Internet Disaster

Boxing Day seems not a lucky day in recent years. While the painful experience of Tsunami in 2004 has not been forgotten, this year the world encounter the internet disaster caused by the Taiwan earthquake on 26 Dec.

It was hardly believed that the earthquake could lead to such a serious disruption of communication and business. Even worse, the problem may last for a few days. Many securities firms using Bloomberg for trading had to resume the "manual mode", i.e. filling in deal tickets! Without the real-time updating of positions, the risk of trading and operational errors would be much higher.

Then we must return to the fundamental problem: contingency planning. Since the 911 incident and SARS outbreak, SFC has paid more attention to contingency measures in disastrous events. Under Section 12.5 of the Code of Conduct, licensed firms should notify SFC "any material failure, error or defect in the operation or functioning of its trading, accounting, clearing or settlement systems or equipment". Since this time the problem is so widespread, SFC had already taken the initiative to contact certain large firms to understand the problem.

Once again I would imagine the terrorists can create an economic disaster by attacking the optical fiber cables under the sea...

Best wish for a more peaceful 2007!

Unauthorized Advertisements

Under SFO, “investment products” are broadly classified into three categories, namely, securities, collective investment schemes (CIS) and regulated investment agreements (RIA). Unless otherwise exempted, issuance of advertisements in relation to investment products to HK investing public without SFC authorization is prohibited. While this requirement is well known to investment professionals, people outside the securities industry.

SFC recently prosecuted Centaline (China) Property Consultants Ltd, Dalian Victory Plaza Development Company Ltd (a PRC company) and Mr Lee King Fung for issuing advertisements relating to a CIS without SFC authorization. In May and Aug 2005, Centaline (China) and Dalian Victory posted advertisements in their respective websites to promote an investment scheme in relation to the sale of shop units in Dalian Victory Plaza (the Plaza) in China (the Scheme). Centaline (China) also distributed various promotion leaflets of the Scheme, while Dalian Victory issued advertisements in some local newspapers, stations and carriages of MTR and KCRC.

The Plaza was developed by Dalian Victory which appointed Centaline (China) to act as the exclusive sales agent to promote the Scheme. Lee was the most senior officer in Centaline (China) responsible for the promotion of the Scheme.

Property developers and promoters often confuse ordinary property investments with an investment scheme. In 2003, there was a similar case happened for Midland (China) Property Development Ltd. In that occasion, SFC advised promoters to take a legal advice before launching such a scheme and indicated its willingness to assist promoters by discussing in advance the particular terms of any scheme.

Keeping of Records

Since the Enron incident, regulators have paid more attention to the problem of destroying internal documents by a charged firm. Emails are obviously under the spotlight.

NASD has recently charged Morgan Stanley for the following:

• Morgan Stanley failed to provide emails before 11 Sep 2001 to arbitration claimants and regulators in numerous proceedings from Oct 2001 to Mar 2005.
• Morgan Stanley falsely claimed in many of those proceedings that such email had been destroyed in the 911 terrorist attacks on World Trade Centre, where its email servers were housed. In fact, Morgan Stanley possessed millions of pre-911 emails that had been restored to its system shortly after 911 using back-up tapes. Many other emails were maintained on individual users’ computers and were therefore never affected by the attacks, yet Morgan Stanley often failed to search those computers when responding to requests.
• Morgan Stanley later destroyed many of the emails it did possess, in two ways – by overwriting backup tapes that had been used to restore the emails to the firm’s system and by allowing users of the firm’s email system to permanently delete the emails over an extended period of time.

In HK, SFC has issued the S&F (Keeping of Records) Rules, which is however mainly covering the financial, transactional and operational records. It is unclear if destroy of emails by HK licensed firms is a regulatory breach. But SFC may still discipline a firm for such act by using the last weapon - General Principle 2 of the Code of Conduct - Diligence.

Supervisory Failures

In recent years, management supervision is more often quoted by the regulators in enforcement cases. Sometimes a failing supervisory system per se would lead to a discipinary action even though the firm has not yet been convicted of any misconduct.

