FIBA FX (hereinafter the “Company”) is required to categorize its Clients into one of the following three categories: retail, professional or eligible counter-party.
I. CLIENT CLASSIFICATION
The Company, prior to engaging in business relationship with its potential clients, notifies the potential clients of the clients’ classification in use by the Company, and informs them about the category in which they are initially classified by the Company. Clients shall be categorized as follows, based on the criteria outlined below:
a. Professional Clients
Professional client is a client who possesses the experience, knowledge and expertise to make its own investment decisions and properly assess the risks that it incurs.
In order to be considered a professional client, the client must fall within the following categories of clients:
i. Entities which are required to be authorized or regulated to operate in the financial market, such as:
- Credit institutions
- Investment Firms
- Other authorized or regulated financial institutions
- Insurance undertakings
- Collective investment schemes and management companies of such schemes
- Pension funds and management companies of such funds
- Commodity and commodity derivatives dealers
- Other institutional investors
- Large undertakings meeting two of the following size requirements, on a proportional basis:
- Balance Sheet total at least
- Net Turnover at least
- Own Funds at least
iii. National and regional governments and public bodies
iv. Other institutional investor whose main activity is to invest in financial instruments including entities dedicated to the securitization of assets or other financing transactions
b. Retail Clients
Each client, who is not a professional client, is considered to be a retail client.
II. OPTION TO CHANGE CLASSIFICATION
It is noted that an eligible counterparty or professional client is allowed to request non professional treatment and the Company may agree to provide a higher level of protection. In this respect, the Company notifies its clients in a written form of their option to be classified as retail clients. The Company proceeds in this action, in order to offer a uniform level of protection to all of its clients.
The higher level of protection will be provided by the Company when the client enters into a written agreement with the Company, to the effect that it shall not be treated as a professional. It is the responsibility of the client who is classified as a professional client to ask for a higher level of protection when he is not in a position to properly assess and manage the risks involved in the transactions.
In addition, clients who have been initially classified by the Company as retail clients are allowed to request to be treated as professional clients, provided that at least two of the following criteria are satisfied:
- The client has carried out transactions, in significant size, at an average frequency of 10 per quarter over the previous ten quarters.
- The size of the client’s financial instrument portfolio exceeds EUR500.000.
- The client works or has worked in the financial sector for at least one year in a professional position, which requires knowledge of the transactions or services envisaged.
III. REQUEST FOR DIFFERENT CATEGORISATION
In accordance with Section II above, the following request may be submitted to the company:
a) A Retail Client requesting to be categorised as a Professional Client. In that case the Client will be afforded a lower level of protection.
b) A Professional Client requesting to be categorised as a Retail Client. In that case the Client seeks to obtain a higher level of protection.
The Company reserves the right to decline any of the above requests for different categorisation.
IV. PROTECTION RIGHTS
Retail Clients/ Professional Clients
Where the Company treats the Client as a retail client, he/she/they will be entitled to more protections under the law than if the Client was entitled to be a professional client. In summary the additional protections retail clients are entitled to are as follows:
a) A retail client will be given more information/disclosures with regard to the Company, its services and any investments, its cost, commissions, fees and charges and the safeguarding of client financial instruments and client funds.
b) When executing orders, the Company must take all reasonable steps to achieve what is called “best execution” of the client’s orders that is to obtain the best possible result for their clients.
Where the Company executes an order on behalf of a retail client, the best possible result shall be determined in terms of the total consideration, representing the price of the financial instrument and the cost related to execution, which shall include all expenses incurred by the client which are directly related to the execution of the order, including execution venue fees, clearing and settlement fees and any other fees paid to the third parties involved in the execution of the order.
When providing professional clients with best execution the Company in not required prioritise the overall cost of the transaction as being the most important factor in achieving best execution for them.
c) The Company must inform retail clients of material difficulties relevant to the proper carrying out of their order(s) promptly upon becoming aware of the difficulty.
d) If the Company provides investment services to a new retail client, the Company must enter into a basic agreement with the client, setting out the essential rights and obligation of the firm and the client.
e) We shall not use financial instruments held by us on behalf of a client for our own account or the account of another client of ourselves, without the client’s prior express consent to the use of the instruments on specified terms, as evidenced, in the case of a retail client, by his signature or equivalent alternative mechanism.
Duty to cooperate for prevention of Money Laundering and other criminal activities
a. The Company shall comply with the guidelines and directions issued by the Central Bank of Vanutu and the Commission for the implementation of the legislative requirements.
b. The Company shall follow the Central Bank of Hong Kong’s due diligence procedures and other requirements with respect to the acceptance of large cash deposits and in cases of doubt, they shall seek the advice of the Central Bank.
c. The Company shall determine the identity of the beneficial ownership of all their clients’ accounts and shall not open or maintain such accounts, unless they are satisfied of this requirement, as stipulated in the AML regulation and the legislative requirements. The AML laws and the applicable regulation (hereinafter, the called the “AML Act”)
d. The Company shall take all reasonable measures to ensure that accounts are not used for the purpose of holding assets obtained as the result of, or for facilitating the commission of any criminal activity or for any purpose contrary to the AML Act and the legislative requirements.
e. The Company shall develop and implement policies and procedures to identify and avoid money laundering transactions and to ensure compliance with the requirements of any relevant Hong Kong legislation; and such policies shall include an appropriate training programme for their staff.
f. The Company shall, on a regular basis, evaluate the effectiveness of their policies and control procedures in complying with the legislative requirements and any relevant guidelines, and such evaluation shall be an integral component of any internal audit.
g. The Company shall be vigilant in ensuring the prevention of their involvement or misuse in money laundering activities, and shall not knowingly accept assets or enter into business relationships where there is reasonable cause to believe that such assets may have been acquired illegally or that they represent the proceeds of criminal activity.
