1. What laws and regulations are there in Hong Kong to prevent money laundering, terrorist financing and general financial crimes (these are collectively referred to as "AML") ?
Hong Kong's anti-money laundering regime applies at a single regional level. it includes:
legislation;
guidance issued under legislation (which does not constitute subsidiary legislation); and
Other guidance material issued by Hong Kong regulatory authorities.
Legislation: The main legislation related to anti-money laundering are:
Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Chapter 615) (AMLO);
Drug Trafficking (Recovery of Proceeds) Ordinance (Chapter 405) (DTROP);
Organized and Serious Crimes Ordinance (Cap. 455) (OSCO);
United Nations (Anti-Terrorism Measures) Regulations (Chapter 575) (UATMO);
United Nations Sanctions Regulations (Chapter 537) (UNSO); and
Weapons of Mass Destruction (Provision of Controlled Services) Ordinance (Cap. 526).
Subordinate legislation exists for some legislation, in particular under regulations issued by the UNSO, which are the source of sanctions requirements.
Guidance issued under legislation: The main guidance relevant to anti-money laundering is as follows.
Including how to supervise and enforce these laws, such as preventive measures, punishment methods, and how to impose civil and criminal penalties. In addition to national laws, does Hong Kong have its own special laws and regulations?
2. Which public sector agencies and authorities are responsible for enforcing anti-money laundering laws and regulations? What power do they have?
The relevant authority responsible for enforcing an AMLO depends on the nature of the regulated entity. AMLO has two categories of regulated entities:
Financial Institution (FI); and
Designated Non-Financial Businesses and Professions (DNFBP)
FI includes:
accreditation body;
licensed corporation;
authorized insurance company;
designated insurance agent;
Authorized insurance broker;
Stored value facility (SVF) licensee;
money services operator; and
postmaster
DNFBP includes:
lawyer;
accountant;
real estate agent; and
Trust and Company Service Provider (TCSP)
Under the Anti-Money Laundering Regulations, relevant authorities have the power to conduct inspections and investigations, including requiring the production of documents and written responses to the regulator's questions. They can also apply for a court search warrant to enter and search premises and remove records and documents believed to be relevant to their investigation.
The relevant supervisory authority may take disciplinary action against a regulated entity if specified provisions (as defined in section 5(11) of the Anti-Money Laundering Regulations) are breached.
If a suspected criminal offense under OSCO, DTROP or UNATMO occurs, the investigation will be led by multiple law enforcement agencies, including:
Hong Kong Police Force (usually handles drug trafficking cases);
Hong Kong Customs and Excise Department (smuggling cases);
the Independent Commission Against Corruption (usually responsible for matters related to fraud and corruption); and
The above relevant departments
3. Are there any self-regulatory organizations or professional associations? What power do they have?
The following self-regulatory organizations or professional associations are responsible for developing and implementing AML/CFT policies for their members:
The Estate Agents Authority (EAA) of any “estate agent”;
The Hong Kong Institute of Certified Public Accountants (HKICPA) regulates any “accounting professionals” under the supervision of the Accounting and Financial Reporting Council (AFRC); and
The Law Society of Hong Kong (LSHK) defines any “legal professional”.
As for accounting professionals, the Hong Kong Institute of Certified Public Accountants has promulgated the Anti-Money Laundering/Combating the Financing of Terrorism Guidelines for Professional Accountants (Chapter F of the Code of Ethics for Professional Accountants). The AFRC investigates and disciplinary action is taken against accounting professionals, including for non-compliance with AML/CFT requirements. and any law firm, solicitor or foreign lawyer who fails to comply with the mandatory parts of the Practice Instructions may face disciplinary action by the LSHK.
4. What are the ways to report suspicious behaviors or transactions (such as suspected money laundering)? Are there specific powers or ways in which we can find out if the money came from criminal activity, or require an explanation of where the money came from?
