Ref: HKMA/B1/15C HKMA/B9/67C INS/ADM/7/16 SU/CTC/2024/003 SFO/IS/015/2024
To: Chief Executives of all Authorized Institutions, Chief Executives of Authorized Insurers and Responsible Officers of Licensed Insurance Broker Companies carrying on long term insurance business and general insurance business and focusing on retail customers, Chief Executives of all MPF Approved Trustees and Responsible Officers of all Principal Intermediaries, Responsible Officers of all Licensed Corporations
Joint Circular on Anti-Scam Consumer Protection Charter 2.0
To help combat digital frauds and scams, the Hong Kong Monetary Authority (HKMA), the Insurance Authority (IA), the Mandatory Provident Fund Schemes Authority (MPFA) and the Securities and Futures Commission (SFC) (in alphabetical order, hereafter called “four financial regulators”) are committed to enhancing public awareness of safeguarding their bank, credit card, investment, insurance and mandatory provident fund (MPF) account and other key personal information. In this respect, the four financial regulators jointly invite their regulated entities which primarily serve retail customers (see below for details of scope) to adopt the Anti-Scam Consumer Protection Charter 2.0 (the Charter 2.0).
On the back of increasing prevalence of digital frauds and scams, the financial sector has been taking various actions, including enhancing fraud monitoring and data security management, to help guard against such crimes. As consumers also play a crucial role in prevention of frauds and scams, the four financial regulators now make joint efforts in raising consumers’ awareness of the need and their ability to protect themselves against illegal digital acts.
Riding on the Anti-Scam Consumer Protection Charter launched in June 20231, the Charter 2.0 aims at expanding the participation of institutions to also cover:
(a) authorized institutions under the Banking Ordinance (Cap. 155) carrying on retail banking business;
(b) authorized insurers and licensed insurance broker companies under the Insurance Ordinance (Cap. 41) carrying on long term insurance business and general insurance business and focusing on retail customers;
(c) MPF approved trustees and principal intermediaries under the Mandatory Provident Fund Schemes Ordinance (Cap. 485); and
(d) licensed corporations under the Securities and Futures Ordinance (Cap. 571) carrying on regulated activities and focusing on retail customers.
Participating institutions are expected to carry out the following activities in support of the Charter 2.0:
Commit not to send any instant electronic messages (e.g. SMS, WhatsApp, WeChat, etc) to customers with embedded hyperlinks to acquire bank, credit card, investment, insurance and MPF account or other key personal information online, unless arising from requests by the customers;
Work together in raising public awareness of digital frauds and scams. This will include sending through their suitable channels (such as corporate websites, mobile apps, etc), publicity and promotional material, a key message of “Beware of scams! Do not provide bank, credit card, investment, insurance and MPF account or other key personal information via hyperlinks embedded in suspicious messages purported to be coming from our institution!” to their customers and the public to facilitate awareness of such frauds and scams;
Provide contact information on their suitable channels (such as corporate websites, mobile apps, etc) for customers to make enquiries (e.g. on verifying the identities of the message senders or authenticity of the messages); and
Provide relevant training to their frontline staff (including sales and customer service staff) so that they will be able to handle customer enquiries and convey anti-scam education messages as appropriate.
While the above principles may be more relevant to retail-facing financial institutions, other regulated financial institutions are also strongly encouraged to follow the above principles as far as practicable subject to their business models.
Regulated financial institutions which have not yet indicated their participation but would like to adopt the Charter 2.0 may indicate their interest to or enquire with the following contacts on or before 28 June 2024. A reply template for the regulated financial institutions to indicate their participation in the Charter 2.0 can be found in the Annex.
Authorized Institutions Ms Charmaine he, Banking Conduct Department, HKMA at 2878 1358
Authorized Insurers and Mr Edmund Chow, Long Term Business Division, IA at 3899 9903 Licensed Insurance Broker Companies
MPF Approved Trustees Ms Clio Wong, Supervision Division, MPFA at 2292 1369 and Principal Intermediaries
Licensed Corporations Ms Denise Chan, Supervision Department, SFC at 2231 1188 Intermediaries
Eddie Yue Clement Cheung Chief Executive Chief Executive Officer Hong Kong Monetary Authority Insurance Authority
Cheng Yan-chee Julia Leung Managing Director Chief Executive Officer Mandatory Provident Fund Schemes Securities and Futures Commission Authority
Annex
Reply Template on Participation in theAnti-Scam Consumer Protection Charter 2.0
To: * Hong Kong Monetary Authority (please email to Code@hkma.iclnet.hk) / Insurance Authority (please email to charter@ia.org.hk) / Mandatory Provident Fund Schemes Authority (please email to intermediaries@mpfa.org.hk) / Securities and Futures Commission (please email to as_charter@sfc.hk)
* Please delete as appropriate
Our institution would like to join the Anti-Scam Consumer Protection Charter 2.0 (the Charter 2.0) as participating institution, and to commit to following the principles stated in the Charter 2.0. Please find the following information for your perusal:
(a) Full name of institution a. Chinese: _____________ b. English: _____________
(b) Contact person Primary contact: a. Name: _____________ b. Post Title: _____________ c. Email: _____________ d. Phone: _____________
Secondary contact (if applicable): a. Name: _____________ b. Post Title: _____________ c. Email: _____________ d. Phone: _____________
Comments