The SFC issued new anti-money laundering and counter-financing of terrorism (AML/CFT) FAQs (which supersede the March 2012 FAQs), together with a circular, on 22 February 2019. The FAQs have been updated to reflect the provisions of the March 2018 Anti-Money Laundering and Counter-Terrorism Ordinance (AMLO) and the November 2018 SFC Guideline on Anti-Money Laundering and Counter-Financing of Terrorism (for Licensed Corporations) (AML Guideline). The SFC also indicated that it will continue to revise and update the FAQs as necessary.
Some existing FAQs were revised (for example those relating to overseas subsidiaries, expired documents and unsuccessful applicants) but most of the new FAQS are basically intuitive (and industry players who prefer prescriptive rules may find them useful).
It would be helpful if next time the SFC updates the FAQs, it could address the following industry concerns:
The key points in the new FAQs are as follows:
1. Ongoing monitoring: Firms can employ an external third party agent to conduct ongoing monitoring (on their behalf in accordance with the HK AML/CFT requirements) (FAQ #13)
2. Electronic document verification: The SFC has added a new example of how electronic documents can be verified (FAQ #8)
3. Foreign language documents: Translations do not need to be performed by a professional third party (FAQ #9)
4. Identification of natural persons: The SFC has reissued this useful guidance from the March 2018 AML guideline, which had not been included in the latest AML Guideline for some reason (FAQs #2 and #3)
5. Source of wealth: The SFC confirmed that a customer’s source of wealth only needs to be identified generally for high risk customers (FAQ #11)
6. High risk countries: It is only mandatory for firms to take enhanced due diligence measures (i.e. the additional CDD measures in 4.9 of the AML Guideline) for those countries specified by the FATF and currently there are only two countries in this category: Iran and the Democratic People’s Republic of Korea (see the FATF Public Statements of February 2019). Those countries falling under the FATF category of “Improving Global AML/CFT Compliance: On-going Process” (which are also known as “High-risk and other monitored jurisdictions”, for example Ethiopia and Cambodia), are not on this mandatory list. This means that technically firms only need to “take into account” that the country is on this list when risk-profiling customers “associated” with these countries and can decide for themselves whether or not to take enhanced due diligence measures (see listas of 22 February 2019 here). Given that the SFC has provided no further guidance in this FAQ, the prudent approach would have to be to treat these two categories of countries in the same way and take enhanced due diligence measures (FAQ#12). If a firm wishes to have more flexibility, they will need to take extra steps to stay up-to-date on all FATF and SFC guidance on those countries and make sure that the CDD they do perform on such clients is extremely robust and well-documented.