Guideline on Compliance of

Anti-Money Laundering and

Counter-Terrorist Financing Requirements
for Trust or Company Service Providers

March 2018
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

CONTENTS
Page

Chapter 1 Introduction ............................................................................ 2

Chapter 2 What are money laundering and terrorist financing? ............. 4

Chapter 3 AML/CTF obligations of TCSP licensees .............................. 6

Chapter 4 Assessing risk and applying a risk-based approach ............... 11

Chapter 5 Customer due diligence .......................................................... 16

Chapter 6 Ongoing monitoring of business relationship with

customers ................................................................................ 46

Chapter 7 Reporting suspicious transactions .......................................... 49

Chapter 8 Financial sanctions and terrorist financing ............................. 56

Chapter 9 Record-keeping....................................................................... 62

Chapter 10 Staff training ........................................................................... 65

Appendix A Identification and verification of customer who is

an individual ……..………..................................................... 69

Appendix B Identification and verification of customer which is

a corporation …….……………………….............................. 71

Appendix C Identification and verification of customer which is

a partnership or an unincorporated body ……….................... 74

Appendix D Identification and verification of customer which is

a trust ...................................................................................... 76

Glossary of key terms and abbreviations ..................................................... 78

1
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 1

INTRODUCTION

1.1 The Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist

Financing Requirements for Trust or Company Service Providers
(“this Guideline”) is issued by the Registrar of Companies (“the Registrar”)
under section 7 of the Anti-Money Laundering and Counter-Terrorist Financing
Ordinance, Cap. 615 (“the AMLO”) to provide guidance to those granted a
licence to carry on a trust or company service business in Hong Kong
(“TCSP licensees”), for whom the Registrar is the relevant authority (“RA”)
under the AMLO.

1.2 This Guideline is intended for use by TCSP licensees as well as their officers and staff.
The purposes of this Guideline are to provide:

(a) a general background on the subjects of money laundering and/or terrorist

financing (“ML/TF”); and
(b) practical guidance to assist TCSP licensees and their senior management in
devising and implementing policies, procedures and controls in relevant
operational areas, taking into consideration their own circumstances so as to
meet the relevant anti-money laundering and counter-terrorist financing
(“AML/CTF”) requirements under Schedule 2 to the AMLO.

1.3 Given the differences that exist in the organisational and legal structures of different
TCSP licensees as well as the nature and scope of their business activities, this
Guideline is neither intended to be, nor should it be construed as, exhaustive of the
means of meeting the statutory requirements.

1.4 This Guideline is intended to explain and supplement relevant statutory requirements
and should be read together with the statutory requirements. In case of doubt, you
are advised to seek independent legal advice as you see fit.

2
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

1.5 Pursuant to section 7 of the AMLO, in considering whether an AML/CTF requirement

under Schedule 2 has been contravened, the Registrar will have regard to the relevant
provision in this Guideline. In any proceedings under the AMLO before any court, a
failure by any person to comply with any provision of this Guideline may be
admissible as evidence. If any provision set out in this Guideline appears to the court
to be relevant to any question arising in the proceedings, the provision may be taken
into account in determining that question.

1.6 Besides the AMLO, the Drug Trafficking (Recovery of Proceeds) Ordinance, Cap. 405
(“the DTROPO”)1, the Organized and Serious Crimes Ordinance, Cap. 455 (“the
OSCO”)1 and the United Nations (Anti-Terrorism Measures) Ordinance, Cap. 575
(“the UNATMO”)2 are the other three main pieces of legislation in Hong Kong that
are concerned with AML/CTF. TCSP licensees are strongly advised to read the
relevant provisions of the four ordinances. Please refer to Chapters 7 and 8 of this
Guideline for more information regarding the requirements for reporting suspicious
transactions and financial sanction and terrorist financing.

1
Please refer to Chapter 7 of this Guideline for more information as to the requirement for reporting
suspicious transactions.
2
Please refer to Chapter 7 of this Guideline for more information as to the requirement for reporting
suspicious transactions and Chapter 8 of this Guideline regarding financial sanction and terrorist financing.
3
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 2

WHAT ARE MONEY LAUNDERING AND TERRORIST FINANCING?

2.1 The term “money laundering” is defined in section 1 of Part 1 of Schedule 1 to the
AMLO as an act intended to have the effect of making any property:

(a) that is the proceeds obtained from the commission of an indictable offence
under the laws of Hong Kong, or of any conduct which if it had occurred in
Hong Kong would constitute an indictable offence under the laws of Hong
Kong; or
(b) that in whole or in part, directly or indirectly, represents such proceeds,
not to appear to be or so represent such proceeds.

Three common stages in money laundering

(a) Placement - physical disposal of cash proceeds derived from illegal

activities;
(b) Layering - separating illicit proceeds from their source by creating complex
layers of financial transactions designed to disguise the source of the
money, subvert the audit trail and provide anonymity; and
(c) Integration - creating the impression of apparent legitimacy to criminally
derived wealth. In situations where the layering process succeeds,
integration schemes effectively return the laundered proceeds back into
the general financial system and the proceeds appear to be the result of, or
connected to, legitimate business activities.

Numerous transactions are frequently involved in those stages. TCSP licensees

should be alert to any such sign for potential criminal activities.

4
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

2.2 The term “terrorist financing” is defined in section 1 of Part 1 of Schedule 1 to the
AMLO as:

(a) the provision or collection, by any means, directly or indirectly, of any

property –
(i) with the intention that the property be used; or
(ii) knowing that the property will be used,
in whole or in part, to commit one or more terrorist acts (whether or not the
property is actually so used); or
(b) the making available of any property or financial (or related) services, by any
means, directly or indirectly, to or for the benefit of a person knowing that, or
being reckless as to whether, the person is a terrorist or terrorist associate; or
(c) the collection of property or solicitation of financial (or related) services, by
any means, directly or indirectly, for the benefit of a person knowing that, or
being reckless as to whether, the person is a terrorist or terrorist associate.

2.3 Terrorists or terrorist organisations require financial support in order to achieve their
aims. There is often a need for them to obscure or disguise links between them and
their funding sources. Terrorist groups must similarly find ways to launder funds,
regardless of whether the funds are from a legitimate or illegitimate source, in order to
be able to use them without attracting the attention of the authorities.

5
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 3

AML/CTF OBLIGATIONS OF TCSP LICENSEES

3.1 In general, TCSP licensees are required to:

(a) take all reasonable measures to mitigate the risk of ML/TF; and
(b) ensure that, among other things3, the AML/CTF requirements under the
AMLO are complied with.

3.2 To fulfil the above-mentioned obligations, TCSP licensees must assess the ML/TF risk
of their businesses, develop and implement policies, procedures and controls
(hereinafter collectively referred to as “AML/CTF systems”) on:

(a) risk assessment;

(b) customer due diligence (“CDD”) measures;
(c) ongoing monitoring of customers;
(d) suspicious transactions reporting;
(e) record keeping; and
(f) staff training.

AML/CTF systems

3.3 TCSP licensees should establish and implement adequate and appropriate
AML/CTF systems (including customer acceptance policies and procedures)
taking into account factors including products and services offered, types of
customers, geographical locations involved.

3
Other than the AMLO, TCSP licensees should also ensure that the AML/CTF requirements under the DTROPO,
the OSCO and the UNATMO are complied with.
6
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Proper implementation of policies and procedures

Appointment of
compliance officer
Compliance &
and money
audit function
laundering
reporting officer

Senior
Staff screening &
management
training
oversight
Proper
implementation
of policies &
procedures

3.4 The senior management of any TCSP licensee should:

(a) ensure that the licensee’s AML/CTF systems are capable of addressing the
ML/TF risks identified;
(b) appoint a director or senior manager as a compliance officer (“CO”) who has
overall responsibility for the establishment and maintenance of the licensee’s
AML/CTF systems; and
(c) appoint a senior member of the licensee’s staff as the money laundering
reporting officer (“MLRO”) who is the central reference point for reporting
suspicious transactions.

7
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Major responsibilities of the CO and MLRO

CO MLRO

 Act as the focal point within the  Review all internal reports of
business or organisation of a TCSP suspicious transactions and
licensee for the oversight of all exception reports and, in the light of
activities relating to the prevention all available information, determine
and detection of ML/TF. whether or not it is necessary to file
 Provide support and guidance to the a suspicious transaction report
senior management to ensure that (“STR”) with the Joint Financial
ML/TF risks are adequately Intelligence Unit.
managed.  Maintain all records relating to such
 Develop and/or continuously review internal reviews.
the TCSP licensee’s AML/CTF  Provide guidance to staff on how to
systems to ensure they remain avoid “tipping-off” if any STR is filed.
up-to-date and meet current  Act as the main point of contact with
statutory and regulatory the Joint Financial Intelligence Unit,
requirements. law enforcement agencies, and any
 Oversee all aspects of the TCSP other competent authorities in
licensee’s AML/CTF systems which relation to ML/TF prevention and
include monitoring effectiveness and detection, investigation or
enhancing the controls and compliance.
procedures where necessary.

3.5 In order that the CO and MLRO can discharge their responsibilities effectively, senior
management should, as far as practicable, ensure that the CO and MLRO are:

(a) independent of all operational and business functions, subject to constraint of

size of the licensee’s business;
(b) normally based in Hong Kong;
(c) of a sufficient level of seniority and authority within the licensee’s business;
(d) provided with regular contact with, and when required, direct access to senior
management to ensure that senior management is able to satisfy itself that the
statutory obligations are being met and that the business is taking sufficiently
robust measures to protect itself against ML/TF risks;

8
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

(e) fully conversant with the AML/CTF statutory and regulatory requirements on
the licensee and the ML/TF risks arising from the licensee’s business;
(f) capable of accessing, on a timely basis, all available information, both from
internal sources (such as CDD records) and external sources (such as circulars
issued by the Registrar and other RAs under the AMLO); and
(g) equipped with sufficient resources, including staff and appropriate cover for the
absence of the CO and MLRO (for example, an alternate or deputy CO and
MLRO).

3.6 Depending on the scale, operation, nature of business and risk profile of a TCSP
licensee, the same person may be appointed as its CO and MLRO.

3.7 In order to effectively discharge those responsibilities, the CO should take into
consideration different aspects of the licensee’s AML/CTF systems, including:

(a) the means by which the AML/CTF systems are managed and tested;
(b) the identification and rectification of deficiencies in the AML/CTF systems;
(c) the number of internal reports of suspicious transactions and STRs filed with
the Joint Financial Intelligence Unit (“JFIU”)4;
(d) the mitigation of ML/TF risks arising from business relationships and
transactions with persons (including both natural and legal persons) from
countries which do not or insufficiently adopt the recommendations of the
Financial Action Task Force (“FATF”)5;
(e) the communication with senior management of key AML/CTF issues including,
where appropriate, significant compliance deficiencies;
(f) changes made or proposed in respect of new legislation, regulatory
requirements or guidelines;
(g) compliance with any requirements prescribed under Part 2 or 3 of Schedule 2 to
the AMLO by branches and subsidiary undertakings outside Hong Kong and
any guidance issued by RAs in this respect; and
(h) AML/CTF training for staff.

4
JFIU is jointly run by staff of the Hong Kong Police Force and the Customs and Excise Department. JFIU
manages the STRs regime for Hong Kong and its role is to receive, analyse and store STRs and to disseminate
them to the appropriate investigative unit. Please refer to its website at www.jfiu.gov.hk for further
information.
5
FATF is an inter-governmental body established in 1989 that sets the international AML standards. The
objectives of the FATF are to promote effective implementation of legal, regulatory and operational measures
for combating money laundering, terrorist financing and other related threats to the integrity of the
international financial system. Please refer to its website at www.fatf-gafi.org for further information.
9
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Business conducted outside Hong Kong by a TCSP licensee

which is incorporated in Hong Kong6

A. A TCSP licensee which is incorporated in Hong Kong but have branches or

subsidiary undertakings outside Hong Kong should put in place a group
AML/CTF policy to ensure that all branches and subsidiary undertakings that
carry on the same business as the licensee in a place outside Hong Kong have
policies and procedures in place to comply with the CDD and record-keeping
requirements similar to those imposed under Parts 2 and 3 of Schedule 2 to
the AMLO to the extent permitted by the law of that place. The licensee
should communicate the group policy to its branches and subsidiary
undertakings outside Hong Kong.

B. If a branch or subsidiary undertaking of a TCSP licensee outside Hong Kong is

unable to comply with requirements that are similar to those imposed under
Parts 2 and 3 of Schedule 2 to the AMLO because this is not permitted by
local laws, the licensee must:

(a) inform the Registrar of such failure; and

(b) take additional measures to effectively mitigate the ML/TF risks faced
by the branch or subsidiary undertaking as a result of its inability to
comply with the above requirements.

C. If a TCSP licensee knows or suspects that certain property in whole or in part

directly or indirectly represents the proceeds of an indictable offence, it
should normally report to the RA of the jurisdiction where the suspicion
arises and where the records of the related transactions are held. However,
in certain cases, e.g. where the account is held in Hong Kong, reporting to
the JFIU may be required if section 25A of the OSCO or section 25A of the
DTROPO applies.7

D. Section 25(4) of the OSCO stipulates that an indictable offence includes

conduct outside Hong Kong which would constitute an indictable offence if
the conduct had occurred in Hong Kong. Therefore, where a TCSP licensee in
Hong Kong has information regarding money laundering, irrespective of the
location, it should consider seeking clarification from the JFIU.

