Business and Risk Management Questionnaire (BRMQ)

As a licensed corporation in Hong Kong, the SFC requires that a Business and Risk Management Questionnaire (BRMQ) should be submitted to the SFC within 4 months after financial year end.

Here are the key points we can summarize from the Section A12 -Anti-Money Laundering and Counter-Financing of Terrorism – of this year’s BRMQ.

(1) The questionnaire asks about AML/CFT compliance checking conducted by the Licensed Corporation during the financial year, including the areas covered. If yes, the BRQM asks the Licensed Corporation to indicate the areas that were covered, including:

• Customer risk assessment
• Customer due diligence
• Sanctions and PEPs screening
• Transaction monitoring
• Suspicious transaction reporting
• Other areas (which the Licensed Corporation can specify)

“Customer risk assessment” means that the Licensed Corporation evaluates factors such as:

• The customer’s background, nature of business, source of wealth/funds
• The customer’s geographic location and whether they are from high-risk jurisdictions
• Whether the customer or their beneficial owner is a politically exposed person (PEP)
• The type of products/services the customer is using and the transaction patterns
• Any other red flags or high-risk indicators associated with the customer

(2) It also inquires about whether the Licensed Corporation outsources any AML/CFT control functions, and if so, what measures are undertaken to monitor the performance of the outsourced functions. Based on this risk assessment, the Licensed Corporation can then determine the appropriate level of customer due diligence to apply – standard, enhanced, or simplified. This helps the firm manage and mitigate the potential money laundering and terrorist financing risks posed by different customers.

(3) The questionnaire gathers information on the countries/jurisdictions of the highest number of clients, including whether any of these countries or jurisdictions are classified as high risk according to the LC’s policies and procedures, and the additional due diligence measures applied by the LC to cross-border correspondent relationships.

(4) The questionnaire gathers information on the types of clients the Licensed Corporation has, including whether they include politically exposed persons (PEPs).

(5) It asks about the enhanced customer due diligence (EDD) measures applied by the Licensed Corporation for high-risk clients.

(6) The questionnaire inquiries about the circumstances under which the Licensed Corporation conducts sanctions screening, including for new and existing clients, beneficial owners, and connected parties. The questionnaire also including the enquires about the transaction monitoring system and processes adopted by the LC to identify potentially suspicious transactions.

(7) Finally, the questionnaire gathers information about the procedures and controls adopted by the LC to detect and protect itself from being involved in dubious private fund/ discretionary account arrangement or transaction.