
Despite such red flags, Guotai Junan did not take reasonable steps to verify the ultimate beneficial owners of the clients' accounts and their source of funds, nor make appropriate enquiries to ascertain whether the clients were independent of the listed company. In the end, three of the five places, who were allotted 11% of the listed company's shares of the total placing under the international tranche, turned out to be the listed company's employees.
Detection of wash trades and reporting obligation
The SFC further found that Guotai Junan failed to detect 590 potential wash trades in a timely manner between January 2014 and July 2016 due to a lack of adequate written trade monitoring procedures or guidelines and technical failures of its transaction pattern monitoring system.
However, despite becoming aware in July 2016 of 210 potential wash trades which could not be detected in a timely manner as a result of the system failure, Guotai Junan did not report these 210 trades to the SFC until seven months later in February 2017.
The above-mentioned findings led the SFC to come to the view that Guotai Junan's conduct failed to comply with regulatory requirements under the Anti-Money Laundering and Counter-Terrorist Financing (Financial Institutions) Ordinance, the Guideline on Anti-Money Laundering and Counter-Terrorist Financing, the Internal Control Guidelines and the Code of Conduct.
The disciplinary action against Guotai Junan for serious systemic deficiencies and failures across its internal controls should serve as a stark reminder to licensed corporations the importance of having adequate and effective safeguards in place to mitigate the real risk of becoming a conduit to facilitate illicit activities, such as money laundering, when exposed to potentially suspicious transactions. Failure to implement effective AML/CFT controls in your company will leave you vulnerable to fines, criminal proceedings and crippling reputational damage.
Read more from the source:
Range of practices for management of climate risks
On 7 July 2020, the HKMA shared with AIs practices adopted by major banks to manage climate risks observed in a recent study.
There is growing recognition of climate risks as a source of risk for the financial sector, and can affect the safety and soundness of AIs and the broader financial system if not properly managed. In view of this development, the HKMA published a white paper on 30 June to set out its initial thoughts on supervisory expectations on green and sustainable banking around four areas:
- Governance – AIs should develop a governance framework for climate resilience. The board should oversee the development and implementation of the AI’s climate strategy.
- Strategy – AIs should embed climate considerations throughout the strategy formulation process, while organisational structures, business policies, processes and resources availability should be reviewed and enhanced to ensure effective strategy implementation.
- Risk management – AIs are expected to incorporate climate risk considerations into their existing risk management framework. They should identify the transmission channels and assess the impacts of physical and transition risks arising from climate change on their business. To this end, AIs should build capability over time to measure climate risks using various methodologies and tools, particularly scenario analysis. They should also implement processes to monitor and report exposures to climate risks and carry out measures to control and mitigate the exposures.
- Disclosure – AIs should develop an approach to disclosing climate-related information to enhance transparency. When considering the information to be disclosed, AIs should take the Task Force on Climate-related Financial Disclosures recommendations as the core reference.
In formulating these initial thoughts, the HKMA engaged selected major banks in a series of discussions to understand their approach to managing climate risks in the above four areas. During the discussions, the HKMA observed a range of practices that the more advanced AIs have adopted or plan to adopt in their management of climate risks, which may be of reference value to other institutions.
AIs are recommended to give consideration to those practices as set out in the circular sent out by the HKMA.
Read more from the source:
How can BDO help?
AML regulatory requirements and enforcement actions for financial institutions are getting ever more complex and numerous. Simultaneously, financial institutions are realising the importance of implementing and maintaining a robust AML programme and risk management. BDO in Hong Kong have a dedicated team of experienced compliance consultants who can help your institution navigate through the evolving and new regulatory requirements. Together, we can understand the specific activities that must be carried out in order to remediate any weaknesses identified. Get in touch with us to see how we can help your financial institution today!