NASD has recently fined USAllianz Securities US$5m for widespread deficiencies in its supervisory system and for record-keeping violations. As part of the settlement, USAllianz Securities may not open a new office for 30 days, and may not hire new registered representatives for 7 days.

NASD found that for almost 5 years, USAllianz failed to establish and maintain a reasonable supervisory system and written procedures designed to oversee the firm's registered representatives and their activities.

The resulting deficiencies included:

• Supervisory principals did not know which registered representatives they were responsible for supervising and in other instances registered representatives could not identify their supervisory principals.
• Supervisors were not qualified to carry out their supervisory responsibilities because they lacked experience, education and training; in other instances, supervisory principals inappropriately delegating their day-to-day supervisory responsibilities to other less experienced principals, often without notifying the firm.
• Inadequate staffing resources dedicated to compliance given the size and location of the firm's sales force, e.g. 2 compliance officers covering a large field sales force working in numerous offices scattered throughout the US.
• The internal office inspection program failed to provide adequate oversight, training and guidance, leading to substantial failures to properly identify deficiencies. For instance, an inspector could determine that an entire office was fully compliant in an area simply because a single registered representative did not exhibit any deficiencies in that area.
• USAllianz did not have any system in place to capture, preserve and maintain e-mail communications.

Perhaps the whole management team of this firm should attend a "re-training" program of "Management Control ABC".

Sales Charge Waiver

Certain load mutual funds allow investors to buy Class A shares without paying the front-end sales load (i.e. they can purchases the shares at NAV) if they buy that fund using proceeds from the sale of shares in a different mutual fund family for which they paid a front-end or back-end sales charge. These transactions are called "NAV transfers".

As a decent adviser, you should never recommend your clients to switch their funds if the only basis for the recommendation is simply to earn a commission from the sale or purchase. If the opportunity of sales charge waiver under NAV transfers is available, you should inform your clients.

NASD has recently imposed fines totaling US$850,000 against four firms - Edward Jones, RBC Dain Rauscher, Royal Alliance Associates and Morgan Stanley - for failing to have adequate supervisory systems and procedures to identify opportunities for investors to purchase Class A mutual fund shares at NAV.

During 2002-2004, many mutual fund families offered NAV transfer programs that eliminated front-end mutual fund sales charges for certain customers. NASD found that each of the firms failed to ensure that customers received NAV pricing when appropriate. As a result, certain investors purchased Class A shares and incurred front-end sales charges that they should not have paid, or purchased other mutual fund share classes that subjected them to higher fees and the potential of contingent deferred sales charges.

Each firm was ordered to provide remediation to thousands of eligible clients who qualified for, but did not receive, the benefit of available NAV transfer programs.

The principle of acting in the best of clients is so wide, which may be breached by either action or inaction.

Cross-border Enforcement of Securities Laws

Buy-side people (such as fund managers and proprietary traders) often receive non-public price-sensitive information from investment banks, i.e. "sounding out" (探盤). If they do not act properly on such information, they would be accused of the offence of insider trading.

SFC has suspended Stephane Hug, a convertible bond proprietary trader and SFC licensee accredited to Credit Suisse (Hong Kong) Ltd, for 4 months.

SFC found that:

• On 28 Nov 2003, a representative of Daiwa Securities SMBC (Europe) Ltd in Geneva told Hug by phone about a potential convertible bond issue by Sumitomo Light Metal Industries Ltd (SLM), a company listed on the Tokyo Stock Exchange. Daiwa was the underwriter of this issue.
• The terms of the potential convertible bonds were disclosed to Hug to “sound out” his views about the attractiveness of the bonds to investors. This is a common market practice.
• On 1 Dec 2003, Hug was informed that the convertible bond issue would be announced after the market closed on 2 Dec 2003 and the issue price would be fixed on 3 Dec 2003.
• On 2 Dec 2003, while in possession of such information, Hug sold SLM shares.

