HKEx, SFC and HKMA Disciplinary Actions in September 2022

In September 2022, the Stock Exchange of Hong Kong Limited (the HKEx) published one disciplinary action against four directors of National Investments Fund Limited (now delisted) for failing to cooperate and respond to the HKEx’s enquiries.

The Securities and Futures Commission of Hong Kong (the SFC) published two disciplinary actions in September 2022. The first involved the suspension of a responsible officer for breaches of know-your-client, anti-money laundering and counter-terrorist financing and other regulatory requirements. The second SFC action involved its suspension of Mr Christopher James Aarons, a responsible officer and chief executive officer of Trafalgar Capital Management (HK) Ltd., for two years for breaches of the SFC’s Code of Conduct.

The Hong Kong Monetary Authority (HKMA) published the results of its disciplinary action against Cathay United Bank Company (CUBC) which fined CUBC HK$11 million for breaches of the Anti-money Laundering and Counter-Terrorist Financing Ordinance.

HKEx Imposes Director Unsuitability Statements against Four Current and Former Directors of National Investments Fund Limited (Delisted)

On 26 September 2022, the HKEx published a statement of disciplinary action publicly censuring and imposing a director unsuitability statement against four former and current directors of National Investments Fund Limited (Delisted) (NIFL) for failure to cooperate in an investigation conducted by the HKEx Listing Division. The HKEx’s Statement of Disciplinary Action is available on the HKEx website here.

Directors’ Failure to Cooperate in HKEx Investigation

The HKEx sought to conduct an investigation into whether the four directors had breached the HKEx Listing Rules in relation to events that took place in 2019 and 2020. Despite the HKEx’s Listing Division having informed them of the investigation by letter and by phone, the four directors did not respond to the HKEx’s enquiries. Two of the four directors did eventually respond after the HKEx commenced disciplinary proceedings. The reasons they gave for not responding included: (i) not regularly using or checking emails; (ii) forgetting to update the correspondence address notified to the HKEx; (iii) as liquidators had been appointed, they were no longer involved with the company, and they believed it was not necessary to respond to the HKEx’s enquiries; and (iv) as INEDs of the company, they had no knowledge of the matters under investigation. The HKEx did not consider that any of these explanations justified the directors’ failure to cooperate with the investigation.

All four directors had signed and provided to the HKEx a Declaration and Undertaking with regard to Directors (Director’s Undertaking) in the standard form set out in Appendix 5B to the HKEx Listing Rules. The Director’s Undertaking contains an undertaking to (among others): (i) cooperate in any investigation conducted by the HKEx Listing Division and/or the HKEx Listing Committee; (ii) promptly and openly answer any questions addressed to the director; and (iii) provide their up-to-date contact details to the HKEx for a period of three years from the date on which they cease to be a director of the company, failing which any documents/notices sent by the HKEx will be deemed to have been served on them.

Listing Committee’s Findings of HKEx Listing Rule Breach

The Listing Committee found that the four directors had breached their Director’s Undertakings by failing to cooperate with the HKEx Listing Division in its investigation. This was regarded as a serious and/or repeated failure to discharge the directors’ responsibilities under the HKEx Listing Rules.

The HKEx additionally noted that:

• a director’s obligation to provide information reasonably requested by the HKEx continues after the director ceases to be a director of the listed company;
• the obligation of listed company directors to cooperate in an investigation by the Listing Division or Listing Committee continues after the appointment of liquidators;
• directors are responsible for ensuring that they are contactable at the addresses and/or email addresses provided to the HKEx (even after they cease to be a director); and
• directors are required to respond to enquiries from the HKEx Listing Division even if they consider that they have limited knowledge of the matters under investigation. Failure to respond will constitute non-cooperation and expose the director to the imposition of severe sanctions.

SFC Suspends Tang Kai Shing for Eight Months

On 5 September 2022, the SFC announced that it had suspended Mr Tang Kai Shing, a responsible officer and managing director of Rifa Futures Limited (Rifa), for eight months from 2 September 2022. The SFC’s Statement of Disciplinary Action against Mr Tang can be found on the SFC website here.

The SFC had previously found that between May 2016 and October 2018, Rifa had failed to:

• perform adequate due diligence on the customer supplied systems used by clients for placing orders, and assess and manage the associated money laundering and terrorist financing (ML/TF) and other risks; and
• conduct adequate ongoing monitoring of clients’ fund movements to ensure they were consistent with the clients’ nature of business, risk profile and source of funds.

The SFC fined Rifa HK$9 million for the above failures in July 2022. For further information on the SFC’s disciplinary action against Rifa, please see our newsletter and the SFC’s Statement of Disciplinary Action against Rifa.

Unauthorised Trading

The SFC had received complaints that various licenced corporations allowed clients to place orders to their broker supplied systems through a software called Xinguanjia, which allowed the licensed corporations’ clients to solicit investors in Mainland China to trade through sub-accounts created under the clients’ accounts with licensed corporations via Xinguanjia without having to open separate securities accounts with the licenced corporations in Hong Kong. Rifa was one of the licensed corporations the subject of the complaint. Between May 2016 and October 2018, Rifa permitted 310 clients to use customer supplied systems (including Xinguanjia) for placing orders.