6
Please refer to section 22 of Part 4 of Schedule 2 to the AMLO.
7
Please refer to paragraph 7.1 of this Guideline and the text box under that paragraph for the requirements
regarding reporting suspicious transactions.
10
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 4

ASSESSING RISK AND APPLYING A RISK-BASED APPROACH

4.1 TCSP licensees are required to identify, assess and take effective action to
mitigate their ML/TF risks. By adopting a risk-based approach, TCSP licensees
can allocate resources in the most efficient way with proper priorities so that the
greatest risk receives the highest attention.

4.2 TCSP licensees can apply appropriate control and oversight to new and existing
customers by determining:

(a) the extent of CDD to be performed;

(b) the level of ongoing monitoring to be applied to the relationship with
customers; and
(c) the measures to mitigate any ML/TF risks identified.

4.3 TCSP licensees should be able to demonstrate to the Registrar that the extent of CDD
and ongoing monitoring of customer relationship is appropriate in view of their
customers’ ML/TF risks.

4.4 TCSP licensees may assess the ML/TF risks of an individual customer by assigning a
ML/TF risk rating to their customers. While there is neither an agreed set of risk
factors nor a single methodology to apply these risk factors in determining the ML/TF
risk rating of customers, the following factors may be considered:

11
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Country / geographic
risk

Delivery /
distribution Customer
channel risk
risk

Product / service risk

Country/geographic risk

A. Customers with residence in or connection with high-risk jurisdictions, for

example:

(a) those that have been identified by the FATF as jurisdictions with
strategic AML/CTF deficiencies;
(b) countries subject to sanctions, embargos or similar measures issued
by, for example, the United Nations;
(c) countries which are vulnerable to corruption; and
(d) countries that are believed to have strong links to terrorist activities.

B. In assessing country risk associated with a customer, consideration may be

given to local legislation (such as the United Nations Sanctions Ordinance,
Cap. 537 (UNSO) and the UNATMO), data available from the United Nations,
the International Monetary Fund, the World Bank, the FATF, etc. and the
TCSP licensee’s own experience or the experience of other group entities
(where the TCSP licensee is part of a multi-national group) which may have
indicated weaknesses in other jurisdictions.

12
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Customer risk

Determining the potential ML/TF risks posed by a customer, or a category of

customers, is critical to the development of an overall risk framework. Based on
its own criteria, a TCSP licensee should determine whether a particular customer
poses a higher risk and the potential impact of any mitigating factors on that
assessment. Application of risk variables may mitigate or exacerbate the risk
assessment. Categories of customers whose activities may indicate a higher risk
include:

(a) Customers conducting their business relationship or transactions in unusual

circumstances, for example, there is a significant and unexplained
geographic distance between the TCSP licensee and the location of the
customer.
(b) Customers where the structure or nature of the entity or relationship makes
it difficult to identify and verify their true owners or controlling interests,
such as:
(i) unexplained use of corporate structures, express trusts and
nominee shares, and use of bearer shares;
(ii) unexplained delegation of authority by the customer through the
use of powers of attorney, mixed boards and/or representative
offices;
(iii) unexplained relationship between the customer’s beneficial owners
and controllers and account signatories;
(iv) in the case of express trusts:
 an unexplained relationship between a settlor and
beneficiaries with a vested right, other beneficiaries and
persons who are the object of a power; or
 an unexplained nature of classes of beneficiaries and classes
within an expression of wishes;
(c) Cash (and cash equivalent) intensive businesses including:
(i) money services businesses;
(ii) casinos, betting and other gambling related activities; and
(iii) businesses that, while not normally cash intensive, generate
substantial amounts of cash for certain transactions;
(d) Charities and other “not-for-profit” organisations which are not subject to
monitoring or supervision (especially those operating on a “cross-border”
basis);
13
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

(e) Customers that are, or connected to, politically exposed persons (“PEPs”);
(f) Customers buying the products or services with no commercial rationale,
who requests for undue levels of secrecy, or where it appears that an “audit
trail” has been deliberately broken or unnecessarily layered; and
(g) High risk customers and PEPs whose origin of wealth cannot be easily
verified.

Product/service risk

A. TCSP licensees should be mindful of the risk associated with their products
or services. There should be an apparently legitimate business, economic,
tax or legal reason for the customer to require such product or service from
a TCSP licensee. TCSP licensees should pay particular attention to the risks
of the following types of products or service:

(a) shell companies, companies with ownership through nominee

shareholding and control through nominee and corporate directors;
(b) services where TCSP licensees actually handle the receipt and
transmission of cash proceeds through accounts they actually
control in the act of closing a business transaction;
(c) services to conceal beneficial ownership from competent
authorities;
(d) situations where it is difficult to identify the beneficiaries of trusts.
This might include situations where identification is hindered
because the beneficiary of a trust is another trust or corporate
vehicle, or where the trust deed does not include the names of the
settlor, the beneficiaries or the class of beneficiaries;
(e) commercial, private, or real property transactions or services with
no apparent legitimate business, economic, tax, family governance,
or legal reasons;
(f) payments received from unassociated or unknown third parties
which is not a typical method of payment;
(g) offers made by customers to pay extraordinary fees for services
which would not ordinarily warrant such a premium;
(h) services that inherently have provided more anonymity; and
(i) products or services which are able to pool underlying customers or
funds.

B. Trusts which are pension in nature may be considered to be of lower risk.

14
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Delivery/distribution channel risk

The distribution channel for products may alter the risk profile of a customer. This
may include transactions through online, postal or telephone channels where a
non-face-to-face approach is used for establishing business relationship.
Business transaction made through intermediaries may also increase risk as the
business relationship between the customer and a TCSP licensee may become
indirect.

Documenting risk assessment

4.5 TCSP licensees should keep records and relevant documents of the risk
assessment so that they can demonstrate to the Registrar, among others:

(a) how the customer’s ML/TF risks are assessed; and

(b) the extent of CDD and ongoing monitoring is appropriate based on that
customer’s ML/TF risks.

15
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 5

CUSTOMER DUE DILIGENCE (“CDD”)

5.1 CDD is intended to enable a TCSP licensee to form a reasonable belief that it
knows the true identity of each customer and, with an appropriate degree of
confidence, knows the type of business and transactions the customer is likely to
undertake. The CDD requirements are set out in Schedule 2 to the AMLO.
Depending on specific circumstances, TCSP licensees may also need to conduct
additional measures (referred to as enhanced customer due diligence (“EDD”)
hereinafter) or, alternatively, may conduct simplified customer due diligence
(“SDD”).

16
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Application of CDD, SDD and EDD

Start of
business

Specific high-risk YES

situation?
(paragraph 5.26)

NO

YES Specific type of

customer/product?
(paragraphs 5.21 & 5.23)

NO

Apply SDD Apply CDD Apply EDD

(paragraphs (paragraphs (paragraphs
5.19 to 5.24) 5.2 to 5.18) 5.25 to 5.45)

Possible risks identified

(e.g. customer is a
politically exposed
person)

17
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

APPLYING CDD

5.2 The CDD measures applicable to TCSP licensees under section 2 of Part 2 of
Schedule 2 to the AMLO are:

(a) identifying the customer and verifying the customer’s identity using
documents, data or information provided by reliable and independent source;
(b) where there is a beneficial owner in relation to the customer, identifying and
taking reasonable measures8 to verify the beneficial owner’s identity so
that the TCSP licensee is satisfied that it knows who the beneficial owner is,
including in the case where the customer is a legal person or trust, measures to
enable the TCSP licensee to understand the ownership and control structure of
the legal person or trust;
(c) obtaining information on the purpose and intended nature of the business
relationship (if any) established with the TCSP licensee unless the purpose
and intended nature are obvious; and
(d) if a person purports to act on behalf of the customer:
(i) identifying the person and taking reasonable measures to verify the
person’s identity using documents, data or information provided by
reliable and independent source; and
(ii) verifying the person’s authority to act on behalf of the customer.

5.3 Under section 1 of Part 1 of Schedule 2 to the AMLO, “customer” is defined to

include a client. The meaning of “customer” and “client” should be inferred from its
everyday meaning and in the context of industry practice.

5.4 Pursuant to section 3(1) of Part 2 of Schedule 2 to the AMLO, TCSP licensees must
apply CDD:

(a) before establishing a business relationship with the customer;

(b) before carrying out for the customer an occasional transaction that involves an
amount equal to or exceeding an aggregate value of HK$120,000, whether
carried out in a single operation or several operations that appear to the TCSP
licensee to be linked;
(c) when the TCSP licensee suspects that the customer or the customer’s account
is involved in ML/TF regardless of the levels of transaction of (b) above;

8
TCSP licensees may take reasonable measures to verify the identity of the beneficial owner by, for example,
researching public information on the beneficial owner or arranging a face-to-face meeting with the
beneficial owner, to corroborate the undertaking or declaration provided by the client.
18
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

(d) when the TCSP licensee doubts the veracity or adequacy of any information
previously obtained for the purpose of identifying the customer or for the
purpose of verifying the customer’s identity.

5.5 Under section 1 of Part 1 of Schedule 2 to the AMLO,

(a) “business relationship” is defined to mean a business, professional or
commercial relationship between a TCSP licensee and a person that has an
element of duration, or at the time when the person first contacts the licensee in
the person’s capacity as a potential customer, the licensee expects the
relationship to have an element of duration; and
(b) “occasional transaction” is defined to mean a transaction between a TCSP
licensee and a customer who does not have a business relationship with the
TCSP licensee.

Handling occasional transactions

Insofar as occasional transactions are concerned, TCSP licensees should be

vigilant to the possibility that a series of linked occasional transactions could
meet or exceed the CDD threshold of HK$120,000. Where TCSP licensees
become aware that these thresholds are reached or exceeded, full CDD
procedures must be applied. The factors linking occasional transactions are
inherent in the characteristics of the transactions – for example, where several
payments are made to the same recipient from one or more sources over a
short period and where a customer regularly transfers funds to one or more
destinations. In determining whether the transactions are in fact linked, TCSP
licensees should consider these factors against the timeframe within which the
transactions are conducted.

19
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

The purpose and intended nature of business relationship9

A. A TCSP licensee must understand the purpose and intended nature of the
business relationship. In some instances, this will be self-evident, but in
many cases, the TCSP licensee may have to obtain information in this
regard.

B. Unless the purpose and intended nature are obvious, TCSP licensees should
obtain satisfactory information from all new customers as to the intended
purpose and reason for establishing the business relationship, and record
the information on the account opening documentation. Depending on the
TCSP licensee’s risk assessment of the situation, information that might be
relevant includes:

(a) nature and details of the business/occupation/employment of the

customer;
(b) the anticipated level and nature of the activity that is to be
undertaken through the relationship (e.g. what the typical
transactions are likely to be);
(c) location of customer;
(d) the expected source and origin of the funds to be used in the
relationship; and
(e) initial and ongoing source(s) of wealth or income.

C. This requirement also applies in the context of non-residents. While the

vast majority of non-residents seeks business relationships with TCSP
licensees in Hong Kong for perfectly legitimate reasons, some non-residents
may represent a higher risk for ML/TF. A TCSP licensee should understand
the rationale for a non-resident to seek to establish a business relationship
in Hong Kong.

9
Please refer to section 2(1)(c) of Part 2 of Schedule 2 to the AMLO.
20
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Can CDD be completed after the creation of a business relationship10?

5.6 A TCSP licensee must complete the CDD process before establishing any
business relationship or before carrying out a specified occasional transaction.
Where the TCSP licensee is unable to complete the CDD process, it must not
establish a business relationship or carry out any occasional transaction with that
customer and should assess whether this failure provides grounds for knowledge
or suspicion of ML/TF and filing a STR with the JFIU.

5.7 Customer identification information (including information on beneficial owners of

the customer, if any) and information about the purpose and intended nature of the
business relationship should be obtained before the business relationship is entered
into. However, TCSP licensees may, exceptionally, verify the identity of the
customer and any beneficial owner after establishing the business relationship,
provided that:

(a) any risk of ML/TF arising from the delayed verification of the customer’s or
beneficial owner’s identity can be effectively managed;
(b) this is necessary not to interrupt the normal conduct of business with regard to
the customer;
(c) the verification is completed as soon as reasonably practicable; and
(d) the business relationship will be terminated if verification cannot be completed
as soon as reasonably practicable.

5.8 The TCSP licensee must not apply the exception of paragraph 5.7 above where:

(a) the TCSP licensee has knowledge or a suspicion of ML/TF;

(b) the TCSP licensee becomes aware of anything which causes it to doubt the
identity or intentions of the customer or beneficial owner; or
(c) the business relationship is assessed to pose a higher risk.

10
Please refer to section 3 of Part 2 of Schedule 2 to the AMLO.
21
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Establishing business relationship prior to identity verification –

Policies and procedures

The policies and procedures to be adopted by TCSP licensees include:

(a) establishing timeframes for the completion of the identity verification

measures;
(b) regular monitoring of such relationships pending completion of the
identity verification, and keeping senior management periodically
informed of any pending completion cases;
(c) obtaining all other necessary CDD information;
(d) ensuring verification of identity is carried out as soon as it is reasonably
practicable;
(e) advising the customer of the TCSP licensee’s obligation to terminate the
relationship at any time on the basis of non-completion of the verification
measures;
(f) placing appropriate limits on the number of transactions and type of
transactions that can be undertaken pending verification; and
(g) ensuring that funds are not paid out to any third party. Exceptions may be
made to allow payments to third parties subject to the following
conditions:
(i) there is no suspicion of ML/TF;
(ii) the risk of ML/TF is assessed to be low;
(iii) the transaction is approved by senior management, who should
take account of the nature of the business of the customer before
approving the transaction; and
(iv) the names of recipients do not match with watch lists such as those
for terrorist suspects and politically exposed persons.

