Disciplinary action by SFC for AML breaches

Introduction

On 16 March 2022, the Securities and Futures Commission (the “SFC”) reprimanded and fined Emperor Securities Limited and Emperor Futures Limited (collectively, “Emperor”) for failures in complying with anti-money laundering and counter-terrorist financing (“ML/TF”) regulatory requirements pursuant to section 194 of the Securities and Futures Ordinance (“SFO”).

The regulatory requirements

The relevant regulatory requirements are mainly stated in the Anti-Money Laundering and Counter-Terrorist Financing (Financial Institutions) Ordinance (“AMLO”) and the Guideline on Anti-Money Laundering and Counter-Terrorist Financing (“AML Guideline”).

According to section 23 of schedule 2 to the AMLO and paragraph 2.1 of the AML Guideline, licensed corporations are required to take all reasonable measure to ensure that proper safeguards exist to mitigate ML/TF risks, as well as preventing contravention of any customer due diligence and record-keeping requirements under the AMLO. Licensed corporations are therefore required to implement internal anti-money laundering and counter-terrorist financing (“AML/CFT”) policies.

Further, section 5(1) of schedule 2 to the AMLO and paragraphs 5.1, 5.10 and 5.11 of the AML Guideline provided that licensed corporations should continuously monitor their business relationship with their clients by:

1.       monitoring activities of the clients to ensure they are consistent with the licensed corporation’s knowledge of the nature or business, risk profile and source of funds of the clients;     

2.       identifying transactions that are complex, large or unusual or patterns of transactions with no apparent economic or lawful purpose and which may indicate ML/TF; and       

3.       making relevant enquiries and examining the background and purpose of complex, large or unusual transactions and document the findings and outcomes in writing available for assisting the relevant authorities.  

Paragraphs 7.14 and 7.39 of the AML Guideline also set out examples of red flags, including but not limited to:

1.       transactions or instructions with no apparent legitimate purpose and/or appear to have no commercial rationale; and

2.       client requesting for transaction out of the ordinary range of services normally requested without reasonable explanation.

Emperor’s regulatory breaches

Problematic transfers

Between 1 December 2016 and 10 December 2017, Emperor processed and approved a total of 764 third party fund transfers without undergoing sufficient due diligence to validate the relationships between the clients and the third parties, and/or reasons for the transfers.

1.       Transfers with unverified relationship

All the transfers were made to or from third parties whose relationships with the clients were unverified or difficult to verify, including (i) spouse and relatives; (ii) director, shareholder, business partner and money lender; and (iii) friend and colleague.

2.       Transfers which raised red flags

The transfers demonstrated various problematic features which should have raised red flags:

1.       Some of the transfers have no apparent economic or lawful purpose, and were out of the ordinary range of services normally requested by a client, such as claiming to be for loan reasons but with no supporting documents, or did not provide any reasons at all; and

2.       Some of the transfers appeared to be unusual and involve frequent transfers to or from the same third party, such as multiple transfers made on the same day between clients by reason of business arrangement with no support from the clients’ corporate documents, or multiple intra-account transfers to the same person claiming to have different relationships with other clients.

Emperor’s internal control failure

Emperor relied on information provided by clients without properly scrutinizing the transfers and did not have in place effective procedures and controls to detect red flags. Particular failures include the following:

1.       Emperor did not put in place adequate procedures to scrutinise third party deposits and intra-account transfers between clients;

2.       Although Emperor required staffs to make telephone confirmations to confirm the relationship and reason for some of the third party fund transfers, there were no guidance provided to their staff on what enquiries were to be made during such telephone confirmations;

3.       Although Emperor’s policy provided that third party fund transfers should be subject to special approval by their management and required clients to provide justifiable reasons for the requests, the staff and management appeared to lack a proper understanding of the same and the staff have given evidence that they were not required to ask client to provide reason for the transfer, but the transfers were nevertheless approved; and

4.       Emperor’s policy did not require their staff to make further enquiries or require clients to provide any supporting documents for verifying the reasons for transfers or relationship with the third parties as claimed by the clients.

Accordingly, the SFC found that Emperor has breached, among others, the AMLO and AML Guideline by failing to take all reasonable measures to ensure existence of proper safeguards to mitigate the risks of ML/TF associated with third party fund transfers, as well as not conducting appropriate scrutiny when processing third party fund transfers.

Takeaway

This is not the first time the SFC takes disciplinary actions against licensed corporations for their failures to scrutinize third party deposits and/or payments. Since March 2017, multiple licensed corporations were penalized for similar problems in this area and this current disciplinary actions is in line with the preceding cases (e.g. Zhongtai International Securities Limited, Guoyuan Securities Brokerage (Hong Kong) Limited etc). Licensed corporations are reminded to stay vigilant to guard against ML/TF risks, in particular those related to third party deposits and payments.

Contributing Advisors