HONG KONG MONETARY AUTHORITYHONG KONG MONETARY AUTHORITY

Common Deficiencies Identified in Common Deficiencies Identified in Tier 2 AML ExaminationsTier 2 AML Examinations

12 May 200912 May 2009

2

• Failure to verify nationality of non-permanent HKID holders

• Acceptance of expired passports

• Failure to record the identity of 3rd parties making large cash deposits

• Address proof : failure to obtain or acceptance of out of date documents

• Inadequate follow-up on outstanding CDD documentation

• 3rd party payments from accounts with outstanding CDD

General CDDGeneral CDD

3

• No periodic review of CDD of lower risk accounts in absence of trigger event

• Incoming cross border remittance transactions containing incomplete originator information – inadequate monitoring

• No periodic re-screening of client list against SFC Alert List

• Intermediaries - no assessment of the ‘fit and proper’ standing

General CDDGeneral CDD

4

• Failure to identify beneficial owner

• Failure to obtain up to date company search documents (incorporated in jurisdiction with public registries) & COI (from regulated parties in non-public registry jurisdictions)

• Bearer shares - failure to immobilize or obtain annual declarations from shareholders

Corporate CustomersCorporate Customers

5

• Failure to properly identify and screen connected parties (i.e. directors, principal shareholders, signatories)

• Details of connected parties are not included in AI’s core banking system - resulting in no periodic re-screening against Terrorist/Sanction/PEP lists

Corporate CustomersCorporate Customers

6

• Excluding known close associates & family members from PEP definition

• No regular review of identified PEP accounts

• No periodic re-screening of client lists to identify clients whose status may have changed

• Failure to screen connected parties to corporate customer

PEPsPEPs

7

• No review of the risks associated with reported accounts

• Undue reliance on “consent” and the former “Low Risk Classification”

• STR provides statutory defense to ML – does not address the legal, reputational, regulatory risks associated with accounts’ continued operation

Suspicious Transaction ReportingSuspicious Transaction Reporting

8

• Exchange of Swift Keys ‘deemed’ establishment of correspondent activity

• Failure to obtain sufficient information to assess the adequacy and effectiveness of the respondent's AML controls and risk.

• AI must satisfy itself respondent – subject to appropriate regulatory oversight

– does not maintain relations with shell banks

– payable through accounts (special measures required).

Correspondent BankingCorrespondent Banking

9

• Account booked offshore but managed in HK – ‘deemed’ shared relationship

• CDD conducted to standard required by HKMA (minimum)

• HKMA access to CDD/transaction information upon request

Private BankingPrivate Banking

10

Questions