22
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Failure to complete verification of identity11

5.9 Verification of identity should be concluded within a reasonable timeframe.

Where verification cannot be completed within such a period, the TCSP licensee
should, as soon as reasonably practicable, suspend or terminate the business
relationship unless there is a reasonable explanation for the delay. In this
regard:

(a) if a TCSP licensee cannot complete identity verification within 60 working

days after the establishment of a business relationship with a customer, the
TCSP licensee should suspend the business relationship and refrain from
carrying out further transactions (except to return funds to their sources, to the
extent that this is possible); and
(b) if a TCSP licensee cannot complete identity verification within 120 working
days after the establishment of the business relationship, the TCSP licensee
should terminate the business relationship with the customer.

5.10 The TCSP licensee should assess whether the aforesaid failures provide grounds for
knowledge or suspicion of ML/TF and a report to the JFIU is appropriate. The TCSP
licensee must not, knowing or suspecting that a disclosure has been made to the JFIU,
disclose to any other person any matter which is likely to prejudice any investigation.
Doing so would constitute “tipping-off”, which is an offence prohibited by section
25A(5) of the DTROPO/OSCO and section 12(5) of the UNATMO. For more
information, please refer to paragraph 7.3 of this Guideline.

5.11 Wherever possible, when terminating a relationship where funds or other assets have
been received, the TCSP licensee should return the funds or assets to the source from
which they were received. In general, this means that the funds or assets should be
returned to the customer/account holder. However, it may not be applicable where
the TCSP licensee is served a restraint order or confiscation order. Please refer to
paragraph 7.20 of this Guideline.

11
Please refer to section 3(4) of Part 2 of Schedule 2 to the AMLO.
23
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.12 TCSP licensees must guard against the risk of ML/TF since this is a possible means
by which funds can be “transformed”, e.g. from cash into a cashier order. Where the
customer requests that money or other assets be transferred to third parties, the TCSP
licensee should assess whether this provides grounds for knowledge or suspicion of
ML/TF and a report to the JFIU is appropriate.

Keeping customer information up-to-date12

5.13 TCSP licensees should take steps from time to time to ensure that customers’
information obtained for the purposes of complying with the requirements of
sections 2 and 3 of Part 2 of Schedule 2 to the AMLO is up-to-date and relevant.

5.14 TCSP licensees should undertake periodic reviews of existing records of customers
and conduct review under circumstances of certain triggering events, including:

(a) when a significant transaction (i.e. in terms of monetary value or where the
transaction is unusual or not in line with the licensee’s knowledge of the
customer) is to take place;
(b) when a material change occurs in the way the customer’s account is operated;
(c) when the TCSP licensee's customer documentation standards change
substantially; or
(d) when the TCSP licensee is aware that it lacks sufficient information about the
customer concerned.

5.15 In all cases, the factors determining the period of review or what constitutes a
triggering event should be clearly defined in the TCSP licensees’ policies and
procedures.

12
Please refer to section 5(1)(a) of Part 2 of Schedule 2 to the AMLO.
24
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Identifying and verifying customer’s identity13

5.16 TCSP licensees must identify the customer and verify the customer’s identity by
reference to documents, data or information provided by a reliable and
independent source:

(a) a governmental body;

(b) the Registrar or any other RA;
(c) an authority in a place outside Hong Kong that performs functions similar to
those of the Registrar or any other RA; or
(d) any other reliable and independent source that is recognized by the Registrar.

5.17 Guidance for the identification and verification of different types of customers
(including their beneficial owners) are set out in the appendices of this Guideline:

Customer type Appendix

Individual A
Corporation B
Partnership or unincorporated body C
Trust D

5.18 TCSP licensees should recognise that some types of documents are more easily forged
than others. If there is suspicion in relation to any documents provided by customers,
TCSP licensees should take steps to establish whether the document provided is
genuine, or has been reported as lost or stolen. This may include searching publicly
available information, approaching RAs (such as the Immigration Department) or
requesting corroboratory evidence from the customer. Where suspicion remains, the
document in question should not be accepted and consideration should be given to
making a report to the authorities.

13
Please refer to section 2(1)(a) of Part 2 of Schedule 2 to the AMLO.
25
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Identifying and verifying customer’s beneficial owner14

A. As a general rule, a beneficial owner of a customer is an individual who

ultimately owns or controls the customer (owning or controlling, in the case
of a customer that is a corporation, partnership or trust, more than 25% of
the shares, voting rights, profits or capital, as the case may be) or on whose
behalf a transaction or activity is being conducted. Please refer to
Appendices B, C and D of this Guideline on the identification and
verification of the beneficial owner of a corporation, partnership,
unincorporated body or trust. In respect of a customer who is an
individual not acting in an official capacity on behalf of a legal person or
trust, the customer himself is normally the beneficial owner but the TCSP
licensee should make appropriate enquiries where there are indications
that the customer is not acting on his own behalf.

B. The obligation to verify the identity of a beneficial owner is for the TCSP
licensee to take reasonable measures, based on its assessment of the
ML/TF risk, so that the TCSP licensee is satisfied that it knows who the
beneficial owner is, including measures to enable the TCSP licensee to
understand the ownership and control structure of the customer.

14
Please refer to section 2(1)(b) of Part 2 of Schedule 2 to the AMLO.
26
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Identifying and verifying a person purporting to act

on behalf of a customer15

A. If a person purports to act on behalf of the customer, TCSP licensees must:

(a) identify the person and take reasonable measures to verify the
person’s identity on the basis of documents, data or information
provided by-
(i) a governmental body;
(ii) the Registrar or any other RA;
(iii) an authority in a place outside Hong Kong that performs
functions similar to those of the Registrar or any other RA; or
(iv) any other reliable and independent source that is recognised
by the Registrar; and
(b) verify the person’s authority to act on behalf of the customer.

B. The general requirement is to obtain the identification information as set

out in paragraph 1 of Appendix A of this Guideline from the person. In
taking measures to verify the identity of the person purporting to act on
behalf of a customer (e.g. authorised signatories and attorneys), the TCSP
licensee should refer to the documents and other means listed in Appendix
A of this Guideline wherever possible. As a general rule, TCSP licensees
should identify and verify the identity of those authorised to give
instructions for the movement of funds or assets.

C. TCSP licensees should obtain written authority (including board resolution

or similar written authority for corporations) to verify that the individual
purporting to represent the customer is authorised to do so.

15
Please refer to section 2(1)(d) of Part 2 of Schedule 2 to the AMLO.
27
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Verification of documents in a language other than Chinese or English

For documents in a language other than Chinese or English, appropriate steps

should be taken by the TCSP licensee to be satisfied that the documents in fact
provide evidence of the customer’s identity (e.g. ensuring that staff assessing such
documents is proficient in the language or obtaining a translation from a suitably
qualified person).

APPLYING SDD

Application of SDD16

5.19 The AMLO defines what CDD measures are and also prescribes the circumstances in
which a TCSP licensee must carry out CDD. Where SDD applies (see paragraphs
5.21 and 5.23 below), the TCSP licensee is not required to identify and verify the
beneficial owner. However, other aspects of CDD must be undertaken and it is
still necessary to conduct ongoing monitoring of the business relationship. TCSP
licensees must have solid grounds to support the use of SDD and may have to
demonstrate these grounds to the Registrar.

5.20 Nonetheless, SDD must not be applied when the TCSP licensee suspects that the
customer, the customer’s account or the transaction is involved in ML/TF, or when the
TCSP licensee doubts the veracity or adequacy of any information previously
obtained for the purpose of identifying the customer or verifying the customer’s
identity, notwithstanding that the type of customers or product falls within paragraphs
5.21 and 5.23 below (see section 3(1)(d) and (e) of Part 2 of Schedule 2 to the
AMLO).

16
Please refer to section 4 of Part 2 of Schedule 2 to the AMLO.
28
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

To whom may SDD be applied?

5.21 Pursuant to section 4(3) of Part 2 of Schedule 2 to the AMLO, customers to whom
SDD may be applied are:

(a) a financial institution;

(b) an institution that-
(i) is incorporated or established in an equivalent jurisdiction17;
(ii) carries on a business similar to that carried on by a financial institution;
(iii) has measures in place to ensure compliance with requirements similar
to those imposed under Schedule 2; and
(iv) is supervised for compliance with those requirements by an authority in
that jurisdiction that performs functions similar to those of any of the
RAs;
(c) a corporation listed on any stock exchange;
(d) an investment vehicle where the person responsible for carrying out measures
that are similar to the CDD measures in relation to all the investors of the
investment vehicle is-
(i) a financial institution;
(ii) an institution incorporated or established in Hong Kong, or in an
equivalent jurisdiction17 that-
 has measures in place to ensure compliance with requirements
similar to those imposed under Schedule 2; and
 is supervised for compliance with those requirements.
(e) the Government or any public body in Hong Kong; or
(f) the government of an equivalent jurisdiction17 or a body in an equivalent
jurisdiction17 that performs functions similar to those of a public body.

17
“Equivalent jurisdiction” referred to in this Guideline means a jurisdiction that is a member of the FATF, other
than Hong Kong, or a jurisdiction that imposes requirements similar to those imposed under Schedule 2 to
the AMLO.
29
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Checking of customer’s identity to ascertain whether SDD is applicable

A. To ascertain whether a customer is within categories (a) to (d) of

paragraph 5.21 above , it will be generally sufficient for TCSP licensees to:

(a) verify that the customer is a financial institution or institution on

the list of authorised (or supervised) financial institutions in the
jurisdiction concerned;
(b) obtain proof of listed status on a stock exchange; or
(c) ascertain that the person responsible for carrying out measures
that are similar to the CDD measures in relation to all the
investors of the investment vehicle falls within any of the
categories of institution set out in section 4(3)(d) of Part 2 of
Schedule 2 to the AMLO.

B. If a customer not falling within section 4(3) of Part 2 of Schedule 2 to the

AMLO has in its ownership chain an entity that falls within that section,
TCSP licensees are not required to identify or verify the beneficial owners
of that entity in that chain when establishing a business relationship with
or carrying out an occasional transaction for the customer. However, TCSP
licensees should still identify and take reasonable measures to verify the
identity of beneficial owners in the ownership chain that are not
connected with that entity.

What customer information should be collected under SDD18?

5.22 TCSP licensees should:

(a) identify the customer and verify the customer’s identity;

(b) if a business relationship is to be established and its purpose and intended
nature are not obvious, obtain information on the purpose and intended nature
of the business relationship with the TCSP licensee; and
(c) if a person purports to act on behalf of the customer,
(i) identify the person and take reasonable measures to verify the person’s
identity; and
(ii) verify the person’s authority to act on behalf of the customer.

18
Please refer to section 4(1) of Part 2 of Schedule 2 to the AMLO.
30
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Specific products in relation to which SDD may be applied19

5.23 A TCSP licensee may also apply SDD in relation to a customer if the TCSP licensee
has reasonable grounds to believe that the transaction conducted by the customer
relates to any one of the following products:

(a) a provident, pension, retirement or superannuation scheme (however described)

that provides retirement benefits to employees, where contributions to the
scheme are made by way of deduction from income from employment and the
scheme rules do not permit the assignment of a member’s interest under the
scheme;
(b) an insurance policy for the purposes of a provident, pension, retirement or
superannuation scheme (however described) that does not contain a surrender
clause and cannot be used as a collateral; or
(c) a life insurance policy in respect of which:
(i) an annual premium of no more than HK$8,000 or an equivalent amount
in any other currency is payable; or
(ii) a single premium of no more than HK$20,000 or an equivalent amount
in any other currency is payable.

5.24 For the purpose of item (a) of paragraph 5.23 above, TCSP licensees may generally
treat the employer as the customer and apply SDD on the employer.

APPLYING EDD

Situations where special requirements on CDD is required

5.25 Section 15 of Part 2 of Schedule 2 to the AMLO specifies that a TCSP licensee must
take additional measures or EDD to mitigate the risk of ML/TF in any situation that
by its nature presents a higher risk of ML/TF.

19
Please refer to section 4(4) and (5) of Part 2 of Schedule 2 to the AMLO.
31
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.26 High-risk situations for which EDD apply include:

(a) customer not physically present for identification purposes;

(b) customer or its beneficial owner being a politically exposed person;
(c) corporate customer which has issued bearer shares;
(d) customer from or transaction connected with a jurisdiction that does not
adopt or insufficiently adopts the FATF recommendations; and
(e) any situation specified by the Registrar in a notice given to the TCSP
licensee.

Customer not physically present for identification purposes20

5.27 Where a customer is not physically present for identification purposes, TCSP licensees
will generally not be able to determine that the documentary evidence of identity
actually relates to the customer they are dealing with. Consequently, the risk in respect
of the customer increases.

