The Securities and Futures Commission (the “SFC”) in Hong Kong is in the process of introducing a comprehensive framework to regulate virtual assets (including cryptocurrency, crypto-asset, digital token, etc.) related activities. In December 2022, the Anti-Money Laundering and Counter-Terrorist Financing (Amendment) Bill 2022 was passed by the Legislative Council to introduce, among other things, a licensing regime for virtual asset service providers.

Under the new licensing regime to take effect on 1 June 2023, all centralised virtual asset trading platforms (the “VATPs“) carrying on business in Hong Kong or actively marketing to Hong Kong investors will need to be licensed by the SFC. VATPs must satisfy the fit and proper test and comply with the anti-money laundering and counter-terrorist financing (AML/CTF) requirements, as well as other regulatory requirements on investor protection. On 20 February 2023, the SFC launched the anticipated consultation on the proposed detailed regulatory requirements for operators of virtual asset trading platforms.

It is proposed that licensed VATPs shall comply with, among other things, the Guidelines for Virtual Asset Trading Platform Operators (the “VATP Guidelines“), which are based on the existing regulatory requirements applicable to SFO-licensed platform operators, and particularly, the Terms and Conditions for VA Trading Platform Operators (the “VATP T&C“), including safe custody of assets, know-your-client, AML/CFT, conflicts of interest, admission of virtual assets for trading, prevention of market manipulation, accounting and auditing and risk management.

In the consultation, the SFC is seeking the public’s views on certain regulatory requirements, which are additions or variations to the existing requirements in the VATP T&C, including but not limiting to:-

(a) whether to allow licensed VATPs to serve retail investors, and if so, what investor protection measures are required;

(b) proposed requirements for insurance / compensation arrangement; and

(c) trading in virtual asset derivatives.

With the understanding that platform operators currently licensed under the Securities and Futures Ordinance may need time to revise their systems and controls to meet some of the new requirements under the proposed VATP Guidelines, the SFC has proposed to provide a 12-month transitional period to VATPs which are pre-existing (i.e. in operation in Hong Kong prior to 1 June 2023 with meaningful and substantial presence).

Interested parties are encouraged to submit their comments on the proposal under consultation on or before 31 March 2023.

The Companies (Amendment) Ordinance 2023 (“Amendment Ordinance“) was gazetted on 27 January 2023 and will come into operation on 28 April 2023.

Background

The manner in which a Hong Kong incorporated company holds its general meeting is governed by the provisions of the Companies Ordinance (Cap. 622 of the Laws of Hong Kong) (“CO“) and the company’s own articles of association (“articles“).

Under the current provisions of the CO, a general meeting can be held at two or more places using technology that enables the members of the company who are not together at the same place to listen, speak and vote at the meeting, but there is no clear reference as to whether a company can hold fully virtual general meetings. In particular, because the current provisions of the CO refer to a place or places for holding general meetings, it seems to suggest that there must be a physical venue for general meetings.

In view of the advancement of technology in electronic communication, the Amendment Ordinance seeks to modernise the CO (and the model articles prescribed in Schedules 1 to 3 to the Companies (Model Articles) Notice (Cap. 622H of the Laws of Hong Kong)) to expressly cater for the scenario of companies holding fully virtual general meetings as well as hybrid general meetings.

Major elements of the Amendment Ordinance

Major elements of the Amendment Ordinance include:

1. introducing a new definition of “virtual meeting technology” which means a technology that allows a person to listen, speak and vote at a meeting without being physically present at the meeting;
2. providing that notice of a general meeting given to members or published on a website must specify, among other things, the physical venue of the meeting, or the virtual meeting technology to be used for holding the meeting, or both;
3. providing that notice of a general meeting may specify the virtual meeting technology to be used for holding the meeting unless the company’s articles expressly preclude the holding of a general meeting by using virtual meeting technology or require a general meeting to be held only at a physical venue;
4. setting out the mode of holding a general meeting;
5. clarifying that when a general meeting of a company is held at two or more physical venues, regardless of whether virtual meeting technology is also used for holding the meeting, the company must use any technology that allows the members of the company who are not together at the same physical venue to listen, speak and vote at the meeting; and
6. providing that a person who attends a general meeting by using the virtual meeting technology specified in the notice of the meeting is to be regarded as being present.

