HONG KONG SAR, CHINA Law and Practice Contributed by: Vincent Lung and Mike Yeung, Parkside Chambers
Personal Liability Directors and officers may face personal liability if they participate in, consent to, connive in or knowingly per - mit AML breaches. They may also face liability where AML failures amount to a breach of directors’ duties. Serious breaches may also result in criminal liability, regulatory sanctions, disciplinary action, disqualifica - tion and reputational damage. Even where criminal liability is not established, poor AML governance may lead to regulatory criticism and loss of business con - fidence. 6. Audit, Risk and Internal Controls 6.1 External Auditors Requirement to Appoint Auditors Hong Kong companies are generally required to appoint external auditors in connection with annual financial statements. Dormant companies are the main exception. The auditor must be qualified under Hong Kong law. The auditor reports on whether the financial state - ments give a true and fair view and comply with the applicable financial reporting framework and stand - ards. Appointment and Removal Auditors are normally appointed by shareholders in annual general meetings. Removal of auditors is subject to statutory procedures designed to protect auditor independence and ensure that members are properly informed. A company should not change auditors to suppress disagreement or avoid scrutiny. In practice, where an auditor inexplicably resigns or is removed without proper justification, it may in itself be a strong alarm to the stakeholders as to how the company has been operating. Rights of Auditors Auditors have rights to access accounting records and obtain information and explanations from direc - tors and officers. Directors and officers must co-oper - ate with the auditors.
Providing false or misleading information to auditors may create serious consequences, including criminal or regulatory exposure. Listed Companies For listed companies, the audit committee oversees the relationship with the external auditor. It reviews independence, audit scope, audit findings, audit fees and non-audit services. The audit committee is also expected to review finan - cial reporting judgments, internal controls and risk management systems. It is a central safeguard in listed company governance. 6.2 Risk Management and Internal Controls Regulatory Treatment of Geopolitical Risk Hong Kong does not impose a single general rule requiring all companies to perform a dedicated geo - political risk function. However, geopolitical risk may be relevant to sanctions, supply chains, financing, market access, cybersecurity, data transfers, ESG, tax, trade controls and disclosure obligations. For listed issuers, geopolitical risk may fall within the board’s responsibility for overall risk management and internal controls. Where geopolitical developments may materially affect operations or financial perfor - mance, the board should ensure proper assessment and disclosure. Board and Committee Oversight Geopolitical risk is usually overseen by the board, audit committee, risk committee or executive risk committee. The appropriate structure depends on the company’s business. A multinational trading, logistics, technology or finan - cial services business may require formal reporting and monitoring. A purely local private business may require a lighter structure. Sanctions Compliance Sanctions compliance is a key area of board-level oversight. Companies should identify whether their customers, suppliers, counterparties, banks, inves - tors, vessels, products or jurisdictions create sanc - tions exposure.
332 CHAMBERS.COM
Powered by FlippingBook