5.28 In order to mitigate the risk, sections 5(3)(a) and 9 of Part 2 of Schedule 2 to the
AMLO requires a TCSP licensee to take additional measures. If a customer has not
been physically present for identification purposes, the TCSP licensee must carry out
at least one of the following measures to mitigate the risk posed:

(a) further verifying the customer’s identity on the basis of documents, data or
information referred to in paragraph 5.16 above but not previously used for the
purposes of verification of the customer’s identity;
(b) taking supplementary measures to verify information relating to the customer
that has been obtained by the TCSP licensee;
(c) ensuring that the first payment made into the customer’s account is received
from an account in the customer’s name with an authorised institution or a
bank operating in an equivalent jurisdiction21 that has measures in place to
ensure compliance with requirements similar to those imposed under Schedule
2 to the AMLO and is supervised for compliance with those requirements by a
banking regulator in that jurisdiction.

20
Please refer to section 9 of Part 2 of Schedule 2 to the AMLO.
21
“Equivalent jurisdiction” referred to in this Guideline means a jurisdiction that is a member of the FATF,
other than Hong Kong, or a jurisdiction that imposes requirements similar to those imposed under Schedule
2 to the AMLO.
32
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.29 Consideration should be given by TCSP licensees to mitigate ML/TF risk by obtaining
copies of documents that have been certified by a suitable certifier. Use of an
independent suitable certifier guards against the risk that documentation provided does
not correspond to the customer whose identity is being verified. However, for
certification to be effective, the certifier will need to have seen the original
documentation.

Certifying the verification of identity documents

A. Suitable persons for certifying verification of identity documents may

include:

(a) an intermediary specified in section 18(3) of Part 2 of Schedule 2 to

the AMLO, including an accounting professional, an estate agent, a
legal professional and a TCSP licensee;
(b) a member of the judiciary in an equivalent jurisdiction22;
(c) an officer of an embassy, consulate or high commission of the
country of issue of documentary verification of identity; and
(d) a Justice of the Peace.

B. The certifier must sign and date the copy document (printing his/her name
clearly in capitals underneath) and indicate clearly his/her position or
capacity on it. The certifier must state that it is a true copy of the original
(or words to similar effect).

C. TCSP licensees remain liable for failure to carry out prescribed CDD and
therefore must exercise caution when considering accepting certified copy
documents, especially where such documents originate from a country
perceived to represent a high risk, or from unregulated entities in any
jurisdiction. In any circumstances where a TCSP licensee is unsure of the
authenticity of certified documents, or that the documents relate to the
customer, the TCSP licensee should take additional measures to mitigate
the ML/TF risk.

22
“Equivalent jurisdiction” referred to in this Guideline means a jurisdiction that is a member of the FATF, other
than Hong Kong, or a jurisdiction that imposes requirements similar to those imposed under Schedule 2 to the
AMLO.
33
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Customer or its beneficial owner being a politically exposed person23

5.30 Being a PEP does not itself automatically mean that a person is corrupt or has been
incriminated in any corruption. However, the office and position may render a PEP
vulnerable to corruption. The risk increases when the PEP is from a foreign country
with widely-known problems of bribery, corruption and financial irregularity within
their government and society. This risk is even more acute where such countries do
not have adequate AML/CTF standards.

5.31 While the statutory definition of PEPs in the AMLO only includes individuals
entrusted with prominent public function in a place outside the People’s Republic of
China, domestic PEPs may also present, by virtue of the positions they hold, a high
risk situation where EDD of paragraph 5.35 below should be applied. TCSP licensees
should therefore adopt a risk-based approach to determining whether to apply the
EDD in paragraph 5.35 below in respect of domestic PEPs.

5.32 The statutory definition of PEP does not automatically exclude sub-national political
figures. Corruption by heads of regional governments, regional government ministers
and large city mayors is no less serious as sub-national figures in some jurisdictions
may have access to substantial funds. Where TCSP licensees identify a customer as a
sub-national figure holding a prominent public function, they should apply appropriate
EDD. This also applies to domestic sub-national figures assessed by the TCSP
licensee to pose a higher risk. In determining what constitutes a prominent public
function, TCSP licensees should consider factors such as persons with significant
influence in general, significant influence over or control of public procurement or
state owned enterprises, etc.24

5.33 TCSP licensees should take reasonable measures to determine whether an individual
is a domestic PEP. If an individual is known to be a domestic PEP, the TCSP
licensee should perform a risk assessment to determine whether the individual poses a
higher risk of ML/TF, though being a domestic PEP does not, in itself, automatically
confer higher risk. In any situation that the TCSP licensee assesses to present a higher
risk of ML/TF, it should apply the EDD as required.

23
Please refer to section 10 of Schedule 2 of Part 2 to the AMLO.
24
Please refer to sections 5(3)(c) and 15 of Part 2 of Schedule 2 to the AMLO.
34
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Definition of “PEP”

A. A PEP is defined in section 1 of Part 1 of Schedule 2 to the AMLO as:

(a) an individual who is or has been entrusted with a prominent public
function in a place outside the People’s Republic of China:
(i) including a head of state, head of government, senior
politician, senior government, judicial or military official,
senior executive of a state-owned corporation and an
important political party official;
(ii) but not including a middle-ranking or more junior official of
any of the categories mentioned in subparagraph (i) above;
(b) a spouse, a partner, a child or a parent of an individual falling within
paragraph (a) above, or a spouse or a partner of a child of such an
individual; or
(c) a close associate of an individual falling within paragraph (a) above.

B. Section 1(3) of Part 1 of Schedule 2 to the AMLO defines a close associate

as:
(a) an individual who has close business relations with a person falling
under paragraph A(a) above, including an individual who is a
beneficial owner of a legal person or trust of which the person falling
under paragraph A(a) is also a beneficial owner; or
(b) an individual who is the beneficial owner of a legal person or trust
that is set up for the benefit of a person falling under paragraph A(a).

C. For the purposes of this Guideline, a domestic PEP means:

(a) an individual who is or has been entrusted with a prominent public
function in a place within the People’s Republic of China and
(i) includes a head of state, head of government, senior politician,
senior government, judicial or military official, senior
executive of a state-owned corporation and an important
political party official;
(ii) but does not include a middle-ranking or more junior official
of any of the categories mentioned in subparagraph (i) above;
(b) a spouse, a partner, a child or a parent of an individual falling within
paragraph (a) above, or a spouse or a partner of a child of such an
individual; or
(c) a close associate of an individual falling within paragraph (a) above
(the meaning of “close associate” shall follow the definition in
paragraph B above).

35
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.34 TCSP licensees that handle the proceeds of corruption, or handle illegally diverted
government, supranational or aid funds, face reputational and legal risk, including the
possibility of criminal charges for having assisted in laundering the proceeds of crime
and the suspension or revocation of the licence. TCSP licensees can reduce risk by
conducting EDD before establishing a business relationship with the customer and
ongoing monitoring where they know or suspect that the business relationship is with
a PEP.

Use of publicly available information for assessment of PEP

A. TCSP licensees must establish and maintain effective procedures (for

example making reference to publicly available information and/or
screening against commercially available databases) for determining
whether a customer or a beneficial owner of a customer is a PEP. These
procedures should extend to the connected parties25 of the customer
using a risk-based approach.

B. TCSP licensees may also use publicly available information or refer to

relevant reports and databases on corruption risk published by specialised
national, international, non-governmental and commercial organisations to
assess which countries are most vulnerable to corruption (an example of
which is Transparency International’s ‘Corruption Perceptions Index’, which
ranks countries according to their perceived level of corruption). TCSP
licensees should be vigilant where either the country to which the
customer has business connections or the business/industrial sector is
more vulnerable to corruption.

5.35 When TCSP licensees know that a particular customer or beneficial owner is a PEP,
they should, before establishing a business relationship or continuing an existing
business relationship where the customer or the beneficial owner is subsequently
found to be a PEP, apply all the following EDD measures26:

(a) obtaining approval from its senior management;

(b) taking reasonable measures to establish the customer’s or the beneficial
owner’s source of wealth and the source of the funds; and

25
For the purpose this paragraph, “connected parties” to a customer include the beneficial owner and any
individual having the power to direct the activities of the customer (e.g. any director, shareholder,
beneficial owner, signatory, trustee, settlor, protector, or defined beneficiary of a legal arrangement).
26
Please refer to sections 5(3)(b) and 10 of Part 2 of Schedule 2 to the AMLO.
36
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

(c) applying enhanced monitoring to the relationship in accordance with the

assessed risk.

5.36 Each TCSP licensee should adopt reasonable measures, in accordance with its
assessment of the risk, for establishing the source of funds and source of wealth. In
practical terms, this will often amount to obtaining information from the PEP and
verifying it against publicly available information sources such as asset and income
declarations, which some jurisdictions expect certain senior public officials to file and
which often include information about an official’s source of wealth and current
business interests. TCSP licensees should however note that not all declarations are
publicly available and that a PEP customer may have legitimate reasons for not
providing a copy. TCSP licensees should also be aware that some jurisdictions impose
restrictions on their PEP’s ability to hold foreign bank accounts or to hold other office
or paid employment.

5.37 The approval person of the TCSP licensee should take into account the advice of the
CO. The more potentially sensitive the PEP is, the more senior the approving person
should be. TCSP licensees should retain a copy of the assessment for inspection by
the Companies Registry (“the CR”), other authorities and auditors and should review
the assessment whenever concerns as to the activities of the individual arise.

Corporate customer which has issued bearer shares

5.38 Bearer shares are equity securities wholly owned by whoever holds the physical share
certificate. The issuing corporation does not register the owner of the shares or track
transfers of ownership. Transferring the ownership of the shares involves only
delivering the physical share certificate. Bearer shares therefore lack the regulation
and control of common shares because ownership is never recorded. Owing to the
higher ML/TF risk associated with bearer shares, the FATF recommends member
countries that have legal persons able to issue bearer shares should take appropriate
measures to ensure that they are not misused for ML/TF.

5.39 To reduce the opportunity for bearer shares to be used to obscure information on
beneficial ownership, TCSP licensees must take additional measures as required by
section 15 of Part 2 of Schedule 2 to the AMLO in the case of corporate customer
with capital in the form of bearer shares, as it is often difficult to identify the
beneficial owner(s) in such situation. TCSP licensees should adopt procedures to
establish the identities of the holders and beneficial owners of such shares and ensure
that they are notified whenever there is a change of holder or beneficial owner.
37
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.40 Where bearer shares have been deposited with an authorised/registered custodian,
TCSP licensees should seek independent evidence of such arrangement, e.g.
confirmation from the registered agent that an authorised/registered custodian holds
the bearer shares, the identity of the authorised/registered custodian and the name and
address of the person who has the right to those entitlements carried by the share. As
part of the TCSP licensee’s ongoing periodic review, it should obtain evidence to
confirm the identity of authorised/registered custodian of the bearer shares.

5.41 Where the bearer shares are not deposited with an authorised/registered custodian,
TCSP licensees should obtain declarations prior to account opening and annually
thereafter from each beneficial owner holding more than 25% of the share capital.
Given the higher ML/TF risk associated with bearer shares, TCSP licensees may wish
to adopt higher levels of risk mitigation than prescribed in the AMLO. TCSP licensees
should also require customers to notify them immediately of any changes in the
ownership of the shares.

Customer from or transaction connected with a jurisdiction that does not adopt or
insufficiently adopts the FATF Recommendations

5.42 TCSP licensees should give particular attention to:

(a) business relationships and transactions with persons (including natural persons
and legal persons) from or in jurisdictions that do not or insufficiently adopt
the FATF Recommendations; and
(b) transactions and business connected with jurisdictions assessed as higher risk.

5.43 Based on the TCSP licensee’s assessment of the risk in either case, EDD may apply.
In addition to ascertaining and documenting the business rationale for establishing a
relationship, a TCSP licensee should take reasonable measures to establish the source
of funds of such customers.

38
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Higher risk jurisdictions

Factors which TCSP licensees may take into consideration

A. In determining whether a jurisdiction is one which does not adopt, or

insufficiently adopts the FATF Recommendations, or may otherwise pose a
higher risk, TCSP licensees should consider, among other things:

(a) circulars issued to TCSP licensees by the Registrar;

(b) whether the jurisdiction is subject to sanctions, embargoes or
similar measures issued by, for example, the United Nations. In
addition, in some circumstances where a jurisdiction is subject to
sanctions or measures similar to those issued by bodies such as the
United Nations, but which may not be universally recognised, the
sanctions or measures may still be given credence by a TCSP
licensee because of the standing of the issuer and the nature of the
measures;
(c) whether the jurisdiction is identified by credible sources as lacking
appropriate AML/CTF laws, regulations and other measures;
(d) whether the jurisdiction is identified by credible sources as
providing funding or support for terrorist activities and has
designated terrorist organisations operating within it; and
(e) whether the jurisdiction is identified by credible sources as having
significant levels of corruption, or other criminal activity.

B. “Credible sources” refers to well-known bodies that generally are regarded

as reputable and that make information produced by them publicly and
widely available. In addition to the FATF and similar regional bodies, such
sources may include, but are not limited to, supra-national or international
bodies such as the International Monetary Fund, and the Egmont Group of
Financial Intelligence Units, as well as relevant national government bodies
and non-government organisations. The information provided by these
credible sources does not have the effect of law or regulation and should
not be viewed as an automatic determination that a jurisdiction is of higher
risk.

39
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.44 A TCSP licensee should be aware of the potential reputation risk of conducting
business in jurisdictions which do not or insufficiently adopt the FATF
Recommendations or other jurisdictions known to apply inferior standards for the
prevention of ML/TF.

