The Hong Kong Monetary Authority (HKMA) recently approved eight virtual banking licence recipients, opening the door for fintech companies to enter the banking industry.
Simon Hawkins, a counsel at Latham & Watkins in Hong Kong, told China Business Law Journal that virtual banks, like conventional “brick and mortar” banks, were subject to the Banking Ordinance, its subsidiary legislation, the HKMA’s Supervisory Policy Manual and the codes, and guidelines and circulars issued by the HKMA.
“The main difference is that virtual banks can take advantage of the HKMA’s recently updated Guideline on the Authorization of Virtual Banks, which sets out certain principles that the HKMA will take into account in deciding whether to authorize a virtual bank applying to conduct banking business in Hong Kong,” said Hawkins. “In short, some of the authorization criteria for becoming licensed as a virtual bank are in some ways less onerous than the criteria for becoming a conventional bank with physical branches. The most obvious difference is that virtual banks are not required to maintain physical branches, although they must maintain a physical presence in Hong Kong, to interface with the HKMA and with customers, to deal with their enquiries or complaints.”
Hawkins said that perhaps the most significant feature of the new regime was that virtual banks were not required to be majority-owned by a regulated financial institution, meaning that non-financial institution companies, for example, technology and e-commerce companies, can become majority shareholders of virtual banks. In contrast, the HKMA’s policy in relation to conventional banks is that they should be majority-owned by a bank or other type of regulated financial institution.
“By opening up the Hong Kong banking market to non-financial institution players, the HKMA aims to promote fintech and innovation in the local banking industry, while also offering new customer experiences in the retail market,” he said.
The eight fintech companies that obtained the virtual bank licences are: (1) Ant SME Services, owned by Ant Financial; (2) Insight Fintech, a joint venture owned by Xiaomi and AMTD Group; (3) Infinium, a joint venture owned by Tencent, the Industrial and Commercial Bank of China, Hong Kong Exchanges and Clearing, Hillhouse Capital, and others; (4) Livi VB, a joint venture between Bank of China (Hong Kong), JD Digits, and Jardines; (5) SC Digital Solutions, a joint venture between Standard Chartered, PCCW, HKT and Ctrip; (6) Ping An OneConnect, owned by PingAn; (7) WeLab, a fintech company based in Hong Kong; and (8) ZhongAn Virtual Finance, owned by ZA International.
“Given the utmost importance of stability of the Hong Kong banking sector, and public confidence, and noting the perceived higher risks of virtual banks in the initial years of operations, it is also not surprising to see that most of the licensees are backed by strong parents and shareholders who are financial institutions themselves, or tech giants who have strong financial capabilities,” Karen Man, financial services regulatory partner at Baker McKenzie in Hong Kong, told China Business Law Journal.
Man said that the HKMA’s Guideline on Authorization of Virtual Banks clearly sets out the HKMA’s policy objectives for welcoming virtual banks in Hong Kong. “The development of virtual banks is to promote the application of financial technology and innovation in Hong Kong, to offer a new kind of customer experience, and to help promote financial inclusion, including the small and medium-sized enterprises [SMEs],” she said.
“It is also important not to lose sight of the fact that virtual banks are no different from other fully licensed banks, which must satisfy the minimum criteria for authorization in the Seventh Schedule to the Banking Ordinance. Specifically, the HKMA must be satisfied that the controllers of the virtual banks are fit and proper persons.
“In the context of virtual banks, the HKMA made clear that ownership is important given the higher risks for the initial years of operations of these new ventures. Hence, the HKMA has indicated that parent companies of a virtual bank must be committed to, and be capable of, providing strong financial, technology and other support to the virtual bank when necessary. This is also evident in the attention that the HKMA pays to the credibility and viability of a bank’s business plan, and the requirement for a virtual bank to have an exit plan in case its business models turns out to be unsuccessful.”
In terms of compliance issues, Hawkins said virtual banks were not too different from conventional banks. “The main difference will be that virtual banks’ customer acquisition and service delivery channels will be exclusively online, and therefore there will need to be an enhanced focus on areas like technology risk management, cybersecurity and customer data protection,” he said.
He suggested that virtual banks should establish procedures for regularly reviewing their security and technology-related arrangements to ensure that such arrangements remain appropriate with regard to the continuing developments in technology.
In terms of data protection, Hawkins said virtual banks must have proper systems in place to protect customer data and they will be subject to requirements on the handling and usage of such data by the Personal Data (Privacy) Ordinance and the Code of Banking Practice.
“This is likely to be particularly important where virtual banks are employing virtual onboarding procedures that may involve the use of sensitive biometric data,” he said. “Additionally, sharing of customer data cross-border with mainland affiliates will require customer consent and consideration of mainland cybersecurity and data privacy laws.”