Failure to Perform Adequate Due Diligence on Customer Supplied Systems

Before allowing customer supplied systems to be connected to its broker supplied systems, Rifa would require its clients to:

• apply for a certificate from the vendor of the broker supplied systems; and
• send a request to Rifa for final approval to use the customer supplied system.

However, Rifa did not perform any due diligence or testing on the customer supplied systems used by its clients and only carried out a walkthrough test on the connectivity between the customer supplied systems and its broker supplied systems. Although Rifa claimed that it relied on the vendor of the broker supplied system to conduct due diligence on the customer supplied systems, the broker supplied system vendor claimed that Rifa had never instructed it to conduct any due diligence or test on the customer supplied systems to examine their design and functions and it had not carried out any such due diligence or test.

The SFC found that Rifa’s failure to conduct due diligence on the features and functions of the customer supplied systems meant that it was not in a position to assess the ML/TF and other risks resulting from the use of the systems and implement appropriate controls to manage such risks. Without these controls, the SFC considered that Rifa had exposed itself to risks relating to unlicensed activities, money laundering, nominee account arrangement and unauthorised access to client accounts.

Failure to Conduct Adequate Ongoing Monitoring of Clients’ Fund Movements

The amounts of deposits made into the accounts of five clients were incommensurate with their financial profiles and were thus unusual and/or suspicious. Rifa had performed quarterly reviews on client fund movements, but only for its top 50 clients by trading volume. For the five clients in receipt of unusually large deposits, Rifa called the clients informing them that the deposits exceeded their declared net worth, but only asked four of the clients why the deposits had been made. The clients responded that the amounts were due to an increase in income. Rifa accepted the clients’ explanations without further enquiry. The SFC considered that Rifa had failed to adequately monitor their clients’ fund movements to ensure they were consistent with the clients’ nature of business, risk profile and source of funds.

Breaches of the SFC Code of Conduct

The SFC found that Rifa’s failures constituted breaches of a number of provisions of the SFC’s Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission (Code of Conduct) including General Principles 2 and 3 and:

• Paragraph 4.3 – the obligation to have internal control procedures and financial and operational capabilities which can be reasonably expected to protect the licensed corporation’s/registered institution’s operations, clients and other licensed or registered persons from financial loss arising from theft, fraud, and other dishonest acts, professional misconduct or omissions; and
• Paragraph 5.1 – the obligation to take all reasonable steps to establish the identity of each client, its financial situation, investment experience, and investment objectives.

Rifa also breached various provisions of the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO) and the Guideline on Anti-Money Laundering and Counter-Terrorist Financing (AML Guideline) including:

• Section 23 of Schedule 2 to the AMLO and paragraph 2.1 of the AML Guideline which require licensed corporations to: (a) implement adequate anti-money laundering and counter-financing of terrorism policies, procedures and controls; and (b) assess the risks of new products and services before their introduction and ensure appropriate additional measures and controls are implemented to manage the associated ML/TF risks;
• Section 5(1)(a) of Schedule 2 to the AMLO and paragraphs 4.7.12 and 5.1(a) of the AML Guideline, which require licensed corporations to review client information from time to time to ensure that it is up-to-date;
• Section 5(1)(b) of Schedule 2 to the AMLO and paragraph 5.1(b) of the AML Guideline, which require licensed corporations to continuously monitor their business relationship with clients by monitoring their activities to ensure that they are consistent with their knowledge of the clients and the clients’ nature of business, risk profile and source of funds;
• Section 5(1)(c) of Schedule 2 to the AMLO and paragraphs 5.1(c), 5.10 and 5.11 of the AML Guideline, which require licensed corporations to identify transactions that are complex, large or unusual, make relevant enquiries to examine the background and purpose of the transactions, document the enquiries and results, and report the findings to the Joint Financial Intelligence Unit where there is any suspicion of ML/TF. Under paragraph 7.11 of the AML Guideline, a transaction that is inconsistent in amount, origin, destination, or type with a client’s known, legitimate or personal activities should be regarded as unusual and put the licensed corporation on alert.

As Mr Tang had been Rifa’s Managing Director since February 2015 and was the most senior member of Rifa’s management at the time of the breaches, Mr Tang had ultimate responsibility for the overall operation of Rifa. Rifa’s breaches were thus attributable to Mr Tang and his failure to discharge his duties as a responsible officer and member of Rifa’s senior management. Mr Tang was found to have failed to:

• ensure Rifa’s maintenance of appropriate standards of conduct and adherence to proper procedures in breach of General Principle 9 of the SFC Code of Conduct;
• properly manage the risks associated with Rifa’s business in breach of paragraph 14.1 of the SFC Code of Conduct.

The SFC considered Tang to be guilty of misconduct and that his fitness and properness to carry on regulated activities had been called into question. It therefore suspended Mr Tang’s licence for eight months from 2 September 2022 to 1 May 2023.