The Company shall establish procedures to obtain appropriate evidence of client identity, and shall maintain adequate records of client identity and transactions involved in such a manner as to assist, if necessary, in the investigation of criminal offences.
A. The role of the Board
a. The Board has the ultimately responsibility for the effectiveness of the Company’s AML framework. The Board’s oversight role is intended to ensure, inter alia, that there is compliance with all the relevant laws and regulations and international standards. Such compliance should assist in the detection of suspicious transactions and permit the creation of an audit trail if an investigation is deemed necessary.
b. The Board and the Senior Management should be aware that:
a. The use of a group-wide policy does not absolve directors of their responsibility to ensure that the policy is appropriate for the Company and compliant with Hong Kong law, regulations and guidelines. Failure to ensure compliance by the Company with the requirements of the AML Act may result in significant penalties for directors and the financial institution.
b. Subsidiaries and branches of the Company, if applicable, including those domiciled outside of Hong Kong are expected to, at a minimum, comply with the requirements of the AML Act and the AML Guidelines; and
c. Where some of the Company’s operational functions are outsourced of Hong Kong are expected to, at a minimum, comply with the requirements of the AML Act and AML Guidelines.
c. The Board should therefore demonstrate its commitment to an effective AML programme by:
a. Understanding the statutory duties placed upon it, their staff and the entity it represents;
b. Approving AML policies and procedures that are appropriate for the risks faced by the Company. Evidence of consideration and approval of these policies should be reflected in the board minutes and noted in the policy;
c. Appointing an individual within the organization to ensure that the Company’s AML procedures are being managed effectively; and
d. Seeking assurance that the Company is in compliance with its statutory responsibilities as it relates to AML. This includes reviewing the reports from compliance on the operations and effectiveness of compliance systems.
- The role of the Senior Management
a. Senior management is responsible for the development of sound risk management programmes and for keeping the Board adequately informed about these programmes and their effectiveness. These programmes, which should be designed to permit a sound knowledge of a customer’s business and pattern of financial transactions and commitments, should be formally documented and, at a minimum, irrespective of whether the Company receives funds from third parties or not, should provide for:
a. The development of internal policies, procedures and controls for, inter alia:
i. The opening of customer accounts and verification of customer identity;
ii. Establishing business relations with third parties (including custodians, fund managers, correspondent banks, business introducers);
iii. Determining business relationships that the financial institution will not accept by requiring graduated customer acceptance policies and procedures with more extensive due diligence for higher risk customers;
iv. Determining an exit strategy to terminate undesired relationships with existing customers;
v. The timely detection of unusual activities and reporting of suspicious transactions to the Financial Intelligence Unit;
vi. Internal reporting; and
vii. Records retention.
b. The recruitment of a level of staff, appropriate to the nature and size of the business, to carry out identification, research of unusual transactions and reporting of suspicious activities;
c. Designation of a compliance officer at an appropriate level of authority, seniority and independence to coordinate and monitor the compliance program;
d. An ongoing training programme designed to ensure employees adhere to the legal and internal procedures and become familiar with the dangers they and the business entity face and on how their job responsibilities can encounter specified money laundering and terrorist financing risks.
e. Establishment of management information/reporting systems to scrutinize customer account activity and facilitate aggregate and group-wide monitoring of significant balances regardless of whether the accounts are held on balance sheet, as assets under management or on a fiduciary basis;
f. An effective independent risk-based oversight function to test and evaluate the compliance program; and
g. Screening procedures for hiring, and ongoing systems to promote high ethical and professional standards to prevent the financial institution from being used for criminal activity. This should include but is not limited to enquiries about the personal history of the potential employee and verifying appropriate references on the individual.
b. Policies should be periodically reviewed for consistency with the business model, and product and service offering. Special attention should be paid to new and developing technologies.
Recognition and reporting of suspicious transactions
i. The Company shall promptly report suspicious transactions relating to any account to the Supervisory Authority.
ii. The Company shall pay special attention to all complex, unusual or large business transactions, or unusual patterns of transactions whether completed or not, and to insignificant but periodic transactions, which have no apparent economic or lawful purpose.
iii. Upon reasonable suspicion that the transactions described in paragraph (ii) above could constitute or be related to money laundering, or other criminal activities, the Company shall promptly report the suspicious transactions to the Supervisory Authority.
iv. The Company shall not notify any person, other than a court, competent authority or other person authorised by law, that information has been requested by or furnished to a court or the Supervisory Authority.
v. Where a report referred to in paragraph (iii) above is made in good faith, the Company and its employees, staff, directors, owners or other representatives as authorised by law, shall be exempted from criminal, civil or administrative liability, as the case may be, for complying with this regulation or for breach of any restriction on disclosure of information imposed by contract or by any legislative, regulatory or administrative provision, regardless of the result of the communication.
vi. Where there is suspicion that the source of funds may be criminal or that a client may be involved in criminal activity, the Company shall follow established procedures for assessing the evidence and determining what course of action should be pursued.
vii. The Company, depending on the nature of the suspicion, decide whether or not they can continue the business relationship or whether they should subject it to particular scrutiny or undertake further investigation, and consideration shall be given to whether or not it is appropriate to make a report to the Supervisory Authority.
viii. The Company shall make a report in any case in which he knows that funds are connected with criminal activity.