Since the above insider trading occurred on the Tokyo Stock Exchange, Hug’s conduct did not contravene Hong Kong’s securities laws. While the case was referred by Japanese's SESC, SFC could only take the disciplinary action against Hug by using the "last resort" - General Principle 2 of the Code of Conduct (i.e. diligence).

In this case, actually Hug obtained no personal benefit, but his conduct was technically wrong. Therefore Credit Suisse (Hong Kong) had taken the following remedial steps:

• Donated the profits made through the transaction to charity
• Suspended Hug for one month without pay, fined him and denied him US$400,000 of discretionary bonus

This case once again demonstrated the feasibility of cross-border enforcement of securities laws among regulators in different countries.

Job Agents

Near the year-end, staff turnover in financial institutions is usually low as people are waiting for year-end bonus. Since compliance is a one of the professions with high demand, from time to time compliance officers would receive cold calls from job agents.

In general, I think the professionalism of HK job agents is deteriorating in recent years. There were some bad experiences in my memory, which make me challenge the agents' competency and even integrity. I even think their problems are similar to those of investment professionals, such as:

Mis-selling

The agents fail to do any homework about the candidate's profile and then recommend an inappropriate job. This wastes the time of both the candidate and the prospective employer. As compliance is still young profession, many agents do not really understand its nature and function. As a result, they can only read out the job description to the candidate without performing any suitability assessment. Once a time I sent my CV (which clearly indicates my career history of securities compliance) to an agent and eventually he referred a job of "physical security" to me! Perhaps he didn't differentiate "securities" from "security".

Dissemination of false information

Some agents pretend to have job offers from some large institutions (actually such offers do not exist) and use such false information to solicit CV from candidates. Then they use the CV for "hawking" before the employers, without getting the candidates' consent. This is very unethical.

Confidentiality

There are too many "big mouth" agents in the society. They don't respect the confidentiality of the candidates by disclosing their information to outsiders on a "no need to know" basis. Sometimes they fail to handle the confidential information with prudence. I had once received an email from an agent, which was actually for the attention of another candidate but wrongly sent to my email address. I was highly concerned whether any email to me would be sent by her to a third party.

Underselling

When publishing the salary surveys, the agency firms tend to overstate the market prices to attract the job seekers. When actually bargaining a job from a prospective employer, they often undersell the candidate in order to increase the success rate. Some agents even attempt to fool the candidate. For example, they may say you are unreasonable to ask for a 20% increase in monthly salary, but ignoring the fact that the new employer is paying 12-month fixed salary while your existing one is paying 13-month.

While the malpractices of property agents and investment professionals are highly regulated, why are the job agents un-regulated or at least under-regulated? Now I can only rely on self-protection measures, including: (a) trust only agents referred by my friends and reject all cold-calling agents; and (b) black-list all known agents who are not acting professionally. Of course, I have also established a long term relationship with a few good agents and feel comfortable to make referral of candidates to them.

Stock Manipulation Scheme

There was recently a fraud case of stock manipulation happened in US, where the parties came from HK and PRC.

On 4 Dec 06 SEC filed an emergency action against China Energy Savings Technology, Inc., several of its former officers, its controlling shareholder, and others, alleging that they orchestrated an elaborate stock manipulation scheme.

It was alleged that China Energy and the company's undisclosed control person, Chiu Wing Chiu, with the assistance of the company's Corporate Secretary, Lai Fun ("Stella") Sim, devised a wide-ranging stock manipulation scheme to fraudulently obtain Nasdaq National Market System ("NMS") listing, artificially inflate China Energy's stock price, and sell millions of China Energy shares into the US capital markets.

Chiu and Sim formed China Energy through a transaction with a Nevada shell corporation called Rim Holdings, Inc. and the subsequent acquisition of a BVI holding company called Starway Management Ltd.