High-risk situation specified in a Notice given by the Registrar27

5.45 Where the requirement is called for by the FATF (which may include mandatory EDD
or the application of counter-measures recommended by FATF) or in other
circumstances which are considered to be higher risk, the Registrar may issue a notice
to the TCSP licensee in respect of the situation specified in the notice to:

(a) impose an obligation on TCSP licensees to undertake EDD measures; or

(b) require TCSP licensees to undertake specific counter-measures identified or
described in the notice.

Prohibition on anonymous accounts28

TCSP licensees must not open or maintain anonymous accounts or accounts in

fictitious names for any new or existing customer. Where numbered accounts
exist, TCSP licensees must maintain them in such a way that full compliance can
be achieved with the AMLO. TCSP licensees must properly identify and verify the
identity of the customer in accordance with the Guideline. In all cases, whether
the relationship involves numbered accounts or not, the customer identification
and verification records must be made available to the Registrar, other staff, RAs,
other authorities and auditors with appropriate authority.

27
Please refer to section 15 of Part 2 of Schedule 2 to the AMLO.
28
Please refer to section 16 of Part 2 of Schedule 2 to the AMLO.
40
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Application of AMLO to pre-existing customers29

A TCSP licensees must perform the CDD measures prescribed in Schedule 2

to the AMLO and this Guideline in respect of pre-existing customers (with
whom the business relationship was established before the Anti-Money
Laundering and Counter-Terrorist Financing (Financial Institutions)
(Amendment) Ordinance 2018 came into effect, when:
(a) a transaction takes place with regard to the customer which, by
virtue of the amount or nature of the transaction, is unusual or
suspicious; or is not consistent with the TCSP licensee’s knowledge
of the customer or the customer’s business or risk profile, or with
its knowledge of the source of the customer’s funds;
(b) a material change occurs in the way in which the customer’s
business or account is operated;
(c) the TCSP licensee suspects that the customer or the customer’s
business or account is involved in ML/TF; or
(d) the TCSP licensee doubts the veracity or adequacy of any
information previously obtained for the purpose of identifying the
customer or for the purpose of verifying the customer’s identity.

B. Trigger events may include the re-activation of a dormant account of the

customer or a change in the beneficial ownership or control of the account
but TCSP licensees will need to consider other trigger events specific to
their own customers and businesses.

C. TCSP licensees should note that requirements for ongoing monitoring

under section 5 of Part 2 of Schedule 2 to the AMLO also apply to
pre-existing customers.

29
Please refer to section 6 of Part 2 of Schedule 2 to the AMLO.
41
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

CARRYING OUT CDD BY MEANS OF INTERMEDIARIES30

5.46 Subject to the requirements set out in section 18 of Part 2 of Schedule 2 to the
AMLO, a TCSP licensee may carry out any CDD measures required under the
AMLO by means of an intermediary. However, the ultimate responsibility for
ensuring that CDD requirements are met remains with the TCSP licensee.

5.47 For avoidance of doubt, reliance on intermediaries does not apply to:

(a) outsourcing or agency relationships, i.e. where the agent is acting under a
contractual arrangement with the TCSP licensee to carry out its CDD function.
In such a situation the outsourced party or agent is to be regarded as
synonymous with the TCSP licensee (i.e. the processes and documentation are
those of the TCSP licensee itself); and
(b) business relationships, accounts or transactions between TCSP licensees for
their clients.

5.48 A TCSP licensee may carry out any CDD measure by means of an intermediary
if:

(a) the intermediary consents in writing to be the licensee’s intermediary; and

(b) the licensee is satisfied that the intermediary will on request provide a copy
of any document, or a record of any data or information, obtained by the
intermediary in the course of carrying out the CDD measures without
delay.31

5.49 The TCSP licensee must ensure that the intermediary will, if requested by the
TCSP licensee within the period specified in the record-keeping requirements of
the AMLO, provide to the TCSP licensee a copy of any document, or a record of
any data or information, obtained by the intermediary in the course of carrying
out CDD measures as soon as reasonably practicable after receiving the request.

30
Please refer to section 18 of Part 2 of Schedule 2 to the AMLO.
31
Please refer to section 18(1) of Part 2 of Schedule 2 to the AMLO. The purpose of obtaining the underlying
documentation is to ensure that it is immediately available on file for reference purposes by the CR and
other relevant authorities such as the JFIU, and for on-going monitoring of the customer. It will also enable
the TCSP licensee to verify that the intermediary is doing its job properly.
42
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.50 TCSP licensees should obtain satisfactory evidence to confirm the status and
eligibility of the intermediary. Such evidence may comprise corroboration from the
intermediary’s RAs, or evidence from the intermediary of its status, regulation,
policies and procedures.

5.51 A TCSP licensee that carries out a CDD measure by means of an intermediary
must immediately after the intermediary has carried out that measure, obtain
from the intermediary the data or information that the intermediary has
obtained in the course of carrying out that measure, but nothing in this
paragraph requires the TCSP licensee to obtain at the same time from the
intermediary a copy of any document, or a record of any data or information,
that is obtained by the intermediary in the course of carrying out that measure.

5.52 Where these documents and records are kept by the intermediary, the TCSP licensee
should obtain an undertaking from the intermediary to keep all underlying CDD
information throughout the continuance of the TCSP licensee’s business relationship
with the customer and for at least 5 years beginning on the date on which the business
relationship of a customer with the TCSP licensee ends or until such time as may be
specified by the RA. TCSP licensees should also obtain an undertaking from the
intermediary to supply copies of all underlying CDD information in circumstances
where the intermediary is about to cease trading or does not act as an intermediary for
the TCSP licensee anymore.

5.53 TCSP licensees should conduct sample checks from time to time to ensure CDD
information and documentation is produced by the intermediary upon demand and
without undue delay. Whenever a TCSP licensee has doubts as to the reliability of
the intermediary, it should take reasonable steps to review the intermediary’s ability to
perform its CDD duties. If the TCSP licensee intends to terminate its
relationship with the intermediary, it should immediately obtain all CDD
information from the intermediary. If the TCSP licensee has any doubts
regarding the CDD measures carried out by the intermediary previously, the
TCSP licensee should perform the required CDD as soon as reasonably
practicable.

43
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5.54 TCSP licensees may carry out any CDD measure by means of intermediaries in Hong
Kong or in an equivalent jurisdiction 32 . To ensure the compliance of the
requirements set out in paragraphs 5.46 to 5.53 above, TCSP licensees should:

(a) review the intermediaries’ AML/CFT policies and procedures to ensure that they
have adequate policies and procedures in place to prevent money laundering and
terrorist financing; or
(b) make enquiries concerning the intermediaries’ statures and regulatory track
records and the extent to which any of their AML/CFT standards are applied and
audited.

Intermediaries in Hong Kong

A. TCSP licensees may carry out any CDD measure by means of an authorized
institution, a licensed corporation, an authorized insurer, an appointed
insurance agent or an authorized insurance broker.33

B. TCSP licensees may also carry out any CDD measure by means of the
following categories of intermediaries34 in Hong Kong:

(a) an accounting professional;

(b) an estate agent;
(c) a legal professional; and
(d) a TCSP licensee.

32
“Equivalent jurisdiction” referred to in this Guideline means a jurisdiction that is a member of the FATF,
other than Hong Kong, or a jurisdiction that imposes requirements similar to those imposed under Schedule
2 to the AMLO.
33
The relevant terms are as defined in section 1 of Part 2 of Schedule 1 to the AMLO.
34
The relevant categories are as defined in section 1 of Part 2 of Schedule 1 to the AMLO.
44
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Intermediaries in an equivalent jurisdiction35

TCSP licensees may carry out any part of the CDD measure by means of an
intermediary in an equivalent jurisdiction36 where:

(a) the intermediary is:

(i) a lawyer, a notary public, an auditor, a professional accountant, a trust
or company service provider or a tax advisor practising in the
jurisdiction;
(ii) a trust company carrying on trust business in the jurisdiction;
(iii) a person who carries on in the jurisdiction a business similar to that
carried on by an estate agent; and
(iv) an institution that carries on in the jurisdiction a business similar to
that carried on by an authorized institution, a licensed corporation, an
authorized insurer, an appointed insurance agent or an authorized
insurance broker;
(b) the intermediary is required under the law of that jurisdiction to be
registered or licensed or is regulated under the law of that jurisdiction;
(c) the intermediary has measures in place to ensure compliance with similar
CDD and record-keeping requirements as those imposed under Schedule 2
to the AMLO; and
(d) the intermediary is supervised for compliance with those requirements by an
authority in that jurisdiction that performs functions similar to those of any
of the RAs or the regulatory bodies (as may be applicable).

35
Please refer to section 18(3)(c) of Part 2 of Schedule 2 to the AMLO.
36
“Equivalent jurisdiction” referred to in this Guideline means a jurisdiction that is a member of the FATF,
other than Hong Kong, or a jurisdiction that imposes requirements similar to those imposed under Schedule
2 to the AMLO.
45
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 6

ONGOING MONITORING OF BUSINESS RELATIONSHIP WITH CUSTOMERS

Requirements on ongoing monitoring

6.1 Effective ongoing monitoring is vital for understanding customers’ activities and an
integral part of effective AML/CTF systems. It helps TCSP licensees to update their
knowledge of their customers and detect unusual or suspicious activities.

6.2 Pursuant to section 5 of Part 2 of Schedule 2 to the AMLO, a TCSP licensee must
continuously monitor the business relationship with a customer by:

(a) reviewing from time to time documents, data and information relating to
the customer that have been obtained for the purpose of complying with
CDD requirements to ensure that they are up-to-date and relevant;
(b) conducting appropriate scrutiny of transactions carried out for the
customer to ensure that they are consistent with the licensee’s knowledge
of the customer and the customers’ business, risk profile and source of
funds; and
(c) identifying transactions that are complex, unusually large in amount or of
an unusual pattern or that have no apparent economic or lawful purpose
and which may indicate ML/TF.

Aspects for TCSP licensees to identify unusual customer transactions

To identify unusual customer transactions, the aspects which TCSP licensees

should consider include:

(a) the nature and type of individual transactions;

(b) the nature of a series of transactions;
(c) the amount of the transactions, paying special attention to particularly
substantial transactions;
(d) the geographical origin/destination of a payment or receipt; and
(e) the customer’s usual pattern of activities or turnover.

46
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

6.3 Where the basis of the business relationship changes significantly, TCSP licensees
should carry out further CDD procedures to ensure that the ML/TF risks involved and
basis of the relationship are fully understood.

Changes of business relationship with customers

TCSP licensees should be vigilant for changes in the basis of the business
relationship with customers over time. Such changes may include:

(a) setting up new corporate or trust structures;

(b) buying new products or services that pose higher risk;
(c) unusual changes or increase of the activities or turnover of a customer; or
(d) unusual changes in the nature of transactions of a customer.

6.4 TCSP licensees should conduct an appropriate review of a business relationship upon
the filing of a report to the JFIU and should update the CDD information where
appropriate. This will enable TCSP licensees to assess appropriate levels of ongoing
review and monitoring.

Risk-based approach to ongoing monitoring37

6.5 The extent of monitoring should commensurate with the risk profile of the customer
compiled through the risk assessment. For effective monitoring, resources should be
targeted towards business relationships presenting a higher risk of ML/TF.

6.6 TCSP licensees must take additional measures when monitoring business relationships
which pose a higher risk (please see paragraph 5.26 of this Guideline). High-risk
business relationships will require more frequent and intensive monitoring. When
monitoring high-risk situations, the relevant considerations may include:

(a) whether adequate procedures or management information systems are in place

to provide relevant staff (e.g. CO, MLRO, front-line staff, relationship
managers and insurance agents) with timely information (i.e. the result of EDD
or other additional measures undertaken, any information on any connected
accounts or relationships, etc.); and
(b) how the sources of funds, wealth and income for higher risk customers will be
monitored and how any changes in circumstances will be recorded.

37
Please refer to section 5 of Part 2 of Schedule 2 to the AMLO.
47
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

6.7 There are various methods by which those objectives can be met including exception
reports (e.g. large transactions exception report) and transaction monitoring systems.
Exception reports will help TCSP licensees to monitor their operational activities.

6.8 Where transactions are complex, unusually large in amount or of an unusual pattern,
or have no apparent economic or lawful purpose, TCSP licensees should examine the
background and purposes, including where appropriate the circumstances, of the
transactions. The findings and outcomes of these examinations should be properly
documented in writing and be available for the inspection by the CR, other competent
authorities and auditors. Proper records of the decisions made and the reasons of the
decisions will help a TCSP licensee demonstrate that its handling of unusual or
suspicious activities are appropriate.

Examination of the background and purposes of transactions

Examinations or enquiries may include asking the customer appropriate questions.

Such enquiries, when conducted properly and in good faith, will not constitute
tipping-off. The results of the enquiries should be properly documented and be
available for inspection by the CR, other authorities and auditors. Where there is
any suspicion, a STR must be made to the JFIU (please refer to Chapter 7 of this
Guideline for details).

Cash transactions and transfers to third parties

In case where cash transactions or transfers to third parties are being proposed by
a customer and such requests are not in accordance with the customer’s known
pattern of practice, the TCSP licensee must be cautious and make relevant further
enquiries. Where the TCSP licensee, having made the necessary enquiries, does
not consider the cash transaction or third party transfer reasonable, it should
make a STR to the JFIU (please refer to Chapter 7 of this Guideline for details).

48
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 7

REPORTING SUSPICIOUS TRANSACTIONS

The requirements

7.1 CDD and ongoing monitoring of business relationship with customers provide
the basis for identifying unusual and suspicious transactions and events.
Once a
TCSP licensee identifies or suspects that a transaction is related to ML/TF
activity, the TCSP licensee must report the transaction to JFIU.