SFC Suspends Christopher James Aarons for two years for breaching the SFC Code of Conduct

On 29 September 2022, the SFC announced that it had suspended Mr Christopher James Aarons, the Chief Executive Officer of Trafalgar Capital Management (HK) Ltd (Trafalgar), for two years from 27 September 2022 to 26 September 2024 after the Securities and Futures Appeals Tribunal (SFAT) upheld the SFC’s disciplinary action against Aarons for breaching the SFC’s Code of Conduct.

The Securities and Futures Appeals Tribunal’s (SFAT) determination (of SFAT Application No. 1 of 2021) is available on the SFAT website here.

Dealings in shares listed on the Korea Exchange based on material non-public information

The SFC’s disciplinary action followed Korean administrative proceedings against Aarons after South Korean regulatory authorities found that Aarons had breached Korean legislation by dealing in the shares of a securities company¹ listed on the Korea Exchange (KRX) based on material non-public information in circumstances that prohibited such dealings.

The non-public information concerned a block trade of shares of a securities company listed on the KRX which Aarons had obtained from a sell-side broker during a “market sounding”² call in January 2016 that preceded the public announcement of the block trade. Although the call with the broker did not mention any particular securities company by name, the Korean proceedings found that there was sufficient particularity in the information given to Aarons on the call to enable him to conclude that the information must relate to Hyundai Securities Co. Ltd (Hyundai). Aarons was not wall-crossed³ during the call but he cut short the call and arranged short swaps⁴ in the company’s shares about 20 to 25 minutes after he obtained the information from the broker.

In January 2021, based on the contravention of Korean legislation, the SFC found that Aarons’ conduct was such that he was not a fit and proper person to continue to be licensed as a representative or to remain as a responsible officer of Trafalgar having breached General Principles 1 (honesty and fairness) and 7 (compliance) of the SFC Code of Conduct. In the SFC proceedings, Aarons denied that his dealings in Hyundai shares breached the SFC Code of Conduct and appealed to the SFAT. The SFAT upheld the SFC’s decision to suspend Aarons’ licence to act as a representative and his approval to act as a Responsible Officer, but varied the period of the suspension from three years to two years.

HKMA Fines Cathay United Bank Company, Limited, Hong Kong Branch HK$11 Million

On 23 September 2022, the HKMA announced that it had completed an investigation and taken disciplinary action against Cathay United Bank Company, Limited, Hong Kong Branch (CUBC), fining it HK$11 million for deficiencies in on-going customer due diligence and enhanced customer due diligence during high risk situations between April 2012 and February 2016 (Relevant Period). The Statement of Disciplinary Action can be found on the HKMA website here.

Contraventions of the Anti-Money Laundering and Counter-Terrorist Financing Ordinance

Failure to conduct on-going customer due diligence

The HKMA determined that CUBC failed to conduct periodic reviews on 249 customers to ensure that its customer due diligence information remained up-to-date and relevant given that: (i) its periodic reviews upon trigger events in respect of 246 customers were conducted by phone verification of a very limited scope of information; and (ii) no annual periodic review was conducted in respect of three high risk customers. CUBC also failed to take additional measures to compensate for the money laundering or terrorist financing risks caused by 17 high risk customers.

Failure to conduct enhanced due diligence in high risk situations

Regarding enhanced customer due diligence, CUBC failed to take measures regarding the 17 high risk customers. It failed to obtain senior management approval to continue the business relationships and/or to take reasonable measures to establish the source of wealth and source of funds of the customers or take additional measures to mitigate the money laundering or terrorist financing risks involved.

As a result, CUBC was found to have breached sections 5(1)(a), 5(3)(c) and 15(b) of Schedule 2 to the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO).

Failure to establish and maintain effective procedures

CUBC was found to have contravened section 19(3) of Schedule 2 to the AMLO in failing to establish and maintain effective procedures for carrying out its duties under the AMLO in relation to on-going and enhanced customer due diligence during the Relevant Period.

CUBC’s customer risk classification framework was found to be defective by design. All customers who had business relationships with CUBC before September 2009 were automatically classified as low risk. Furthermore, customers, no matter their risk levels, were only subject to risk re-assessment after April 2015. Before July 2015, CUBC lacked clear, sufficient and detailed policies and procedures on the conduct of periodic reviews. Its policies and procedures failed to set out the additional measures that applied to high risk customers and there were no clear policies and procedures on what enhanced customer due diligence measures should be taken in relation to high risk customers.

CUBC also contravened section 23 of Schedule 2 to the AMLO in failing to take all reasonable measures to ensure that proper safeguards were in place to prevent the contraventions and to mitigate money laundering and terrorist financing risks. CUBC’s senior management had not reviewed the effectiveness of the anti-money laundering and counter-terrorist financing (AML/CFT) controls or made necessary enhancements. They also received insufficient information to discharge CUBC’s AML/CFT obligations. Relevant committee meetings failed to address fundamental AML/CFT control issues. Finally, the senior management failed to deploy sufficient resources for dealing with AML/CFT matters.