The defendants:

• caused China Energy to purchase Starway at an excessive price to facilitate the issuance of large quantities of China Energy shares to entities controlled by Chiu;
• caused China Energy to obtain a NMS listing by artificially creating a shareholder base and falsely representing to Nasdaq that the company had met its minimum shareholder requirement;
• issued false press releases concerning China Energy's NMS listing;
• created artificial demand for China Energy stock by engaging in manipulative trading and entering into secret deals to give free China Energy stock to shareholders willing to purchase China Energy in the open market; and
• concealed the fact that Chiu controlled both the company and the company's public float.

In addition, China Energy, Chiu, and others engaged in illegal unregistered sales by gifting shares to more than 400 persons as part of the fraudulent Nasdaq listing scheme and by improperly issuing S-8 stock to promoters engaged in capital raising activities and consultants who performed no services.

SEC acknowledged the assistance afforded by HK SFC in this matter. I am interested to know what SFC has done to assist SEC. Under SFO, market manipulation conducted in overseas markets by HK residents may also be captured. This case is a regulatory cooperation to fight against cross-border financial crime.

Gifts & Entertainment (2/2)

NASD Rule 3060 (the gift rule) prohibits any member or person associated with a member from giving, or permitting to be given, anything of value in excess of US$100 per individual per year where such payment is in relation to the business of the recipient’s employer. The rule protects against improprieties that may arise when members or their associated
persons give gifts or gratuities to employees of a customer.

NASD recently issued the Report on Examination Findings Regarding Gifts and Gratuities, which details its findings from a review of more than 40 member firms with respect to compliance with Rule 3060 over a two-year period, and the supervision of firm practices in this area. Some of those findings are highlighted below:

Problematic Data Produced

• Firms lacked the centralized record-keeping systems to assess compliance with Rule 3060. They even did not maintain adequate records of gifts, gratuties, travel & entertainment.

Record-Keeping Deficiencies Observed

• Firms failed to maintain records of gifts & entertainment aggregated by individual recipient and require brokers to provide complete attendee information for all ticketed events.

Systems & Procedures to Comply with the Gift Rule

• Firms generally did not have a separate approval process for gifts and the focus is cost control rather compliance with Rule 3060.
• Firms did not have procedures reasonably designed to ascertain whether entertainment was appropriate.
• Firms did not have adequate controls in place to monitor the manner in which tickets (of sporting events, concerts, etc.) purchased were used (note: a ticket provided to a client is deemed a gift (thus subject to the US$100 limit) if the broker does not attend the event with the client).

In HK, the situation is probably quite similar. The focus of controls over gifts and entertainments is more put on cost management and less on conflict of interest. Some compliance officers may have maintained a register of benefits received by the firm's staff, but they seldom monitor the gifts and entertainment offered by the firm to clients. They may think that this is the job of ICAC!

Gifts & Entertainment (1/2)

Christmas is coming, again the season for receiving the festival gifts. Many firms have laid down a formal gift & entertainment policy to manage the conflict of interest. The typical requirements include setting a monetary threshold, compliance review and record keeping. Provision of excessive gifts & entertainment in return for a secret commercial benefit is highly concerned by regulators.

NASD recently fined Jefferies & Company, Inc. US$5.5m for providing more than US$1.6m in improper gifts and entertainment to equity traders employed by FMR Co., Inc., an investment advisor to the Fidelity family of mutual funds, between Sept 2002 and Oct 2004. The improper gifts to those Fidelity traders exceeded US$600,000 and included private chartered air travel, non-promotional sports-related merchandise and expensive bottles of wine. The impermissible entertainment totaled more than US$1m and included lavish trips, private chartered flights, expensive hotel accommodations, weekend golf outings and tickets to the 2004 Super Bowl.

NASD found that in 2002, Jefferies hired Kevin Quinn as an institutional sales trader in its Equity Division and agreed to pay him an annual base salary of US$4m in 2002 and 2003, and US$4.75 in 2004. The firm also provided Quinn with an annual travel and entertainment budget of US$1.5m to be used by Quinn and his team to entertain Fidelity traders to obtain order flow for the Jefferies Equity Division. Jefferies routinely and repeatedly reimbursed Quinn for gifts prohibited by NASD rules, which Quinn provided to Fidelity traders. NASD rules limit the value of gifts that firms and associated persons may give to customers of the firm - such as Fidelity and its traders - to US$100 per individual recipient per year.

