In a recent disciplinary action by the Securities and Futures Commission (SFC) (see SFC’s statement released on 9 February 2026), an entity (the Company), previously licensed to conduct Type 9 regulated activity (asset management), was reprimanded and fined HK$9 million for multiple failures in managing private funds over a three-year period. The SFC had previously taken action against the Company’s former responsible officer and chief executive officer (former RO) (see SFC’s enforcement news of 19 March 2025) who was banned from re-entering the industry for 14 months; and the Company’s substantial shareholder, director and former manager-in-charge of core functions (former director), who was banned from engaging in any regulated activities for 12 months and fined for HK$400,000) (see SFC’s enforcement news of 18 August 2025 and our Legal Update of 29 August 2025).
Background
Between August 2018 and January 2022, the Company acted as investment manager or consultant for six closed-end sub-funds (Sub-Funds) of a Cayman Islands segregated portfolio company (SPC). An SFC investigation revealed the Company’s conduct fell short of regulatory expectations in the following areas:
i. Failure to manage conflicts of interests
During the relevant time, the Company and the former director entered into 6 loan arrangements with 4 Sub-Funds of the SPC (collectively, the Loan Arrangements). The Company placed itself in a conflict of interest situation by acting as the investment manager and lender to the 4 Sub-Funds and allowed a conflict of interest to arise from the former director’s dual roles as director of both the Company and the SPC as well as the lender to the 4 Sub-Funds.
Under the Loan Arrangements, the Sub-Funds were charged considerably higher than the interest rates charged by execution brokers for margin loans to the 4 Sub-Funds.
There was no record of the Company’s assessment of whether the Loan Arrangements were on normal commercial terms negotiated at an arm’s length basis and no evidence that the Company took adequate measures to ensure that the interest rate on the loans was not higher than prevailing commercial rate for similar loans (paragraph 3.8.2 of the FMCC (defined below)).
ii. Failure to perform reconciliations, valuations and annual audit
During the relevant time, the Company did not have a policy on reconciliations and did not perform any reconciliations of the Sub-Funds’ assets (paragraph 5.6 of FMCC).
The Company’s valuation policy of fund assets did not specify the valuation frequency and there was no record demonstrating that the Sub-Funds were valued on a regular basis (paragraphs 5.3.1 and 5.3.5 of FMCC).
The Company also did not engage any external auditor to audit the financial statements nor made available annual reports for 5 Sub-Funds (paragraph 5.2.2 of FMCC).
The above were failures to comply with relevant requirements under the FMCC.
iii. Incorrect information provided to investors classified as professional investors (PI)
All of the investors in the SPC were classified by the Company as either individual PIs or corporate PIs who were all required to complete the same PI assessment and classification form (PI Form) to confirm that they consented to being treated as a PI and accepted the relevant risks and consequence. However, incorrect information was contained in the PI Form which erroneously provided that certain regulatory requirements (including the Company’s regulatory requirements to conduct suitability assessment and to ensure suitability of a recommendation) would not apply. In fact:
- For individual PIs: The relevant regulatory exemptions were not applicable.
- For corporate PIs: The relevant regulatory required an assessment under Code of Conduct para. 15.3A, which the Company failed to conduct and did not have any written policies or controls for such assessment at the material time.
iv. Weak know-your-client (KYC) and suitability systems and controls
During the relevant time, the Company’s KYC questionnaire omitted questions about the client’s risk tolerance and investment objectives. While the revamped KYC questionnaire contained questions about the client’s investment experience and knowledge, investment objective and risk tolerance, knowledge of derivatives and financial situations, it was found that irregularities in clients’ responses were not adequately addressed. For example, there were no record of the Company alerting clients or sought clarification from clients regarding conflicting or incomplete information, investors were allowed to select multiple and conflicting investment objective and risk tolerance levels without requiring clarification, the Company did not have a system in place to independently assess the risk profile of each client based on the client’s overall circumstances or document the results of its assessment, investors were considered to have knowledge of derivatives based solely on their self-declarations and there was no record demonstrating that the Company made appropriate enquiries or gathered relevant information to properly assess their knowledge.
Where the client’s indicated risk tolerance level was lower than that of a Sub-Fund, there was no documentation of the Company’s justification for considering the product suitable for the investor despite the risk mismatch.
These failures constituted breaches of the Code of Conduct (General Principal 3 and paragraphs 4.3, 5.1, 5.1A and 5.2).
v. Failure to maintain records of clients’ money laundering and terrorist financing (ML / TF) risk assessment and screening
During the relevant time, the Company’s compliance manual did not set out any guidelines or procedures for assessing the ML / TF risks of clients, determining whether a client is a politically exposed person, and screening clients against any database of terrorists and sanction designations.
The SFC also found that the Company failed to provide records to demonstrate that it has complied with the requirements under the Guideline on Anti-Money Laundering and Counter-Financing of Terrorism (For Licensed Corporations)(November 2018 edition).
The SFC emphasised that the Company’s failures have the potential to undermine public confidence and damage market integrity. Hence, the SFC’s sanctions reflect the SFC’s intent to send a strong deterrent massage to the market that the SFC will not tolerate misconduct as shown in the Company’s failure.
The SFC also found that the Company’s misconduct was attributable to the former RO’s and former director’s failures in discharging their duties as members of the Company’s senior management and has taken action against them.
The SFC emphasised that the Company’s failures have the potential to undermine public confidence and damage market integrity. Hence, the SFC’s sanctions reflect the SFC’s intent to send a strong deterrent massage to the market that the SFC will not tolerate misconduct as shown in the Company’s failure. The SFC also found that the Company’s misconduct was attributable to the former RO’s and former director’s failures in discharging their duties as members of the Company’s senior management and has taken action against them
Key takeaways
i. This case serves as a strong reminder that the SFC views failures in adherence to regulatory requirements. In particular, the SFC treats failures in conflict management and disclosure as serious breaches.
Where an asset manager’s failures are seen to have the potential of undermining public confidence and damaging market integrity, the SFC will not shy away from imposing heavier sanctions against similar or persistent misconduct to send a strong deterrent message to the industry.
Asset managers are reminded to review the SFC’s circular to licensed corporations engaged in asset management business of 9 October 2024.
ii. Senior management will be held accountable for an asset manager’s failure. Members of senior management of a licensed entity are responsible for the conduct of such entity’s business activities and will be individually accountable for management failures of the entity, even if the individual is not licensed by the SFC.
It is important that members of senior management implement proper oversight and appropriate policies, processes and procedures to ensure compliance with applicable laws and regulations as well as proper risk management, ensuring fair treatment and safeguarding of investors’ interests.
iii. Whilst it is important to put in place internal policies, processes and procedures for compliance with regulatory requirements, policies alone are insufficient—audit trails proving adherence are equally critical.
iv. Last but not least, asset managers must have a clear and accurate understanding of applicable laws and regulations and SFC’s expectations
Recommended actions
In view of this recent disciplinary action, you are encouraged to:
i. Review your existing arrangements to assess whether there are potential of conflict of interest situations and if so, what are the measures that you have put in place to manage, minimise and disclosure such conflicts to investors.
ii. Review your existing policies and procedures, including but not limited to your conflicts of interest policy, valuation and reconciliation policy, new investor take-on process (including suitability assessment), anti-money laundering and terrorist financing risk assessment and screening policy, to ensure that they remain up-to-date and align with the SFC’s requirements.
iii. Review your KYC and risk assessment questionnaire to ensure its adequacy and consider whether any updates are required, taking into account regulatory expectations and market developments.
iv. Review and strengthen your record keeping policies and protocols.
