This third and final part of our review of ACRU 2020 focuses on the insights shared at the forum regarding anti–money laundering and counter–terrorist financing (AML/CTF) compliance.
Two years on from the implementation of Hong Kong’s new anti–money laundering and counter–terrorist financing (AML/CTF) regulatory regime for trust or company service providers (TCSPs), uncertainties still exist among market participants about the interpretation of the new requirements. Session 2 of ACRU provided a useful opportunity to hear from the Companies Registry, the regulator for TCSPs in Hong Kong, about compliance expectations going forward.
The new licensing regime for TCSPs
Roger Wong, Deputy Registry Manager, Registry for Trust and Company Service Providers, Companies Registry, focused his ACRU presentation on compliance with the licensing requirements for TCSPs. He pointed out that the majority of prosecutions of TCSPs by the Companies Registry under the Anti–Money Laundering and Counter–Terrorist Financing Ordinance (AMLO) (Cap 615) have related to TCSPs carrying on trust or company service business without a licence.
Carrying on such business without a licence is an offence under Section 53F of the AMLO, and can result in fines of up to HK$100,000 and imprisonment for up to six months. Mr Wong urged practitioners to familiarise themselves with the licensing requirements of the AMLO. In particular, he clarified that TCSPs cannot carry on trust or company service business while waiting for the Companies Registry to grant a licence. Where the Companies Registry comes across cases of applicants providing TCSP services after making an application but before a licence has been granted, the Companies Registry will reject the application and may take prosecution action as appropriate.
New AML/CTF requirements for TCSPs
In addition to highlighting the licensing requirements for TCSPs under the AMLO, the Companies Registry also reminded practitioners of the ongoing AML/CTF requirements TCSPs need to comply with. For example, TCSPs are required to carry out customer due diligence (CDD) measures, keep records of customers and transactions, and comply with the statutory requirements relating to financial sanctions, terrorist financing and the proliferation of weapons of mass destruction. TCSPs are also expected to file suspicious transactions reports with the Joint Financial Intelligence Unit (JFIU).
Christy Yiu, Senior Solicitor, Registry for Trust and Company Service Providers, Companies Registry, focused her ACRU presentation on the CDD measures relevant to TCSPs. These include requirements to:
- identify customers and verify their identity
- identify the beneficial owner and take reasonable measures to verify the beneficial owner’s identity
- obtain information on the purpose and intended nature of the business relationship, if a business relationship is to be established, and
- identify the person purporting to act on behalf of the customer, and take reasonable measures to verify the person’s identity and verify the person’s authority to act on behalf of the customer.
She emphasised that these CDD measures must be carried out:
- before establishing a business relationship with the customer
- before carrying out an occasional transaction involving HK$120,000 or above
- when the TCSP licensee suspects that the customer or the customer’s account is involved in money laundering or terrorist financing (ML/TF), and
- when the TCSP licensee doubts the veracity or adequacy of the information obtained during the CDD process.
If the CDD requirements cannot be complied with, TCSPs cannot establish a business relationship or carry out an occasional transaction with that customer. If a business relationship has been established, it must be terminated as soon as reasonably practicable.
Ms Yiu reminded practitioners that TCSPs are expected to continuously monitor their business relationships with customers. They should review from time to time documents, data and information relating to the customer to ensure they are up-to-date and relevant. They should scrutinise customer transactions to ensure that they are consistent with the licensee’s knowledge of the customer and its business, risk profile and source of funds. They should also identify transactions that are complex, unusually large or of an unusual pattern and which have no apparent economic or lawful purpose, and examine the background and purposes of those transactions and set out their findings in writing.
Moreover, in situations that present a high risk of ML/TF, enhanced due diligence (EDD) must be carried out. This would include where the customer is not physically present for identification purposes, where the customer or the beneficial owner of the customer is a politically exposed person (PEP), or where the customer is from, or the transaction is connected with, a higher-risk jurisdiction. The EDD measures required are set out in Sections 9, 10 and 15 of Schedule 2 to the AMLO.
Ms Yiu emphasised that the best way to stay compliant with the above compliance requirements is to ensure robust AML/CTF internal controls. TCSPs must assess the ML/TF risks they are exposed to, and they should develop and implement AML/CTF policies, procedures and controls. TCSP licensees should establish and implement adequate and appropriate AML/CTF systems taking into account factors including the products and services offered, the types of customers they serve and the geographical locations involved. The senior management of any TCSP licensee should appoint a director or senior manager as a compliance officer and a senior member of the licensee’s staff as the Money Laundering Reporting Officer.
Ms Yiu was followed at the podium by Wendy Ma, Registry Manager, Registry for Trust and Company Service Providers, Companies Registry, who gave an update of the latest developments relating to the Companies Registry’s e-Services.
AML/CTF compliance – a practitioner’s perspective
Complementing the Companies Registry presentations of ACRU Session 2, Practitioners Sharing Session 3, chaired by Natalia Seng FCIS FCS(PE), Council Member and Institute Past President, and Senior Advisor, Tricor Services Ltd, provided practitioner perspectives on AML/CTF compliance.
Jeremy Birch, Partner, Corporate Crime and Investigations, Herbert Smith Freehills, first addressed the issue of the market uncertainty surrounding the licensing of nominee entities. When Hong Kong’s licensing regime for TCSPs was implemented in 2018, market participants were uncertain how to interpret the requirement for nominee entities to apply for a licence if they were carrying on TCSP work ‘by way of business’. Some took the view that their nominee entities could not be deemed to be providing trust or company services ‘by way of business’ and did not apply for licenses.
