10 Anti-Money Laundering Questions in Hong Kong (Guide)

1. What laws and regulations exist in Hong Kong to prevent money laundering, terrorist financing and financial crime in general (these are collectively referred to as “AML”)?

Hong Kong’s anti-money laundering regime applies at a single district level. It includes:

*Legislation;

• Guidelines issued under legislation (which does not constitute subsidiary legislation);
• Other guidance materials issued by Hong Kong regulators.

Legislation: The main legislation related to anti-money laundering is:

• Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Cap. 615) (AMLO);
• Drug Trafficking (Recovery of Proceeds) Ordinance (Cap. 405) (DTROP);
• Organized and Serious Crimes Ordinance (Cap. 455) (OSCO);
• United Nations (Anti-Terrorism Measures) Regulations (Cap. 575) (UATMO);
• United Nations Sanctions Regulations (Cap. 537) (UNSO);
• Weapons of Mass Destruction (Provision of Regulated Services) Regulations (Cap. 526).

There is subsidiary legislation for certain legislation, in particular under regulations issued by UNSO, which are the source of sanctions requirements. **

Guidance issued in accordance with legislation: The main guidelines related to anti-money laundering are set out below.

! [gYxlE44Iwn1kqAR6Jh3nZbIyex0fssYiSqiPMv22.png] (https://img.jinse.cn/7133728_image3.png “7133728”)

This includes how these laws are monitored and enforced, such as preventive measures, penalties, and how civil and criminal penalties are imposed. In addition to national laws, does Hong Kong have its own special laws and regulations?

2.Which public sector agencies and authorities are responsible for enforcing anti-money laundering laws and regulations?What powers do they have?

The relevant agency responsible for enforcing AMLO depends on the nature of the regulated entity. AMLO has two types of regulated entities:

• Financial Institutions (FI);
• Designated Non-Financial Businesses and Professions (DNFBP)

FI includes:

• Accreditation Bodies;
• Licensed corporations;
• Authorized insurers;
• Appointed Insurance Agent;
• Authorized Insurance Brokers;
• Stored Value Facility (SVF) licensees;
• Money Service Operators; and
• Postmaster General

DNFBP includes:

*Lawyer; *Accountant; *Realtor; and

• Trust & Company Service Providers (TCSPs)

Under the Anti-Money Laundering Regulations, the relevant authorities have the power to carry out inspections and investigations, including requesting the production of documents and answering questions from the regulator in writing. They can also apply for a court warrant to enter and search the premises and remove records and documents believed to be relevant to their investigation.

In the event of a breach of a specific provision (as defined in section 5(11) of the AML Regulations), the relevant supervisory authority may take disciplinary action against the regulated entity.

In the event of an alleged criminal offence under OSCO, DTROP or UNATMO, the investigation will be led by multiple law enforcement agencies, including:

• Hong Kong Police Force (usually dealing with drug trafficking cases);
• Customs and Excise Department (smuggling cases);
• Independent Commission Against Corruption (which is usually responsible for fraud and corruption-related matters);
• The above-mentioned relevant departments

**3. Is there a self-regulatory organization or professional association? What powers do they have? **

The following self-regulatory organizations or professional associations are responsible for developing and implementing AML/CFT policies for their members:

• the Estate Agents Authority (EAA) of any “estate agent”;
• The Hong Kong Institute of Certified Public Accountants (HKICPA) regulates any “accounting professional” under the supervision of the Accounting and Financial Reporting Council (AFRC);
• The Law Society of Hong Kong (LSHK) defines any “legal professional”.

For accounting professionals, the Hong Kong Institute of Certified Public Accountants (HKICPA) has promulgated the Anti-Money Laundering/Countering the Financing of Terrorism Guidelines for Professional Accountants (Chapter F of the Code of Ethics for Professional Accountants). AFRC conducts investigations and disciplinary actions against accounting professionals, including for non-compliance with AML/CFT requirements. and any law firm, lawyer, or foreign lawyer who fails to comply with the mandatory part of the Practice Directive may face disciplinary action from LSHK.

