Internet Disaster

Boxing Day seems not a lucky day in recent years. While the painful experience of Tsunami in 2004 has not been forgotten, this year the world encounter the internet disaster caused by the Taiwan earthquake on 26 Dec.

It was hardly believed that the earthquake could lead to such a serious disruption of communication and business. Even worse, the problem may last for a few days. Many securities firms using Bloomberg for trading had to resume the "manual mode", i.e. filling in deal tickets! Without the real-time updating of positions, the risk of trading and operational errors would be much higher.

Then we must return to the fundamental problem: contingency planning. Since the 911 incident and SARS outbreak, SFC has paid more attention to contingency measures in disastrous events. Under Section 12.5 of the Code of Conduct, licensed firms should notify SFC "any material failure, error or defect in the operation or functioning of its trading, accounting, clearing or settlement systems or equipment". Since this time the problem is so widespread, SFC had already taken the initiative to contact certain large firms to understand the problem.

Once again I would imagine the terrorists can create an economic disaster by attacking the optical fiber cables under the sea...

Best wish for a more peaceful 2007!

Unauthorized Advertisements

Under SFO, “investment products” are broadly classified into three categories, namely, securities, collective investment schemes (CIS) and regulated investment agreements (RIA). Unless otherwise exempted, issuance of advertisements in relation to investment products to HK investing public without SFC authorization is prohibited. While this requirement is well known to investment professionals, people outside the securities industry.

SFC recently prosecuted Centaline (China) Property Consultants Ltd, Dalian Victory Plaza Development Company Ltd (a PRC company) and Mr Lee King Fung for issuing advertisements relating to a CIS without SFC authorization. In May and Aug 2005, Centaline (China) and Dalian Victory posted advertisements in their respective websites to promote an investment scheme in relation to the sale of shop units in Dalian Victory Plaza (the Plaza) in China (the Scheme). Centaline (China) also distributed various promotion leaflets of the Scheme, while Dalian Victory issued advertisements in some local newspapers, stations and carriages of MTR and KCRC.

The Plaza was developed by Dalian Victory which appointed Centaline (China) to act as the exclusive sales agent to promote the Scheme. Lee was the most senior officer in Centaline (China) responsible for the promotion of the Scheme.

Property developers and promoters often confuse ordinary property investments with an investment scheme. In 2003, there was a similar case happened for Midland (China) Property Development Ltd. In that occasion, SFC advised promoters to take a legal advice before launching such a scheme and indicated its willingness to assist promoters by discussing in advance the particular terms of any scheme.

Keeping of Records

Since the Enron incident, regulators have paid more attention to the problem of destroying internal documents by a charged firm. Emails are obviously under the spotlight.

NASD has recently charged Morgan Stanley for the following:

• Morgan Stanley failed to provide emails before 11 Sep 2001 to arbitration claimants and regulators in numerous proceedings from Oct 2001 to Mar 2005.
• Morgan Stanley falsely claimed in many of those proceedings that such email had been destroyed in the 911 terrorist attacks on World Trade Centre, where its email servers were housed. In fact, Morgan Stanley possessed millions of pre-911 emails that had been restored to its system shortly after 911 using back-up tapes. Many other emails were maintained on individual users’ computers and were therefore never affected by the attacks, yet Morgan Stanley often failed to search those computers when responding to requests.
• Morgan Stanley later destroyed many of the emails it did possess, in two ways – by overwriting backup tapes that had been used to restore the emails to the firm’s system and by allowing users of the firm’s email system to permanently delete the emails over an extended period of time.

In HK, SFC has issued the S&F (Keeping of Records) Rules, which is however mainly covering the financial, transactional and operational records. It is unclear if destroy of emails by HK licensed firms is a regulatory breach. But SFC may still discipline a firm for such act by using the last weapon - General Principle 2 of the Code of Conduct - Diligence.

Supervisory Failures

In recent years, management supervision is more often quoted by the regulators in enforcement cases. Sometimes a failing supervisory system per se would lead to a discipinary action even though the firm has not yet been convicted of any misconduct.

NASD has recently fined USAllianz Securities US$5m for widespread deficiencies in its supervisory system and for record-keeping violations. As part of the settlement, USAllianz Securities may not open a new office for 30 days, and may not hire new registered representatives for 7 days.

NASD found that for almost 5 years, USAllianz failed to establish and maintain a reasonable supervisory system and written procedures designed to oversee the firm's registered representatives and their activities.

The resulting deficiencies included:

• Supervisory principals did not know which registered representatives they were responsible for supervising and in other instances registered representatives could not identify their supervisory principals.
• Supervisors were not qualified to carry out their supervisory responsibilities because they lacked experience, education and training; in other instances, supervisory principals inappropriately delegating their day-to-day supervisory responsibilities to other less experienced principals, often without notifying the firm.
• Inadequate staffing resources dedicated to compliance given the size and location of the firm's sales force, e.g. 2 compliance officers covering a large field sales force working in numerous offices scattered throughout the US.
• The internal office inspection program failed to provide adequate oversight, training and guidance, leading to substantial failures to properly identify deficiencies. For instance, an inspector could determine that an entire office was fully compliant in an area simply because a single registered representative did not exhibit any deficiencies in that area.
• USAllianz did not have any system in place to capture, preserve and maintain e-mail communications.

Perhaps the whole management team of this firm should attend a "re-training" program of "Management Control ABC".

Sales Charge Waiver

Certain load mutual funds allow investors to buy Class A shares without paying the front-end sales load (i.e. they can purchases the shares at NAV) if they buy that fund using proceeds from the sale of shares in a different mutual fund family for which they paid a front-end or back-end sales charge. These transactions are called "NAV transfers".

As a decent adviser, you should never recommend your clients to switch their funds if the only basis for the recommendation is simply to earn a commission from the sale or purchase. If the opportunity of sales charge waiver under NAV transfers is available, you should inform your clients.

NASD has recently imposed fines totaling US$850,000 against four firms - Edward Jones, RBC Dain Rauscher, Royal Alliance Associates and Morgan Stanley - for failing to have adequate supervisory systems and procedures to identify opportunities for investors to purchase Class A mutual fund shares at NAV.

During 2002-2004, many mutual fund families offered NAV transfer programs that eliminated front-end mutual fund sales charges for certain customers. NASD found that each of the firms failed to ensure that customers received NAV pricing when appropriate. As a result, certain investors purchased Class A shares and incurred front-end sales charges that they should not have paid, or purchased other mutual fund share classes that subjected them to higher fees and the potential of contingent deferred sales charges.

Each firm was ordered to provide remediation to thousands of eligible clients who qualified for, but did not receive, the benefit of available NAV transfer programs.

The principle of acting in the best of clients is so wide, which may be breached by either action or inaction.

Cross-border Enforcement of Securities Laws

Buy-side people (such as fund managers and proprietary traders) often receive non-public price-sensitive information from investment banks, i.e. "sounding out" (探盤). If they do not act properly on such information, they would be accused of the offence of insider trading.

SFC has suspended Stephane Hug, a convertible bond proprietary trader and SFC licensee accredited to Credit Suisse (Hong Kong) Ltd, for 4 months.

SFC found that:

• On 28 Nov 2003, a representative of Daiwa Securities SMBC (Europe) Ltd in Geneva told Hug by phone about a potential convertible bond issue by Sumitomo Light Metal Industries Ltd (SLM), a company listed on the Tokyo Stock Exchange. Daiwa was the underwriter of this issue.
• The terms of the potential convertible bonds were disclosed to Hug to “sound out” his views about the attractiveness of the bonds to investors. This is a common market practice.
• On 1 Dec 2003, Hug was informed that the convertible bond issue would be announced after the market closed on 2 Dec 2003 and the issue price would be fixed on 3 Dec 2003.
• On 2 Dec 2003, while in possession of such information, Hug sold SLM shares.