NASD also found that Scott W. Jones (Quinn's former supervisor) routinely approved and reimbursed Quinn for entertainment that was inappropriate and excessive. Jefferies failed to establish and maintain an adequate supervisory system, including written procedures, to ensure reasonably that Quinn did not use the budget in violation of NASD rules.

The scale of improper activities in this case was quite massive and alarming. I would suppose there was no compliance monitoring at all.

Customer Data Protection

In an advanced economy, information security is equally important as physical security. Banks are holding the databases which record most of financial resources of the economy. Leakage of such information would lead to disastrous financial losses.

HKMA has recently completed an onsite examination of certain banks' controls over customer data protection and published a list of common controls issues identified:

Compliance with PDPO and Regulatory Requirements:

• Keep personal data longer than data retention period stated in customer agreements
• Not perform more stringent background checks for potential employees and contractors who need to access sensitive customer data
• Conduct of compliance reviews of statutory & regulatory requirements and internal security policies on a regular basis

Security Controls over Electronic Data:

• Lack of controls to protect sensitive customer data stored in portable computing devices and removable storage devices
• Not adopt data encryption for computer tapes that are transported between premises
• Not prevent users from copying customer data from computer workstations into removable storage devices
• Audit logs of customer data access activities for regular reviews

Security Controls over Hardcopy Documents:

• Not provide staff and service providers with guidance for handling sensitive hardcopy documents outside bank premises
• Insufficient surveillance controls (e.g. CCTV) in certain highly sensitive areas (e.g. computer tape rooms)
• Confidential wastes bags are left unattended after office hours in public office areas

Other Areas for Improvements:

• Not fully set out the contractual liabilities and obligations of service providers in outsourced service contracts
• Regular security training arranged for all relevant employees of outside service providers
• Adequate incident management procedures for loss or unauthorized access of customer data

Data protection is less controllable than physical asset protection because there are too many bank staff who can access customer data. If HKMA would launch a formal SPM on customer data protection, banks may have to designate a compliance officer responsible for this area.

Structured Product Investor Survey

(From Dec 2006 onwards, this blog will be updated on Mon, Wed and Fri)

SFC has just published the Structured Product Investor Survey. As expected, it again revealed how HK investors are immature when investing in more complicated products.

A quick summary of key findings from this survey and my comments in ( ):

• The majority of investors are educated up to matriculation or tertiary level. (Unfortunately, the school education generally does not cover investor education.)
• Equity-linked products is still the main stream. Not many investors are interested in currency/index/interest rate/credit-linked products. (Many investors just treat equity-linked products as a substitute of stocks, just like they regard stocks and warrants as the same things.)
• Most of the investors' investment objective is pursuit of higher returns, where 42% compared the return rates with bank deposit rates. (This is of course not comparing "like with like".)
• Half of the investors said that structured products comprised over 30% of their investment portfolio. (They did not realize the risk of over-concentration, especaially when they think structured products are medium risk investments.)
• Half of the investors did not understand the payoff mechanism of equity-linked products. (Ignorance is the real risk of investing. To reduce mis-selling, the suitability process should assess the investors' financial knowledge.)
• Banks is the dominant dealing channel of structured products. (But bank staff are generally less professional in terms of selling structured products.)
• The majority of investors said that they did not fully understand the offering documents because they was too technical. (It is difficult to understand structured products without a financial knowledge.)
• More than 40% of investors did not recall the sales representatives' explanations. (How can you remember something you don't understand?)
• A quarter of investors redeemed their structured products before maturity. (HK retail investors have not yet acommodated the longer investment horizon of structured products.)
• The majority of investors made a net gain in their investment in structured products during the past 12 months. (Once there is a major downturn in the stock market, the investors would receive the "crab stocks" and make a lot of complaints again.)