Statutory requirements for reporting suspicious transactions

Section 25A of the DTROPO and section 25A of the OSCO make it an offence if a
person fails to disclose to an authorized officer (i.e. JFIU) where the person knows
or suspects that property represents the proceeds of drug trafficking or of an
indictable offence. Likewise, section 12 of the UNATMO makes it an offence to fail
to disclose knowledge or suspicion of terrorist property. Under the DTROPO, the
OSCO and the UNATMO, failure to report the knowledge or suspicion carries a
maximum penalty of three months’ imprisonment and a fine of HK$50,000.

7.2 The filing of a report to the JFIU provides the TCSP licensee a statutory defence to
the offence of ML/TF in respect of the acts disclosed in the report, provided that:

(a) the report is made before the TCSP licensee undertakes the disclosed acts and
the acts or transactions are undertaken with the consent of the JFIU; or
(b) the report is made after the TCSP licensee has performed the disclosed acts or
transactions and the report is made on the TCSP licensee’s own initiative and
as soon as it is reasonable for the TCSP licensee to do so.

49
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

7.3 TCSP licensees must note that it is an offence for a person, knowing or suspecting
that a disclosure has been made to the JFIU, if he/she discloses to any other
person any matter which is likely to prejudice any investigation. If a customer
is told that a report has been made (commonly referred to as “tipping-off”), this
would prejudice the investigation and an offence would be committed. The
customer’s awareness of a possible STR or investigation could prejudice future efforts
to investigate the suspected ML/TF operation. Therefore, if TCSP licensees form a
suspicion that transactions relate to ML/TF, they should take into account the risk of
tipping-off when performing the CDD process. TCSP licensees should ensure that
their employees are aware of and sensitive to these issues when conducting CDD.

7.4 TCSP licensees must ensure sufficient guidance is given to staff to enable them to
form suspicion or to recognise the signs when ML/TF is taking place. The
guidance should take into account the nature of the transactions and customer
instructions that staff is likely to encounter, the type of product or service and the
means of delivery, i.e. whether face to face or remote.

The“SAFE” approach

A. An effective systemic approach to identify suspicious transactions may

safeguard TCSP licensees from the risk of being involved with ML/TF.
TCSP licensees may adopt, where applicable, the “SAFE” approach
promoted by JFIU.

B. Four steps are involved in the SAFE approach:

(a) Screen the account for suspicious indicators;

(b) Ask the customers appropriate questions;
(c) Find out the customer’s records; and
(d) Evaluate all the above information.

C. TCSP licensees are strongly advised to familiarise themselves with the

SAFE approach. Details of the SAFE approach are available at JFIU’s
website (www.jfiu.gov.hk).

50
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

When and how to report suspicious transactions to JFIU?

7.5 When a TCSP licensee knows or suspects that certain property represents the
proceeds of crime or terrorist property, a disclosure must be made to the JFIU as
soon as it is reasonable to do so. The use of STR proforma or the e-reporting system
named Suspicious Transaction Report And Management System (“STREAMS”) to
report suspicious transactions is strongly encouraged. Please visit JFIU’s website at
www.jfiu.gov.hk for full details of reporting methods and advice. In the event that the
subject in the disclosure is related to any ongoing investigation, it should be indicated
in the STR with the provision of relevant details (i.e. case reference number, name of
the investigative unit and the officer-in-charge etc.), if any. Under exceptional
circumstances, an initial notification by telephone may be considered for an urgent
disclosure.

7.6 STRs shall be made to the JFIU before a TCSP licensee deals with a suspicious
transaction or activity (whether the intended transaction ultimately takes place or not)
for its customer, or, where the relevant knowledge or suspicion arises only after the
transaction or activity has been completed, be made to the JFIU as soon as reasonably
practicable and on the TCSP licensee’s own initiative after the transaction or activity
has been completed.

7.7 The law requires the STR be made together with any information or other matter on
which the knowledge or suspicion is based. The need for prompt reporting is
particularly important where a customer has instructed the TCSP licensee to move
funds or other property, carry out significant changes to the business relationship, etc.
In such circumstances, TCSP licensees should consider contacting the JFIU urgently.

Internal reporting of TCSP licensees

7.8 TCSP licensees should have measures in place to check, on an ongoing basis, that it
has proper policies and procedures to test and ensure compliance with legal and
regulatory requirements. The type and extent of the measures to be taken in this
respect should be appropriate having regard to the risk of ML/TF and the size of their
respective business.

51
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

7.9 TCSP licensee’s MLRO should act as a central reference point for reporting suspicious
transactions. The TCSP licensee should ensure that the MLRO is of sufficient status
within the organisation, and has adequate resources, to enable the MLRO to perform
his/her functions (please refer to paragraph 3.4 of this Guideline for the major
responsibilities of the MLRO).

7.10 A key responsibility of the MLRO is to diligently consider all vital information
and report the suspicious transaction or activity or suspicious attempted
transaction or activity to the JFIU in accordance with statutory requirements.

7.11 TCSP licensees should set up and maintain procedures to ensure that:

(a) all staff are made aware of the identity of the MLRO and the procedures to
follow when making an internal disclosure report; and
(b) all disclosure reports must reach the MLRO without undue delay.

No filtering of reports to MLRO

While TCSP licensees may wish to set up internal systems that allow staff to
consult their supervisors or managers before sending a report to the MLRO, under
no circumstances should reports raised by staff be filtered out by supervisors or
managers. Since the legal obligation is to report the suspicious transaction as
soon as it is reasonable to do so, the reporting lines should be as short as possible
with the minimum number of people between the staff with the suspicion and the
MLRO. This ensures the speediness, confidentiality and accessibility of the
systems.

7.12 All suspicious activities reported to the MLRO must be documented. The report
must include the full details of the customer and a full statement on the
information giving rise to the suspicion. In urgent cases, suspicious activities may
be reported verbally, e.g. over the telephone, to be followed by documentation.

7.13 The MLRO must acknowledge receipt of the report and, at the same time, issue a
reminder to the reporting staff of the obligation regarding tipping-off. The tipping-off
provision also applies to circumstances where a suspicion has been raised internally,
but has not yet been reported to the JFIU.
52
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Reporting further suspicious transactions of the same customer

The reporting of a suspicion in respect of a transaction or event does not mean

that further suspicious transactions or events in respect of the same customer
need not be reported. Further suspicious transactions or events, whether of the
same nature or different to the previous suspicion, must also be reported to the
MLRO who should make further reports to the JFIU as appropriate.

7.14 When evaluating an internal report of suspicious transaction, the MLRO must take
reasonable steps to consider all relevant information, including CDD and ongoing
monitoring information available within the organisation concerning the entities to
which the report relates.

Steps to be taken by the MLRO include:

(a) a review of other transaction patterns and volumes through connected
accounts;
(b) reference to any previous patterns of instructions, the length of the
business relationship and CDD and ongoing monitoring information and
documentation; and
(c) appropriate questioning of the customer using the systematic approach to
identifying suspicious transactions as recommended by the JFIU.

7.15 As part of the review, other connected business relationships may need to be
examined. Regarding the need to search for information concerning connected
business relationships, a balance should be struck between making a timely disclosure
to the JFIU as required by law and any delays in making the disclosure that might
arise from searching more relevant information. The evaluation process and the
conclusion drawn should be documented.

53
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

7.16 If after completing the evaluation a MLRO decides that there are grounds for
knowledge or suspicion of transactions related to ML/TF activity, he/she should file a
STR to the JFIU as soon as reasonable together with the information or matters on
which that knowledge or suspicion is based. If the MLRO decides not to file a STR
with JFIU, provided that the MLRO acts in good faith and reasonable manner and
concludes that there is no suspicion after taking into account all available information,
it is unlikely that there will be any criminal liability for failing to report. The MLRO
should keep proper records of the deliberations and actions taken to demonstrate
he/she has acted in reasonable manner.

Keeping of records

7.17 TCSP licensees must establish and maintain a record of all ML/TF reports made
to the MLRO. The record should include details of the date the report was made, the
staff members subsequently handling the report, the results of the evaluation, whether
the report eventually resulted in a STR filed with the JFIU, and information to allow
the documentation relevant to the report to be located.

7.18 TCSP licensees must establish and maintain a record of all STRs made to the
JFIU. The record must include details of the date of the disclosure, the person who
made the disclosure, and information to allow the papers relevant to the STRs to be
located. This register may be combined with the register of internal reports, if
considered appropriate.

Post-reporting matters

7.19 The JFIU will acknowledge receipt of a STR made by a TCSP licensee under section
25A of the DTROPO, section 25A of the OSCO, or section 12 of the UNATMO.
The JFIU may, on occasion, seek additional information or clarification with the TCSP
licensee of any matter on which the knowledge or suspicion is based.

54
 Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

7.20 In some cases, the TCSP licensee may also be served the orders below for compliance:

Type of Order Production Order Restraint Order Confiscation Order

Issuing Authority The Police The Court The Court

Purpose or effect  To order the TCSP  To freeze particular  To confiscate, upon

of the order licensee to provide funds or property of the conviction of a
all the information a person pending the defendant, the
or materials which outcome of an defendant’s criminal
fall within the scope investigation proceeds in the
of the order within event that the TCSP
the required time licensee holds funds
limit or other property
belonging to that
defendant

Remarks  If the TCSP licensee  The TCSP licensee  If the order applies
encounters difficulty must ensure that it is to only part of the
in complying with able to freeze the funds or property
the order within the relevant funds or involved within a
timeframe property that is the particular business
stipulated, the subject of the order relationship, the
MLRO of the TCSP TCSP licensee
licensee should at should consider
the earliest what, if any, funds
opportunity contact or property may be
the officer-in-charge utilised subject to
of the investigation the content of the
for further guidance order

55
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 8

FINANCIAL SANCTION AND TERRORIST FINANCING

Financial sanctions

8.1 The Chief Executive makes regulations under the United Nations Sanctions Ordinance,
Cap. 537 (“UNSO”) to implement sanctions, including targeted financial sanctions
against certain persons and entities designated by the Security Council of the United
Nations (“the Security Council”).

8.2 The Chief Executive may, by notice published in the Gazette, specify persons or
entities designated by the Security Council or its Sanctions Committees for the
purpose of financial sanctions, as “relevant persons” or “relevant entities”. It is an
offence for any person to make available any funds or other financial assets or
economic resources to or for the benefit of relevant persons or relevant entities; or to
deal with any funds, other financial assets or economic resources belonging to, owned
or controlled by, such persons or entities, except under the authority of a licence
granted by the Chief Executive. A TCSP licensee seeking such a licence should
write to the Commerce and Economic Development Bureau to apply for such a
licence. Offenders will be subject to a maximum sentence of 7 years’ imprisonment
and a fine.

8.3 The prohibitions imposed by the regulations made under the UNSO apply to all
persons including TCSP licensees. Lists of persons and entities subject to financial
sanctions under the UNSO are available on the website of the CR’s Trust and
Company Service Providers Licensing Regime (www.tcsp.cr.gov.hk).

56
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Sanctions imposed by other jurisdictions

TCSP licensees will not normally have any obligation under Hong Kong law to have
regard to the sanctions imposed by other authorities in other jurisdictions.
However, a TCSP licensee with international operations will need to be aware of
the sanctions regimes in those jurisdictions. Where these sanctions may affect
their operations, TCSP licensees should consider the implications on their
procedures, such as the monitoring of the parties concerned with a view to
ensuring that there are no payments to or from a person on a sanctions list issued
by an overseas jurisdiction.38

Terrorist Financing

8.4 According to the FATF’s definition, terrorist financing is the financing of terrorist acts,
and of terrorists and terrorist organisations. Section 7 of the UNATMO prohibits the
provision or collection of property for use to commit terrorist acts. Section 8 of the
UNATMO prohibits any person from making available or collecting/soliciting
property or financial (or related) services for terrorists and terrorist associates.

Background of the UNATMO

A. The United Nations Security Council Resolution (“UNSCR”) 1373 calls on all
member states to act to prevent and suppress the financing of terrorist
acts.

B. The United Nations has also published the names of individuals and
organisations subject to United Nations financial sanctions in relation to
involvement with Al-Qa’ida, ISIL (Da’esh) and the Taliban. All United
Nations member states are required to freeze the funds and other financial
assets or economic resources of any person(s) named in the lists and to
report any suspected name matches to the RAs. The obligation is
extended to the prohibition of making available such funds and other
financial assets or economic resources for the benefit of such persons.

38
Please see “Terrorist List in the Gazette” of the list of names of persons designated as terrorists or terrorist
associates published in gazette which is available at the website of JFIU (www.jfiu.gov.hk).
57
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

C. In Hong Kong, the UNATMO was enacted in 2002 and amended in 2004 and
2012 to implement UNSCR 1373, some terrorism-related multilateral
conventions, and certain recommendations of the FATF.

8.5 Where a person or property is designated by a Committee of the Security Council

established pursuant to the Resolutions 1267 (1999), 1989 (2011) and 2253 (2015)
and the Resolution 1988 (2011) as a terrorist / terrorist associate or terrorist property,
and the details are specified and published under section 4 of the UNATMO in the
Government Gazette, such specifications will also be available at the website of the
CR’s Trust and Company Service Providers Licensing Regime (www.tcsp.cr.gov.hk).