Other key points

Even if a company’s existing articles refer to a place or places for conducting a general meeting or require the notice of general meeting to specify the physical venue of the meeting, it is not necessary for the company to amend its articles in order to enjoy the flexibility of holding fully virtual general meetings or hybrid general meetings as introduced by the Amendment Ordinance, unless the company’s articles expressly preclude the holding of a general meeting by using virtual meeting technology, or require a general meeting to be held only at a physical venue.

Companies are advised to review their articles to see if any of the above express restrictions exist.

The Amendment Ordinance does not remove the option of holding physical general meetings.  Companies should choose the most appropriate mode of meeting for its members based on the circumstances of the company and its members.  The ultimately aim is to promote engagement with members and encourage their participation at meetings.

For more information, please refer to the Amendment Ordinance, and the “Guidance Note – Good Practice on Holding Virtual or Hybrid General Meetings” and list of frequently asked questions published by the Companies Registry.

On 20 January 2023, the Stock Exchange of Hong Kong Limited (the “Exchange“) published a report on its annual review of issuers’ annual reports for the 2021 financial year. The Exchange adopted a thematic approach and identified specific areas of review. Whilst noting that issuers continued to achieve a high rate of compliance with annual report disclosure requirements under the Listing Rules, the Exchange identified several areas of improvements and made recommendations to issuers.

Financial reporting and related controls

• Asset valuation remained a major issue in financial reporting. Some issuers were overly optimistic and failed to apply proper assumptions in valuing their assets. Directors are recommended to critically assess management’s accounting estimates and challenge the reasonableness of the assumptions adopted by the management.
• Some issuers failed to maintain proper controls on documentation and record keeping and were unable to provide objective evidence to substantiate the reported values of their assets. Directors are recommended to establish and maintain proper risk management and internal controls, and deploy adequate resources to maintain them.

Material lending transactions

• Having reviewed material lending transactions and related disclosure last year and identified breaches and deficiencies, the Exchange conducted a further review this year. Cases of material impairments on loan receivables that raised concerns about potential breaches of directors’ duties were identified. These cases suggested weaknesses in internal controls, and for issuers that operate money lending businesses, a lack of proper credit risk assessments and inadequate due diligence.
• Directors are recommended to critically assess the commercial rationale for making the loans, whether the loan terms are fair and reasonable, and whether the use of funds is in the interests of the issuer and its shareholders. For issuers that operate money lending businesses, directors should also maintain effective risk management and internal control systems to assess and manage credit risk exposure and to monitor the recoverability of loans and adequacy of the collaterals.
• A number of issuers did not fully follow last year’s recommendations on disclosure of material lending transactions. Issuers should disclose details of material loan receivables and for money lenders, their business models, credit assessments and approval policies, and details of their loan portfolios and loan impairment assessments.

Financial statement disclosure under accounting standards

• Several key areas for further improvement were highlighted, including judgments and estimates, material intangible assets and fair value measurements.
• In view of economic uncertainty and market volatility, issuers and their audit committees are recommended to maintain a close dialogue with auditors on the audit focus areas and other emerging issues identified during the audit, and take prompt actions to address auditors’ concerns.

Issuers should take note of the observations and recommendation contained in the report in order to improve transpiration and accountability to investors in its future annual reports.  For further information, please visit this link.

The investor identification regime for the securities market in Hong Kong (“HKIDR“) will be launched on 20 March 2023. The purpose of the HKIDR is to enhance market surveillance and monitoring in order to achieve better investor protection.