Since the above insider trading occurred on the Tokyo Stock Exchange, Hug’s conduct did not contravene Hong Kong’s securities laws. While the case was referred by Japanese's SESC, SFC could only take the disciplinary action against Hug by using the "last resort" - General Principle 2 of the Code of Conduct (i.e. diligence).

In this case, actually Hug obtained no personal benefit, but his conduct was technically wrong. Therefore Credit Suisse (Hong Kong) had taken the following remedial steps:

• Donated the profits made through the transaction to charity
• Suspended Hug for one month without pay, fined him and denied him US$400,000 of discretionary bonus

This case once again demonstrated the feasibility of cross-border enforcement of securities laws among regulators in different countries.

Job Agents

Near the year-end, staff turnover in financial institutions is usually low as people are waiting for year-end bonus. Since compliance is a one of the professions with high demand, from time to time compliance officers would receive cold calls from job agents.

In general, I think the professionalism of HK job agents is deteriorating in recent years. There were some bad experiences in my memory, which make me challenge the agents' competency and even integrity. I even think their problems are similar to those of investment professionals, such as:

Mis-selling

The agents fail to do any homework about the candidate's profile and then recommend an inappropriate job. This wastes the time of both the candidate and the prospective employer. As compliance is still young profession, many agents do not really understand its nature and function. As a result, they can only read out the job description to the candidate without performing any suitability assessment. Once a time I sent my CV (which clearly indicates my career history of securities compliance) to an agent and eventually he referred a job of "physical security" to me! Perhaps he didn't differentiate "securities" from "security".

Dissemination of false information

Some agents pretend to have job offers from some large institutions (actually such offers do not exist) and use such false information to solicit CV from candidates. Then they use the CV for "hawking" before the employers, without getting the candidates' consent. This is very unethical.

Confidentiality

There are too many "big mouth" agents in the society. They don't respect the confidentiality of the candidates by disclosing their information to outsiders on a "no need to know" basis. Sometimes they fail to handle the confidential information with prudence. I had once received an email from an agent, which was actually for the attention of another candidate but wrongly sent to my email address. I was highly concerned whether any email to me would be sent by her to a third party.

Underselling

When publishing the salary surveys, the agency firms tend to overstate the market prices to attract the job seekers. When actually bargaining a job from a prospective employer, they often undersell the candidate in order to increase the success rate. Some agents even attempt to fool the candidate. For example, they may say you are unreasonable to ask for a 20% increase in monthly salary, but ignoring the fact that the new employer is paying 12-month fixed salary while your existing one is paying 13-month.

While the malpractices of property agents and investment professionals are highly regulated, why are the job agents un-regulated or at least under-regulated? Now I can only rely on self-protection measures, including: (a) trust only agents referred by my friends and reject all cold-calling agents; and (b) black-list all known agents who are not acting professionally. Of course, I have also established a long term relationship with a few good agents and feel comfortable to make referral of candidates to them.

Stock Manipulation Scheme

There was recently a fraud case of stock manipulation happened in US, where the parties came from HK and PRC.

On 4 Dec 06 SEC filed an emergency action against China Energy Savings Technology, Inc., several of its former officers, its controlling shareholder, and others, alleging that they orchestrated an elaborate stock manipulation scheme.

It was alleged that China Energy and the company's undisclosed control person, Chiu Wing Chiu, with the assistance of the company's Corporate Secretary, Lai Fun ("Stella") Sim, devised a wide-ranging stock manipulation scheme to fraudulently obtain Nasdaq National Market System ("NMS") listing, artificially inflate China Energy's stock price, and sell millions of China Energy shares into the US capital markets.

Chiu and Sim formed China Energy through a transaction with a Nevada shell corporation called Rim Holdings, Inc. and the subsequent acquisition of a BVI holding company called Starway Management Ltd.

The defendants:

• caused China Energy to purchase Starway at an excessive price to facilitate the issuance of large quantities of China Energy shares to entities controlled by Chiu;
• caused China Energy to obtain a NMS listing by artificially creating a shareholder base and falsely representing to Nasdaq that the company had met its minimum shareholder requirement;
• issued false press releases concerning China Energy's NMS listing;
• created artificial demand for China Energy stock by engaging in manipulative trading and entering into secret deals to give free China Energy stock to shareholders willing to purchase China Energy in the open market; and
• concealed the fact that Chiu controlled both the company and the company's public float.

In addition, China Energy, Chiu, and others engaged in illegal unregistered sales by gifting shares to more than 400 persons as part of the fraudulent Nasdaq listing scheme and by improperly issuing S-8 stock to promoters engaged in capital raising activities and consultants who performed no services.

SEC acknowledged the assistance afforded by HK SFC in this matter. I am interested to know what SFC has done to assist SEC. Under SFO, market manipulation conducted in overseas markets by HK residents may also be captured. This case is a regulatory cooperation to fight against cross-border financial crime.

Gifts & Entertainment (2/2)

NASD Rule 3060 (the gift rule) prohibits any member or person associated with a member from giving, or permitting to be given, anything of value in excess of US$100 per individual per year where such payment is in relation to the business of the recipient’s employer. The rule protects against improprieties that may arise when members or their associated
persons give gifts or gratuities to employees of a customer.

NASD recently issued the Report on Examination Findings Regarding Gifts and Gratuities, which details its findings from a review of more than 40 member firms with respect to compliance with Rule 3060 over a two-year period, and the supervision of firm practices in this area. Some of those findings are highlighted below:

Problematic Data Produced

• Firms lacked the centralized record-keeping systems to assess compliance with Rule 3060. They even did not maintain adequate records of gifts, gratuties, travel & entertainment.

Record-Keeping Deficiencies Observed

• Firms failed to maintain records of gifts & entertainment aggregated by individual recipient and require brokers to provide complete attendee information for all ticketed events.

Systems & Procedures to Comply with the Gift Rule

• Firms generally did not have a separate approval process for gifts and the focus is cost control rather compliance with Rule 3060.
• Firms did not have procedures reasonably designed to ascertain whether entertainment was appropriate.
• Firms did not have adequate controls in place to monitor the manner in which tickets (of sporting events, concerts, etc.) purchased were used (note: a ticket provided to a client is deemed a gift (thus subject to the US$100 limit) if the broker does not attend the event with the client).

In HK, the situation is probably quite similar. The focus of controls over gifts and entertainments is more put on cost management and less on conflict of interest. Some compliance officers may have maintained a register of benefits received by the firm's staff, but they seldom monitor the gifts and entertainment offered by the firm to clients. They may think that this is the job of ICAC!

Gifts & Entertainment (1/2)

Christmas is coming, again the season for receiving the festival gifts. Many firms have laid down a formal gift & entertainment policy to manage the conflict of interest. The typical requirements include setting a monetary threshold, compliance review and record keeping. Provision of excessive gifts & entertainment in return for a secret commercial benefit is highly concerned by regulators.

NASD recently fined Jefferies & Company, Inc. US$5.5m for providing more than US$1.6m in improper gifts and entertainment to equity traders employed by FMR Co., Inc., an investment advisor to the Fidelity family of mutual funds, between Sept 2002 and Oct 2004. The improper gifts to those Fidelity traders exceeded US$600,000 and included private chartered air travel, non-promotional sports-related merchandise and expensive bottles of wine. The impermissible entertainment totaled more than US$1m and included lavish trips, private chartered flights, expensive hotel accommodations, weekend golf outings and tickets to the 2004 Super Bowl.

