CGj highlights the key takeaways from the Institute’s annual forum updating practitioners on all the latest developments in anti–money laundering and counter–financing of terrorism (AML/CFT). 

There have been many significant developments, both local and international, in the AML/CFT sector over the last 12 months.

As you might expect, the regulatory regime relevant to AML/CFT continues to grow in complexity. Here in Hong Kong, the Anti–Money Laundering and Counter–Terrorist Financing Amendment Bill 2022 (AMLO Amendment Bill), passed on 7 December 2022, has brought in a licencing regime for virtual asset service providers (VASPs) and a registration regime for dealers in precious metals and stones (DPMS).

In addition, changes are also coming externally from the Financial Action Task Force (FATF), the international standard setter, and from the United Nations (UN) and governments around the world imposing new sanctions compliance requirements relevant to trust and company service providers (TCSPs).

Meanwhile, technological developments continue to impact the AML/CFT space. The increased use of virtual assets and digital financial technologies, for example, has led to new opportunities for money laundering (ML) and terrorist financing (TF). On the other hand, technology has also been improving the tools available to TCSPs to upgrade their due diligence controls.

In this context, the Institute held its 3rd AML/CFT Conference on 25 November 2022. Under the title AML/CFT Regulations, Topical Issues and Practical Sharing, the conference was another valuable opportunity for practitioners to share expertise and knowledge about fast-moving AML/CFT developments.

Enhancing Hong Kong’s legal framework 

The Guest of Honour at the conference, Joseph Chan JP, Under Secretary for Financial Services and the Treasury, the HKSAR Government, focused his presentation on the latest government initiatives to keep Hong Kong’s AML/CFT defences up to date.

He started by pointing out that the effectiveness of Hong Kong’s AML/CFT regime has been recognised by FATF, thereby strengthening Hong Kong’s reputation as an international financial centre. The FATF mutual evaluation process, which assesses jurisdictions worldwide, has found Hong Kong’s AML/CFT system to be compliant and effective overall, making the HKSAR the first jurisdiction in the Asia Pacific region to achieve such a result.

‘Of course, there is no room for complacency,’ Mr Chan added. ‘Notwithstanding the satisfactory results achieved during the FATF mutual evaluation regular review of our AML/CFT regime, it is very important to safeguard the robustness of our system.’

The government has sought to focus on a number of priority areas highlighted in the latest FATF mutual evaluation review. Accordingly, the AMLO Amendment Bill has introduced a licencing regime for VASPs and subjects them to a fit and proper test, bringing them into line with other financial sectors.

The Bill requires VASPs to register with the Securities and Futures Commission (SFC). A licence will be granted subject to the satisfaction of a fit and proper test. Licenced VASPs will be required to observe the AML/CFT requirements of the Anti–Money Laundering and Counter–Terrorist Financing Ordinance (AMLO), as well as other regulatory requirements designed to ensure the protection of market integrity and investor interests.

The Bill also introduces a registration regime for DPMS and subjects registrants engaging in cash transactions at or above HK$120,000 to the AML/CFT obligations stipulated in the AMLO.

‘We are not complacent and we will continue to review and upgrade our AML/CFT regime to match the latest developments of the financial markets,’ Mr Chan said.

The AMLO Amendment Bill 

The first speaker in the Panel One session of the conference, Michael Lintern-Smith FCG HKFCG, Roll of Honour, Solicitor and Consultant, Robertsons, went into greater detail about the changes brought in by the AMLO Amendment Bill.

He described the introduction of a licencing regime for VASPs and a registration regime for DPMS as a ‘logical progression’. It has been difficult to effectively impose AML/CFT best practice in these sectors, since they are not supervised by a dedicated regulatory body. They also pose potentially significant AML/CFT risks as transactions in these sectors can involve the transfer of illicit funds below the regulatory radar.

While much attention has focused on these new regimes, Mr Lintern-Smith emphasised that many of the ‘technical’ issues identified in the FATF’s Mutual Evaluation on Hong Kong 2019, and now addressed by the AMLO Amendment Bill, will be just as significant. For example, the AMLO Amendment Bill proposes a change to the definition of ‘beneficial owner’ in the context of trusts. In the past, the definition was limited to an individual who is entitled to a vested interest in more than 25% of the capital. That definition has been broadened to include trustees and any beneficiary or class of beneficiaries entitled to a vested interest in the trust. This broader definition will place a greater obligation upon lawyers, courts and TCSP practitioners when identifying the beneficial owners of trusts.

