As a statutory body, we are accountable to the Hong Kong Special Administrative Region (HKSAR) Government and the public in carrying out our regulatory functions. To achieve this, we strive to comply with the principles underlying our governance structure.
We report regularly to the Government. Our annual budget is submitted to the Financial Secretary for approval and tabled before the Legislative Council (LegCo). We publish details of our operations and financial statements in our quarterly reports and a full-year account in our annual reports.
We attend meetings at LegCo to present and explain policy initiatives and other issues of public interest, including meetings of the Panel on Financial Affairs. We also deal with draft legislation at meetings of relevant LegCo designated bills committees and sub-committees.
In order to take diverse interests and conflicting viewpoints into account, we strive to maintain contact with the industry and the investing public through:
- our Advisory Committee as well as other consultative and regulatory committees, which all have many external members;
- public consultations on regulatory proposals;
- press releases, consultation conclusions and newsletters; and
- our corporate website, which provides up-to-date information about the SFC.
For regulatory, supervisory and market development issues, we also:
- attend relevant briefings and meetings with the Financial Secretary and the Financial Services and the Treasury Bureau;
- cooperate with other local, Mainland and international regulators;
- take part in international standard-setting bodies (eg, International Organization of Securities Commissions) and
- participate in local, regional and international conferences and seminars.
Internal codes and guidelines
We commit to uphold high standards of integrity and conduct within the organisation to promote and maintain public confidence. In addition to complying with relevant legal obligations, our staff must comply with our code of conduct, which stipulates the standards of behaviour expected of them. Key aspects of the code deal with:
- maintaining confidentiality;
- avoiding conflicts of interest;
- guarding against corrupt practices; and
- observing rules about personal investments.
We have established procedures for handling complaints or grievances. Reports of improper practice of the SFC or our staff can be made under a set of procedures for lodging complaints, which are posted on our website.
We adhere to financial controls and procedures to ensure that our resources are managed properly. We follow a set of tender guidelines and procedures when appointing vendors, consultants and other third parties.
We identify, assess and manage external and internal risks in a timely and systematic manner.
We have a market contingency plan setting out detailed procedures for dealing with emergency situations which may affect Hong Kong's securities and futures markets, such as precipitous market falls and trading or clearing system failures. The plan helps us act promptly, appropriately and in a coordinated manner when a crisis arises.
A structured process has been established to monitor potential and emerging risks facing the SFC and gather market intelligence.
Our internal control measures cover possible operational risks, including financial risks and threats to our office and information security.
Our system of internal financial controls ensures proper management of our financial resources in compliance with established policies and procedures. An independent external audit firm reviews our internal controls annually to assess how well we adhere to our controls and to evaluate and enhance the adequacy of these procedures. The SFC’s Audit Committee approves the focus of these reviews each year.
We have in place a business resumption plan that covers readily identifiable risks, including technical problems, fires, natural disasters and other emergencies. The plan is communicated within the organisation and updated regularly.
We have a range of measures, including office and computer access controls, to protect our information and our information systems from unauthorised access, use, modification or destruction. We also have an information security policy to provide staff with guidance on how to protect the confidentiality and integrity of information.
Last update: 17 Jan 2020