top of page

Anti-Money Laundering and
Counter-Terrorist Financing Requirements

Application of CDD, SDD and EDD_edited_e


Pursuant to section 7 of the Anti-Money Laundering and Counter-Terrorist Financing Ordinance, Cap. 615 (“the AMLO”), in considering whether an anti-money laundering and counter-terrorist financing (“AML/CTF”) requirement
under Schedule 2 has been contravened, the Registrar of Companies (“the Registrar”)
 will have regard to the relevant provision in the Guideline on Compliance of Anti-Money Laundering and Counter-Terrorist Financing Requirements for Trust or Company Service Providers (“the Guideline”).



To fulfil the AML/CTF obligations, TCSP licensees must assess the money laundering and/or terrorist financing (“ML/TF”) risk of their businesses, develop and implement policies, procedures and controls (hereinafter collectively referred to as “AML/CTF systems”) on:


  • risk assessment;

  • customer due diligence (“CDD”) measures;

  • ongoing monitoring of customers;

  • suspicious transactions reporting;

  • record keeping; and

  • staff training.


TCSP licensees should establish and implement adequate and appropriate AML/CTF systems (including customer acceptance policies and procedures) taking into account factors including products and services offered, types of
, geographical locations involved.




TCSP licensees can apply appropriate control and oversight to new and existing customers by determining:


  • the extent of CDD to be performed;

  • the level of ongoing monitoring to be applied to the relationship with customers; and

  • the measures to mitigate any ML/TF risks identified.

The following factors may be considered in determining the ML/TF risk rating of customers:


Documenting risk assessment


TCSP licensees should keep records and relevant documents of the risk assessment so that they can demonstrate to the Registrar, among others:

  • how the customer’s ML/TF risks are assessed; and

  • the extent of CDD and ongoing monitoring is appropriate based on that customer’s ML/TF risks.



CDD is intended to enable a TCSP licensee to form a reasonable belief that it knows the true identity of each customer and, with an appropriate degree of confidence, knows the type of business and transactions the customer is likely to undertake. The CDD requirements are set out in Schedule 2 to the AMLO. 

Depending on specific circumstances, TCSP licensees may also need to conduct additional measures (referred to as enhanced customer due diligence (“EDD”) hereinafter) or, alternatively, may conduct simplified customer due diligence (“SDD”).



The CDD measures applicable to TCSP licensees under section 2 of Part 2 of
Schedule 2 to the AMLO are:


  • identifying the customer and verifying the customer’s identity using
    documents, data or information provided by reliable and independent source;

  • where there is a beneficial owner in relation to the customer,

    identifying  and taking reasonable measures to verify the beneficial

    owner’s identity so that the TCSP licensee is satisfied that it knows

      who the beneficial owner is, including in the case where the customer

      is a legal person or trust, measures to enable the TCSP licensee

      to understand the ownership and control structure of the legal

      person or trust;

  • obtaining information on the purpose and intended nature of

    the business relationship (if any) established with the TCSP licensee

      unless the purpose and intended nature are obvious; and

  • if a person purports to act on behalf of the customer:

    • identifying the person and taking reasonable measures to verify the
      person’s identity using documents, data or information provided by
      reliable and independent source; and​

    • verifying the person’s authority to act on behalf of the customer.

Under section 1 of Part 1 of Schedule 2 to the AMLO, “customer” is defined to include a client. The meaning of “customer” and “client” should be inferred from its everyday meaning and in the context of industry practice.


Pursuant to section 3(1) of Part 2 of Schedule 2 to the AMLO, TCSP licensees must apply CDD:

  • before establishing a business relationship with the customer;

  • before carrying out for the customer an occasional transaction that involves an amount equal to or exceeding an aggregate value of HK$120,000, whether carried out in a single operation or several operations that appear to the TCSP licensee to be linked;

  • when the TCSP licensee suspects that the customer or the customer’s account is involved in ML/TF;

  • when the TCSP licensee doubts the veracity or adequacy of any information previously obtained for the purpose of identifying the customer or for the purpose of verifying the customer’s identity.



bottom of page