ix. The Company shall be aware that suspicions shall depend upon the nature of the relationship and the transaction and the particular circumstances of each case, and there is no one test that may be applied to determine what constitutes a suspicious transaction but an understanding of the client’s business and adequate record keeping shall facilitate the assessment.
x. For the purpose of clarification, unsatisfactory explanation or lack of commercial rationale, unusual patterns of transactions and inconsistency with the client’s business may be indicia that a transaction or a series of transactions should be subjected to particular scrutiny.
xi. The Company shall have internal procedures to ensure that suspicions about the source of funds or transactions are reported to the Supervisory Authority and they shall be aware of the importance of cooperation with the Supervisory Authority and the Commission.
xii. The Company shall keep records of reports made by their staff and of reports made to the Supervisory Authority.
xiii. Where a report has been made to the Supervisory Authority, the Company and their staff shall be aware of the dangers of impeding an investigation into money laundering or other criminal activity by tipping off the client or others.
xiv. The Company shall cooperate fully with law enforcement authorities and the Commission to ensure that money laundering or other criminal activities are fully investigated and prosecuted.
xv. Where the Company has reason to believe that a client is requesting services in order to facilitate criminal activities, he shall withhold the performance of such services.
Duty to supply information to the Director General
i. The Company shall promptly comply with a request from the Director General and shall supply the requisite information within a period of seven days.
ii. The Company shall notify his clients or any other person that information has been requested by or forwarded to the Director General.
Customer Due Diligence
i. In accordance with the AML Act, the Company shall establish the identity and verify the identity of any customer of the Company by requiring the customer to produce an identification record or such other reliable, independent source document.
ii. The requirements of subsection (i) shall apply when:
a) the Company establishes a business relationship;
b) in the absence of such a relationship, the Company conducts:
- any transaction in an amount equal to or above the sum of fifteen thousand dollars or such other amount as may from time to time be prescribed by the Minister, whether conducted as a single transaction or several transactions that appear to be linked and where the amount of the transaction is unknown at the time of the transaction, the identification and verification shall be undertaken as soon as the amount becomes known or the said threshold is reached;
- any wire transfers as set out in section;
- c) there is a suspicion of money laundering or terrorist financing; or
d) the Company has doubts about the veracity or adequacy of previously obtained customer identification data.
Without limiting the generality of subsection (i), the Company shall:
a) When establishing a business relationship, obtain information on the purpose and nature of the business relationship and the source of funds;
b) if the transaction is conducted by a natural person, adequately identify and verify his identity including information relating to:
- the person’s name and address ;
- the national identity card, social security document, passport or other applicable official identifying document;
- the source of funds;
- c) if the transaction in conducted by a legal person or legal arrangement, obtain information on that legal person or legal arrangement, adequately identify the company, the beneficial owner and ultimate natural persons providing the funds of such legal person or legal arrangement and take reasonable measures to identify and verify the legal status, ownership and control structure, including information relating to:
- proof of incorporation or similar evidence of establishment or existence; and;
- the customer’s name, name of trustee and ultimate settler (for trusts) and of persons providing funds and council members (for foundations), legal form, head office address and identities of directors (for legal persons) and source of funds;
- d) have appropriate risk management systems to determine if a potential customer, customer or beneficial owner is, is likely to be, is found to be or becomes a politically exposed person, and if so, shall:
- adequately identify and verify his identity as set out in this section;
- obtain the approval of senior management before establishing or continuing a business relationship with the politically exposed person;
- take reasonable measures to establish the source of funds and source of property; and
- conduct regular enhanced ongoing monitoring of the business relationship.
“politically exposed person” means any individual who is or has been entrusted with prominent public functions in Hong Kong or in another country or territory, including Heads of State or of government, senior politicians, senior government, judicial or military officials, senior executives of state owned corporations, important political party officials including family members or close associates of the politically exposed person.
- e) perform due diligence measures on a risk sensitive basis which are consistent with guidelines issued by the Financial Intelligence Unit; and
f) upon the establishment of a business relationship, and when completing the verification of the identity of the customer and beneficial owner, ensure that money laundering risks are effectively managed.
The Company shall, in relation to its higher risk category of customers or business relationship, conduct annual reviews of its record to ensure that the documents, data or information obtained pursuant to subsection (iii) is kept up-to-date and relevant.
v. If it appears to the Company that an applicant requesting it to enter into any business relationship or transaction, whether or not in the course of a continuing business relationship, is acting on behalf of another person, the Company shall establish the true identity of any person on whose behalf or for whose ultimate benefit the applicant may be acting in the proposed transaction, whether as a trustee, nominee, agent or otherwise.
vi. Nothing in this section shall require the production of any evidence of identity where
a) the customer is itself a financial institution to which the AML Act applies and which has been licensed or registered, and is supervised for anti-money laundering and countering the financing of terrorism measures by a regulatory authority and the Company has satisfied itself as to the adequacy of the measures to prevent money laundering and the financing of terrorism; or
b) there is a transaction or a series of transactions taking place in the course of a business relationship, in respect of which the applicant has already produced satisfactory evidence of identity.
vii. Where the Company relies on an intermediary or third party to undertake its obligations under subsections (i), (i) or (iii) or to introduce business to it:
a) must be satisfied that the third party is able to provide copies of identification data and other documents relating to the obligation of due diligence under subsections (i), (ii) and (iii) without delay;
b) shall satisfy itself that the third party or intermediary is regulated and supervised, and has measures in place to comply with the requirements set out in sections of the AML Act and in accordance with the Financial Action Task Force recommendations on regulation, supervision and monitoring.