NASD found that in 2002, Jefferies hired Kevin Quinn as an institutional sales trader in its Equity Division and agreed to pay him an annual base salary of US$4m in 2002 and 2003, and US$4.75 in 2004. The firm also provided Quinn with an annual travel and entertainment budget of US$1.5m to be used by Quinn and his team to entertain Fidelity traders to obtain order flow for the Jefferies Equity Division. Jefferies routinely and repeatedly reimbursed Quinn for gifts prohibited by NASD rules, which Quinn provided to Fidelity traders. NASD rules limit the value of gifts that firms and associated persons may give to customers of the firm - such as Fidelity and its traders - to US$100 per individual recipient per year.

NASD also found that Scott W. Jones (Quinn's former supervisor) routinely approved and reimbursed Quinn for entertainment that was inappropriate and excessive. Jefferies failed to establish and maintain an adequate supervisory system, including written procedures, to ensure reasonably that Quinn did not use the budget in violation of NASD rules.

The scale of improper activities in this case was quite massive and alarming. I would suppose there was no compliance monitoring at all.

Customer Data Protection

In an advanced economy, information security is equally important as physical security. Banks are holding the databases which record most of financial resources of the economy. Leakage of such information would lead to disastrous financial losses.

HKMA has recently completed an onsite examination of certain banks' controls over customer data protection and published a list of common controls issues identified:

Compliance with PDPO and Regulatory Requirements:

• Keep personal data longer than data retention period stated in customer agreements
• Not perform more stringent background checks for potential employees and contractors who need to access sensitive customer data
• Conduct of compliance reviews of statutory & regulatory requirements and internal security policies on a regular basis

Security Controls over Electronic Data:

• Lack of controls to protect sensitive customer data stored in portable computing devices and removable storage devices
• Not adopt data encryption for computer tapes that are transported between premises
• Not prevent users from copying customer data from computer workstations into removable storage devices
• Audit logs of customer data access activities for regular reviews

Security Controls over Hardcopy Documents:

• Not provide staff and service providers with guidance for handling sensitive hardcopy documents outside bank premises
• Insufficient surveillance controls (e.g. CCTV) in certain highly sensitive areas (e.g. computer tape rooms)
• Confidential wastes bags are left unattended after office hours in public office areas

Other Areas for Improvements:

• Not fully set out the contractual liabilities and obligations of service providers in outsourced service contracts
• Regular security training arranged for all relevant employees of outside service providers
• Adequate incident management procedures for loss or unauthorized access of customer data

Data protection is less controllable than physical asset protection because there are too many bank staff who can access customer data. If HKMA would launch a formal SPM on customer data protection, banks may have to designate a compliance officer responsible for this area.

Structured Product Investor Survey

(From Dec 2006 onwards, this blog will be updated on Mon, Wed and Fri)

SFC has just published the Structured Product Investor Survey. As expected, it again revealed how HK investors are immature when investing in more complicated products.

A quick summary of key findings from this survey and my comments in ( ):

• The majority of investors are educated up to matriculation or tertiary level. (Unfortunately, the school education generally does not cover investor education.)
• Equity-linked products is still the main stream. Not many investors are interested in currency/index/interest rate/credit-linked products. (Many investors just treat equity-linked products as a substitute of stocks, just like they regard stocks and warrants as the same things.)
• Most of the investors' investment objective is pursuit of higher returns, where 42% compared the return rates with bank deposit rates. (This is of course not comparing "like with like".)
• Half of the investors said that structured products comprised over 30% of their investment portfolio. (They did not realize the risk of over-concentration, especaially when they think structured products are medium risk investments.)
• Half of the investors did not understand the payoff mechanism of equity-linked products. (Ignorance is the real risk of investing. To reduce mis-selling, the suitability process should assess the investors' financial knowledge.)
• Banks is the dominant dealing channel of structured products. (But bank staff are generally less professional in terms of selling structured products.)
• The majority of investors said that they did not fully understand the offering documents because they was too technical. (It is difficult to understand structured products without a financial knowledge.)
• More than 40% of investors did not recall the sales representatives' explanations. (How can you remember something you don't understand?)
• A quarter of investors redeemed their structured products before maturity. (HK retail investors have not yet acommodated the longer investment horizon of structured products.)
• The majority of investors made a net gain in their investment in structured products during the past 12 months. (Once there is a major downturn in the stock market, the investors would receive the "crab stocks" and make a lot of complaints again.)

Compliance vs Ethics

SFC has recently banned several licensed representatives of broker firms for life from re-entering into the industry. Such disciplinary actions typically reflected serious misconducts regarding integrity.

In one case, the licensed representative had used client accounts and related accounts to conduct her personal securities trading in securities. To settle the unauthorised trades, she sold clients’ stock holdings without the clients’ instructions and misappropriated cheques issued by her employer and its clients. She concealed the unauthorised trading and misappropriation of client assets by falsifying statements of accounts and lied to the clients that statements of accounts were only issued semi-annually for environmental reasons.

In another case, the licensed representative had manipulated the share price of a listed company. He lied to the SFC investigators by blaming his clients for the manipulation, and by asking those clients to lie about this to his employer and to SFC. He told one of those clients that SFC would not take any action against her but it would revoke his licence, in order to coax her into assuming the responsibility for the manipulative orders. As a result, he was prosecuted for market manipulation and his clients were prosecuted for misleading SFC.

Compliance and ethics are a bit different. Non-compliance means you fail to follow the rules of the game, which may or may not be a moral problem. But the subjects in the above cases are obviously unethical and deserve the "ban for life" penalty.

The role of compliance officers is to ensure compliance with regulations but not to maintain ethical standards of adults. I don't believe in any compliance training which can transform a devil into an angel.

(I will be out of town from 27 to 30 Nov. Will blog again on 1 Dec.)

Dealing vs Advising

"Dealing" and "advising" are two terms in SFO which are often confusing people. If we simply rely on the common sense, then of course dealing means you enter into an agreement to buy and sell investment products for your client, and advising means you recommend your client to make an investment decision.

However, under Schedule 5 of SFO, dealing also means you "induce or attempt to induce" the client to enter into the agreement. That means, dealing covers the conduct of solicitation (selling).

Should all salespersons of securities be licensed for Type 1? Lawyers may say yes by their legal interpretation. But the fact is that there are many financial planning firms licensed only for Type 4 but selling unit trusts.

It seems that SFC has a different criterion to differentiate dealing and advising. My understanding is that if a financial planning firm does not receive client money when selling unit trusts (i.e. only pass the client's payment cheque to the fund house rather than depositing the client money into its account), then Type 1 licence is not required. It can earn the commission rebate for selling unit trusts by holding only a Type 4 licence.

Such distinction makes sense because the operational risk of keeping client money is much higher and Type 1 is subject to a more stringent FRR requirements. In contrast, banks must be licensed for Type 1 when selling unit trusts because they would receive client money by debiting their bank accounts.

(Disclaimer: The above view does not constitute any legal opinion. Please seek your legal advice in case of doubt.)

[Remark in 2008: Subsequently I've found that the above view for differentiating Type 1 and Type 4 is not taken by SFC. SFC now considers that even IFA firms should be licensed for Type 1 because they are actually distributing unit trusts in return for commission rebates from fund houses (rather than advisory fees from clients).]

Risk of Product Mis-selling

Last year SFC published a report regarding a theme inspection on certain investment advisers (IA), which revealed a number of deficiencies of the selling practices. It is now conducting the second round inspection.