The proposed change to the definition of Politically Exposed Person (PEP) in the AMLO Amendment Bill to include PEPs from the Mainland is another significant development. Mr Lintern-Smith, a former President of the Law Society, emphasised that inclusion of PEPs from the Mainland will now be consistent with the Law Society’s definition of PEP incorporated in the Practice Direction P (PDP) (solicitors AML/CFT guide) back in 2018. Flexibility will also be given to treatment of former PEPs by allowing the exemption of enhanced due diligence requirements in low risk cases, subject to the risk-based approach.

Mr Lintern-Smith also discussed proliferation financing and the risk of evasion of targeted financial sanctions. The potential AML/CFT implications of these issues look set to gain a higher profile in Hong Kong in the coming years. Proliferation financing refers to the provision of funds or financial services for activities related to nuclear, chemical or biological weapons. The government’s second Hong Kong ML and TF Risk Assessment Report, published in July 2022, tackles this issue for the first time.

Mr Lintern-Smith explained that the Law Society is in the process of enhancing the PDP with new provisions to combat proliferation financing and to align with corresponding requirements contained in Hong Kong’s Weapons of Mass Destruction (Control of Provision of Services) Ordinance (Cap 526) and the United Nations Sanctions Ordinance (Cap 537).

Tech tools for TCSPs

As mentioned in the introduction to this article, technology has been improving the tools available to TCSPs to upgrade their AML/CFT controls. Daniel Wong FCG HKFCG, Associate Director – Compliance and Risk Management, SWCS Corporate Services Group (Hong Kong) Ltd, focused his presentation on the tech tools currently available to assist TCSPs with a wide range of due diligence issues.

Since the advent of the Covid-19 pandemic, TCSPs have had to rely increasingly on remote customer onboarding processes. Mr Wong highlighted the various digital identification technologies, in particular biometrics and facial recognition, that are now commonly in use to assist with customer identification.

He added that TCSPs should bear in mind that customer due diligence (CDD) is an ongoing process and technology can help greatly to ensure that, once you have completed the onboarding, you can continue to keep up as data relating to the client goes on changing.

He highlighted the uses of data analytics and distributed ledger (blockchain) technology to assist with transaction monitoring. Data analytics helps with the analysis of large quantities of data collected from various sources to identify links and patterns relevant to AML/CFT risks. The use of distributed ledger technology is relevant to the authentication of customer identities and transaction tracing.

‘Good features like automatic alerts can give TCSPs more confidence to take on clients because they will be able to maintain an ongoing monitoring of the risks involved,’ Mr Wong said.

Mr Wong also discussed the use of artificial intelligence (AI) to help with the risk profiling of customers and generating alerts where high risk or suspicious transactions are identified. AI is increasingly used in crime pattern analysis and crime trend prediction. It can also be useful to alert TCSPs to transactions involving non-FATF jurisdictions or geographical areas identified by FATF as high risk.

Finally, he looked at the uses of encryption technologies – such as Transparent Database Encryption (TDE) or Secure Sockets Layer (SSL) – to ensure safe record-keeping for AML/CFT data.

Identifying red flags

The third speaker in Panel One, Samuel Lung, Partner, Financial Services Business Consulting, Greater China Financial Crime Compliance Leader, Ernst & Young, focused his presentation on three overseas cases to help TCSPs identify red flags in their CDD processes.

He started by pointing out that red flags can take many different forms and TCSPs need to remain vigilant to the specific circumstances of the cases they handle. ‘There is never a hard and fast rule or an absolute formula for you to avoid ML/TF or sanctions activities. Practitioners should take a common sense approach to CDD,’ he said.

1. Complex corporate structures 

The first case cited by Mr Lung involved the use of seven international business companies incorporated in Anguilla by a foreign national using a TCSP. The companies were used to open bank accounts in Anguilla that facilitated the laundering of funds derived from an investment wire fraud scheme.

While complex corporate structures are not illegal, TCSPs should be vigilant where such structures disguise the identity of the ultimate beneficiaries, Mr Lung said. Effective know your customer (KYC) and CDD policies and procedures are all the more essential in such cases to avoid the TCSP’s services being used for the purposes of ML or TF.

