Global menu

Our global pages


Show me the Money! - The SFC Moves to Regulate Depositaries of SFC-authorised Collective Investment Schemes

  • Asia
  • Hong Kong
  • Investment funds and asset management


The SFC Moves to Regulate Depositaries of SFC-authorised Collective Investment Schemes

In September 2019, the Securities and Futures Commission of Hong Kong (the “SFC”) issued a Consultation Paper (available here) setting out its proposals for the regulation of depositaries of Hong Kong public funds. The proposals follow a period of “soft” industry consultation and the SFC seeks input from the industry by 31 December 2019.

Depositaries – the global context

The role of the depositary, custodian, or trustee to mutual funds is receiving ever-increasing scrutiny from regulators and investors alike. With depositary oversight of liquidity issues in the UK at the forefront of the regulator’s mind, the German regulator looking to regulate the custody of crypto assets, and the EU taking steps in AIFMD and UCITS V to formalise the obligations on depositaries, it looks as though regulatory scrutiny of depositary businesses isn’t set to subside any time soon.

Background to the proposals

The activities of trustees and custodians to Hong Kong public funds have historically not fallen under the aegis of the SFC, or any other Hong Kong regulator, except in limited circumstances. Although trustees and custodians of public funds are expected to comply with any relevant requirements in the SFC’s Codes of Conduct which apply to the relevant fund, the SFC has not historically had any direct enforcement powers over trustees and custodians, and has therefore struggled to formally discipline trustees and custodians which have fallen short of their expectations.

In seeking to bring trustees and custodians (in the rest of this briefing referred to as “depositaries”) within the scope of the SFC’s supervision and enforcement powers, the SFC is moving in line with the global regulatory focus on the activities of safekeeping entities and the persons who run their businesses. As the proposed new regulated activity (“RA13”) will bring depositaries within the realm of the “manager in charge” regime, the SFC is also clearly seeking to extend the principles of personal responsibility for senior staff in these businesses.

Although some depositary businesses in Hong Kong are subject to a certain level of regulation and scrutiny – notably, those operating in the context of MPF products – the proposals presage a significant change in the way depositary businesses approach regulatory compliance and may require some restructuring of business entities to ensure that compliance is achieved efficiently. In addition, the senior staff running the depositary businesses will need to be comfortable about their personal responsibilities – and liabilities – under the manager in charge regime.

The proposals – key points to note

Which businesses will be caught?

Any trustee of a Hong Kong authorised unit trust, or custodian appointed by a Hong Kong authorised collective investment scheme (i.e. mutual fund company, REIT, SFC-authorised pooled retirement fund, and open-ended fund company) will be caught by the new regime. It should be noted that a custodian servicing only pure MPF products will not be caught unless the business also services retail Approved Pooled Investment Funds (“retail APIFs”). MPF trustees are of course already approved by the MPFA and the SFC does not therefore consider there is a need to extend its regulatory regime to these businesses.

Any business which might fall within scope will need to analyse which of its business lines and group companies within its structure service which products. To the extent that the same group company acts as custodian to MPF and other CIS products, it will need to consider whether there needs to be any re-organisation of its business to ensure that the two business lines are segregated where necessary. This is particularly relevant to larger depositary businesses which have several group companies simultaneously undertaking custody and safekeeping functions in respect of a variety of funds. Clearly, it might be preferable to have one group company as the licensed entity undertaking RA13 activities, with other safekeeping activities not requiring a license (such as pure MPF trustee activities) undertaken by another group company so as to avoid a mix of the two activities in both entities and both entities thereby requiring licenses.