In her speech yesterday, SFC's Alexa Lam mentioned the following extreme cases of mis-selling:

• A teacher was advised to invest in an unauthorized fund with gearing and promised a potential return of 16%. He lost all his savings.
• A woman aged 86 had most of her savings switched into high-risk single country funds by bank staff. SFC passed the cass to HKMA.
• A distributor produced misleading marketing materials stating that the unauthorized fund (described as speculative investment in the offering document) was suitable for conservative investors.
• A retiree aged 63 was advised to purchase an ILAS that required an annual payment for 3 years and then he had to wait 9 years before receiving a stable monthly return over the next 25 years.
• A retiree aged 65 was advised to take out an insurance savings plan for his grandson that will run for the next 16 years.

Even though the above obvious cases represent only a small minority of total sales, they should alert us that the average quality of IA in HK has concerned SFC.

Under S.168 of SFO, SFC is empowered to make the rules for the intermediary to:

• prohibit the use of misleading or deceptive advertisements;
• require specified terms and conditions to be included in client
  contracts;
• require provision to the client specified information concerning the business of the intermediary, and the identity and status of any person acting on behalf of the intermediary;
• require ascertainment of each client's identity and his financial situation, investment experience and investment objectives;
• require disclosure of any interest in the financial product recommended to the client;
• require risk disclosure is made to the client;
• require disclosure of commission or advantage received from any third party is made to the client.

As these rules, if made by SFC, represent statutory requirements, they should have a greater deterrent effect on mis-selling. However, if SFC favors the principles-based regulatory approach adopted by FSA, it would rather issue more industry guidance notes and initiate more disciplinary actions again those irresponsible IA.

Professional Investor (2/2)

In US, those investors provided with less protection are called "accredited investors". In HK, the term "professional investor" is used, which is quite misleading. It is reasonable to consider Category-A PI as more sophisticated and "professional" in terms of investment decision-making. But how about Category-B PI?

If you claim yourself to be a professional accountant, I would expect you are quite knowledgable in the accounting discipline or even have obtained a relevant qualification. If a customer is named as a Category-B PI, should I expect he is (say) a CFA or at least an investment expert? Of course not! They are PI just because they are wealthy. If they are investment experts, how come you can act as their investment advisers?

When you sell those complicated products (e.g. hedge funds) to a "rich dad", you believe you don't need to ensure suitability because they are Category-B PI. However, when they sue you for mis-advising and demonstrate to the judge that they are ignorant of investing, don't you think you can escape all liability?

Somebody argued that an ignorant PI can protect himself by appointing a professional to advise him. This is a circular argument. If you are the professional adviser, how could you advise your client to prevent from being cheated by you!?

In conclusion, my recommendations to SFC are:

• Rename "professional investor"; and
• Remove the Code of Conduct waivers available to Category-B PI.

Professional Investor (1/2)

"Professional investor" (PI) is a special term created by SFO, which refers to those investors who are considered as more sophisticated and thus requiring less protection. In other words, when an intermediary is dealing with PI, it is subject to less regulatory requirements.

PI is classified into two categories. Category-A PI includes those "institutional investors" such as banks, brokers, government bodies, etc. They are identified as PI by their status. Category-B PI includes trustees, individuals, corporations, etc. They are defined as PI by means of their financial position. Typically most of an intermediary's PI customers are of Category-B.

What are regulatory exemptions available for PI? I prefer classifying them into two types:

• Offering exemptions - e.g. offer of unauthorized products (SFO S103), no restrictions of cold calling (S174) and offer of securities without written document (S175)
• Operational exemptions - e.g. no need to send contract notes & account statements, no client agreement, no suitability assessment, etc.

Offering exemptions are equally applied to both categories of PI. Intermediaries like to use these exemptions as they can generate more sales opportunities. For operational exemptions, there are different treatements between two categories. Relatively speaking, Category-B is more protected than Category-A PI, e.g. written consent is required if operational exemptions are applied to Category-B PI.

There are often people asking me whether an "investment experience assessment" (e.g. 40 transactions per year) has to be done before treating a customer as a PI. My answers: first, such assessment is only required if you want to apply the operational exemptions in Conduct of Conduct to Category-B; second, such an assessment is only done once (i.e. no need for annual review).

Is exemptions for PI really a blessing to investment business? I would say yes or no. While offering exemptions are really beneficial, operational exemptions are often setting a trap for business people! I'll continue in tomorrow's blog.

Private Equity (2/2)

In the discussion paper, FSA seeks to address this question: "What's the appropriate level and form of regulatory engagement with the private equity sector"? Too much regulation could be detrimental to capital market efficiency but too little regulation could damage market confidence. The paper sets out an initial risk analysis based on historical industry views and recent regulatory assessments.

Key risks identified by FSA are summarized below:

• Excessive leverage - If lending on private equity transactions is not prudent, the default risk may substantially affect the financial stability.
• Unclear ownership of economic risk - The risk transfer practices (e.g. use of credit derivatives) may create operational problems in credit events.
• Reduction in overall capital market efficiency - The quality, size and depth of the public markets may be damaged by the expansion of the private equity market.
• Market abuse - The significant flow of price sensitive information in relation to private equity transactions may create a high potential of market abuse.
• Conflicts of interest - Material conflicts arise in private equity fund management between the fund manager and the investors.
• Market access constraints - Private equity funds lack liquidity as they are not available to retail investors by listing.
• Market opacity - Performance assessment of private equity is less transparent.

UK FSA is reviewing the regulatory framework governing private equity, but HK SFC remains silent. Under HK's regime, private equity transactions are not considered as "dealing in securities" as the shares are not transferable. While private equity funds are securities, it is unlikely SFC would authorize them for public marketing. So currently private equity funds are only sold to professional investors. Perhaps in forseeable future SFC may set up a new regulatory regime for private equity funds, just like what it did previously for hedge funds.

Private Equity (1/2)

Other than hedge fund, another innovative financial instrument drawing the attention of global regulators is private equity.

According to an article in Wikipedia, "private equity" is a broad term that refers to any type of equity investment in an asset in which the equity is not freely tradable on the public market. Passive institutional investors may invest in private equity funds, which are in turn used by private equity firms for investment in target companies. Categories of private equity investment include leveraged buyout, venture capital, growth capital, angel investing, mezzanine capital and others. Private equity funds typically control management of the companies in which they invest, and often bring in new management teams that focus on making the company more valuable.

The salient features of private equity include longer investment horizon and lack of liquidity (as there are many transfer restrictions on private securities). Private equity firms generally receive a return on their investment through one of three ways: (a) IPO; (b) sale or merger of the company they control; or(c) recapitalization. Unlisted securities may be sold directly to investors by the company (called a private offering) or to a private equity fund which pools contributions from smaller investors.

Private equity funds are generally organized as limited partnerships which are controlled by the private equity firm that acts as the general partner. The fund obtains capital commitments from certain qualified investors such as pension funds, financial institutions and wealthy individuals to invest a specified amount. These investors become passive limited partners in the fund partnership and at such time as the general partner identifies an appropriate investment opportunity, it is entitled to "call" the required equity capital at which time each limited partner funds a pro rata portion of its commitment. All investment decisions are made by the general partner, who is typically compensated with a management fee (as a percentage of the fund's total equity capital) as well as a performance fee (based on the profits generated by the fund).

Most private equity funds can only be offered to institutional investors and individiuals of substantial net worth as they are generally less regulated than ordinary mutual funds. Given the significant growth in capital flowing into private equity funds, FSA has recently issued a comprehensive discussion paper about the regulatory framework of private equity. I will blog it tomorrow.