c) shall immediately obtain from the third party, copies of identification data and other documents relating to the obligation of the customer due diligence process;
d) shall ensure countries where third parties are based adequately apply the Financial Action Task Force recommendations;
e) shall maintain ultimate responsibility for customer identification and verification of customer.
viii. Identity generally means a set of attributes which uniquely define a natural or legal person. There are two main constituents of a person’s identity, which for the purposes of these Guidelines are the physical identity (e.g. name and date of birth) and the activity undertaken.
ix. The Company must avoid the acceptance of anonymous accounts or accounts in fictitious names.
x. As part of the due diligence process, a financial institution should:
a. Use reasonable measures to verify and adequately document the identity of the customer or account holder at the outset2 of a business relationship. This process should include, where appropriate:
i. Taking reasonable measures to understand the ownership and control structure of the customer;
ii. Obtaining information on the purpose and intended nature of the business relationship, the source of funds, and source of wealth, where applicable; and
iii. Discontinuing the transaction, if customer documentation information is not forthcoming at the outset of the relationship.
b. Employ enhanced due diligence procedures for high risk customers or transactions or business relationships such as private banking operations, non-resident customers, trust arrangements, companies having nominee shareholders or customers who the financial institution has reasons to believe are being refused banking facilities by another financial institution
xi. The following original documents are acceptable methods for confirmation of the identity of local customers:
a. Government-issued photo-bearing identification (e.g. passport, Social Security Card, Voter’s ID, Driver’s license along with a social security card or passport);
b. Armed forces ID card;
c. Employer ID card;
xii. The following original documents are acceptable methods for confirmation of the current permanent address of local customers:
a. Government-issued identification;
b. Checking telephone directory;
c. Recent utility bill;
d. Tax bill;
e. Letter from the employer acknowledging address;
f. Letter from a Judge or Magistrate of the Courts of Hong Kong;
g. Letter from an Alcalde acknowledging address;
A. KYC Documentation for natural persons
i. The Company must obtain and document the following basic information when seeking to verify identity:
a. True name/names used and correct permanent residential address including postcode (if applicable);
b. Valid photo-bearing identification, with unique identifier, (e.g. passport, social security card or driver’s license along with a passport or social security card);
c. Date and place of birth and nationality (indication should be made if dual citizenship is maintained);
d. Contact details e.g. telephone number, fax number and e-mail address;
f. Purpose of the account and the nature of the business relationship.
ii. The following information may also be required when the Company seeks to verify identity:
a. Occupation and name of employer (if self-employed, the nature of the self-employment);
b. Estimated level of account activity including:
1. Size in the case of investment and custody accounts;
2. Balance ranges, in the case of current and deposit accounts;
3. An indication of the expected transaction volume of the account;
c. Source of funds; and
d. Any other information deemed appropriate and relevant.
iii. Identification documents, either original or certified copies, should be pre-signed and bear discernable photograph of the applicant, for example:
a. Current valid passport;
b. Armed forces ID card;
c. Driver’s license bearing the photograph and signature of the applicant (to be used along with a passport or social security card);
d. Voter’s card;
e. Social security card; or
f. Such other documentary evidence as is reasonably capable of establishing the identity of the individual customer.
iv. One or more of the following steps used in order to confirm customer’s addresses:
a. Checking the Register of Electors;
b. Provision of a recent utility bill, tax assessment or bank or credit union statement containing details of the address (to guard against forged copies it is strongly recommended that original documents are examined);
c. Checking the telephone directory; and
d. Record of home visit.
v. Where prospective customers provide documents with which a financial institution is unfamiliar, either because of origin, format or language, the financial institution must take reasonable steps to verify that the document is indeed authentic, which may include contacting the relevant authorities or obtaining a notarized translation.
vi. In circumstances where the Company’s customer is considered a high risk client, the Company should also take reasonable measures to establish the customer’s source of wealth and document findings.
vii. Where a customer is unable to produce original documentation needed for identification or verification, copies should be accepted if certified by persons listed in section 11.5 of this manual.
B. KYC Documentation for corporate customers
i. To satisfy itself as to the identity of the corporate customer, the Company obtain:
a. Name of corporate entity;
b. Principal place of business and registered office;
c. Mailing address;
d. Contact telephone and fax numbers;
e. Board resolution authorizing the opening of the account and conferring authority on signatories to the account;
f. The original or a certified copy of the Certificate of Incorporation, authenticated where the body is incorporated outside of Hong Kong, or Certificate of Registration where the body was incorporated abroad but registered under the Companies Act;
g. Satisfactory evidence of the identity of all account signatories, details of their relationship with the company and if they are not employees, an explanation of the relationship. All signatories must be verified in accordance with the identification and verification of identity requirements of natural persons;
h. Identity information on the natural persons with a controlling interest in the corporate entity. This information should extend, as far as practicable, to identifying those with a minimum of 10% shareholding, those who ultimately own and have principal control over the company’s assets, including anyone who is giving instructions to the financial institution to act on behalf of the company. However, if the company is publicly listed on a recognized stock exchange and not subject to effective control by a small group of individuals, identification and verification of the identity of shareholders is not required;
i. Confirmation before a business relationship is established, by way of company search and/or other commercial enquiries that the applicant company has not been, or is not in the process of being dissolved, struck off the companies register, wound-up or terminated. Such confirmation may be verified by obtaining a current Certificate of Good Standing or equivalent document or alternatively, obtaining a set of consolidated financial statements that have been audited by a reliable firm of auditors and that show the group structure and ultimate controlling party;
ii. Therefore, the Company obtains the following information and documents when seeking to verify the identity of corporate customers:
a. Certified Copy of the Memorandum and Articles of Association of the entity;
b. Description and nature of business, including date of commencement, products or services provided, location of principal business and name and location of the registered office and registered agent of the corporate entity, where appropriate;
c. Purpose of the account, the estimated account activity (including volume, balance ranges in the case of current and deposit accounts; size in the case of investment and custody accounts), source of funds and source of wealth in circumstances where the financial institution’s customer is considered high risk;
d. By-laws and any other relevant corporate documents filed with the Companies’ Registry;
e. Recent financial information or audited statements;
f. Copies of Powers of Attorney, or any other authority, affecting the operation of the account given by the directors in relation to the company and supported by a copy of the respective Board Resolution;
g. Copies of the list/register of directors and officers of the corporate entity including their names and addresses;
h. Written confirmation that all credits to the account are and will be beneficially owned by the facility holder except in circumstances where the account is being operated by an intermediary for the purpose of holding funds in his professional capacity;
i. Satisfactory evidence of identity must be established for at least two directors, one of whom should, if applicable, be an executive director where different from account signatories; and
j. Such other official documentary and other information as is reasonably capable of establishing the structural information of the corporate entity.