4. What are the ways to report suspicious behavior or transactions (such as suspected money laundering)? Is there a specific authority or means that would allow us to find out if the money is from criminal activity, or to demand an explanation as to where the money came from? **

Proactively** Report suspicious activities and/or transactions****:* In accordance with OSCO, DTROP and UNATMO regulations, if a person knows or suspects that any property is being used or represents the proceeds of drug trafficking or an indictable crime, or that any property is the property of terrorists, it must be reported to the JFIU as soon as possible. These obligations apply to all persons, including the company and every officer of the company. Failure to report such knowledge or suspicion is a criminal offence punishable by a maximum fine of HK$50,000 and imprisonment for three months upon conviction. Specific authority to identify proceeds of crime/request explanation of the source of funds: The law does not give the authorities specific powers. However, if there is a suspicion that the funds are proceeds of crime, the regulated entity should take appropriate steps to make further inquiries as part of its customer or transaction due diligence process

Fifth, what kind of behavior in Hong Kong will be considered money laundering, and what are the specific things? If someone is accused of money laundering, what laws can they rely on to defend themselves? ”**

! [YkHwDgSqfnmhUSHaEPR8ejJ9ewWlk1lQ3ygRtYcg.png] (https://img.jinse.cn/7133729_image3.png “7133729”)

! [kMXKCdiDG3Ax6zHTdslVesQTtQLeFGtuLZT2pA2d.png] (https://img.jinse.cn/7133730_image3.png “7133730”)

6. What do Hong Kong’s anti-money laundering strategies for enterprises need to include****, and those who are responsible for anti-money laundering, such as money laundering reporting officers, what standards do they need to meet or what regulations do they need to follow?**

Financial institutions (FIs) or regulated entities licensed or registered with the Hong Kong Monetary Authority, the Securities and Futures Commission or the Insurance Authority are required to maintain an AML/CFT compliance program. Regulated entities should implement adequate and appropriate AML/CFT systems that are commensurate with the nature, size, and complexity of their operations and the money laundering or terrorist financing (ML/TF) risks arising from those operations. An in-house AML/CFT system should include:

• Compliance management arrangements;
• Independent audit function;
• Employee screening procedures;
• Ongoing staff training programs.

The company’s senior management shall:

• Appointment of a senior staff member as a money-laundering reporting officer;

• Ensure that the Money Laundering Reporting Officer meets the relevant standards set out in the Regulatory Guidelines and fulfils his or her primary duties.

Companies should also establish and maintain clear policies and procedures for internal reporting to the Money Laundering Reporting Officer.

**7. What do you need to do in customer and business partner due diligence (know your customer/customer due diligence)? Are there any perspective requirements? Are there simplified or enhanced due diligence requirements for certain types of people and activities? **

The Anti-Money Laundering and Counter-Terrorism Financing Regulations (AMLO) require financial institutions and Designated Non-Financial Businesses and Professionals (DNFBP) to conduct customer due diligence (CDD) on their customers. The term “business partner” is not used in Hong Kong’s AML/CFT-related legislation or in any other AML/CFT-related legislation.

Part 2 of AMLO Schedule 2 sets forth the customer’s CDD requirements. These include:

• Use documents, data, or information provided by reliable and independent sources to identify and verify the identity of the customer;
• Identify and take reasonable steps to verify the identity of the beneficial owner;
• Obtain information about the purpose and intended nature of the business relationship;
• If a person claims to be acting on behalf of a client:

identify the person and take reasonable steps to verify the identity of the person;

Verify the person’s authority to act on behalf of the customer.

CDD must be performed by FI and DNFP:

• Before entering into a business relationship with a customer or before entering into certain transactions with a customer;
• When the client’s account is suspected of being involved in money laundering or terrorist financing; or
• When there are doubts about the accuracy or adequacy of previously obtained CDD information.

FI and DNFP must also continuously monitor business relationships with customers.

The AMLO regulates the circumstances in which financial institutions and DNFBPs must make simplified or enhanced CDDs. To illustrate this, this is required:

• Politically sensitive clients;
• High-risk customers;
• Insurance policy; *Wire transfer;
• Remittance transactions;
• Correspondent banking relationship.

**8. What are the **** due diligence requirements that need to be met for the ultimate beneficial owner? **

According to Section 1 of Schedule 2 to the Anti-Money Laundering Regulations, the definition of “beneficial owner” includes the individual who ultimately owns or controls a legal person, i.e., the ultimate beneficial owner (UBO).

