March 2026
Licensed insurance broker companies serve as the first point of contact with customers and play a critical role in preventing the insurance sector from being used for money laundering and terrorist financing (ML/TF) activities. Given the risk of long term insurance policies being targeted as instruments to facilitate ML and TF, licensed insurance broker companies and licensed insurance agencies that carry on regulated activities in long term business are required to comply with the customer due diligence and record keeping requirements in the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Cap. 615) (AMLO).
Recent disciplinary actions by the IA highlight its continued commitment to strengthening the robustness and effectiveness of anti-money laundering and counter-terrorist financing (AML/CFT) controls within the insurance sector.
The IA reprimanded and imposed fines totaling HK$429,000 on three broker companies for contraventions of AMLO and reprimanded three individuals connected with the broker companies’ contraventions. These disciplinary actions followed the IA inspections that uncovered deficiencies in the broker companies’ AML/CFT frameworks.
Below are some examples of the identified shortcomings:
Two broker companies required their technical representatives (TRs) to certify customers’ identification documents by making a true copy and marking the verification date on it.
However, during the pandemic (presumably due to travel restrictions preventing face-to-face meetings), one broker company allowed TRs to verify documents on dates different from those recorded on the copy, while the other broker company permitted TRs to omit to mark the verification date entirely. Both practices breached the companies’ AML measures.
Proper verification of customer identification documents is a critical component of the CDD process, as it helps identify politically exposed persons (PEPs) and associated ML or TF risks (such as situations where the actual customer or paying party may not be who he or she purports to be). While unforeseen circumstances such as a pandemic may disrupt normal operations, these essential procedures must not be bypassed or overlooked. Launderers view such disruptions as opportunities to sneak in dirty money. Maintaining compliance standards despite challenging situations is therefore imperative to stop these attempts.
In two policy applications, the broker company incorrectly identified family trusts as the policy holders, despite having received board resolutions from a company stating that it would hold and pay for the policies as employee fringe benefits. Accordingly, the company, not the family trusts, should have been identified as the customer.
As part of its CDD obligations, the broker company must accurately identify the customer and understand the purpose and intended nature of the business relationship. This is essential to detect situations where individuals may conceal their identity behind vehicles such as trusts, or company ownership structures, to facilitate ML/TF activities.
A TR signed as the PPTA for a corporate policy holder based on board resolutions claiming the TR was authorized through employment by the policy holder, an assertion that was untrue. This lapse occurred because the broker’s internal manual lacked clear procedures for verifying both the PPTA’s identity and authority. Verifying the identity and authority of a PPTA is critical to prevent individuals from exploiting business relationships to facilitate ML/TF activities.
One broker company failed to establish and maintain effective procedures for identifying whether customers were PEPs during the material period, resulting in the omission of PEP screening in policy applications. Insurance policies can be exploited for ML/TF through the funding of policy purchases and subsequent withdrawal of benefits. Therefore, it is essential for broker companies to implement robust procedures to screen customers for PEP status at the outset of any business relationship, as part of their efforts to detect and mitigate ML/TF risks.
One broker company failed to retain customer identification records for certain policy applications, despite having an internal requirement to keep such records for at least five years. These documents are a critical component of the audit trail for detecting, investigating, and confiscating potential criminal or terrorist property or funds. Proper record-keeping enables investigating authorities to establish a suspect’s financial profile, trace illicit assets, and assists the Court in reviewing relevant transactions to determine whether assets are the proceeds of, or connected to, criminal or terrorist offences.
These omissions constitute material non-compliance with the AMLO and the IA’s Guideline on Anti-Money Laundering and Counter-Terrorist Financing (GL3). While the IA acknowledges that the nature, size, and complexity of a broker company’s business may influence the extent and scope of its corporate governance under the AMLO, this does not justify the absence of effective procedures. Broker companies should seek appropriate professional advice to ensure their controls meet regulatory standards.
The IA noted that no actual ML/TF activities were detected in the above cases and that the broker companies have taken remedial steps to rectify the deficiencies, including updating their internal manuals. They also promptly accepted the disciplinary actions. In determining the appropriate sanctions, the IA had regard to the Guideline on Exercising Power to Impose Pecuniary Penalty in Respect of Anti-Money Laundering and Counter-Terrorist Financing (GL3A).
Market participants engaging in long-term business must maintain proportionate, well-designed, and effectively implemented AML/CFT procedures to accord with their obligations under the AMLO, not just on paper, but in day-to-day operations. Regular risk assessments, staff training, governance oversight, and clear escalation processes are essential components of an effective compliance framework.
It is imperative that the insurance sector performs its obligations to prevent the financial services system being used as a conduit for money laundering and financial crime. Failures in these areas by insurers, broker companies or agencies that are subject to the AMLO, may result in proportionate disciplinary action being taken by the IA. Every person serving in the insurance market must play their part in safeguarding the integrity and reputation of Hong Kong as an international financial centre.
Please check out latest news on our enforcement work such as details of other disciplinary actions taken by the IA at the “Enforcement News” at the IA website.