C. KYC Documentation for partnerships and unincorporated business
i. The Company must obtain the following documents and information when seeking to verify the identity of partnerships and unincorporated businesses:
a. Identification evidence for all partners/controllers of a firm or business, in line with the requirements in these Guidelines for individual customers who are relevant to their firm’s application to become a facility holder and who have individual authority to operate a facility or otherwise to give relevant instructions;
b. Identification evidence for all authorized signatories, in line with the requirements in these Guidelines for individual customers. When authorized signatories change, care should be taken to ensure that the identity of the current signatories has been verified;
c. A copy of the partnership agreement (if any) or other agreement establishing the unincorporated business; and
d. A mandate from the partnership authorizing the opening of an account or the use of some other facility and conferring authority on those who will undertake transactions should be obtained.
ii. In the case of limited partnership, identification evidence must be obtained for the General Partner in line with the requirements in these Guidelines for individual customers. The partners of a partnership should be regularly monitored and verification carried out on any new partners whose identities have come to light as a result of such monitoring or otherwise.
iii. The following may also be required when the Company seeks to verify the identity of partnerships and unincorporated businesses:
a. Description and nature of the business including:
1. Date of commencement of business;
2. Products or services provided; and
3. Location of principal place of business;
iv. The reason for establishing the business relationship and the potential parameters of the account including:
b. Size in the case of investment and client accounts;
c. Balance ranges, in the case of deposit and client accounts;
d. An indication of expected transaction volume of the account;
e. The source of wealth in circumstances where the financial institution’s customer is considered a high risk client;
f. The source of funds;
g. A copy of the last available financial statements where appropriate;
h. Written confirmation that all credits to the account are and will be beneficially owned by the facility holder except in circumstances where the account is being operated by an intermediary for the purpose of holding funds in his professional capacity; and
i. Such documentary or other evidence as is reasonably capable of establishing the identity of the partners or beneficial owners.
D. KYC Documentation for other legal structures and fiduciary arrangements
i. Legal structures such as trusts and foundations and nominee and fiduciary accounts can be used by criminals who wish to mask the origin of funds derived from crime if the trustee or fiduciary does not carry out adequate procedures. Particular care is needed on the part of the Company when the facility holder is a trustee or fiduciary who is not an exempted client or an eligible introducer. The principal means of preventing money laundering and terrorist financing through the use of legal structures, nominee companies and fiduciaries is to verify the identity of the provider of funds, such as the settlor and also those who have the power to remove the trustees/advisors. The settlor may also be a sole trustee of the trust, in which case, identification documentation should be obtained in relation to him.
E. KYC Documentation for trust clients
i. The Company should take reasonable measures to obtain information about the true identity of the persons on whose behalf an account is opened or a transaction is conducted. This applies especially if there are any doubts as to whether or not these clients or customers are acting on their own behalf.
ii. At a minimum, the Company should obtain the following, whether the Company is a named trustee or is providing services to a trust: –
a. Name of trust;
b. Nature/type of trust;
c. Country of establishment;
d. Identity of the ultimate natural person providing the funds, if not the ultimate settlor.
iii. Normally, in addition to obtaining identification evidence for the trustee(s) and any other person who is signatory on the account:
a. Make appropriate enquiry as to the purpose of the legal structure and the source of funds;
b. Obtain identification evidence for the settlor, protector(s)/controller(s) and for such other person(s) exercising effective control over the trust which includes an individual who has the power (whether exercisable alone, jointly with another person or with the consent of another person) to:
i. Dispose of, advance, lend, invest, pay or apply trust property;
ii. Vary the trust;
iii. Add or remove a person as a beneficiary or to or from a class of beneficiaries;
iv. Appoint or remove trustees;
v. Direct, withhold consent to or veto the exercise of a power such as is mentioned in (a) – (d) above.
c. In the case of a nominee relationship, obtain identification evidence for the beneficial owner(s).