The CDD requirements set forth in Part 2 of Schedule 2 of AMLO generally cover customers and their beneficial owners. Financial institutions and DNFBPs should identify customers and their beneficial owners:

• Before entering into a business relationship with a customer;
• Establish a business relationship with a customer without interrupting the normal conduct of business if necessary, or effectively managing any money laundering/terrorist financing risks that may arise.

AMLO Schedule 2, Part 2, Section 2(b) sets out specific CDD requirements for Customer’s beneficial owners. Financial institutions and DNFBPs should take reasonable steps to verify the identity of the UBO, for example, by obtaining the UBO’s name, date of birth, nationality, and unique identifier (and document type). If FI or DNFBP does not have access to all of the UBO’s identifying information, it should assess:

• Whether the information obtained was sufficient to identify the ultimate beneficiary;
• Whether the ownership and control structure of the UBO is understood.

**9, **** Which books and records requirements are relevant to the background of anti-money laundering? What privacy laws apply? **

Record keeping: Part 3 of AMLO Schedule 2 sets forth recordkeeping requirements for financial institutions and DNFBPs. FI and DNFBP must:

• For each transaction they make, keep originals or copies of documents and records of data and information. Records must be kept for at least five years after the transaction is completed, regardless of whether the business relationship ends during that period;
• For each customer, retain:

o Original or copies of documents and records of data and information obtained in identifying and verifying the Client or any beneficial owner of the Client; and

o Original or copy of client account documents and business correspondence with client and any beneficial owners of client.

The relevant authority or regulator may issue a written notice requiring the FI or DNFBP to keep records relating to a particular transaction or client for a period specified by the relevant authority or regulator.

Applicable Privacy Laws: The Personal Data (Privacy) Ordinance (Cap. 486) (PDPO) applies. The PDPO allows the collection of personal data for CDD purposes. The Company shall comply with the PDPO and promote good practices in the CDD process relating to the collection, accuracy, retention, use, security and access of customers’ personal data.

10. What other compliance best practices should companies implement to reduce the risk of AML violations? **

Regulated entities are encouraged to refer to the circulars, guidance documents and FAQs issued by regulators or associations from time to time in order to stay up-to-date on best practices and new technologies to mitigate money laundering/terrorist financing risks.

Regulated entities should also encourage employees to report and notify their supervisors if they become aware of any violations in the course of their business that pose a risk of money laundering/terrorist financing.

11. What other defences can a company accused of violating anti-money laundering laws take?

Dealing with the offence: Under Article 25(2) of the OSCO and DTROP and Article 12(2B)(b) of the UNATMO, a defence is constituted if the following conditions are met:

• The person intends to disclose to an authorized officer knowledge, suspicions or matters relating to the violation of the trading prohibition;
• The person has reasonable grounds for failing to disclose.

In addition, if a person commits any act that violates a trading offense and makes appropriate disclosures, it does not constitute a crime if:

• The disclosure was made prior to the act and the act was made with the consent of an authorized officer; or
• Disclosure is made after and where reasonable the person has acted on his own initiative.

Breach of confidentiality: Under section 25A(6) of the OSCO and DTROP and section 14(7) of the UNATMO, a defence may be made to prove that the person:

not knowing or suspecting that the disclosure could cause harm; or

Have the lawful authority or reasonable grounds to make such disclosure.

Other criminal acts: In the case of employees, employees are personally criminally liable under section 5(7) of the Anti-Money Laundering and Counter-Terrorism Financing Regulations (AMLO) if they knowingly cause the company to breach the specific provisions of the AMLO regarding customer due diligence requirements and record keeping. However, under Section 5(9), it is a defence for an employee to act in accordance with the policies and procedures established and maintained by the company.

12. Does the anti-money laundering regime apply to crypto-asset activities? If so, how? **

While Hong Kong’s AML/CFT legislation does not explicitly mention virtual assets, Hong Kong’s AML/CFT regime has been extended to cryptoasset activities as cryptoassets are a form of property. For example, under the Anti-Money Laundering and Counter-Terrorist Financing Guidelines (Applicable to Licensed Corporations and SFC-licensed Virtual Asset Service Providers) and the Organized and Serious Crimes Ordinance, a party commits an offence if it deals with any property knowing or having reasonable grounds to believe that the property represents, in whole or in part, directly or indirectly, the proceeds of an indictable offence by any person.