Hong Kong’s new anti-money laundering regulations have taken effect. Here are the key compliance points:

New anti-money laundering regulations have taken effect in Hong Kong. Here are the main compliance points:

On May 23, 2023, the Securities and Futures Commission (SFC) of Hong Kong released a consultation summary regarding proposed regulatory requirements for virtual asset trading platform operators licensed by the SFC. Looking at the regulatory system of virtual asset trading, the regulatory framework in Hong Kong was not established overnight. Since 2017, the SFC has been regulating fundraising through initial coin offerings (ICOs) based on financial asset recognition. In 2018, it refined rules for virtual asset investment providers, and in 2019 it brought virtual asset trading platforms that offer security-type tokens under its regulatory system. It is believed that when retail investors are allowed to invest in Hong Kong in 2023, refining the regulation of anti-money laundering for virtual asset trading platforms will help improve market transparency in Hong Kong and promote the long-term development of virtual asset trading.

The three stages of money laundering

First, the possible uses of virtual asset businesses in the money laundering process

• Origin and Development of ZKP: From the 1980s to Present
• 【Exclusive from ChainDD】Analysis of 525-page EU Regulatory Regulations: Step-by-Step Guide to Writing White Papers, Only 3 Types of Cryptocurrencies Approved
• Comprehensive analysis of the .sats domain

In general, virtual asset transactions are conducted anonymously or with a strengthened anonymity function. However, due to the nature of virtual assets as borderless and nearly instantaneous transactions, criminals or money launderers may use them. Virtual assets can be laundered through strengthened anonymous services (such as mixers or tumbler) and other mechanisms or technologies with strengthened anonymity functions (such as virtual assets or privacy coins, privacy wallets, etc.) to make the identities of the remitter, recipient, and actual owner of virtual assets blurry.

Given the pseudonymous nature and transaction speed of virtual assets, criminals and designated persons may conduct large or structured virtual asset transactions through multiple wallets, easily making the flow of funds blurred and making clues more complex, thus hiding the source and destination of their virtual assets to avoid detection of their money laundering/terrorist financing or other illegal activities.

In addition, since virtual asset transactions can be carried out in a peer-to-peer manner, if there is no intermediary to conduct customer due diligence and transaction supervision and other measures to combat money laundering/terrorist financing, such transactions will also be utilized by criminals.

Therefore, customer due diligence is an important measure to prevent, combat and terminate money laundering/terrorist financing. The following will focus on what is customer due diligence, what circumstances will trigger customer due diligence, and the extra due diligence required for cross-border agents.

二、Customer Due Diligence

Given the high anonymity of virtual asset transactions, identifying and verifying customer identities is the top priority of customer due diligence.

For natural person customers, financial institutions should obtain at least the following information to identify customer identity:

(a) full name;

(b) date of birth;

(c) nationality; and

(d) unique identification number (such as ID card number or passport number) and document type.

For corporate customers, financial institutions should verify their name, legal form, existence at the time of verification, and the power to regulate and restrict the company, including the following information:

(a) full name;

(b) date of registration, establishment or registration;

(c) place of registration, establishment or registration (including the address of the registration office);

(d) unique identification number (such as registration number or business registration number) and document type; and

(e) the main business location (if different from the address of the registration office).

If the customer is a club, association, charity organization, religious organization, school, friendly mutual aid association, etc., the legitimate purpose of the organization must be believed by the financial institution.

The SFC has further stipulated additional customer information, which allows financial institutions to identify and manage their business relationship with customers and/or the way their customers conduct virtual asset transactions:

(a) Internet Protocol (IP) address with relevant timestamp;

(b) geographic location data; and

(c) device identifier.