8.6 Section 5 of the UNATMO also provides that the Chief Executive may make an
application to the Court of First Instance for an order to specify a person the subject of
the application as a terrorist/terrorist associate or a property the subject of the
application as a terrorist property39. The Court will only make the order if it is
satisfied that the person or property the subject of the application is a terrorist/terrorist
associate or terrorist property.

8.7 According to section 6 of the UNATMO, the Secretary for Security (“S for S”) has the
power to freeze suspected terrorist property and may direct that a person shall not deal
with the frozen property except under the authority of a licence granted by S for S.
Contraventions are subject to a maximum penalty of 7 years’ imprisonment and a fine.

8.8 S for S can grant licence to enable the property mentioned at paragraph 8.7 above be
dealt with. A TCSP licensee seeking such a licence should write to the Security
Bureau.

39
According to section 2 of UNATMO, terrorist property means the property of a terrorist or a terrorist
associates, or any other property that is intended to be used or was used to finance or assist the
commission of terrorist acts.
58
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Section 8 of the UNATMO

Section 8 of the UNATMO prohibits a person from:

(a) making available, by any means, directly or indirectly, any property or

financial (or related) services to or for the benefit of a person knowing that,
or being reckless as to whether, such person is a terrorist or terrorist
associate, except under the authority of a licence granted by S for S; and
(b) collecting property or soliciting financial (or related) services, by any means,
directly or indirectly, for the benefit of a person knowing that, or being
reckless as to whether, such person is a terrorist or terrorist associate.

8.9 It is an offence under section 8 of the UNATMO for any person to make any property
or financial (or related) services available, by any means, directly or indirectly, to or
for the benefit of a terrorist or terrorist associate except under the authority of a
licence granted by S for S. It is also an offence for any person to collect property or
solicit financial (or related) services, by any means, directly or indirectly, for the
benefit of a terrorist or terrorist associate. Contraventions are subject to a maximum
sentence of 14 years’ imprisonment and a fine.

8.10 It is an offence under section 4 of the Weapons of Mass Destruction (Control of

Provision of Services) Ordinance, Cap. 526, for a person to provide any services
where he/she believes or suspects, on reasonable grounds, that those services may be
connected to weapon of mass destruction proliferation. The provision of services is
widely defined and includes the lending of money or other provision of financial
assistance.

8.11 TCSP licensees may also draw reference from different sources including relevant
designation by overseas authorities, such as the designations made by the US
Government under relevant Executive Orders.

8.12 All TCSP licensees will therefore need to ensure that they should have an appropriate
system to conduct name checks against the relevant list(s) for screening purposes and
that the list(s) is/are up-to-date.

59
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Database maintenance and screening (customers and payments)

8.13 TCSP licensees should take measures to ensure compliance with the relevant
regulations and legislation on terrorist financing. The legal obligations of TCSP
licensees and those of its staff should be well understood and adequate guidance and
training should be provided to the staff. TCSP licensees are required to establish
policies and procedures for combating terrorist financing. The systems and
mechanisms for identification of suspicious transactions should cover terrorist
financing as well as money laundering.

8.14 It is particularly vital that a TCSP licensee should be able to identify and report
transactions with terrorist suspects and designated parties. To this end, the TCSP
licensee should ensure that it maintains a database of names and particulars of terrorist
suspects and designated parties that consolidate the various lists that have been made
known to it. Alternatively, a TCSP licensee may make arrangements to access to such
a database maintained by a third party service provider.

Screening of Customer

A. TCSP licensees should ensure that the relevant designations are included
in their database. Such database should, in particular, include the lists
published in the Gazette and those designated under the US Executive
Order 13224. The database should also be subject to timely update
whenever there are changes, and should be made easily accessible by
staff for the purpose of identifying suspicious transactions.

B. Comprehensive ongoing screening of a TCSP licensee’s complete

customer base is a fundamental internal control to prevent terrorist
financing and sanction violations, and should be achieved by:
(a) screening customers against current lists of terrorist and
sanction designations at the establishment of the relationship;
and
(b) thereafter, as soon as practicable after the new lists of terrorist
and sanction designations are published, screening their entire
client base against the new lists.

60
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Screening of payment transactions

A. TCSP licensees need to have some means of screening payment

instructions to ensure that proposed payments to designated parties are
not made.

B. Enhanced checks should be conducted before establishing a business

relationship or processing a transaction, where possible, if there are
circumstances giving rise to suspicion.

8.15 In order to demonstrate compliance with the requirements for screening of customers
and payment instructions, the screening and any results should be documented, or
recorded electronically.

8.16 If a TCSP licensee suspects that a transaction is TF-related, it should make a

report to the JFIU. Even if there is no evidence of a direct terrorist connection, the
transaction should still be reported to the JFIU if it looks suspicious for other reasons,
as it may emerge subsequently that there is a terrorist link.

61
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 9

RECORD-KEEPING

The requirements40

9.1 Record-keeping is an essential part of the audit trail for the detection, investigation
and confiscation of criminal or terrorist property or funds. Record-keeping helps
investigating authorities to establish the financial profile of a suspect, trace the
criminal’s or terrorist’s property or funds and assists the court to examine all relevant
past transactions to assess whether the property or funds are the proceeds of or relate
to criminal offences or terrorist activities.

9.2 TCSP licensees should maintain all relevant records of customers, transactions,
etc. that are necessary and sufficient to meet the record-keeping requirements
under the AMLO, this Guideline and other relevant regulatory requirements.
This is to ensure that:

(a) the audit trail for funds moving through a TCSP licensee that relate to any
customer and, where appropriate, the beneficial owner of the customer, account
or transaction is clear and complete;
(b) any customer and, where appropriate, the beneficial owner of the customer can
be properly identified and verified;
(c) all customer/transaction records and information are available on a timely basis
to the CR, other authorities and auditors with appropriate authority; and
(d) TCSP licensees are able to comply with any relevant requirements specified in
other sections of this Guideline and other requirements imposed by the
Registrar, including, among others, records of customer risk assessment (see
paragraph 4.5 of this Guideline), records in relation to suspicious transaction
reports (see paragraphs 7.17 and 7.18 of this Guideline) and training records
(see paragraph 10.5 of this Guideline).

40
Please refer to sections 20 and 21 of Part 3 of Schedule 2 to the AMLO.
62
 Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

9.3 The record-keeping requirements in respect of each customer and each transaction are
illustrated in the following table:

Record-keeping requirements in respect of

each customer each transaction

For how Throughout the continuance of the At least 5 years after the completion of a
long should business relationship with the customer transaction regardless of whether the
records be and for a period of at least 5 years after business relationship ends during the
kept ? the end of the business relationship period

What The original or a copy of : The original or a copy of the documents,

records  the documents, and a record of the and a record of the data and information
should be data and information obtained in the obtained in connection with the
kept ? course of identifying and verifying transaction, including the following types
the identity of of information:
 the customer;  the identity of the parties to the
 beneficial owner of the transaction;
customer;  the nature and date of the transaction;
 the person who purports to act on  the type and amount of currency
behalf of the customer; and involved;
 other connected parties41 to the  the origin of the funds (if known);
customer.  the form in which the funds were
(Note: The information should include offered or withdrawn, e.g. cash,
the additional information obtained cheques, etc;
for the purposes of EDD or ongoing  the destination of the funds;
monitoring.)  the form of instruction and authority;
 the documents, and a record of the and
data and information, on the purpose  the type and identifying number of
and intended nature of the business any account involved in the
relationship; and transaction (where applicable).
 the files relating to the customer’s
business relationship and business
correspondence with the customer and
any beneficial owner of the customer.

41
For the purpose of this paragraph, “connected parties” to a customer include the beneficial owner and any
individual having the power to direct the activities of the customer (e.g. any director, shareholder,
beneficial owner, signatory, trustee, settlor, protector, or defined beneficiary of a legal arrangement).
63
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

9.4 If the record consists of a document, either the original of the document should be
retained or a copy of the document should be kept on microfilm or in the database of a
computer. If the record consists of data or information, such record should be kept
either on microfilm or in the database of a computer.

9.5 The Registrar may, by notice in writing to a TCSP licensee, require it to keep the
records relating to a specified transaction or customer for a specified period that is
longer than those referred to in paragraph 9.3 above, where the records are relevant to
an ongoing criminal or other investigation, or any other purposes as specified in the
notice.

64
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Chapter 10

STAFF TRAINING

10.1 Staff training is an important element of an effective system to prevent and

detect ML/TF activities. The effective implementation of even well-designed
AML/CTF systems can be compromised if staff using the systems is not adequately
trained.

TCSP licensees should implement a

Staff should be trained in what they
clear and well-articulated policy for
need to carry out in their particular
ensuring that relevant staff receives
roles with respect to AML/CTF
adequate AML/CTF training

Effective
implementation of
AML/CTF training

Training methods and assessment

should be determined by the TCSP The frequency of training should be
licensee according to the size and sufficient to maintain the AML/CTF
complexity of the business and the knowledge and competence of staff
type and level of ML/TF risk

10.2 Staff should be made aware of:

(a) the TCSP licensee’s statutory obligations and their own personal statutory
obligations and the possible consequences for failure to report suspicious
transactions under the DTROPO, the OSCO and the UNATMO;
(b) any other statutory and regulatory obligations that concern the TCSP licensee
and themselves under the AMLO, the DTROPO, the OSCO, the UNATMO
and the UNSO, and the possible consequences of breaches of these obligations;
(c) the TCSP licensee’s policies and procedures relating to AML/CTF, including
suspicious transaction identification and reporting; and
(d) any new and emerging techniques, methods and trends in ML/TF to the extent
that such information is needed by the staff to carry out their respective roles
with respect to AML/CTF.

65
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

10.3 Focused training for appropriate staff or groups of staff will enable TCSP licensees to
implement their AML/CTF systems effectively. The following diagram and tables
illustrate the areas of training which may be provided to appropriate staff or groups of
staff:

All new
staff

Front-line Back-
staff office staff
Staff
training

Managerial
MLRO
staff

All new staff (irrespective of seniority)

Areas to be covered in training should include, among others:

(a) an introduction to the background of ML/TF and the importance of
AML/CTF to the TCSP licensee; and
(b) the need and obligation to identify and report suspicious transactions to
the MLRO, and the offence of “tipping-off”.

66
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Front-line staff (i.e. staff dealing with customers directly)

Areas to be covered in training should include, among others:

(a) the importance of their roles in the TCSP licensee’s AML/CTF strategy
being the first point of contact with potential money launderers and
persons involved in terrorist financing;
(b) the TCSP licensee’s policies and procedures in relation to CDD and
record-keeping requirements relevant to their job responsibilities;
(c) guidance or tips for identifying unusual activities in different circumstances
that may give rise to suspicion; and
(d) the relevant policies and procedures for reporting unusual activities,
including the line of reporting and the circumstances where extra vigilance
might be required.

Back-office staff (i.e. staff not dealing with customers directly but involved
in the processing of customer information or customer transactions)

Areas to be covered in training should include, among others:

(a) appropriate training on customer verification and the relevant processing
procedures; and
(b) ways to recognise unusual activities including abnormal settlements,
payments or delivery instructions.

Managerial staff (including internal audit staff and CO)

Areas to be covered in training should include, among others:

(a) higher level training covering all aspects of Hong Kong’s AML/CTF regime;
(b) specific training in the AML/CTF requirements applicable to TCSP licensees;
and
(c) specific training in relation to their responsibilities for supervising or
managing staff, auditing the system and performing random checks as well
as the reporting of suspicious transactions to the JFIU.

67
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

MLRO

Areas to be covered in training should include, among others:

(a) specific training in relation to the MLRO’s responsibilities for assessing
suspicious transaction reports submitted to them and reporting of
suspicious transactions to the JFIU; and
(b) training to keep abreast of AML/CTF requirements/developments
generally.

10.4 Depending on the learning needs of their staff, TCSP licensees are encouraged to
consider using a mix of training techniques and tools in delivering training. These
techniques and tools may include on-line learning systems, focused classroom training,
relevant videos as well as procedural manuals. TCSP licensees may consider including
available FATF publications and typologies as part of the training materials. All
materials should be up-to-date and in line with current requirements and standards.

10.5 No matter which training approach is adopted, TCSP licensees should maintain staff’s
training records, including the date and type of training received by each staff.
Training records of staff should be maintained for a minimum of 3 years and be made
available to the CR on demand.

10.6 TCSP licensees should monitor the effectiveness of the training. This may be achieved
by:

(a) testing staff’s understanding of the TCSP licensee’s policies and procedures to
combat ML/TF, their understanding of relevant statutory and regulatory
obligations, and also their ability to identify suspicious transactions; and
(b) monitoring the compliance of staff with the TCSP licensee’s AML/CTF
systems as well as the quality and quantity of internal reports so that further
training needs may be identified and appropriate action can be taken.

68
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Appendix A

Identification and verification of customer who is an individual

1. Information of customer to be collected include:

(a) Full name;

(b) Date of birth;
(c) Nationality;
(d) Identity document type and number; and
(e) Residential address.

2. TCSP licensees should obtain the following documents for verification of the
information as stated in paragraphs (1)(a) to (d) above and retain a copy of the
documents for record keeping:

(a) Hong Kong residents:

 Hong Kong identity card for permanent residents;
 Birth certificate of a minor (i.e. a person who has not attained the age of
18 years) not in possession of a valid travel document or Hong Kong
identity card (the identity of the minor’s parent or guardian representing or
accompanying the minor should also be recorded and verified); or
 Travel document (a copy of the “biodata” page should be retained).