Relevant licensed corporations and registered institutions (collectively referred to as “Relevant Regulated Intermediaries”) will have the following main obligations under the HKIDR upon its implementation:

• ensure that a unique identification code, namely the “Broker-to-Client Assigned Number” (“BCAN”), be assigned to “Relevant Clients” (as defined in the Consultation Conclusions) who have placed or propose to place (i) an on-exchange order or (ii) an off-exchange trade  reportable to the Stock Exchange of Hong Kong (“SEHK”) under its rules, in securities listed or traded on SEHK’s trading system (except for odd lots traded on SEHK’s odd lot/special lot market);
• ensure that up-to-date client identification data (“CID”) has been collected from each Relevant Client and is submitted along with the client’s BCAN (by way of putting the BCAN and CID into a “BCAN-CID Mapping File”) to a data repository to be maintained by SEHK by a prescribed time;
• ensure that the Relevant Client’s BCAN has been included in the order information for each on-exchange order as well as each off-exchange order and included in all reporting of off-exchange trades to SEHK, and report any BCAN error of a matched and executed trade as soon as possible to SEHK by submitting a prescribed error notification form; and
• adopt relevant data privacy and security measures to safeguard the data collected, transmitted and stored, including obtaining express consent from clients for the collection and handling of their personal data in compliance with data privacy laws.

Before the HKIDR commences on 20 March 2023, Relevant Regulated Intermediaries are reminded to complete the following as part of their preparation for the implementation:

• Seeking appropriate client consent. Relevant Regulated Intermediaries will need to obtain necessary consent from Relevant Clients who are individuals (i.e. natural persons) to the collection, storage, processing and use of personal data under the HKIDR.  In general, consent may be obtained by written and signed acknowledgment on paper, or by electronic means including by email or instant messaging applications.
• Updating individual and corporate clients’ CID. Relevant Regulated Intermediaries should collect from the Relevant Clients or update as appropriate the following information: the full name of the client as shown in the client’s identity document, the issuing country or jurisdiction of the identity document, the identity document type and the identity document number.
• Submitting the BCAN-CID Mapping File. Relevant Regulated Intermediaries can submit BCAN-CID Mapping File to SEHK via its Electronic Communication Platform and are strongly encouraged to submit the BCAN-CID Mapping File as early as possible to ensure that their clients’ BCANs are registered in preparation for any trading by such clients upon the launch of the HKIDR.

For further information, SFC’s guidelines and circulars can be found here.

A brokerage firm (the “Firm“) has recently been publicly reprimanded and fined HK$2.8 million by the Securities and Futures Commission (“SFC“) for (i) repledging clients’ securities collateral with a bank as collateral for financial accommodation provided to the Firm without a valid standing authority and (ii) providing monthly statements with incomplete and incorrect information to its clients.

From January to early March 2021, the Firm repledged the securities collateral belonging to 1009 clients with a market value of over HK$200 million with a bank as collateral for financial accommodation provided to the Firm, relying on standing authority which had already expired in 2020. This was caused by a technical bug in the Firm’s operating system, which omitted to automatically generate and send notices to clients for renewal of standing authority which expired on 31 December 2020.

Further, between May and November 2020, the Firm provided monthly statements with incomplete and incorrect information to a total of 930 clients, failing to include details of the contracts entered into on the last trading day of the month. This was caused by another technical bug in the office system which was upgraded in May 2020, which had not been identified in the user acceptance test conducted earlier on.

In light of the above, the Firm has breached:

• sections 7 and 10 of the Securities and Futures (Client Securities) Rules;
• section 11(3) of the Securities and Futures (Contract Notes, Statements of Account and Receipts) Rules; and
• General Principles 7 (Compliance) and 8 (Client assets) and paragraphs 11.1 (a) (Handling of client assets) and 12.1 (Compliance: in general) of the Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission.

This case serves as a good reminder to all licensed firms that it is important to establish a comprehensive information technology risk management policy which includes good practices and effective controls over software adoption and upgrade. Comprehensive testing, with test cases covering all critical functions, must be conducted before production deployment to ensure reliability of the system and to avoid breaching regulatory requirements due to technical failures.