F. KYC Documentation for foundations
iv. A foundation is an entity which exists to support a charitable institution and which is funded by an endowment or donations. This type of non-profit organization may either donate funds and support to other organizations or provide the sole source of funding for their own charitable activities.
v. It will normally be necessary to obtain the following documented information concerning foundations:
a. The foundation’s charter;
b. The Registrar General’s certificate of registration or document of equivalent standing in a foreign jurisdiction should be obtained in order to confirm the existence and legal standing of the foundation;
c. The source of funds. A financial institution should obtain and document information on the source of funding for the foundation. In cases where a person other than the founder provides funds for the foundation, a financial institution should verify the identity of that third party providing the funds for the foundation and/or for whom a founder may be acting in accordance with verification of identity procedures for natural persons; and
d. A financial institution should obtain identification evidence for the founder(s) and for such officers and council members of a foundation as may be signatories for the account(s) of the foundation. A financial institution should follow the guidance provided when verifying the identities of signatories. Where the founder is a company, a financial institution should have regard to the guidance on corporate clients. Where the founder is an individual, a financial institution should follow the guidance provided for natural persons.
G. KYC Documentation for Executorship Accounts
vi. Where a business relationship is entered into for the purpose of winding up the estate it should be verified in line with this guidance, depending on the nature of the executor (i.e. whether personal, corporate, or a firm of attorneys). However, the identity of the executor or administrator need not normally be verified when payment from an established bank account in the deceased’s name is being made to the executor or administrator in accordance with the Grant of Probate or Letters of Administration solely for the purpose of winding up the estate. Payments to the underlying beneficiaries on the instructions of the executor or administrator may be made in accordance with the identification and verification requirements as set out in the section on Identification Procedures in these Guidelines.
vii. If any suspicions are aroused about the nature or origin of assets comprising an estate that is being wound up, then a report of the suspicions should be made to the Financial Intelligence Unit.
Certification of Customer Information
viii. The Company should exercise due caution when considering certified documents, especially where such documents originate from a country perceived to represent a high risk, or from unregulated entities in any jurisdiction. Where certified copy documents are accepted, it is the Company’s responsibility to satisfy itself that the certifier is appropriate. In all cases, a financial institution should also ensure that the customer’s signature on the identification document matches the signature on the application form, mandate, or other document. ix. For natural persons, face-to-face customers must, where possible, show the Company’s staff original documents bearing a photograph and copies should be taken immediately, retained and certified by a senior staff member.
x. Where it is impractical or impossible to obtain sight of original documents, a copy is acceptable where it has been certified by a suitable certifier as being a true copy of the original document and that the photo is a true likeness of the facility holder.
xi. A certifier must be a qualified practicing notary public or attorney-at-law.
xii. The certifier should sign the copy document (printing his name clearly underneath) and clearly indicate his position or capacity on it together with a contact address, telephone and facsimile number and where applicable, a license/registration number.
Customers’ Profile Policy
i. A customer profile policy is determined and implemented under particular criteria related with clients risk profile. In particular the factors that specify the risk category at which a client is attributed are mainly dealing with client:
a. The nature of the customer’s business (whether cash intensive e.g. casinos and restaurants);
b. The nature and frequency of the activity;
c. The complexity, volume and pattern of transactions;
d. Type, status and value of account;
e. Type of customer, based on specific risk factors (e.g. whether ownership of a corporate customer is highly complex for no apparent reason, whether the customer is a PEP, whether the customer’s employment income supports account activity, whether customer is known to other members of the financial group, whether delegated authority such as power of attorney is in place);
f. Type of product/service (e.g. whether private banking, one-off transaction, mortgage);
g. Delivery channels (e.g. whether internet banking, wire transfers to third parties, remote cash withdrawals);
h. Geographical origin of the customer;
i. Geographical area (e.g. whether business is conducted in or through jurisdictions with high levels of drug trafficking, corruption or lacking proper standards in the prevention of money laundering/financing of terrorism, whether the customer is subject to regulatory or public disclosure requirements);
j. Whether the origin of wealth and/or source of funds can be easily verified and whether the audit trail has been deliberately broken and/or unnecessarily layered;
k. Unwillingness of the customer to cooperate with the financial institution’s customer due diligence process for no apparent reason;
l. Any other information that raises suspicion of the customer’s connection to money laundering or terrorist financing.
Risk based approach
i. The Company’s risk-based approach requires an assessment of the risk posed by the nature of the business and the implementation of appropriate mitigation measures, while maintaining an overall effective programme. This should be evidenced by categorization of the customer base, products and services by risk rating and identification of assigned actions by risk types.
ii. Prior to establishing a business relationship, the Company should assess the potential risk inherent in each new client relationship. This assessment should take into account the products or facilities to be used by the customer and whether and to what extent a customer may expose the Company to risk. The financial institution should then decide whether or not to establish or continue with a relationship.
iii. The Company categorises customers in terms of risk in 3 groups, namely:
a. Low Risk
b. Medium Risk
c. High Risk
iv. The Company’s risk based approach take into account customer acceptance and on-going monitoring policies and procedures that assist the Company in identifying the types of customers that are likely to pose higher than average money laundering and terrorist financing risk.
v. The Company is required to risk rate all client relationships including those in existence prior to the implementation of these Guidelines. All risk ratings should be documented and should be in place for all customers.
vi. The Company adopted reasonable criteria for assessing the risks (e.g. whether ownership of a corporate customer is highly complex for no apparent reason, whether the customer is a PEP, whether the customer’s employment income supports account activity, whether customer is known to other members of the financial group, whether delegated authority such as power of attorney is in place).
vii. The Company conducts periodic reviews (however, not more than two years apart) to determine whether any adjustment should be made to its risk rating. The review of the risk rating for high risk customers may be undertaken more frequently than for other customers and a determination should be made by senior management as to whether the relationship should be continued. All decisions regarding high risk relationships and the basis for these decisions should be documented.
A. Simplified customer due diligence
i. Reduced due diligence is acceptable for example, where information on the identity of the customer or beneficial owner is publicly available or where checks and controls exist elsewhere in national systems.