(b) Non-residents:
 A valid travel document;
 A relevant national identity card (issued by government) bearing the
person’s photograph;
 A valid national driving licence (issued by government) bearing the
person’s photograph; or
 Where customers do not have a travel document or a national identity card
or driving licence with a photograph, TCSP licensees may, exceptionally
and applying a risk-based approach, accept other documents as evidence of
identity. Wherever possible such documents should have a photograph of
the individual.

69
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Travel Documents

Travel document includes a passport or some other document which contains a

photograph of the holder establishing the identity and nationality, domicile or
place of permanent residence of the holder. The following documents constitute
travel documents for the purpose of identity verification:

 Permanent Resident Identity Card of Macau Special Administrative Region;

 Mainland Travel Permit for Taiwan Residents;
 Seaman’s Identity Document (issued under and in accordance with the
International Labour Organisation Convention/Seafarers Identity Document
Convention 1958);
 Taiwan Travel Permit for Mainland Residents;
 Permit for residents of Macau issued by Director of Immigration;
 Exit-entry Permit for Travelling to and from Hong Kong and Macau for Official
Purposes; and
 Exit-entry Permit for Travelling to and from Hong Kong and Macau.

3. The standard identification requirement is likely to be sufficient for most situations. If,
however, the customer, or the product or service, is assessed to present a higher ML/TF
risk because of the nature of the customer, his business, his location, or because of the
product features, etc., the TCSP licensee should consider whether it should require
additional identity information to be provided, and/or whether to verify additional
aspects of identity.

70
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Appendix B

Identification and verification of customer which is a corporation

1. Information of customer to be collected include:

(a) Full name of the corporation;

(b) Date and place of incorporation;
(c) Registration or incorporation number; and
(d) Address of registered office in the place of incorporation and business address
(where applicable) (post office box address is not acceptable).

2. The above-mentioned information should be obtained as a standard requirement. On the

basis of the ML/TF risk, a TCSP licensee should decide whether further verification of
identity is required and if so the extent of that further verification. The TCSP licensee
should also decide whether additional information in respect of the corporation, its
operation and the individuals behind it should be obtained.

3. TCSP licensees should obtain the following documents for verification of the
information as stated in paragraphs 1(a) to (c) above and retain a copy of the documents
for record keeping:

(a) a copy of the certificate of incorporation and a copy of the business registration
certificate (where applicable);
(b) a copy of the company’s articles of association which evidence the powers that
regulate and bind the company;
(c) details of the ownership and control structure of the company, e.g. an ownership
chart; and
(d) a list showing all directors of the corporation.

4. TCSP licensees should:

(a) confirm that the corporation is still registered and has not been dissolved, wound
up, suspended or struck off; and
(b) independently identify and verify the names of the directors and shareholders
recorded in the companies registry in the place of incorporation.

71
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5. For a corporation incorporated in Hong Kong, i.e. a company incorporated under the
Companies Ordinance (Cap. 622), the information of the company can be verified
against the information in the Companies Register maintained by the CR, by obtaining,
for example, a company particulars report and image records of documents showing the
shareholders of the company.

6. For a corporation incorporated outside Hong Kong, the information of the corporation
can be verified against:

(a) a similar company search enquiry of the registry in the place of incorporation
and obtain a company particulars report;
(b) a certificate of incumbency or equivalent issued by the RA in the place of
incorporation; or
(c) a similar or comparable document to a company search report or a certificate of
incumbency certified by a professional third party in the relevant jurisdiction
verifying that the information stated in paragraph 4 above, which is contained in
the said document, is correct and accurate.

7. A TCSP licensee should identify and record the identity of all beneficial owners and
take reasonable measures to verify the identity of the beneficial owners. For
companies with multiple layers in their ownership structures, a TCSP licensee should
ensure that it has an understanding of the ownership and control structure of the
company. The intermediate layers of the company should be fully identified. The
manner in which this information is collected should be determined by the TCSP
licensee, for example by obtaining a director’s declaration incorporating or annexing an
ownership chart describing the intermediate layers (the information to be included
should be determined on a risk sensitive basis but at a minimum should include
company name and place of incorporation, and where applicable, the rationale behind
the particular structure employed). The objective should always be to follow the chain
of ownership to the individuals who are the ultimate beneficial owners of the direct
customer of the TCSP licensee and verify the identity of those individuals.

72
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Definition of “beneficial owner” in relation to a corporation

Section 1 of Part 1 of Schedule 2 to the AMLO defines a beneficial owner in relation

to a corporation as:

(a) an individual who –

(i) owns or controls, directly or indirectly, including through a trust or
bearer share holding, more than 25% of the issued share capital of
the corporation;
(ii) is, directly or indirectly, entitled to exercise or control the exercise of
more than 25% of the voting rights at general meetings of the
corporation; or
(iii) exercises ultimate control over the management of the corporation;
or
(b) if the corporation is acting on behalf of another person, means the other
person.

8. TCSP licensees need not, as a matter of routine, verify the details of the intermediate
companies in the ownership structure of a company. Complex ownership structures (e.g.
structures involving multiple layers, different jurisdictions, trusts, etc.) without an
obvious commercial purpose pose an increased risk and may require further steps to be
taken so that the TCSP licensee is satisfied on reasonable grounds as to the identity of
the beneficial owners.

9. The need to verify the intermediate corporate layers of the ownership structure of a
company will therefore depend upon the TCSP licensee’s overall understanding of the
structure, its assessment of the risks and whether the information available is adequate
in the circumstances for the TCSP licensee to consider if it has taken adequate measures
to identify the beneficial owners.

10. Where the ownership is dispersed, the TCSP licensee should concentrate on identifying
and taking reasonable measures to verify the identity of those who exercise ultimate
control over the management of the company.

73
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Appendix C

Identification and verification of customer which is a partnership

or an unincorporated body

1. Partnerships and unincorporated bodies, although principally operated by individuals or

groups of individuals, are different from individuals in that there is an underlying
business. That business is likely to have a different ML/TF risk profile from that of an
individual.

2. Information of customer to be collected include:

(a) Full name of the partnership or the unincorporated body;

(b) The names of all partners of the partnership or all members of the
unincorporated body and the beneficial owners or office bearers of the
partnership or the unincorporated body; and
(c) The business address (post office box address is not acceptable).

3. The TCSP licensee’s obligation is to verify the information as stated in paragraphs 2(a)
and (b) above using evidence obtained from a reliable and independent source. Where
partnerships or unincorporated bodies are well-known or reputable organisations, with
long histories in their industries, and with substantial public information about them,
their partners and controllers, confirmation of the customer’s membership of a relevant
professional or trade association is likely to be sufficient to provide such reliable and
independent evidence of the identity of the customer. This does not remove the need to
take reasonable measures to verify the identity of the beneficial owners of the
partnerships or unincorporated bodies.

4. Most partnerships and unincorporated bodies have a lower profile, and generally
comprise a much smaller number of partners and controllers. In verifying the identity of
such customers, TCSP licensees should primarily have regard to the number of partners
and controllers. Where these are relatively few, the customer should be treated as a
collection of individuals. Where the number is larger, the TCSP licensee should decide
whether it should continue to regard the customer as a collection of individuals, or
whether it can be satisfied with evidence of membership of a relevant professional or
trade association. In either case, TCSP licensees should obtain the partnership deed (or
other evidence in the case of other unincorporated bodies), to satisfy themselves that the
partnership or unincorporated body exists, unless an appropriate national register is
available for public inspection.

74
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

5. In the case of associations, clubs, societies, charities, religious bodies, institutes, mutual
and friendly societies, co-operative and provident societies, a TCSP licensee should
satisfy itself as to the legitimate purpose of the organisation, e.g. by inspecting its
constitution.

Definition of “beneficial owner” in relation to a partnership

Section 1 of Part 1 Schedule 2 to the AMLO defines a beneficial owner in relation to

a partnership as:

(a) an individual who

(i) is entitled to or controls, directly or indirectly, more than a 25% share
of the capital or profits of the partnership;
(ii) is, directly or indirectly, entitled to exercise or control the exercise of
more than 25% of the voting rights in the partnership; or
(iii) exercises ultimate control over the management of the partnership;
or
(b) if the partnership is acting on behalf of another person, means the other
person.

Definition of “beneficial owner” in relation to an unincorporated body

Under section 1 of Part 1 of Schedule 2 to the AMLO, the beneficial owner in

relation to an unincorporated body is defined as:

(a) an individual who ultimately owns or controls the unincorporated body; or

(b) if the unincorporated body is acting on behalf of another person, means the
other person.

75
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Appendix D

Identification and verification of customer which is a trust

1. A trust does not possess a separate legal personality. It cannot form business
relationships or carry out transactions itself. It is the trustee who enters into a business
relationship or carries out transactions on behalf of the trust and who is considered to be
the customer (i.e. the trustee is acting on behalf of a third party – the trust and the
individuals concerned with the trust).

2. Information of customer to be collected include:

(a) the name of the trust, if any;

(b) date of establishment/settlement;
(c) the jurisdiction whose laws govern the arrangement, as set out in the trust
instrument;
(d) the identification number (if any) granted by any applicable official bodies (e.g.
tax identification number or registered charity or non-profit organisation
number);
(e) identification information of trustee(s) – in line with the verification of the
identity for individuals or corporations (please refer to Appendix A or B of this
Guideline);
(f) identification information of settlor(s) and any protector(s) or enforcers in
verification of the identity for individuals or corporations (please refer to
Appendix A or B of this Guideline); and
(g) identification information of known beneficiaries (in line with the verification of
the identity for individuals (please refer to Appendix A of this Guideline)).
Known beneficiaries mean those persons or that class of persons who can, from
the terms of the trust instrument, be identified as having a reasonable expectation
of benefiting from the trust capital or income.

3. TCSP licensees must verify the name and date of establishment of a trust and should
obtain appropriate evidence to verify the existence, legal form and parties to it, i.e.
trustee, settlor, protector, beneficiary, etc. The beneficiaries should be identified as far as
possible where defined. If the beneficiaries are yet to be determined, the TCSP licensee
should concentrate on the identification of the settlor and/or the class of persons in
whose interest the trust is set up. The most direct method of satisfying this requirement
is to review the appropriate parts of the trust deed.

76
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Definition of “beneficial owner” in relation to a trust

Section 1 of Part 1 of Schedule 2 to the AMLO defines a beneficial owner in relation

to a trust as:

(a) an individual who is entitled to a vested interest in more than 25% of the
capital of the trust property, whether the interest is in possession or in
remainder or reversion and whether it is defeasible or not;
(b) the settlor of the trust;
(c) a protector or enforcer of the trust; or
(d) an individual who has ultimate control over the trust.

4. Reasonable measures to verify the existence, legal form and parties to a trust, having
regard to the ML/TF risks, may include:

(a) reviewing and retaining a copy of the trust instrument;

(b) by reference to an appropriate register in the relevant country of establishment;
(c) a written confirmation from a trustee acting in a professional capacity42; or
(d) a written confirmation from a lawyer who has reviewed the relevant instrument.

5. For the avoidance of doubt, reasonable measures are still required to be taken to verify
the actual identity of the individual parties (i.e. trustee, settlor, protector, beneficiary,
etc.).

6. Where only a class of beneficiaries is available for identification, the TCSP licensee
should ascertain and name the scope of the class (e.g. children of a named individual).

42
“A trustee acting in a professional capacity” means a trustee who acts in the course of a profession or
business which consists of or includes the provision of services in connection with the administration or
management of a trust (or a particular aspect of the administration or management of a trust).
77
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

GLOSSARY OF KEY TERMS AND ABBREVIATIONS

Terms / abbreviations Meaning

AMLO Anti-Money Laundering and Counter-Terrorist Financing
Ordinance, Cap. 615
AML/CTF Anti-money laundering and counter-terrorist financing
AML/CTF systems The policies, procedures and controls developed and
implemented by a TCSP licensee for AML/CTF purposes.
CDD Customer due diligence
CO Compliance officer
CR The Companies Registry
DTROPO Drug Trafficking (Recovery of Proceeds) Ordinance, Cap. 405
EDD Enhanced customer due diligence
FATF Financial Action Task Force
Individual Individual means a natural person, other than a deceased natural
person.
IO Insurance Ordinance, Cap. 41
JFIU Joint Financial Intelligence Unit
MLRO Money laundering reporting officer
ML/TF Money laundering and/or terrorist financing
OSCO Organized and Serious Crimes Ordinance, Cap. 455
PEP(s) Politically exposed person(s)
RA(s) Relevant authority (authorities)
Registrar Registrar of Companies
SDD Simplified customer due diligence
Senior management For a corporation, senior management means directors (or board)
and senior managers (or equivalent) of the corporation, who are
responsible, either individually or collectively, for management
and supervision of the corporation’s business. This may include a
company's Chief Executive Officer, Managing Director, or other
senior operating management personnel (as the case may be).

78
Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers

Terms / abbreviations Meaning

STR(s) Suspicious transaction report(s), also referred to as reports or
disclosures.
TCSP licensee Holder of a valid licence granted by the Registrar for carrying on
a trust or company service business in Hong Kong.
Trust For the purposes of this Guideline, a trust means an express trust
or any similar arrangement for which a legal-binding document
(i.e. a trust deed or any other document) is in place.
UNATMO United Nations (Anti-Terrorism Measures) Ordinance, Cap. 575
UNSO United Nations Sanctions Ordinance, Cap. 537

79