Proactive reporting of suspicious activities and/or transactions : In accordance with the provisions of OSCO, DTROP and UNATMO, if a person knows or suspects that any property is used for or represents the proceeds of drug trafficking or indictable offences, or that any property is the property of a terrorist, Reports must be made to JFIU as soon as possible. These obligations apply to everyone, including the company and each of its officers. Failure to report such knowledge or suspicion is a criminal offense punishable on conviction by a fine of up to HK$50,000 and three months' imprisonment.
Specific powers to identify proceeds of crime/require explanation of source of funds : The law does not confer specific powers on the authorities. However, if there are concerns that funds are the proceeds of crime, the regulated entity should take appropriate steps to make further inquiries as part of its customer or transaction due diligence procedures
5. What kind of behavior is considered money laundering in Hong Kong , and what specific things are included? If someone is accused of money laundering, what laws can they rely on to defend themselves? "
6. What does Hong Kong’s corporate anti-money laundering strategy need to include ? What standards do those responsible for anti-money laundering, such as the money laundering reporting officer, need to meet or what regulations do they need to follow?
Financial institutions (FIs) or regulated entities licensed or registered by the Hong Kong Monetary Authority, the Securities and Futures Commission or the Insurance Authority are required to maintain an AML/CFT compliance program. Regulated entities should implement adequate and appropriate AML/CFT systems that are commensurate with the nature, size and complexity of their operations and the money laundering or terrorism financing (ML/TF) risks arising from those operations. Internal AML/CFT systems should include:
Compliance management arrangements;
an independent audit function;
Employee screening procedures; and
Ongoing employee training program.
Company senior managers should:
Appoint a senior staff member as the Money Laundering Reporting Officer; and
Ensure that the Money Laundering Reporting Officer meets the relevant standards set out in the regulatory guidance and fulfills his/her key responsibilities.
Companies should also establish and maintain clear policies and procedures for internal reporting to the Money Laundering Reporting Officer.
7. What needs to be done during customer and business partner due diligence (know your customer/customer due diligence) ? Are there any see-through requirements? Are there simplified or enhanced due diligence requirements for certain types of persons and activities?
The Anti-Money Laundering and Counter-Terrorism Financing Ordinance (AMLO) requires financial institutions and designated non-financial businesses and professionals (DNFBPs) to conduct customer due diligence (CDD) on customers. The term “business associate” is not used in Hong Kong’s AML or any other AML/CFT-related legislation.
AMLO Schedule 2 Part 2 sets out CDD requirements for customers. These include:
Identify and verify the customer's identity using documents, data or information provided by reliable and independent sources;
Identify and take reasonable steps to verify the identity of beneficial owners;
Obtain information about the purpose and intended nature of the business relationship;
If a person claims to act on behalf of a client:
identify the person and take reasonable steps to verify the person’s identity; and
Verify the person's authority to act on behalf of the client.
CDD must be performed by FI and DNFP:
Before establishing a business relationship with a client or before conducting certain transactions for a client;
When the customer’s account is suspected of being involved in money laundering or terrorist financing; or
When there is doubt as to the accuracy or adequacy of previously obtained CDD information.
FIs and DNFPs must also continually monitor business relationships with clients.
AMLO sets out the circumstances under which financial institutions and DNFBPs must undertake simplified or enhanced CDD. To illustrate this, this is required:
politically sensitive clients;
high-risk customers;
insurance policy;
wire transfer;
Remittance transactions; and
Correspondent banking relationships.
8. What due diligence requirements need to be met for the ultimate beneficial owner ?
Under Section 1 of Schedule 2 of the Anti-Money Laundering Regulations, the definition of “beneficial owner” includes the individual who ultimately owns or controls the legal person, that is, the ultimate beneficial owner (UBO).
The CDD requirements under Part 2 of Schedule 2 of AMLO generally cover customers and their beneficial owners. Financial institutions and DNFBP should identify customers and their beneficial owners:
Before establishing a business relationship with the customer; or
After establishing a business relationship with a customer, the normal conduct of the business will not be interrupted if necessary, or any money laundering/terrorist financing risks that may arise will be effectively managed.