Senior Management Buy-in

Compliance officers should be empowered by senior management in order to perform their duties effectively. But it doesn't mean the role of senior management is simply to delegate. They have been expected to roll up their sleeves, especially under the principles-based regulatory framework.

In the recent FSA conference titled "Treating Customers Fairly, Towards Fair Outcomes for consumers", 33% of delegates responded that the biggest barrier to implementing Treating Customers Fairly within their firms was lack of buy-in from senior management. Other major barriers are quality of staff (23%), regulation (11%) and cost (10%).

The above findings, together with recent FSA enforcement cases, reinforce the point that senior management aspirations had not yet fully permeated through businesses to result in improved outcomes for customers.

The Treating Customers Fairly (TCF) initiative is a pioneering example of the FSA's move towards more principles-based regulation, which focuses on the outcomes to be achieved as well as the responsibility of senior management to achieve them.

The six outcomes for consumers set out by FSA include:

• Consumers can be confident that they are dealing with firms where the fair treatment of customers is central to the corporate culture;
• Products and services marketed and sold in the retail market are designed to meet the needs of identified groups of consumers and are targeted accordingly;
• Consumers are provided with clear information and are kept appropriately informed before, during and after the point of sale;
• Where consumers receive advice, the advice is suitable and takes account of their circumstances;
• Consumers are provided with products that perform as firms have led them to expect, and the associated service is both of an acceptable standard and also as they have been led to expect; and
• Consumers do not face unreasonable post-sale barriers imposed by firms to change product, switch provider, submit a claim or make a complaint.

Real changes of compliance culture are required to achieve the above outcomes, which are emerging from senior management commitment. Increasingly FSA is seeing senior management engaging directly with the experience of their customers, e.g. listening to calls from call centres, sampling complaints, looking at reports from mystery shoppers, participating in customer panels, etc.

Such efforts can ensure that senior management can obtain more information to measure the compliance performance, without being biased by the word-of-month reports from either the business unit or the compliance department.

Cyber Crime

The hottest news about IT security in recent days is probably the online brokerage frauds happened at E*Trade and TD Ameritrade. Customer accounts of these 2 top online brokers had been hacked in Eastern Europe and Asia. US SEC found that the thieves used the customer money in a "pump-and-dump" scheme by pushing up the prices of thin-traded stocks and then sold them for a profit.

E*Trade disclosed that it had spent US$18m to compensate customers suffered from the unauthorized trades, while TD Ameritrade did not disclose the compensation amount.

The above online fraud doesn't result in misappropriation of customer money, but customers would be subject to a high legal risk if their accounts are compromised by unauthorized illegal trading or even money laundering.

Another type of pump-and-dump scams recently highlighted again by NASD involves the recommendation of a company's stock through false and misleading statements (the pump) in an email. Misled investors then buy the stock, creating demand that often causes the stock's price to soar. Eventually the fraudsters sell off their shares at the artificially inflated price (the dump), leaving the investors they duped with a worthless stock.

In HK, unauthorized transactions via computer hacking is less widespread. Usually they are manually arranged by "internal thieves" (i.e. staff working within the brokerage firm). Under the S&F (Insurance) Rules, the risk arising out of loss of client assets is covered. However, there is no protection against the legal risk arising from misuse or abuse of client account information!

Customer Account Statements

Following numerous incidents of unauthorized transactions, SFC has reminded again and again investors to check against their account statements to detect and report any discrepancies on a timely basis. Typically in the account statements a reminder is made that if no discrepancy is reported within a period of time (e.g. 30 days), the transactions are assumed to be accurate. If there is unreported false accounting, investors would face a risk when claiming compensation upon broker liquidation.

In US, recently SEC approved amendments to the NASD Rule 2340 requiring account statements to include a statement reminding customers to report inaccuracies in their accounts in writing. That means, even the customers have verbally confirmed any discrepancy with the broker, they should re-confirm the matter by writing to the broker and keep a copy. This gives the customers a better protection in terms of investor compensation.

Rule 2340 does not impose any time limit during which customers may report inaccurancies in their accounts. This is better than the HK practice in general. NASD also reminds its members to include in each account statement the name and telephone number of a responsible individual whom the customers can contact. Obviously such individual should be an independent person (e.g. back office staff) rather than the account executive, otherwise the problem may be withheld.

Business people often complain that account statements consume too much paper because more and more compliance messages are included. While investors have been overloaded, they would give up digesting the information and then surrender self-protection.

Misleading Ads of Loan Products

A donkey work of compliance officers in a retail business is to review the huge amount of marketing materials. While generally more attention is paid to ads of investment products, it doesn't follow that ads of loan products trigger no regulatory concern.

In Australia, ASIC recently raised concerns over their misleading promotional material issued by two home loan lenders, namely One Direct and MyRate.

Between Jul and Sep 2006, One Direct and MyRate advertised a low, variable home loan rate that did not reflect the most recent Reserve Bank interest rate increase announced in August 2006. In fact both lenders had deferred the decision about whether to pass on the interest rate rise, either in whole or in part, until 2007.

ASIC was concerned that:

• the promotional material did not make it clear that the variable rate might be increased at some later stage to reflect the August 2006 interest rate rise;
• customers would not expect a variable rate to be affected by official interest rate increases announced some time before taking out their home loan; and
• the advertised rate was used as the basis for a comparison with another ‘standard’ variable rate, showing long-term savings inconsistent with the potentially temporary nature of the advertised rate.

After ASIC's query, One Direct and MyRate have amended their advertising to better inform potential customers about the nature of their current variable rate. If customers affected by a rate rise inconsistent with the original advertising decide to refinance their loan, they will not be charged a deferred establishment fee by either lender.

Consumer protection in respect of loan product promotion is obviously better in Australia. In Hong Kong, cold callers promoting a personal loan plan would only tell me how low the monthly flat rate (say, 0.7% p.m. for 3 years) is. Without my further enquiry, they would never reveal that the annualized interest rate is up to 15%!

Principles-Based Regulation (2/2)

FSA Chairman expressed in his recent speech that FSA would not move to a regulatory regime based exclusively on principles. There is always a balance between general principles and specific rules. Nevertheless, such a shift would make regulatory enforcement more subjective, but may not reduce the compliance cost.

From the legal / compliance perspective, rules-based approach is definitely making the compliance work easier because the regulations are more certain and so less judgmental. The compliance officer can simply reproduce the specific rules to a checklist and conduct the monitoring by box ticking. This kind of regulation would lead to a large number of "technical breaches" which do not cause any harm to the customers and the market.

On the other hand, the business people would prefer principles-based approach as it is more "flexible", where they can push for a "favorable" interpretation and enforcement of the principles. This would create more confrontation between business units and compliance function.

For example, "treat customers fairly" (TCF) is high level principle always emphasized by FSA. But how many steps are considered sufficent to ensure TCF? Compliance officers may prudently highlight 10 necessary steps, while the sales team may argue that only 8 steps are enough. Eventually the compliance status is judged by the regulator by the "outcome" (e.g. a customer complaint for unfair selling process). The problem is how the compliance officer could anticipate the outcome and convince the management beforehand.

So that's why high level principles must be supplemented by industry guidelines to facilitate the interpretation. In HK, SFC has heavily relied on rules-based regulations, especially in the areas of operational issues (e.g. safeguarding of client assets). To cope with the complex and ever-changing market practices, I think SFC should issue more practical industry guidelines for different regulated activities. As a minimum, the "Management, Supervision & Internal Control Guidelines" should be updated or even re-written.

