On 28 Jun 2024, the HKMA announced pilot arrangements for cross-boundary credit referencing (CBCR) under a MoU with the PBoC, enabling data transfers between Hong Kong and Mainland CRAs to support SME lending. AIs participating in the pilots must comply with existing SPM module IC-7 requirements, including customer consent, data security, and CRA safeguards, while adhering to the Personal Data (Privacy) Ordinance for personal data.
This article was generated using SAMS, an AI technology by Timothy Loh LLP.
SFC Regulation of Virtual Asset Trading Platforms: The Emerging Hong Kong Framework
SFC proposes new regulation of virtual assets through licensing of operators of cryptocurrency and other digital asset trading platforms
Market Misconduct Tribunal: A Guide to Penalties and Other Consequences for Misuse of Insider Information
Market Misconduct Tribunal proceedings for mishandling of insider information can result in fines and disgorgement orders
SPOTLIGHT ON
FAMILY OFFICES
Pilot Arrangements for Cross-boundary Credit Referencing
On 28 Jun 2024, the Hong Kong Monetary Authority (HKMA) issued a circular setting out arrangements for pilots on cross-boundary credit referencing (CBCR) between Hong Kong and the Mainland, facilitated by a Memorandum of Understanding (MoU) signed with the People’s Bank of China (PBoC). The pilots aim to enable southbound (Mainland-to-Hong Kong) and northbound (Hong Kong-to-Mainland) transfers of commercial credit data via credit reference agencies (CRAs), supporting credit underwriting for banks and enhancing SME access to funding within the Guangdong-Hong Kong-Macau Greater Bay Area (GBA).
Regulatory Compliance Requirements
Participating authorized institutions (AIs) must comply with all relevant laws and the Supervisory Policy Manual (SPM) module IC-7 on commercial credit data sharing. Specifically, AIs must obtain customer consent for data transmission (Section 4), ensure data security and confidentiality (Section 5), and verify CRAs engage adopt reasonable procedures to protect data (Section 6). The circular also reminds AIs to adhere to the Personal Data (Privacy) Ordinance (Cap. 486) where personal data is involved in cross-boundary transfers.
View the full article:Source