B. Enhanced customer due diligence
i. A more extensive customer due diligence process should be adopted for higher risk customers. In particular, the Company applies enhanced due diligence to customers where the risk of being used for money laundering or terrorist financing is high. It follows, then, that simplified customer due diligence measures are not acceptable whenever there is suspicion of money laundering or terrorist financing or specific higher risk scenarios apply.
ii. The Company may determine that a customer is high risk because of the customer’s business activity, ownership structure, nationality, residence status, anticipated or actual volume and types of transactions. A financial institution may be wary of doing business with persons from countries where, for example, it is believed that there is a high level of drug trafficking or corruption and greater care may be needed in establishing and maintaining the relationship or accepting documentation from such countries.
iii. Applying a risk-based approach, enhanced due diligence for high risk accounts may include, where deemed relevant, and with more frequency than applied for low risk customers:
a. An evaluation of the principals;
b. A review of current financial statements;
c. Verification of the source of funds;
d. Verification of source of wealth;
e. The conduct of reference checks;
f. Checks of electronic databases; and
g. Periodic reporting to the Board about high risk accounts.
iv. The Company should give particular attention to the following business relations and transactions:
a. Where a customer has not been physically present for identification purposes;
b. Correspondent relationships;
c. Business relationships or occasional transactions with a PEP;
d. Business relations and transactions with persons from or in countries and jurisdictions known to have inadequate AML measures;
e. Corporate customers able to issue bearer shares or bearer instruments.
v. In particular, the Company defines the following types of customers as high risk clients and therefore enhanced due diligence are applied:
a. Non-Profit Organizations
b. Non-Face to Face Customers
c. Introduced Business
d. Professional Service Providers
e. Politically Exposed Persons
f. High-Risk Countries
g. Bearer Shares
h. Correspondent Banking
Other obligations of the Company
i. The Company shall establish and maintain the following:
a) records of all transactions in accordance with the requirements of subsection (iii) below
b) where evidence of a person’s identity is obtained in accordance with the AML Act, a record that indicates the nature of the evidence obtained, and which comprises either a copy of the evidence or such information as would enable a copy of it to be obtained;
c) account files and business correspondence in relation to accounts;
d) written reports established in accordance with section 11.6 of this policy.
ii. Customer accounts of the Company shall be kept in the true name of the account holder.
iii. Records required under subsection (i) shall contain particulars sufficient to identify:
a) the name, address and occupation or, where appropriate, business or principal activity of each person conducting the transaction; or if known, on whose behalf the transaction is being conducted, as well as the method used by the Company to verify the identity of each such person;
b) the nature and date of the transaction;
c) the type and amount of currency involved;
d) the type and identifying number of any account with the Company involved in the transaction;
e) if the transaction involves a negotiable instrument other than currency, the name of the drawer of the instrument, the name of the institution on which it was drawn, the name of the payee, if any, the amount and date of the instrument, the number, if any, of the instrument and details of any endorsements appearing on the instrument;
f) in the case of reports under the AML Act and any other reports, the name and address of the Company, and of the officer, employee or agent of the Company who prepared the report.
iv. Records required under subsection (i) shall be kept by the Company for a period of at least 5 years from the date the relevant business or transaction was completed, or termination of business relationship or any longer period if requested by the Financial Intelligence Unit in specific cases and upon proper authority and the requirement to keep the record shall apply whether the account or business relationship is ongoing or has been terminated. In addition,
a) The Financial Intelligence Unit may, in writing, require from the Company to keep a record for a specified period of time;
b) The Company shall keep such records of a transaction that are sufficient to permit reconstruction of individual transactions;
c) Any record kept under this section, shall be maintained in a manner for use as evidence for prosecution of an offence.
v. The Company shall ensure that customer information and transaction records are available on a timely basis to domestic authorities upon proper authority.
vi. The receiving intermediary or third party financial institution shall keep all records received from an ordering financial institution where technical limitations would prevent the full originator information that should accompany a cross border wire transfer from being transmitted with a related domestic wire transfer for five years.
vii. The Company shall:
a) comply with any instruction issued to it by the Financial Intelligence Unit pursuant to the AML Act;
b) permit any authorized officer of the Financial Intelligence Unit to enter into any premises of the Company during normal working hours and inspect the records kept pursuant to the provisions of subsection (i) of this section and make any notes or take any copies of the whole or any part of any such record and shall answer any questions of the Financial Intelligence Unit in relation to such records;
c) comply with the guidelines and training requirements issued and provided by the Financial Intelligence Unit in accordance with the AML Act.
viii. If the Company contravenes or fails to comply with the provisions of this section shall be liable to a fine of up to five thousand dollars by the Financial Intelligence Unit.
ix. The Company aggrieved by the decision of the Financial Intelligence Unit pursuant to subsection (vi) above may appeal to the Supreme Court under the provisions of Part X of the Supreme Court of Judicature Act, and for this purpose, the Financial Intelligence Unit shall be deemed to be an inferior court and the rules governing the inferior court appeals shall mutatis mutandis apply to every such appeal:
Provided that an appeal shall not by itself result in the suspension of the decision under appeal, but the appellant may, within the time prescribed for filing such appeal, apply to the supreme Court for stay of execution of the order appealed from, pending the determination of such appeal.
x. The Company shall report to the VFSC not later than five business days after the event whenever the Company or any of its employees:
a) is the subject of any written customer complaint involving allegations of forgery, fraud, theft or misappropriation of funds or securities, together with the action taken to address the complaint;
b) is named a defendant or respondent in any criminal or regulatory proceeding or any civil proceeding exceeding US$25,000, whether in Hong Kong or abroad.
xi. The Company is prohibited from conducting any banking business such as receiving money from the public through the acceptance of deposits on current account, deposit account or other similar accounts which may be withdrawn on demand by cheque, draft, order or notice by customers and using that money to make advances, loans, extensions of credit, guarantees and investments.