2. Trust the evidence 

The second case cited by Mr Lung involved eight trusts that were clients of a TCSP in Ireland. In most cases, the beneficiaries of the trust were described as ‘family members of the settlor’ and there was no record of CDD on file for them. The beneficiaries of one of the trusts were listed as ‘various charities’. When Ireland’s Anti–Money Laundering Compliance Unit (AMLCU) followed up on this, it was found that the beneficiaries were actually family members and business friends and associates of the settlor.

Mr Lung pointed out that this case presented clear red flags of malpractice. ‘TCSPs must have a very good understanding of their customers, their businesses and, most importantly, the risks associated with them. No matter how plausible they look to you, the most important thing is the evidence,’ he said.

One crucial piece of evidence when dealing with trusts is whether the individuals connected with the trust are mentioned in court or regulatory judgments. In this case, a settlor of one of the trusts had been referred to in a case before the UK High Court in 2013. This individual had not been referenced, however, in any of the CDD documentation provided to the AMLCU.

Good CDD should always involve the ‘name screening’ of clients, Mr Lung added. This process will help alert TCSPs where clients have potentially been involved in malpractice, or whether they have previously been prohibited from holding a directorship role in a company or from operating a trust.

3. Sanctions violations

The third case related to another case investigated by the AMLCU. A TCSP incorporated in Ireland was found to have been used to evade EU and US sanctions by a subsidiary of a large Russian oil company. Mr Lung pointed out that this case demonstrates another good reason for effective KYC and CDD – to avoid getting involved in sanctions violations. He urged TCSPs in Hong Kong to ask more questions where a client is engaged in an activity that may be subject to sanctions.

‘Hong Kong is an international financial centre and TCSPs may have all sorts of customers. It is not uncommon to see companies incorporated offshore seeking TCSP services. You need to look closely at whether your clients are involved in activities sanctioned or prohibited by other jurisdictions,’ he said.

Practical issues

In keeping with the remit for the Institute’s ECPD programme, the conference had a practical focus. The Panel One Q&A session was an opportunity for the panellists to share their practical advice about the issues TCSPs have been facing in the year since the last conference.

The Panel One Chair, Edmond Chiu FCG HKFCG(PE), Institute Council member, and Head of Corporate & Fund Services, Vistra Corporate Services (HK) Ltd, launched the Q&A with a question about whether TCSPs were still encountering difficulties when trying to open bank accounts for clients.

This issue was discussed extensively in the 2021 conference. The progressive tightening of international standards in combating ML and TF had led banks to impose stricter screening criteria for new bank account opening applications. As a result, TCSPs were finding it difficult to open bank accounts for their clients.

Panellist Teresa Lau ACG HKACG, Director and Head of Corporate Secretarial Services, BDO Ltd, said that this situation has improved somewhat, although banks are still under substantial pressure to maintain strict controls on bank account opening procedures.

‘Banks are now adopting a risk-based approach,’ she said. This has favoured relatively straightforward cases deemed as low risk by the bank, but the travel restrictions brought in because of the Covid-19 pandemic have complicated matters.

‘Fortunately, we have seen some banks offering a remote onboarding option for clients unable to come from overseas to Hong Kong to attend the account opening interview,’ said Ms Lau. ‘I have had cases where the client has been able to open a bank account after attending an online video conference with the bank. So we have seen improvements and we hope this will continue.’

Panellist Alberta Sie FCG HKFCG(PE), Director and Company Secretary, Reanda EFA Secretarial Ltd, also discussed this increased reliance on remote client onboarding. She pointed out that, due to the Covid-19 risks, clients are sometimes reluctant to come to the service provider’s office even when they are in Hong Kong.

Moreover, while technology has provided an alternative to face-to-face onboarding, Ms Sie pointed out that practitioners have had to become a lot more tech savvy as this technology, as well as the other tech tools highlighted in Daniel Wong’s presentation, have become an increasingly essential part of TCSP work.

‘In addition to client onboarding, we have also had to upgrade our databases. I think it has been quite challenging for ordinary practitioners to learn how to handle the new technologies. TCSP licensees have also had to invest more in these technologies and in providing sufficient training for staff. I would like to see the universities, as well as our Institute, provide more training to help us with this.’

The Q&A also addressed questions relating to the conflicts that can arise between the sales and the compliance side of TCSPs. The panellists agreed that there is now better awareness, both within TCSPs and among clients, of why CDD controls are necessary.

‘In the past, clients wouldn’t always understand why the controls were necessary,’ said Ms Sie. ‘But now they have to face the same requests and requirements from all of the other professional firms (including the CPA and law firms) and the banks. So nowadays, clients are more cooperative.’