Principles-Based Regulation (1/2)

Principles-based regulation and rules-based regulation are two different regulatory approaches. The former sets out the regulations in terms of high level principles and defines violation by outcomes (e.g. a case of unfair treatment of customer is found). The latter makes regulations as specific rules and identifies violation by "box ticking" (e.g. failure to take a step required by the rulebook is identified).

Last week FSA published its proposals for a radical simplification of the rules that firms must follow in carrying out investment business with customers. The reform of the Conduct Of Business (COB) rules is a flagship project for FSA in the move towards more principles-based regulation and away from detailed prescriptive rules.

FSA's Conduct of Business rules for investment business have been in operation since the FSA took on its regulatory responsibilities in December 2001. The rules cover, among other things financial promotions, how firms provide information and advice to clients, non-advised services, and dealing in and managing investments. The new COB rules are strongly in favor of high level principles.

FSA also set out plans to encourage greater use of Industry Guidance to help their members understand and follow good practice in meeting regulatory requirments. A Discussion Paper sets out the FSA's thinking on the role of Industry Guidance in a more principles-based regulatory structure. The paper:

• recognises that industry guidance is not new, but already exists in different parts of the regulatory system;
• makes clear that industry guidance will supplement rules not replace them;
• sets out a standard process for FSA to recognise industry guidance;
• makes clear the standards that will be applied in recognising such guidance; and
• confirms that the FSA will not take action against a firm which has complied with recognised guidance covering the issue concerned.

The move toward principles-based regulation means focusing on the outcomes that really matter rather than on procedural box-ticking. It also gives firms the flexibility and innovation to achieve those outcomes in the context of their particular business models.

As a compliance officer, which regulatory approach do you prefer?

Payment Protection Insurance

If you are a bank borrower, from time to time you may receive cold calls from banks for selling the payment protection insurance (PPI). PPI is a secondary product with a loan or mortgage to provide protection in the event of accident, sickness, involuntary unemployment or death. As this is not an investment product, mis-selling cases are quite rare in HK. But in UK the consumer protection is so extensive to cover PPI.

FSA recently fined Loans.co.uk (LCUK) £455,000 for failings to minimize unsuitable sales of PPI. LCUK's primary business is as a second charge loan broker. It sold PPI on an advised basis using a script delivered over the phone when the loan or mortgage was arranged.

FSA found that LCUK failed to:

• gather sufficient information about personal circumstances prior to making a recommendation to customers;
• ensure that in the phone call advisers would give adequate disclosure of significant features, terms and exclusions to customers;
• ensure that advisers followed the scripted process and consistently recorded the customer information gathered over the phone;
• implement an adequate monitoring system to ensure suitability;
• put in place a sufficient record keeping procedures; and
• implement adequate complaint identification and handling procedures.

Based on an internal audit report, it was also found that the compliance department was not fully independent from the business units. The compliance resource was also insufficient.

Telephone sales are usually controlled by the scripts which should have been reviewed by compliance. In addition, compliance should perform sample checks to ensure that the scripted process is adequately followed. This is quite a time-consuming job. If even general insurance products like PPI are also covered, I can't imagine how big the compliance department should be.

Email Monitoring

One of the recent hot topics is whether the leading role of New York Stock Exchange has been challenged by London Stock Exchange and even HKEx. New York's Economic Development Corporation last month appointed McKinsey to research whether stiff US regulations are driving companies to list in London rather than New York. Sarbanes-Oxley Act is one big headache. Another concern may be the monitoring of electronic communications.

Today's businesses have relied heavily on e-mail as their primary business communication channel. While in the past firms in the finance sector were only required to monitor the telephone lines, now email monitoring is becoming another area of concern.

A survey was recently conducted at the same time for 300 people working in two of the world's busiest financial districts (New York and London), which revealed a key difference in regulatory compliance culture.

The survey discovered that:

• In New York more than 60% of respondents thought that it was right that their employer should monitor their e-mails. By contrast, in London only 38% supported their firm's right to monitor e-mails.
• Employees in the New York are under heaviest scrutiny. In New York 74% of respondents who worked in the finance sector thought their e-mails were already monitored, compared to 62% of London finance workers.
• New Yorkers are more likely to circumvent e-mail monitoring: 60% admitted that they had sent something that they "didn't want their employer to know about" using webmails. This compared to 42% of London respondents.
• More than 70% New York-based finance workers admitted they had received an e-mail that broke corporate or regulatory policies, compared to just 36% of London City employees.

The differing regulatory environments between New York and London may lead to the difference in competitive advantages. While it is unlikely US would relax its regulations, it should consider simplifying the compliance procedures. To strike a balance between regulatory compliance and privacy, technology should be creatively used to effectively manage communication and enforce good messaging governance.

Customer Complaint (3/3)

In HK, there is no public platform for arbitrating customer complaints about financial products / services. The roles played by mass media and Consumer Counsil are only criticizing.

But in UK, the Financial Ombudsman Service (FOS) was set up by law to help settle individual disputes between financial institutions and their customers. FOS can consider complaints about a wide range of financial matters - from insurance and mortgages to savings and investments. The key point is: such service is free of charge!

FOS is not a regulator but can settle disputes as an alternative to the courts. Its determination binds both the customer and the financial institution.

From time to time FOS publishes its determined cases (with disclosing the names), which are of good reference. I had seen a case where the customer challenged the method used by the financial adviser to compute the return of a with-profit bond. FOS dismissed this complaint because it considered that the customer's own calculation of return failed to take into account the "smoothing mechanism" of a with-profit bond.

Many people tend to abuse their right to making complaints whenever they lose money from their investments. This is problematic. Valid complaints should demonstrate the fact that the suitability of advice has been impaired, which is judged not by the investment result but by the selling process.

Customer Complaint (2/3)

Handling of customer complaints is more of an art than a science. While fact findings are critical, many other human and political factors have to be taken into account.

Typically in a mis-selling case the compliance officer should conduct an independent investigation and ensure the final response is timely given to the customer. The staff subject to complaint should not be allowed to get in touch with the customer further. I had seen cases where the staff took the initiative to settle the issue privately with the customer but eventually made things worse.

The difficult decision made by the management is whether a compensation should be paid. Sometimes even no fault was found in the selling process the bank may still pay in order to save time and maintain the customer relationship, esp. when the amount involved is small. In that situation, the bank would issue a letter which admits no liability but comforts the customer by making a courtesy payment, and requests the customer to shut up.

But when the complainant has already escalated the case to regulators or media, then the condition would become more confrontational. Courtesy payment may no longer be an option. The bank must thoroughly find out if the complaint is valid. It should ascertain whether there are internal control weaknesses, insufficent trainings, or simply an isolated case of staff misconduct. Sometimes a mis-selling case may be associated with an unregistered staff, then the regulatory risk would be much higher.

If the complaint case is lodged with HKMA, then what would happen? Unless the case involved an obvious breach of regulations, most probably HKMA will ask the bank to settle with the customer. It will not play an arbitration role but always ask for detailed reporting from the bank.

Customer Complaint (1/3)

As Mrs Tung said, HK people like to "complain, complain, complain". This represents the progress of democracy and higher awareness of consumer protection. In the financial industry, selling of investment and insurance products trigger the most difficult complaints.

As a compliance officer, part of his jobs is to investigate into complaints and advise the business people how to give an appropriate response. When I was working in banks, I had handled some interesting complaint cases about misselling of investment products. Just want to mention 3 special categories of complainants here.

Elderly Customers

Such kind of customers are loved and hated by the salespersons. On the one hand, they have a great purchasing power because they are used to keeping their savings as deposits. On the other hand, they are in generally less educated and have a limited investment horizon. Selling of long term structured products to them is quite risky. Their complaints are generally well received by both regulators and media.