Reporting of suspicious transactions by the Company
i. The Company shall pay special attention to:
a) all complex, unusual or large business transactions, or unusual patterns of transactions, whether completed or not, and to insignificant but periodic transactions, that have no apparent economic or lawful purpose;
b) business relations and transactions with persons including legal persons and arrangements, from or in jurisdictions that do not have adequate systems in place to prevent or deter money laundering or terrorist financing;
c) electronic funds transfer that do not contain complete originator information and shall adopt effective risk-based procedures to identify and handle any such transfer.
ii. In relation to subsection (i), the Company shall:
a) set forth in writing the specific information regarding the transaction(s) or business relations specified in subsection (i) (a) to (c) of this section, its background and purpose to the extent known, and the identity of the persons involved; and
b) upon request, shall make available such findings to the Financial Intelligence Unit.
iii. The Company shall conduct ongoing due diligence on its business relationships and scrutinize transactions undertaken throughout the course of the relationship to ensure that its obligations under section 11.4 are met and that the transactions being conducted are consistent with information that the Company has of its customer and the profile of the customer’s business and where necessary the source of funds.
iv. Whenever the Company suspects or has reasonable grounds to suspect that any transaction, proposed transaction or attempted transaction is related to the commission of a money laundering offence or terrorist financing offence or is related or linked to, or is to be used in connection with a terrorist act or for the financing of terrorism, or that the funds or property are the proceeds of crime, it shall as soon as possible but not later than 1 days after forming that suspicion and wherever possible before the transaction is carried out:
a) take reasonable measures to ascertain the purpose of the transaction, the origin and ultimate destination of the funds involved and the identity and address, of any ultimate beneficiary;
b) prepare a report of the transaction in accordance with subsection (v) and send the report to the Financial Intelligence Unit in such form as the Director, may from time to time, approve;
c) in case of companies which are dealers in precious metals and dealers in precious stones and other dealers in high value goods, shall report any transactions to the Financial Intelligence Unit in accordance with this subsection whenever they engage in any cash transaction equal to or above the equivalent of fifteen thousand dollars or such other sum as may from time to time be prescribed by the Minister;
d) in case of companies which are real estate agents and dealers in vehicles, shall report transactions in accordance with this subsection to the Financial Intelligence Unit when involved in transactions for their clients concerning the buying or selling of real estate or vehicles of any description.
v. A report required under subsection (iv) shall:
a) set forth all particulars known regarding the transaction;
b) contain a statement of the grounds on which the Company holds the suspicion; and
c) be signed or otherwise authenticated by the Company.
vi. If the Company has reported a suspicious transaction in accordance with this section shall, if requested to do so by the Financial Intelligence Unit, give such further information as requested by the Financial Intelligence Unit.
Company to appoint a compliance officer and establish procedures, etc.
i. The Company shall:
a) appoint a compliance officer who shall be responsible for ensuring the Company’s compliance with the requirements of the AML Act;
b) establish and maintain internal policies, procedures, controls and systems to:
- implement the customer identification requirements;
- implement record keeping and retention requirements;
- implement the monitoring requirements;
- implement the reporting requirements of the AML Act;
- make its officers and employees aware of the laws relating to combating money laundering and financing of terrorism. In particular, the law on customer due diligence and suspicious transaction reporting;
- make its officers and employees aware of the procedures and policies adopted by it to deter money laundering and the financing of terrorism;
- screen persons before hiring them as employees;
- disseminate warning notices and other information received from the competent authority relating to a weakness in the anti-money laundering and combating of financing of terrorism systems of other countries; and
- ensure that a foreign branch or subsidiary observes the anti- money laundering and combating of financing of terrorism system that is consistent with Hong Kong’s requirements and the Financial Action Task Force recommendations where that foreign country does not apply or insufficiently apply the Financial Action Task Force recommendations.
- c) establish an independent audit function to test compliance (including sample testing) of its anti-money laundering and combating the financing of terrorism procedures and systems; and
d) conduct ongoing training of its officers, employees and agents to ensure that employees are kept informed of new developments, including information on current money laundering and terrorist financing techniques, methods and trends.
The Company shall:
a) enable any person identified in accordance with subsection (i) (a) as well as other appropriate staff to have timely and unimpeded access to information that may be relevant to determining whether sufficient basis exists to report the matter pursuant to the AML Act; and
b) require the identified person to report the matter, pursuant to AML Act, in the event that he determines that sufficient basis exists.
iii. The person identified in subsection (i) (a) shall:
a) be of an officer of a rank at management level or above with relevant qualifications and experience to enable him to respond sufficiently well to inquiries relating to the Company and the conduct of its business and possess core competencies and knowledge in administering anti-money laundering measures;
b) be responsible for establishing and maintaining such manual of compliance procedures in relation to its business as the Financial Intelligence Unit may, from time to time, require;
c) be responsible for ensuring compliance by staff of the Company with:
- the AML act and any other law relating to money laundering or terrorist financing; and
- any manual of compliance procedures established; and
d) act as the liaison between the Company and the Financial Intelligence Unit in matters relating to compliance with the AML Act and any other law or directive with respect to money laundering or terrorist financing.