The proposed licensing and conduct requirements

  • Most individuals performing a “more than clerical” role in the depositary’s business will need to be licensed by or registered with the SFC. Note that where the depositary is an “authorised financial institution” registered with the SFC to undertake RA13 activities, staff will not need to be licensed or registered with the SFC, but will need to be registered with the Hong Kong Monetary Authority. Staff members responsible for supervising regulated activities will be expected to obtain approval from the SFC as Responsible Officers (“ROs”) or from the Monetary Authority as executive officers
  • In practice, it will be difficult for depositaries with a large staff to determine where the line is crossed from “more than clerical” work to work which genuinely requires a license. We expect that affected businesses will be keen to impress upon the SFC that much of a depositary’s day to day business does not require a large number of staff to be licensed, as it will relate to more process driven activities such as ex ante monitoring and record keeping. The SFC has recognised that some depositary services are largely operational in nature. Exactly where the SFC draws the line will need to be fleshed out during the consultation process
  • The Manager in Charge (“MIC”) regime will apply to senior members of staff. Depositaries will therefore need to go through the requirements for the MIC regime on top of the requirements to obtain and maintain the RA13 license. The complexity of this process will depend on the complexity of the business in question, and large multi-national companies will likely need to spend some time preparing for the MIC implementation, including mapping reporting lines and getting senior staff in other jurisdictions comfortable with the ramifications of the regime and their responsibilities – if any – under the SFC’s requirements
  • Staff members in ancillary or support roles – such as human resources, IT and legal and compliance - will not require to be licensed or registered, although they may in some cases fall within the remit of the MIC regime

Financial resources and insurance

  • Firms falling within the scope of RA13 will be expected to maintain a minimum paid up share capital of HKD10,000,000 and liquid capital of HKD3,000,000, which we would not expect to be difficult for most firms in the market to satisfy
  • Firms will also be expected to maintain an adequate professional indemnity insurance policy, a proposal which is in line with the requirements for fund managers under the Fund Manager Code of Conduct

The Codes of Conduct

The SFC are proposing to take a relatively pragmatic approach to the question of how the existing regulatory obligations on depositaries will fit in to the new RA13 regime. Taking the view that depositaries are already obliged to comply with relevant requirements in the product codes, the SFC are simply clarifying that the existing codes for licensed persons will apply in addition to the product codes with which the depositaries should already be familiar. They are not at present proposing to establish a standalone code of conduct to cover RA13 specifically, instead relying on the current arrangements across product codes, and the overarching codes applying to licensed persons, as sufficient. Certain adjustments are, however, proposed, which at first glance appear to lighten the regulatory burden, although in practice, we suspect the outcome will be the same for depositary businesses. These include removing the requirement to submit annual, audited, internal control reports to the SFC. However, a new schedule is proposed to the Code of Conduct for Licensed Persons which effectively re-imposes these requirements anyway, only without the obligation to report to the SFC.

Additional consequential amendments are proposed to be made to the product codes. Interestingly, during the soft consultation phase, respondents suggested that clarity and guidance was needed on where the line falls between the depositary’s and the manager’s roles. The SFC have elected not to provide further guidance on this, and appears to be of the opinion that the roles are sufficiently delineated at present, indeed, that some overlap is beneficial, in terms of each party undertaking checks and monitoring on the other.

The proposed new Schedule 11 to the Code of Conduct covers the following activities, which will be familiar to depositaries as principally taken from the existing Annex G to the UT Code. Retaining these requirements as a new Schedule to the Code of Conduct arguably places a more stringent requirement on the depositary to comply with these existing requirements and provides a direct line of regulatory redress against any depositary which the SFC considers has failed to comply with the relevant requirements.

