07 March 2017

Third party payments under fire: Hong Kong SFC fines brokerage for AML/CTF failings

This article was written by Urszula McCormack and Jack Nelson.

Large, undocumented money transfers to unidentified third parties should raise eyebrows. But it was exactly these red flags that Guangdong Securities Limited (“GSL”) a brokerage, failed to deal with adequately. The result? A HK$3 million fine and a public reprimand from the Securities and Futures Commission (“SFC”).

Our recent SFC enforcement trends alert identified anti-money laundering and counter-terrorist financing (“AML/CTF”) as a focus area for the SFC.

This article describes the key facts, findings and messages of the GSL case.

The exception that became the norm

Between February 2011 and March 2013, GSL, a brokerage, processed approximately 700 payments from client accounts to third parties.  This may seem unremarkable – except that GSL, like many other brokerages, prohibited third party transfers.

GSL’s general prohibition did allow third party transfers under “exceptional circumstances”.  To make use of this exception, GSL clients were required to complete an application form, attaching proof of the third party’s identity, the client’s relationship with that third party, and the reasons for the transfer. 

GSL management was then required to review the form and the attached documentation, and only if satisfied, approve the transfer.   

The SFC’s investigation

Following an investigation by the SFC, it was revealed that only 570 application forms for third party transfers could be located.  Of these 570, only 67 forms were supported by the required documentation.  The remainder displayed varying degrees of non-compliance, from a complete lack of documentation through to incomplete forms.  These application forms truly are a treasure trove of AML/CTF red flags, as we highlight below:

1.   Inadequate third party verification 

Transfers between parties with no apparent business relationship is a common AML/CTF indicator. 

Yet a significant number of the application forms stated that the transfer was between “friends” or that it was a “friend transfer”, and lacked any verification of the third party’s identity.  

2.   Inadequate reasons for transfer

Transfers without an economic rationale is another common AML/CTF indicator.  

GSL's application form did request that the client state the reason for the transfer.  However, some clients did not bother to state the reason – and others gave vague responses, such as “business dealings”, “loan” or “repayment”. 

3.   Large amounts through brokerage accounts

It does not generally make economic sense to move large sums through brokerage accounts rather than through bank accounts. 

Yet the transfers that GSL processed often involved millions of dollars – and in one case, a transfer of over HK$39 million was approved without any supporting documentation. 

4.   Coincidental transfers 

When multiple apparently unconnected accounts suddenly make a transfer to the same third party on the same day, bells should ring.  

Yet GSL’s records show two transfers, from two separate accounts to the same third party, totalling HK$10 million, on the same day – with seemingly no questions asked.  

5.   No reasons for approval 

Any and all departures from policy must be subject to written reasons for approval.  This echoes a fundamental principle of AML/CTF regulation of Hong Kong, in that departures from regulatory guidance are permitted, but only with a justified and documented rationale.  GSL’s staff and management failed to detail reasons for approval in any form whatsoever.  

GSL did claim that its staff made enquiries where insufficient documentation was provided by clients.  However, as these enquiries were also not recorded in writing, the SFC simply made this the grounds of another finding against GSL.  

6.   Deficient application forms

The SFC considered that GSL’s application form itself was deficient.  The form lacked detail on key topics, such as the relationship between the client and the third party.  

The SFC’s findings

The SFC found that GSL’s failure to adequately control third party payments constituted breaches of:

The transactions clearly show that any internal controls and monitoring that were in place at GSL between February 2011 and March 2013 were inadequate from an AML/CTF perspective – although no finding of actual money laundering or terrorist financing was made.

But no AMLO finding? 

Strikingly, the SFC’s findings did not include a breach of the Anti-Money Laundering and Counter-terrorist Financing (Financial Institutions) Ordinance (Cap. 615) (“AMLO”).  The SFC only exercised its disciplinary powers under the Securities and Futures Ordinance (Cap. 571).   This means that we still do not have a test case from the banking or securities regulator under the AMLO.

Why this case matters

The GSL case is a timely reminder of three key points:

1.   The SFC takes a hard line on third party payments

The SFC provided a list of controls for third party payments in its 3 December 2013 circular.  These included the following:

Third party payments generally 

• Discourage third party payments generally
• Only accept with the approval of a designated senior staff member

Source of funds 

Take reasonable steps to identify funds from third party sources

Red flags

Watch out for:

• any frequent and/or large third party funds transfers or cheque payments; and
• other red flags identified by the SFC in its AML/CTF guideline.

Enhanced due diligence  and monitoring 

Undertake enhanced customer due diligence and ongoing monitoring, plus additional risk-sensitive measures where, for example:

• customer requests payment to a third party; 
• money is paid by a third party having no apparent connection with the customer; 
• firm is being asked to accept funds in unconventional ways. 

Pay special attention to situations where non-resident customers or cross-border funds transfers are involved 

Consistency between information

• Make appropriate enquiries about the customer and the third party
• Consider whether a third party funds transfer is consistent with the customer’s known legitimate business or personal activities.


File a suspicious transaction report (“STR”) with the Joint Financial Intelligence Unit (“JFIU”) where there are grounds for suspicion

Guidance to staff

Ensure staff have guidance to enable them to: 

• recognise suspicious transactions generally (even without third party transfers); 
• identify and assess relevant information to judge whether a transaction or instruction is suspicious; and 
• understand their own personal statutory obligations and possible consequences for failure to report. 

2.  Departures from AML/CTF guidelines must be documented and justified

It is possible to take a different approach on certain aspects of AML/CTF regulation, but they must be documented and justified.  The “risk-based approach” does not contemplate ad hoc decisions or (worse) lazy compliance.  We are seeing more compliance and financial crime team members take this on board, but this is not universal.

3.   Lack of documentation is tantamount to no controls

An ongoing theme in regulatory investigations is documentation generally.  Where no records of an action exist, regulators generally assume that it didn’t happen. This is particularly important for individuals with AML/CTF functions, where personal criminal liability and other penalties at stake.  The law only protects individual staff members to the extent that they can demonstrate that they followed internal policies and procedures.  This means that relevant actions and any departures from policy need to be carefully documented.  During AML/CTF investigations, we have seen regulators ask for not only the end result of an action (eg screening), but also the decision-making process along the way.

A Guide to Doing Business in China

We explore the key issues being considered by clients looking to unlock investment opportunities in the People’s Republic of China.

Doing Business in China
Share on LinkedIn Share on Facebook Share on Twitter Share on Google+
    You might also be interested in

    This alert sets out SFC’s virtual assets regulatory announcement with our thoughts on the road ahead.

    02 November 2018

    In this article, our partners share their insights on the new Interim Measures along with their impact and the outlook for the Panda bond market.

    12 October 2018

    Negotiating a deal that you and your investment committee are happy with is no longer enough for many private fund investors. Instead, Fear of Missing Out is a common investor mindset.

    24 September 2018

    This article highlights the risks that investors need to bear in mind when they start to deal with cryptocurrencies.

    30 July 2018

    You may also be interested in...

    This publication has been downloaded from the King & Wood Mallesons website. It is provided only for your information and does not constitute legal or other advice on any specific matter. If you require or seek legal advice you should obtain such advice from your own lawyer, and should do so before taking, or refraining from taking, any action in reliance on this publication. If you have any questions, please contact King & Wood Mallesons. See www.kwm.com for more information.