Management Summary
- Purpose / Background:This notice informs Authorized Institutions (AIs) of the Hong Kong Monetary Authority (HKMA) about the gazettal of eight revised Supervisory Policy Manual (SPM) modules and a revised Banking (Exposure Limits) Code of Practice. These revisions are primarily to implement the Basel Committee's standards on the prudential treatment of cryptoasset exposures and consequential amendments to exposure limits.
- One-line conclusion (what changed / what needs to be done):New HKMA guidelines for cryptoasset exposures and exposure limits are effective from January 1, 2026, requiring AIs to review and update their practices.
- Key Changes (3-8 bullets):
- Implementation of Basel Committee's prudential treatment for cryptoasset exposures.
- Updates to capital adequacy framework for cryptoasset holdings.
- Revisions to large exposures and risk concentrations related to cryptoassets.
- Amendments to exposures to connected parties concerning cryptoassets.
- Modifications to rules on major acquisitions and investments in relation to cryptoassets.
- Revisions to the regulatory framework for supervision of liquidity risk.
- Updates to market risk and CVA risk capital charges.
- Revised Banking (Exposure Limits) Code of Practice.
- Key Dates / Deadlines:Effective Date: January 1, 2026
- Applicability / Impact scope:All Authorized Institutions (AIs) incorporated in Hong Kong.
- Recommended management actions (3-7 actionable bullets):
- Review the revised SPM modules and the Banking (Exposure Limits) Code of Practice.
- Assess the impact of new cryptoasset prudential treatment on capital adequacy.
- Update internal policies and procedures to align with revised exposure limits and cryptoasset guidelines.
- Ensure IT systems and data reporting capabilities can accommodate new requirements.
- Conduct staff training on the updated regulatory framework.
- Engage with compliance and risk management teams to ensure readiness by the effective date.
Detailed Summary
- Document overview (nature, purpose, scope)This HKMA circular announces the gazettal of eight revised Supervisory Policy Manual (SPM) modules and a revised Banking (Exposure Limits) Code of Practice. The purpose is to inform Authorized Institutions (AIs) about these updates which are issued as statutory guidelines under the Banking Ordinance. The scope covers prudential treatment of cryptoasset exposures and consequential amendments to exposure limits.
- Main requirements (group by topic; state what must be done)AIs are required to adhere to the revised SPM modules and the Banking (Exposure Limits) Code of Practice. These include:
- Capital Adequacy for Cryptoassets: Implementation of the Basel Committee's standard on the prudential treatment of banks' cryptoasset exposures. This will likely impact how cryptoassets are risk-weighted and included in capital calculations.
- Risk Management and Exposure Limits: Revisions to rules on large exposures, risk concentrations, exposures to connected parties, and major acquisitions/investments, particularly concerning cryptoassets.
- Liquidity Risk: Updates to the regulatory framework for supervision of liquidity risk.
- Market and CVA Risk: Revisions to capital charges for market risk and Credit Valuation Adjustment (CVA) risk.
- Exposure Limits: Amendments to the Banking (Exposure Limits) Code of Practice.
- Key changes (vs previous requirements)The primary changes stem from the local implementation of Basel Committee standards on cryptoasset exposures. This includes new rules for capital treatment, large exposures, and risk concentrations related to cryptoassets. Additionally, consequential amendments to exposure limit rules have been made. The revised SPM modules and code of practice reflect these significant updates.
- Important dates & transitionThe revised SPM modules and the Banking (Exposure Limits) Code of Practice will take effect on January 1, 2026.
- Impact and risks (operations/compliance/IT/data/reporting)AIs will need to adapt their operations, compliance frameworks, IT systems, and data reporting capabilities to comply with the new regulations. The impact will be most significant for AIs that hold or plan to hold cryptoassets, or have significant exposures that might be affected by the revised exposure limits. Non-compliance could lead to supervisory actions.
- Compliance action checklist (practical steps)
- Obtain and thoroughly read the revised SPM modules:
- CA-G-1 "Overview of Capital Adequacy Regime for Locally Incorporated Authorized Institutions"
- CA-G-5 "Supervisory Review Process"
- CR-G-8 "Large Exposures and Risk Concentrations"
- CR-G-9 "Exposures to Connected Parties"
- CR-L-5 "Major Acquisitions and Investments: BELR Part 3"
- LM-1 "Regulatory Framework for Supervision of Liquidity Risk"
- MR-1 "Market Risk Capital Charge"
- MR-2 "CVA Risk Capital Charge"
- Obtain and review the revised Banking (Exposure Limits) Code of Practice.
- Conduct a gap analysis to identify areas where current practices do not align with the new requirements.
- Update internal policies, procedures, and risk management frameworks.
- Assess and, if necessary, upgrade IT systems for data capture, calculation, and reporting of cryptoasset exposures and other revised limits.
- Train relevant staff on the updated regulations and their implications.
- Ensure robust internal controls are in place to monitor compliance.
- Appendices/attachments summary (if any; 1-3 sentences each; total <= 20%)This document does not contain specific appendices or attachments within the provided text excerpt. The announcement refers to accessing the revised SPM modules and code of practice from the HKMA's Banking Regulatory Document Repository.