Learn more about our comprehensive legal services.
Advising our clients on different opportunities and challenges of the industry.
Developing a unique culture, which blends traditional client care with modern technology and working practices since 1851.
Stay up to date on the latest news and legal insights.
News & Insights
As a result of the COVID-19 pandemic, many people have been forced to work from home and this has created new opportunities and very fertile ground for the emergence of cyber threats. Accordingly, on 29 April 2020, the Intermediaries Supervision Department of the Hong Kong Securities and Futures Commission (SFC) issued a circular (Circular) containing examples of controls and procedures firms can put in place to manage their cybersecurity risks.
Cyberattacks can affect any business but SFC licensed firms are subject to various regulatory obligations requiring them to ensure that they have the operational capability to protect their operations and their clients from financial loss arising from theft, fraud and other dishonest acts, and to ensure the integrity and security of all information relevant to their business operations. In the Circular, the SFC pointed to paragraph 4.3 of the Code of Conduct and Part IV of the Internal Control Guidelines as the regulatory sources for this guidance.
We have highlighted below some of the examples provided by the SFC which we think are particularly relevant to asset management clients.
1. |
If a firm allows staff to remotely access the firm’s internal network and system through a Virtual Private Network (VPN):
|
2. |
Where firms allow staff to use videoconferencing platforms:
|
3. |
In addition:
|
Subscribe to Publications
Sign up for our regular updates covering the latest legal developments, regulations and case law.