  • Management and supervision
    These requirements cover reporting and communication with the management company
  • Delegation
    These requirements cover ongoing monitoring and oversight of delegates, along with requirements for assessing prospective delegates’ systems, controls, and competence to provide the relevant services. There is a particular focus on properly dealing with conflicts of interests which aligns with the SFC’s ongoing focus in this regard. Importantly, the SFC are clear that delegation does not absolve a depositary of its responsibilities and obligations
  • Operational controls and compliance
    The SFC’s requirements cover the obligation to have appropriate record keeping and oversight policies and procedures. In particular, a depositary’s obligations span oversight of subscription and redemption procedures including remittance of subscription and redemption proceeds and ensuring that appropriate reconciliations are taking place
  • Valuation and NAV monitoring
    The SFC requires depositaries to oversee the processes for valuing and pricing a fund, including having the systems in place to escalate any pricing issues. Depositaries will need to ensure, in practice, that they have the contractual relationships in place with any third party operator undertaking any kind of valuation or fund accounting activity, in order to ensure that the information flow and checks and balances can be carried out in accordance with the SFC’s requirements
  • Monitoring of distributions and cash flow
    The depositary will be responsible for overseeing the calculation of distributions, as well as for monitoring cash flow, verifying collateral valuations and monitoring compliance with margin requirements and the identity of fund counterparties. In particular, the depositary will be responsible for “identify[ing] cash flows which are inconsistent with the operations of the relevant CIS” which could potentially encompass a wide range of issues. Depositaries will wish to ensure that they have robust internal control and external arrangements to permit them to have the level of oversight which they will need to properly discharge these functions
  • Investment monitoring
    Depositaries will be expected to undertake ex post checks and controls on investments to ensure they meet investment and borrowing restrictions, are accurately reflected in the manager’s records, and are settled correctly. In practice, this will likely involve not simply a check box approach to monitoring, but will require a level of investment knowledge in the depositary itself in order to properly discharge this function, including understanding associated investment issues such as liquidity profiles and eligibility under both constitutive documents and the broader regulatory regime
  • Custody and safekeeping
    These requirements will likely already be complied with by depositaries of authorised funds and are in line with the requirements on safekeeping entities in other comparable jurisdictions. The requirements relate to establishing robust procedures to ensure that assets of a fund are appropriately segregated, protected, verified, and reconciled on a regular basis
  • Connected party transactions and treating customers fairly
    Interestingly, the proposed schedule includes a requirement on the depositary to oversee the controls of the fund and its manager with respect to connected party transactions. The depositary also had an express obligation to ensure that the fund manager is treating customers fairly, for example, in how the manager undertakes the NAV calculation and pricing of a fund. Arguably, the breadth of this obligation could, however, extend much further, including requiring oversight of any preferential arrangements which managers may enter into with certain unitholders, and ensuring that the net effect of such arrangements is fair in the context of other investors’ rights and obligations

Transitional proposals – what about existing depositaries?

The finalised proposals will take effect between 12 – 18 months from the gazettal date. During this time, in-scope businesses will be expected to complete the relevant licensing or registration regime, as applicable to them. For existing depositary businesses, the SFC has been pragmatic in approach, and set out a proposal for a “grandfathering” regime to apply to in-scope staff. Such staff will still be required to meet the relevant levels of academic qualification and industry and management experience, but will not be obliged to take regulatory exams. Instead, such staff may take an appropriate course of CPD of no less than 5 hours, within 12 months of securing licensing or registration.


Whilst the consultation is still ongoing, we would expect that businesses will look closely at the proposals and need to undertake a gap analysis to determine where any additional compliance burden is likely to fall. Although the SFC clearly consider that the line between a manager’s and a depositary’s activities should already be sufficiently clear, we see the securities services business globally as struggling sometimes with this delineation. Particularly with the increasing complexity of investment strategies and the current vogue for non-financial objectives, such as ESG, depositaries are increasingly put in the position where they are being pressured to take on a greater role in verifying and assessing individual investments, which they may not always have the manpower, or expertise, to do. With increasing regulatory expectations, and the resultant increasing risk of enforcement or disciplinary action, depositaries will have to look closely at their systems and controls and invest in ongoing training and CPD to ensure that staff are able to cope with regulators’ expectations in the new world.

In Hong Kong, the SFC has been pragmatic in its approach, seeking to bring the requirements on depositaries up to the global common standard rather than impose too exigent a burden on the depositary market. We expect that the requirements will play a significant role in cementing Hong Kong’s reputation as a retail fund management hub, as well as giving the SFC those all-important powers to intervene and formally discipline depositaries which fall short of their expectations.

How Eversheds Sutherland can help

Eversheds Sutherland acts for a wide range of participants in the asset management space, including asset managers, depositaries and custodians, and distributors. Eversheds Sutherland can assist with all aspects of RA13 compliance, including:

  • using our experience with other large scale regulatory change projects, such as MIC compliance, to support businesses in implementing the changes required to comply with RA13
  • licensing and support with the SFC process
  • training and guidance on RA 13, MIC functions, governance, and the Hong Kong regulatory system
  • repapering of agreements between depositaries, funds, managers and third parties to ensure that appropriate information flow and access arrangements are in place
  • GAP analyses to assist businesses in planning for the RA 13 regime