Three, When Is Customer Due Diligence Required

The “Anti-Money Laundering Guidelines” article 4.1.9 lists the general situations in which financial institutions must perform customer due diligence:

(a) Prior to establishing business relations with the customer;

(b) Before executing the following occasional transactions, and the transaction:

(i) involves an amount equivalent to HKD120,000 or more (or its equivalent in any other currency),

(ii) involves an amount equivalent to HKD8,000 or more (or its equivalent in any other currency) and is made by telegraphic transfer

whether the transaction is executed in a single transaction or in several transactions that appear to be linked;

(c) When the financial institution suspects that the customer or the customer’s account is involved in money laundering/terrorist financing activities; or

(d) When the financial institution suspects that the information obtained in the past to identify the customer’s identity or verify the customer’s identity is true or sufficient.

Occasional transactions refer to transactions between a financial institution and a customer who has no business relationship with the institution. However, licensed virtual asset trading platforms should not conduct such transactions (4.1.11).

As for virtual assets, occasional transactions may also include virtual asset transfers and virtual asset exchanges. Therefore, 4.1.9(b) should cover virtual asset transfers and virtual asset exchanges. However, before a non-occasional transaction involving virtual assets transfer of not less than HKD8,000, SFC requires financial institutions to conduct customer due diligence on the customer in accordance with paragraph 12.3, whether the transaction is executed in a single transaction or in several transactions that appear to be linked.

IV. Cross-border agency: Additional due diligence, ongoing monitoring, and shell virtual asset service providers

Cross-border agency relationship specifically refers to a financial institution (“agency”) providing services to another virtual asset service provider or financial institution (“agent”) located outside Hong Kong in the process of providing virtual asset services, and the transactions executed in this business relationship are initiated by the agent as a principal or agent. For example, a financial institution in Hong Kong (as an agency) executing transactions to buy or sell virtual assets for a virtual asset service provider operating outside Hong Kong and as an agent for its local customers will constitute a cross-border agency.

Note: Virtual asset services here include (1) offers to buy or sell virtual assets or (2) frequent introduction or identification between people in order to negotiate or complete the purchase and sale of virtual assets, forming a binding transaction in this way.

Given the high anonymity and immediacy of virtual asset transactions, cross-border agency or brokerage may lead to risks such as identification of transaction authenticity, money laundering, and capital flight. Therefore, the SFC has imposed additional due diligence measures to manage and control these risks: financial institutions should understand whether the agency has engaged in transactions involving the provision of higher anonymity virtual assets, and to what extent the agency has carried out such activities or transactions for its non-resident clients. In addition, financial institutions need to conduct interviews with compliance officers, conduct on-site visits or review the results of internal or external auditor reports to assess in depth the anti-money laundering/counter-terrorism financing measures implemented for virtual asset transfers, whether the screening of virtual asset transactions and related wallet addresses is sufficient and effective.

Moreover, in cross-border transactions, financial institutions will also continue to monitor virtual asset transactions and related wallet addresses.

As for shell virtual asset service providers, that is:

(a) incorporated as a legal entity outside Hong Kong;

(b) approved to operate virtual asset business in that place;

(c) there is no physical presence in that place; and

(d) not a connected person of a regulated financial group subject to effective supervision throughout the group.

It is explicitly prohibited from establishing or implementing cross-border agency, and financial institutions are also prohibited from establishing cross-border agency relationships with it.

In conclusion

In recent years, as the scale of virtual asset business worldwide has continued to expand, the use of virtual assets to conceal and launder criminal proceeds has also increased, and the FATF has issued anti-money laundering alerts to countries/regions worldwide and provided corresponding anti-money laundering regulatory recommendations. The newly revised Anti-Money Laundering and Counter-Terrorist Financing Ordinance in Hong Kong also specifically regulates the anti-money laundering compliance issues of virtual assets in detail. The Ordinance will come into effect on June 1 this year. The SAF team reminds all old friends who engage in relevant business in Hong Kong, especially those involving cross-border virtual asset trading business, to attach great importance to anti-money laundering compliance construction, fulfill their due diligence review, continuous monitoring and other obligations to avoid legal risks.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!