Hong Kong regulator starts review of remote booking, data risk management practices

Maria Nikolova

The SFC will meet with key personnel and will inspect internal controls and risk management activities at selected licensed corporations.

Growing complexity of trading and business models and extensive use of technology have prompted the Hong Kong Securities and Futures Commission (SFC) to start a thematic review of selected licensed corporations. The aim is to assess their risk governance and oversight framework as well as their risk management practices.

The SFC notes that the growing complexity of trading and business models, extensive use of technology, greater reliance on big data and more challenging liquidity conditions all pose increasing risks to financial institutions in Hong Kong. The regulator insists that licensed entities have to evaluate the risk management processes periodically to ensure that they adequately manage the risk of losses, whether financial or otherwise, resulting from fraud, errors, omissions and other operational and compliance matters.

One area of increasing concern is the remote booking of risks. Some financial institutions (the SFC did not mention any names) with a global business presence book the risks of trades originated from or handled by their licensed entities in Hong Kong to an offshore central booking entity. Then, the risk booking entity enters into a transfer pricing arrangement with the licensed entity to share the profits or losses. Given that risks are moved across borders and different firms implementing a variety of remote booking models, licensed corporations need to adapt their risk management frameworks to ensure that risks are appropriately identified and managed.

Furthermore, there is a risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. In recent years, LCs have been more focused on the management of operational risk due to the increasing complexity of their business models and trade-related issues. The SFC will be assessing relevant controls and monitoring implemented by LCs such as the segregation of duties and surveillance of trade processing.

The SFC also notes that data risk is becoming increasingly important as technological advancements have fundamentally changed the way licensed corporations collect, use and manage data. Whereas the wider use of technology has raised awareness about the importance of data protection, this requires strong data governance and management on the part of Lcs. For that matter, the SFC will evaluate relevant controls and monitoring implemented by LCs, such as data protection governance, access controls and data loss protection and recovery.

The thematic review will start by questionnaires being sent to selected LCs in Hong Kong. The SFC mentioned no criteria for the selection.

The regulator will then analyse the responses to identify any red flags suggesting potential concerns or instances of non-compliance. LCs will be selected for meetings and on-site inspections, which will involve the SFC meeting with key personnel and inspecting internal controls and risk management activities.

Read this next

Retail FX

Fullerton Markets Caps Off Stellar Year with Dual Triumph at Gazet International Awards 2023

Fullerton Markets, one of the fastest-growing brokerages in the Asia Pacific, has today announced its remarkable success at the prestigious Gazet International Awards 2023, where it secured two coveted accolades, reinforcing its position as a global leader in multi-asset brokerage and marketing a triumphant end to the year.

Inside View

Are brokers really ready for EMIR Refit and ESMA changes in 2024?

The EMIR Refit and ESMA reporting requirements necessitate a strategic approach from brokers, involving major updates to reporting systems, data collection processes, and internal resources. We spoke with brokers and RegTech providers to learn more about the upcoming regulatory challenges.

Digital Assets

Binance to phase out BUSD support in two weeks

Binance has announced its plans to gradually phase out support for its native stablecoin, BUSD (Binance USD) by December 15, 2023. This move comes after Paxos, the issuer of BUSD, decided to stop minting new tokens.


Binance Labs invests $3.15M in Open Campus to advance Web3 education

Binance Labs, the venture capital arm of the cryptocurrency giant Binance, has invested $3.15 million in Web3 education platform Open Campus.

Institutional FX

Brighty App unveils EU B2B payment platform amidst exploding market

Brighty App is set to launch its European B2B platform, Brighty Business, this month. This platform is geared towards improving how businesses handle their financial operations, especially in the digital banking and cryptocurrency domains.

Digital Assets

Celsius’ withdrawal process slowed by overwhelming demand

Bankrupt crypto lender Celsius is taking steps to allow certain customers to withdraw their funds. However, some users have reported difficulties in logging in to process their withdrawals, as indicated by posts on various social media platforms.

Digital Assets

Cristiano Ronaldo hit with $1 billion lawsuit over Binance NFTs

Cristiano Ronaldo, the renowned footballer, is facing a class-action lawsuit in the United States over his promotion of Binance, the world’s largest cryptocurrency exchange.

Digital Assets

Zipmex creditors offered 3.35 cents on the dollar payout

Zipmex, a Thai crypto exchange grappling with financial difficulties, has proposed a restructuring plan to repay its creditors.

Digital Assets

FSB warns of risks posed by multifunction crypto-asset intermediaries

The report on Multifunction Crypto-Asset Intermediaries (MCIs) provides an in-depth analysis of these entities which combine various crypto-asset services and products, typically centering around a trading platform. These services can include proprietary trading, investment functions, issuance, promotion, and distribution of crypto-assets, including stablecoins.