---

The Trust or Company Service Providers (TCSP) licensing regime in Hong Kong is governed by the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO). As of 2023, approximately 1,200 licensed TCSPs in Hong Kong must follow stringent guidelines to combat money laundering (ML) and terrorist financing (TF). Hong Kong TCSP compliance is crucial as regulatory authorities continue to strengthen the legal framework and impose penalties on non-compliant firms.

As Hong Kong strengthens its regulatory landscape to combat money laundering (ML) and terrorist financing (TF), it is crucial for TCSPs to fully comprehend the obligations and regulatory requirements necessary to operate within compliance.

This guide provides an overview of the key elements outlined in the June 2023 Guidelines on Compliance with AML and CTF Requirements for TCSPs, offering insights into what businesses need to do to maintain Hong Kong TCSP compliance.

Key Takeaways

• What is AML and CTF Compliance? AML/CTF regulations aim to prevent illegal activities such as money laundering and terrorist financing. TCSP licensees must implement thorough systems and controls to mitigate these risks.
  
• Who must comply? All TCSP licensees operating in Hong Kong must follow the AML/CTF guidelines and maintain systems that mitigate risks associated with ML and TF.
• Risk-based approach: TCSP licensees must identify, assess, and manage risks based on their client base and business activities.
• Customer Due Diligence (CDD): TCSP licensees must apply CDD measures to identify clients and assess risk, particularly in high-risk scenarios such as dealing with politically exposed persons (PEPs).

---

What is AML and CTF Compliance for TCSPs?

AML/CTF requirements for TCSPs aim to protect businesses from individuals or groups attempting to launder money or finance terrorism. The Registrar of Companies is the regulatory body responsible for ensuring that TCSPs implement systems and controls to comply with Hong Kong’s Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) requirements.

As a licensed TCSP, your responsibilities include:

• Assessing money laundering and terrorist financing risks.
• Implementing a risk-based approach to identify and manage high-risk customers and transactions.
• Maintaining a robust system to ensure compliance with customer due diligence (CDD), record-keeping, and reporting suspicious transactions to the Joint Financial Intelligence Unit (JFIU).

AML and CTF Obligations of TCSPs

According to the guideline, TCSP licensees are expected to:

1. Assess Risk: TCSPs must assess ML/TF risks across their business by identifying potential threats and vulnerabilities associated with their services, products, and customer types.
2. Apply CDD Measures: This involves identifying and verifying the identities of clients and beneficial owners, understanding the purpose of business relationships, and monitoring ongoing customer activities.
3. Ongoing Monitoring: TCSPs must continuously monitor business relationships, looking for red flags and unusual activity that may indicate ML/TF risks​.

Recent Fines Imposed on Non-Compliant TCSPs in Hong Kong

The Hong Kong regulatory authorities have imposed significant penalties on TCSPs that failed to meet AML/CTF obligations. Below are examples from recent years:

In recent years, Hong Kong has enforced strict Hong Kong TCSP compliance measures for Trust or Company Service Providers (TCSPs) under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO). A recent case highlights these actions, where IKUMA Business Services Limited (License No: TC000442) faced penalties for multiple violations.

The Registrar of Companies identified that IKUMA had failed to establish adequate anti-money laundering and counter-terrorist financing policies, a core requirement to operate within Hong Kong’s regulatory framework. Despite AMLO’s mandate for clear policy documentation, IKUMA lacked essential policy statements and written procedures, a violation that indicated serious oversight in maintaining the necessary safeguards.

Moreover, the company neglected essential Hong Kong TCSP compliance procedures outlined in Section 19(3) of Schedule 2 of AMLO. These procedures ensure that TCSPs fulfill key anti-money laundering and counter-terrorism obligations, including client due diligence and ongoing monitoring. The absence of these controls further exposed the company to risks associated with illicit financial activity.

Additionally, IKUMA fell short of the requirements in Section 23 of Schedule 2, failing to put in place adequate safeguards to prevent potential money laundering or terrorism financing risks. As a result, the Registrar issued a public reprimand and imposed a pecuni.

Assessing Risk: A Risk-Based Approach

A key component of AML/CTF compliance is adopting a risk-based approach. This means that TCSPs must assess the level of risk posed by different customers and tailor their customer due diligence (CDD) measures accordingly. Higher-risk clients, such as politically exposed persons (PEPs) or clients operating in high-risk jurisdictions, require more stringent due diligence​.

Factors Affecting Risk

When assessing risks, TCSPs should consider:

• Geographical Risk: Clients from jurisdictions with a high risk of corruption, ML, or TF (e.g., countries identified by FATF as having strategic deficiencies).
• Customer Risk: This includes clients engaged in unusual transactions, businesses with complex ownership structures, or cash-intensive operations.
• Product/Service Risk: Certain services, such as those involving shell companies or nominee shareholders, present higher risks due to the potential for obscured ownership​.

Customer Due Diligence (CDD)

The CDD process is crucial for preventing ML and TF. TCSPs must gather relevant information to form a reasonable belief about their client’s identity, the nature of their business, and the expected level of transactional activity.

Basic CDD Requirements

At a minimum, TCSPs are required to:

• Identify and verify the client’s identity using reliable and independent sources.
• Identify the beneficial owner and take reasonable measures to verify their identity.
• Understand the purpose and intended nature of the business relationship.
• Monitor client transactions on an ongoing basis​.

Enhanced Due Diligence (EDD) for High-Risk Clients

For high-risk customers, such as PEPs, TCSPs must implement enhanced due diligence (EDD) measures. These measures include obtaining approval from senior management before onboarding high-risk clients, understanding the source of their wealth, and closely monitoring their ongoing activities​.

TCSP Licensees: Compliance with Financial Sanctions and Counter-Terrorist Financing Obligations

Reporting Suspicious Transactions

TCSPs have a legal obligation to report suspicious transactions to the Joint Financial Intelligence Unit (JFIU). Any activities or transactions that appear unusual or inconsistent with the client’s normal business practices should be reviewed and, if necessary, reported.

Record-Keeping

All documentation and records related to CDD, transaction monitoring, and reporting must be kept for at least five years. This ensures that the necessary data is available for regulatory audits and investigations​.

Common Challenges in AML/CTF Compliance

TCSPs often face challenges in balancing regulatory requirements with operational efficiency. These challenges include:

• Identifying beneficial owners: Complex ownership structures can make it difficult to identify the true beneficial owner of a company.
• Keeping up with changing regulations: AML/CTF regulations are constantly evolving, and TCSPs must ensure their systems and policies remain compliant.
• Ensuring staff training: It’s essential that all employees involved in compliance are properly trained on AML/CTF requirements and procedures.

How PayCompliance Can Help

Navigating the complexities of AML/CTF regulations can be challenging for TCSPs. At PayCompliance, we provide specialized services to help businesses ensure full compliance with Hong Kong’s regulatory requirements. Our team of experts offers:

• Comprehensive Risk Assessment: We assess the specific ML/TF risks associated with your business and help implement a risk-based approach tailored to your needs.
• Customer Due Diligence (CDD) Support: We help you establish effective CDD processes, ensuring that all necessary checks are in place to mitigate risk.
• Staff Training: Our training programs equip your team with the knowledge and skills required to meet AML/CTF compliance standards.

Contact PayCompliance today to learn more about how we can assist your business in maintaining AML/CTF compliance in Hong Kong.