SFC Consults on AML and CTF Guidelines

On 5 July 2018, the Securities and Futures Commission (SFC) launched a Consultation Paper^[1] on amendments to the Guideline on Anti-Money Laundering and Counter-Terrorist Financing (the Guideline) to keep it in line with the Financial Action Task Force (FATF) standards on international anti-money laundering and counter-financing of terrorism (AML/CFT).

The latest FAFT standards include expansion of requirements in relation to Politically Exposed Persons (PEPs) that address growing concerns about corruption in both local and cross-border contexts. The FATF has also elaborated on the requirement to identify and assess money laundering and terrorist financing (ML/TF) risks that may arise from the use of new or developing technologies for both new and pre-existing products amongst financial institutions across the globe.

Comments on the proposed Consultation Paper were required to be submitted to the SFC on or before 9 August 2018.

1. Proposed amendments to keep in line with the FATF standards

1. The SFC’s key proposals to update the Guideline are:

   1. to expand the types of PEPs to include persons who have been entrusted with a prominent function by an international organisation, and extend the special requirements for foreign PEPs to high risk business relationships with domestic PEPs and international organisation PEPs;
   2. to require licensed corporations (LCs) incorporated in Hong Kong to implement group-wide AML/CFT systems in all of their overseas branches and subsidiary undertakings that carry on the same business as financial institutions, including information sharing and the provision of information to group-level functions subject to adequate safeguards;
   3. to require LCs to identify and assess ML/TF risks that may arise from the use of new and developing technologies for both new and pre-existing products prior to the use of these technologies;
   4. to allow LCs to stop pursuing the customer due diligence (CDD) process if they reasonably believe that performing the process will tip-off the customer, and require LCs to file a suspicious transaction report (STR) to the Joint Financial Intelligence Unit (JFIU) in these circumstances; and
   5. to require LCs to keep all records obtained throughout the CDD and ongoing monitoring processes, including the results of any analysis undertaken (e.g., inquiries to establish the background and purpose of complex, unusual large transactions).

A detailed explanation of the above proposals and the related consultation questions are set out at Appendix 2 to the Consultation Paper.

2. Proposed amendments to facilitate compliance

These proposed amendments fall into two categories:

1. those to provide increased flexibility under the risk-based approach, such as:

   1. LCs are allowed to adopt reasonable risk-based measures and determine whether to verify other identification information of a natural person customer so long as the principal aspects of the customer’s identity are verified;
   2. LCs are allowed to verify the name, legal form and existence of a legal person customer, and powers that regulate and bind the customer, by obtaining one or a combination of documents provided by a reliable and independent source, and obtaining a company search report will no longer be mandated as the only means to verify the existence of a customer which is a locally incorporated company; and
   3. the general rule to include persons authorised to give instructions for the movement of funds or assets as persons purporting to act on behalf of the customer (PPTA) which are required to be identified and verified by LCs is removed, and LCs are provided with increased flexibility to determine who is a PPTA;

2. those to provide additional guidance on existing requirements, such as:

   1. additional types of supplementary measures that LCs may take to mitigate the risks associated with customers who are not physically present for identification purposes or similar situations;
   2. examples of possible simplified or enhanced measures for CDD and ongoing monitoring of customers assessed under a risk-based approach to be of lower or higher ML/TF risks;
   3. examples of risk factors for determining whether a domestic PEP or an international organisation PEP should continue to be treated as a domestic PEP or an international organisation PEP if the person is no longer entrusted with a prominent public function or prominent function;
   4. identification and verification of the beneficial owners of a legal person customer where no natural person ultimately owns or controls the customer;
   5. areas which should be covered in regular review of AML/CFT systems by an audit function to ensure their effectiveness; and
   6. handling of requests from law enforcement agencies.

A detailed explanation of the above proposals and the related consultation questions are set out in Appendix 3 to the Consultation Paper.

3. Consistency with the requirements for other financial sectors covered by the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO)

The SFC has been working closely with its fellow AMLO regulators, the Hong Kong Monetary Authority (HKMA), the Insurance Authority and the Customs and Excise Department which are also reviewing and revising their AML/CFT guidelines in order to develop a common standard for compliance. The SFC’s proposed Guideline is intended to be consistent with the revised guidelines of the other AMLO regulators except for the following differences:

1. the fellow AMLO regulators have revamped their guidelines to provide additional guidance to financial institutions on how to identify ML/TF risks through their own individual risk assessments, and to implement policies and procedures to mitigate those risks under a risk-based approach. A majority of these amendments have been made with reference to the risk-based approach guidance papers published by the FATF or other standard setters for their specific sectors. As the FATF risk-based approach guidance for the securities sector has not yet been released, the SFC does not propose to make major amendments to those parts of the AML/CFT Guideline at this stage, but will keep in view any relevant FATF developments and the need for any subsequent amendments to the AML/CFT Guideline;
2. lists of illustrative, non-exhaustive examples and non-mandatory guidance which the SFC considers to be useful references to assist LCs in complying with some AML/CFT requirements are retained in the SFC’s proposed Guideline whereas some of the fellow regulators have removed those examples or guidance from their guidelines; and
3. the SFC has not adopted some textual amendments and reordering of sentences or paragraphs made by fellow regulators to their guidelines which do not alter the substance of their existing requirements.