Circular to licensed corporations and associated entities
Third-party deposits and payments

31 May 2019

Circular to licensed corporations and associated entities

Third-party deposits and payments

The Securities and Futures Commission (SFC) wishes to reiterate the importance of mitigating the risks associated with third-party payments to or from accounts maintained by clients with licensed corporations (LCs) and associated entities (AEs). LCs and AEs are reminded to enforce appropriate and effective control measures which are capable of addressing these risks and meeting the requirements set out in the relevant guidelines and circulars1.

Third-party deposits and payments may be used to facilitate the misappropriation of client assets, money laundering and other misconduct2. When a client uses a third party to pay for or receive the proceeds of investment transactions, there is a risk that the arrangement may be used to disguise the true beneficial owner or the source of funds.

Expected standards

In several recent enforcement cases, the policies, procedures and controls put in place by LCs for handling third party deposits and payments were found to fall short of the expected standards or were not properly enforced by the managers and staff members responsible.

To assist LCs and AEs in reviewing the adequacy of their policies and procedures for mitigating the risks associated with third-party deposits and payments, we have summarised in the Appendix the key control measures which should be in place and also provide non-exhaustive examples of effective practices to implement them. These control measures aim to protect client assets as well as to detect and prevent money laundering and terrorist financing (ML/TF) and other illicit activities involving third-party deposits and payments.

LCs and AEs should critically assess the risk that they could be inadvertently exposed to financial crime as well as legal and compliance risks, and give serious consideration to refusing third-party deposits and payments3

Where LCs and AEs consider that there are exceptional and legitimate circumstances under which clients may be permitted to make third-party payment arrangements, they should only accept such arrangements when adequate control measures are properly implemented to mitigate the associated risks, and the arrangements otherwise satisfy all the applicable legal and regulatory requirements4. In any event, LCs and AEs should accept only those third-party deposits or payments which are reasonably in line with the client’s profile and normal commercial practices.

A Manager-In-Charge (MIC) of Anti-money Laundering and Counter-Terrorist Financing (AML/CFT) should be designated to oversee the proper design and implementation of the policies and procedures for handling third-party deposits and payments5 as well as the ongoing monitoring of client accounts involving such deposits or payments. The acceptance of a third-party deposit or payment should be approved by the MIC of AML/CFT or Money Laundering Reporting Officer (MLRO). Where it involves a third-party payor or payee who might pose higher risks, it should be subject to a dual approval process6.

LCs and AEs are also reminded to step up their ongoing monitoring of client accounts involving third-party deposits and payments, make prompt follow-up inquiries and report any suspicious transactions to the Joint Financial Intelligence Unit (JFIU) and other relevant authorities (such as the SFC and the Police) to discharge their compliance obligations.

Senior management of LCs, including the MIC of AML/CFT, bear the primary responsibility for ensuring their firms maintain appropriate standards and adhere to proper procedures. Where appropriate, the SFC will take action against firms and their senior management who are responsible for failures to put in place appropriate and effective policies, procedures and controls for handling third-party deposits and payments.

Should you have any questions regarding the contents of this circular, please contact Ms Kiki Wong at 2231 1569 or the case officer.

Intermediaries Supervision Department
Intermediaries Division
Securities and Futures Commission




1 Relevant guidelines and circulars include but are not limited to the following:
(i) Guideline on Anti-Money Laundering and Counter-Financing of Terrorism (For Licensed Corporations) (AML Guideline) 
(ii) Prevention of Money Laundering and Terrorist Financing Guideline issued by the Securities and Futures Commission for Associated Entities
(iii) Management, Supervision and Internal Control Guidelines for Persons Licensed by or Registered with the Securities and Futures Commission
(iv) Suggested Control Techniques and Procedures for Enhancing a Firm’s Ability to Comply with the Securities and Futures (Client Securities) Rules and the Securities and Futures (Client Money) Rules
(v) Circular dated 3 December 2013 on Suspicious Transactions Monitoring and Reporting
(vi) Circular dated 31 August 2018 on Anti-Money Laundering / Counter Financing of Terrorism measures and controls inspection findings
In the SFC’s circular dated 9 October 2018, it was noted that frequent and large transfers to and from third parties absent a credible commercial rationale or explanation are a potential red flag which may suggest the use of “nominee” or “warehousing” arrangements to facilitate market and corporate misconduct.
3 For the avoidance of doubt, where a client has been on-boarded online using the non-face-to-face procedures provided in the SFC’s circular dated 12 July 2018, the firm should conduct all deposits and withdrawals for the client’s trading account through a designated bank account held in the client’s name.
4 For example, General Principle 7 of the Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission, requiring intermediaries to comply with all regulatory requirements applicable to the conduct of their business activities so as to promote the best interests of clients and the integrity of the market, and section 23 of Schedule 2 to the Anti-Money Laundering and Counter-Terrorist Financing Ordinance requiring financial institutions to take all reasonable measures to mitigate money laundering and terrorist financing risks.
5 The senior management of an LC or AE, which is obliged under the AML Guideline to satisfy itself that the business is taking sufficiently effective measures to protect itself against the risks of ML/TF, should approve these policies and procedures.
6 For effective internal control, dual approval by the officer holding the position of MIC of AML/CFT or MLRO and another person who is a member of senior management should be required.

Click here to download the document

Supplementary document:

Page last updated : 4 Jul 2019