But are all elderly customers "victims"? I had seen some greedy old ladies who proactively asked for purchasing high return (and of course, high risk) products. Whenever they lose money, they would pretend to be ignorant and innocent!

Professionals

They are typically lawyers or CPA. Usually they would not complain for being cheated by salespersons (face problem?), but they like to challenge the computation of product performance. They know how to play the game of complaint by sending a "professional letter" to the bank's senior management. Then the bank staff (including compliance officers) would spend a number of hours to draft a prudent reply. If the compensation demanded is just a few thousands, the senior management may surrender even the complaint is unreasonable!

Powerful Persons

Such persons would allege they have an "unusual background". They may claim to know "somebody" in the government or some large enterprises. They may even threaten (verbally) to challege the physical security of the salesperson if no compensation is paid. I had once seen a salesperson who was forced by the pressure to resign and leave HK!

Tomorrow I will talk about the handling of customer complaints.

Market Timing by Hedge Funds

In my previous blogs I mentioned that one of regulatory issues of hedge fund managers is the market timing practices. Actual incidents have happened frequently in UK and US but not in HK.

Last week NASD imposed its largest fine (US$2.25m) against Paul Saunders, a hedge fund manager of James River Capital Corporation (JRCC), for using deceptive practices to market time through variable annuities.

JRCC is general partner and trading manager of the Jazzman Fund, a hedge fund established specifically to engage in market timing. After personally investing in Jazzman, Saunders, through JRCC, created 19 limited partnerships under Jazzman to increase the hedge fund's ability to market time mutual fund sub-accounts of variable annuities. While each Jazzman partnership appeared to be a separate entity, with a different name and tax identification number, the partnerships all had common owners - a fact that Saunders did not disclose to insurance companies that offered the variable annuities.

From Oct 2001 to Sep 2003, Saunders used these Jazzman partnerships to engage in numerous deceptive practices to evade attempts by insurance companies to block or restrict his market timing in sub-accounts of variable annuities. Saunders opened 20 different accounts for the Jazzman partnerships at one broker-dealer and commenced market timing, sometimes simultaneously purchasing contracts and trading in the same annuity through several Jazzman partnerships. After receiving communications from insurance companies restricting further market timing, the Jazzman hedge fund used three deceptive practices to continue market timing:

• Saunders purchased contracts in the same variable annuity for other Jazzman partnerships and continued trading through those contracts;
• Saunders obtained additional contracts in the same variable annuity, but changed the name of the annuitant. All of the annuitants were actually employees of entities Saunders controlled; and
• When certain insurance companies rejected an annuity contract because it was purchased with a large initial investment, Saunders purchased another contract with a much smaller initial investment. When that contract was accepted, Saunders transferred funds from accounts of other related Jazzman partnerships to the accepted contract and then began market timing in the contract's sub-accounts.

These practices enabled Jazzman to execute approximately 1,000 variable annuity transactions, well in excess of insurance company limits for any single entity. Saunders personally made approximately US$750,000 in illicit profits from the deceptive conduct.

Compared with the overseas practitioners, the games played by the HK hedge fund managers are much more "simple and naive", typically misappropriation of client assets - e.g. the CSA Fund case (Mr Charles Lee Schmitt was finally sentenced an imprisonment of 4.5 years).

Take a Break

Since creating this blog from 10 Aug 2006, I have continuously added one article per working day. This is not easy for me as I am not a newspaper columnist. Compliance is an interesting topic but not so many people are really interested. Thanks Ban and Idol for your ongoing support by leaving your comments here.

It's time for me to take a short break (from tomorrow to Friday) for recharge. I will come back on 31 Oct 2006.

Taking a vacation by a compliance officer is sometimes difficult, especially if you are working as a one-man band. I remember when I was a compliance officer designated for one specialist area, my boss would get crazy for finding a poor guy (who didn't know about my work at all) to act as my "backup" during my annual leave. Actually this is useless. Whenever there is any so-called urgent matter, the business people would immediately dial my mobile no!

See you next Tuesday.

Regulation of Hedge Funds (3/3)

In Mar 2006, IOSCO released a survey report which studied the global regulatory environment for hedge funds, covering a number of jurisdictions (including HK). There are 4 significant conclusions:

1. No member country had adopted a formal, legal definition of "hedge fund".
2. Hedge fund managers were regulated in most of the jurisdictions.
3. Few jurisdictions reported any significant "retailization" of hedge funds.
4. There had been some incidents of fraud relating to hedge funds.

According to a testimony of SEC, there are 3 principal areas of regulatory concern over hedge funds:

• Fiduciary obligations
• Market abuse
• Risks to broker-dealers

Fiduciary Obligations

SEC has handled many enforcement against hedge fund managers, which involve:

• misappropriation of fund assets
• "portfolio pumping" (i.e. bidding up the value of a fund's holdings right before the quarter-end)
• side letter agreements (i.e. hedge fund managers give certain investors more favorable privileges than others receive, e.g. liquidity preferences or more portfolio information)
• improper valuation of fund assets in order to hide losses or boost performance

Market Abuse

The market abuse activities include insider dealing, illegal short selling, market manipulation, late trading and fraudulent market timing. We still remember how hedge funds attacked the Asian financial markets during 1997-1998. Such manipulative activities were facilitated by investment banks and prime brokers.

Risks to Broker-Dealers

One core service prime brokers offer their hedge fund clients is margin financing. Under the competitive business environment, some prime brokers may be tempted to relax their risk management and credit policy, thus creating unduly large exposure to hedge fund risks. Derivative is a 2-side sword. Amarthan was killed by natural gas futures. A recent article of Forbes alerted investors to the potential disaster of hedge funds for trading in credit derivatives. Nevertheless, Donald Tsang still mentioned in his policy address that the government would study for the development of a commodity futures market in HK. Is it an idea to attract more hedge funds to HK, or provide one more gambling tool to retail investors?

Hedge fund is definitely a growing business but the global regulators are still sorting out the best regulatory model for such a mix of devil and angel. While we are concerned about systemic risk and investor protection, we can't deny that hedge funds contribute substantially to market efficiency, price discovery, liquidity and financial innovation.

Regulation of Hedge Funds (2/3)

SFC may feel proud of Hong Kong becoming a leading hub for hedge funds in the Asian region. The survey report indicated that HK has achieved a high growth of hedge funds, managers and AUM over the past 2 years.

Details of the survey are not reproduced here. I just want to highlight the following findings:

• 74% of responends reported that they had 10 or less staff. It could be envisaged that they may not have a full time compliance officer. Quite probably one staff is required to oversee risk management, compliance and operations.
• Most of the hedge funds are offered only to institutional investors. This is normal as most of retail investors and even salespersons could not understand hedge funds well. However, I also wonder whether institutional investors like pensions could master hedge funds.
• While the textbook tells us there are so many alternative strategies adopted by hedge funds, the strategies used by HK hedge fund managers are occupied by equities long/short (34%), multi-strategies (25%) and FoHFs (20%). Only a very small portion is playing more fantastic strategies like global marco, event driven, distressed debts, etc.
• A majority of hedge funds used no or little leverage. This is because they mainly invested in equity markets and did not trade heavily in derivatives.

In HK, direct regulaton of hedge funds is not practical because most of them are unauthorized private funds. SFC can only indirectly supervise the licensed hedge fund managers. It seems that the hedge funds managed by HK managers are still far from sophisticated as the overseas ones. Therefore the corresponding compliance concerns are still limited to those basic topics such as internal controls and conflicts of interest.