The Companies Registry subsequently prosecuted a number of nominee entities of TCSPs for carrying on TCSP work without a licence. Mr Birch referred ACRU participants to the Companies Registry FAQ of 9 May 2018 (available on the Companies Registry website) which gives guidance on how the Companies Registry interprets the question of whether a person or entity will be deemed to be providing a trust or company service by way of business.
Mr Birch also looked at how the Companies Registry’s enforcement work will evolve in the future. While the focus has been on enforcing the licensing regime, Mr Birch expects the Companies Registry to increasingly focus on enforcing the substance of the ongoing AML/CTF requirements. He added that TCSPs will be well advised to focus on their AML/CTF policies, procedures, systems and controls. ‘The Companies Registry has shown itself to be very serious about enforcement. This underscores the fact that it is worth investing time and resources to get AML/CTF compliance right,’ he said.
The second speaker in Practitioners Sharing Session 3 was Katherine Chiu, Managing Director, Trust & Corporate Services, Sino Corporate Services Ltd. She gave a practical introduction to the corporate culture and internal controls needed to ensure good AML compliance. In terms of corporate culture, she emphasised, among other things, the need to have a group policy that is consistent internationally and to have a Group Compliance Officer or Money Laundering Reporting Officer looking after this area. Another best practice is to encourage employees’ input. Sino Corporate Services operates an ‘open door’ policy whereby employees are welcome to go to any senior manager with queries or information relating to this area.
In the Q&A session following the Practitioners Sharing, there were many questions about how to handle suspicious transaction reports (STRs). In cases of suspicions of money laundering, TCSP licensees are required to make an STR to the JFIU. Mr Birch emphasised that making an STR can be a ‘get out of jail free card’ in a sense since, if handled properly, TCSPs cannot be prosecuted for dealing in the proceeds of crime if they have made an STR. Handling the STR properly, however, requires TCSPs to understand the protocols attached.
‘STRs are a powerful intelligence gathering tool for the JFIU, which is why the obligation exists. Filing an STR can give you some protection, but one important point to bear in mind is the need to manage the confidentiality of the STR since disclosure to a third party, which poses the risk of undermining an investigation, will be considered a tipping-off offence,’ Mr Birch said.
Ms Chiu stressed the importance of training to ensure that staff recognise the red flags that might lead to a suspicion of money laundering. These might involve a client asking to open many bank accounts without commercial reasons, or creating vehicles and selling them very quickly. Training can also familiarise staff with the procedures for making an STR. In addition to the issues discussed by Mr Birch, it is also good practice, for example, to maintain a record of all STRs.
A question from the floor related to the procedures involved with terminating the relationship with a client after making an STR. Mr Birch pointed out that filing an STR doesn’t necessary mean you have to terminate the relationship, but, if that is the appropriate course, you need to be careful about how you explain to a client your reasons for terminating the relationship to ensure you don’t inadvertently tip them off about filing an STR.
The 21st Annual Corporate and Regulatory Update (ACRU) of The Hong Kong Institute of Chartered Secretaries was held on 5 June 2020.
SIDEBAR: Anti-corruption and ethical governance
ACRU 2020 was fortunate to have Anna Lam, Executive Director (Acting), Hong Kong Business Ethics Development Centre (BEDC), Independent Commission Against Corruption (ICAC), to highlight anti-corruption and ethical governance issues in Session 3 of the webinar.
Ms Lam started her presentation by highlighting the fact that Hong Kong is one of least corrupt jurisdictions in Asia. According to the 2019 TRACE Matrix business bribery risk assessment conducted by the RAND Corporation, Hong Kong has the lowest bribery risk in Asia. This is in no small part due to Hong Kong’s good legislative and regulatory regime, such as the Prevention of Bribery Ordinance (POBO) enforced by the ICAC, but also to its high-quality anti-corruption enforcement.
While legal compliance is a necessity for any organisation, of course, Ms Lam emphasised that there are huge benefits to be gained from going beyond compliance to ensure ‘ethical governance’ in your organisation.
She went on to discuss the roles governance professionals play as a first line of defence against corruption and malpractice. ‘Governance professionals and company secretaries play a very important role acting as a check and balance on company management and advising the board. They act as guardians of corporate governance,’ she said.
To fulfil this role, however, company secretaries need to stay up to date with all legislative, regulatory and corporate governance developments. She urged company secretaries, as governance professionals, to think not only in terms of legal compliance but to promote ethical governance. They should do this in their role of advising the management and board on best practices, as well as facilitating induction and the professional development of directors and staff. She added that these functions have led to company secretaries being known as the ‘conscience of the company’.
She also pointed out that there are many resources available online that company secretaries can use to inform themselves of governance best practice. These include the Institute’s guidance notes. Ernest Lee FCIS FCS(PE), Institute Treasurer, Technical Partner of Deloitte China and the Chair of ACRU Session 3, added that the Institute’s Ethics, Bribery and Corruption Interest Group has issued five guidance notes on this area of practice, the latest one being in October 2019.
Ms Lam also recommended the Hong Kong Institute of Certified Public Accountant’s Code of Ethics and the many publications produced by the ICAC available on the BEDC website: https://hkbedc.icac.hk. In addition, the ICAC offers free anti-corruption and ethics training to people in the business sector every year.
‘Be ready to contact the ICAC’, Ms Lam said, ‘we want to be helpful’.