Section 2(1)(b) of Part 2 of Schedule 2 of AMLO sets out specific CDD requirements for the beneficial owners of clients. Financial institutions and DNFBPs should take reasonable steps to verify the UBO's identity, such as obtaining the UBO's name, date of birth, nationality and unique identifier (and document type). If the FI or DNFBP is unable to obtain all of the UBO's identifying information, it should evaluate:
Whether the information obtained is sufficient to identify the ultimate beneficiary; and
Whether the ownership and control structure of the ultimate beneficiary is understood.
9. What books and records requirements are relevant to the anti-money laundering context? What privacy laws apply?
Recordkeeping: Part 3 of Schedule 2 of AMLO sets out recordkeeping requirements for financial institutions and DNFBPs. FI and DNFBP must:
Keep originals or copies of documents and records of data and information for every transaction they make. Records must be kept for at least five years after a transaction is completed, regardless of whether the business relationship ends during that period ; and
For each customer, keep:
oOriginals or copies of documents and records of data and information obtained in identifying and verifying the Client or any beneficial owner of the Client; and
oOriginals or copies of client account documents and business correspondence with the client and any beneficial owners of the client.
The relevant authority or regulatory body may, by written notice, require the FI or DNFBP to maintain records relating to a particular transaction or customer for a period specified by the relevant authority or regulatory body.
Applicable privacy law: The Personal Data (Privacy) Ordinance (Cap. 486) (PDPO) applies. The PDPO permits the collection of personal data for CDD purposes. Companies should comply with the PDPO and promote good practices related to the collection, accuracy, retention, use, security and access of customer personal data in the CDD process.
10. What other compliance best practices should companies implement to reduce the risk of anti-money laundering violations?
Regulated entities are encouraged to refer to the circulars, guidance documents and FAQs issued by regulators or associations from time to time to stay abreast of best practices and new technologies for mitigating money laundering/terrorist financing risks.
Regulated entities should also encourage employees to report and notify their supervisors if they discover any irregularities in the course of business that pose a money laundering/terrorist financing risk.
11. What other defenses can a company accused of violating anti-money laundering laws take?
Dealing with the crime: Under Article 25(2) of OSCO and DTROP and Article 12(2B)(b) of UNATMO, a defense is constituted if:
the person intends to disclose to an authorized officer knowledge, suspicion or matter relating to a breach of the trading prohibition; and
The person had reasonable excuse for failing to disclose.
In addition, if a person commits any act that contravenes a transaction offense and makes appropriate disclosures, an offense will not be committed if:
The disclosure preceded the act and the act was done with the consent of an authorized officer; or
Disclosure is made following action of the person's own initiative and is reasonably made under the circumstances.
Offense of Disclosure: Under section 25A(6) of OSCO and DTROP and section 14(7) of UNATMO, a defense may be raised to prove that the person:
· Did not know or suspect that the disclosure might cause harm; or
·Have legal authority or reasonable grounds to make the disclosure.
Other Offenses: In relation to employees, under section 5(7) of the Anti-Money Laundering and Counter-Terrorism Financing Regulations (AMLO), an employee will be liable if the employee knowingly causes the company to breach the specific provisions of the AMLO regarding customer due diligence requirements and record keeping. bear personal criminal responsibility. However, it is a defense under section 5(9) that the employee acted in accordance with policies and procedures established and maintained by the company.
12. Does the anti-money laundering system apply to crypto asset activities? If applicable, how?
Although Hong Kong’s AML/CFT legislation does not explicitly mention virtual assets, Hong Kong’s AML/CFT regime has been extended to crypto asset activities as crypto assets are a form of property. For example, according to the Anti-Money Laundering and Counter-Terrorist Financing Guidelines "Applicable to Licensed Corporations and Virtual Asset Service Providers Licensed by the Securities and Futures Commission" and the Organized and Serious Crime Ordinance, if a party knowingly or A party commits an offense if he has reasonable grounds to believe that the property represents, in whole or in part, directly or indirectly, the proceeds of an indictable offense against any person.