Next Monday I will touch on the international arena of hedge funds.

Regulation of Hedge Funds (1/3)

Hedge funds has become an important regulatory agenda in the past few years, especially after the LTCM incident. The recent collapse of Amaranth Advisors has made this topic hot again. Hedge fund is attractive in terms of the pursuit of "absolute return", flexible investment strategies and the low correlation to the overall market. But it is sometimes viewed as a mysterious monster which could disturb the markets from time to time.

In US and UK, hedge funds are only made available to private and institutional investors. Therefore the regulatory concern is not investor protection but the market impact. In the case of Amaranth, despite the size of loss (US$6 bn), the financial markets were not extensively affected. This may reflect the improved risk management measures taken by the market practitioners.

In HK, though a segment of hedge funds are made available to retail investors, most of the hedge fund managers licensed by SFC are managing private hedge funds. Obviously SFC's focuses are put on the internal control and risk management issues of both hedge fund managers and prime brokers.

Yesterday SFC banned Mr Charles Lee Schmitt from re-entering the industry for life for misappropriating client assets and being convicted of false accounting. This is the well-known case initiated by the report of directors of Charles Schmitt & Associates that Schmitt was suspected of misappropriating client assets from the CSA Absolute Return Fund. SFC found that Schmitt diverted the investors’ subscription proceeds for the Fund for his own use. He was charged with offences under the Theft Ordinance and now waiting for sentence.

SFC has just released a survey report on hedge funds managed by SFC licensed fund managers. I will comment on it tomorrow.

Supervisory System

Many firms have a misconception that once a perfectly written compliance manual is put in place then everything will be under control. They ignore the fact that a good supervisory system should at least include ALL of the following:

• Written compliance procedures which are properly communicated to all relevant staff
• Effective and consistent enforcement of compliance procedures by regular monitoring and disciplinary action for non-compliance
• Keeping of adequate records to demonstrate compliance

NASD recently fined CCO Investment Services Corp. US$850,000 for failing to establish, maintain and enforce a reasonably designed supervisory system and written procedures relating to a series of issues. Some violations are highlighted below:

• CCO failed to maintain business-related email and records of compensation given to its brokers by issuers of variable contracts or mutual funds.
• CCO's suitability reviews of variable annuity contract sales were not reasonably designed to prevent and detect sales practice violations. For example, although the firm utilized surveillance reports and its operations personnel reviewed variable annuity applications before the transactions were completed, it inconsistently provided for reasonable follow-up and review to ensure that noted exceptions were adequately addressed.
• Although the firm had some policies related to variable annuity sales to elderly clients, it failed to provide for reasonable follow-up and review to ensure that those policies were implemented for these clients. To the extent that the firm had customer suitability review procedures, such as mandating the use of customer financial profile forms, it did not consistently enforce those procedures. As a result, customer information that could have assisted registered persons and the firm in assessing suitability was not always available.
• CCO made telephone calls to prospective customers during "call nights". The firm required affiliated bank employees, who were not registered representatives, to use pre-approved scripts and not to discuss specific financial products with customers. But the firm had no supervisory system or written procedures for monitoring compliance with its supervisory procedures in this area. The firm had no reasonable way of even tracking the occurrence of call nights or otherwise monitoring compliance with its procedures.

Compared with dealing operations, sales operations is more difficult to monitor. The audit trails are usually maintained by human efforts (instead of automatic capture by computer systems), thus the probability of misuse and abuse is higher.

Ponzi Scheme

A "Ponzi scheme" is a fraudulent investment operation that involves paying abnormally high returns to investors out of the money paid in by subsequent investors, rather than from net revenues generated by any real business. It was "invented" by the notorious Charles Ponzi in early 20th century.

Nowadays the Ponzi schemes are often more sophisticated but the underlying formula is quite similar. They continue to prevail because greed is a human nature.

Last week US SEC filed emergency securities fraud charges against a promoter (Pinnacle) to halt a Ponzi scheme that raised at least US$30m from around 2,000 investors in fraudulent "real estate development partnerships".

SEC alleged that from at least Oct 2006 to present Pinnacle has:

• sold interests in such scheme through a nationwide advertising campaign (including solicitation for investors in magazines & newspapers)
• promised investors a 25% return in 45 or 60 days, and a second 25% return and the return of capital after 90 days
• represented that the profits would be earned by purchasing foreclosed real estate, making minor repairs and reselling the property within 45 to 60 days.

Without disclosure to investors, Pinnacle in fact purchased property from third parties and sold it to investors at high mark-ups. The exorbitant returns promised to investors were generated by selling the property to other "fooled" investors.

Under the SFO, the above Ponzi scheme may be regarded as a collective investment scheme or regulated investment agreement. Marketing of it to the HK investing public without SFC authorization is illegal. But from time to time I've received those suspicious advertisements from different sources.

People could not eliminate greed, but at least they should learn to be smart investors. In their new book "Why We Want You To Be Rich", Donald Trump and Robert Kiyosaki even alleged that middle classes in developed countries would eventually become poor if they don't have financial education!

Manipulation of Futures Market

Last week SFC suspended the licence of a futures dealer (Tsoi Bun) for 15 months due to manipulation of the futures market. This is a rare case because usually people are caught by SFC for manipulation of the stock market.

In Jun 2000, HKFE introduced the pre-market opening period (30 minutes before the normal trading hours) as a price discovery mechanism. An indicative calculated opening price (COP) is calculated every time an order is placed, changed or cancelled. Orders are received, ranked and ultimately matched at the last indicative COP.

During the pre-market opening periods of 2 trading days in 2002, Tsoi artificially increased the COP of the HSI futures contracts by 160 points and 76 points respectively, and made a profit of $510,000 through his net short positions.

When Tsoi committed such market manipulation, the SFO was not yet implemented. But even Tsoi had appealed to SFAT, how could SFC take 4 years to conclude this case?

SOX Compliance

Following the accounting scandals in such companies as Enrol, Tyco and WorldCom, SOX has become a new challenge to the compliance field and also created many career opportunities for compliance officers.

SOX stands for the Sarbanes-Oxley Act of 2002, also known as the Public Company Accounting Reform and Investor Protection Act of 2002, is the US federal law for the listed companies. The more remarkable provisions of SOX include:

• Certification of financial reports by CEO and CFO
• Independence of auditor and audit committee
• Significantly longer maximum penalties for corporate executives who knowingly and wilfully misstate financial statements
• Employee protections for corporate fraud whistleblowing
• Establishment of internal controls over financial reporting

IT plays a key role in the financial reporting process and thus SOX compliance. Recently a software company Approva conducted a survey of more than 200 high-level finance and IT executives at listed companies. The purpose of this survey explored how executives at leading listed companies view their compliance-related investments.

Major findings of this survey are set out below:

• The vast majority of companies who currently use software to automate their controls think their investment will provide business value beyond SOX compliance.
• Despite the recognized value of automation, most companies have yet to automate the testing of their IT controls.
• ERP systems alone are not adequately equipped to support proper monitoring of controls to ensure regulatory compliance.
• Open, cross-application controls automation and monitoring solutions are critical in the audit process.
• Most companies who currently do not have a software solution for controls automation are planning to invest in one in the next year.
• Investment in audit preparation continues to rise.
• Most companies expect to realize measurable returns on their IT controls and compliance investents.
• Many companies believe SOX has been successful in helping to prevent corporate fraud and increase investor confidence.

In forseeable future, we can expect compliance monitoring to be more automated (therefore less labor-intensive), then the role of compliance officers would turn into being more analytical and advisory.