Guideline on Minimum Criteria for Authorization (2026-02-27)

This document outlines the Hong Kong Monetary Authority's (HKMA) interpretation of and approach to applying the licensing criteria for authorized institutions under the Banking Ordinance. It supersedes the previous guideline issued on July 22, 2022, and details the HKMA's expectations for applicants and existing institutions to ensure a sound and stable banking sector.

---

This "Guideline on Minimum Criteria for Authorization" (the Guideline) is issued by the Monetary Authority (MA) under section 16(10) of the Banking Ordinance (Cap. 155). Its primary purpose is to provide a clear framework for how the MA interprets the licensing criteria set out in the Seventh Schedule to the Ordinance and how it exercises its functions related to authorization. The Guideline ensures that all authorized institutions, both at the point of authorization and on an ongoing basis, meet specific standards for prudential soundness, governance, and operational integrity.

---

The Guideline systematically breaks down the criteria in the Seventh Schedule, offering detailed interpretations and expectations for each. The core principles underpinning these criteria are:

• Continuing Nature: The criteria apply not only at the time of authorization but also continuously thereafter. Failure to meet them can lead to revocation of authorization.
• Forward-Looking Approach: The MA assesses whether applicants meet the criteria at the time of application and are likely to continue doing so post-authorization, considering factors like track record, management quality, internal controls, and financial projections.
• Holistic Assessment: The MA evaluates the institution as a whole, not just its Hong Kong operations. For overseas incorporated institutions, the MA may rely on the assessment of their home supervisor, provided the scope and nature of that supervision are satisfactory. However, the final decision always rests with the MA.

The Guideline elaborates on specific paragraphs of the Seventh Schedule:

• Paragraph 2: Adequacy of Home Supervision: For institutions incorporated outside Hong Kong, the MA requires adequate supervision by their home supervisor. This assessment considers the supervisor's capabilities in meeting Basel standards for international banks, including consolidated supervision. Factors reviewed include the supervisor's legal and administrative powers, supervisory framework, bank resolution regime, methodology and resources, information from international bodies (IMF, Basel Committee, FSB), and past experience.
• Paragraph 3: Identity of Controllers: The MA must know the identity of all controllers, defined broadly to include indirect, minority (10% to 50% voting power), and majority (over 50% voting power) shareholder controllers. Assistance from home supervisors may be sought.
• Paragraphs 4 & 5: Fitness and Propriety of Directors, Chief Executives, Executive Officers, and Controllers: This is a crucial and extensively detailed section.
• Directors and Chief Executives: The MA must be satisfied that these individuals are fit and proper. For Hong Kong-incorporated institutions, this involves statutory approval under section 71 of the Ordinance. For overseas-incorporated institutions, the MA assesses fitness and propriety under Paragraph 5, relying heavily on home supervisor views but reserving the right to consider other information.
• Board Composition: For systemically important licensed banks, Restricted Licence Banks (RLBs), and Deposit-Taking Companies (DTCs), at least one-third of the board, or three members (whichever is higher), must be independent non-executive directors (INEDs). At least two of these INEDs should have backgrounds in accounting, banking, or other relevant financial industries. They must not have executive functions and should be free from relationships that could impede independent judgment.
• For non-systemically important RLBs and DTCs, appointing at least three INEDs is strongly encouraged. An appropriate number of independent or, at least, non-executive directors is expected, with at least one INED possessing a relevant financial background.
• Assessment Factors: The MA considers skills, knowledge, experience, soundness of judgment, diligence, and time commitment. Probity (high integrity) is paramount and generally at a consistent high level across all roles. Specific considerations include reputation, character, criminal records, contraventions of financial legislation, involvement in deceitful or oppressive business practices, knowledge of the Hong Kong banking industry, competence, soundness of judgment, diligence, compliance with non-statutory codes, past regulatory actions, involvement in company liquidations or investigations, business record, financial soundness, outside mandates, and potential conflicts of interest.
• Face-to-Face Meetings: The MA may conduct meetings with proposed directors and chief executives to assess their qualities and understanding.
• Reference to SPM and Circulars: Detailed expectations are found in the Supervisory Policy Manual (SPM) module CG-1 and the circular dated December 15, 2021, on "Corporate Governance."
• Executive Officers: For registered institutions engaging in regulated activities under the Securities and Futures Ordinance (SFO), executive officers responsible for supervising these activities must be fit and proper. The MA grants consent under section 71C of the Ordinance. Assessment considers financial status, qualifications, experience, competence (aligned with SFC guidelines), reputation, character, reliability, financial integrity, honesty, and fairness. A broad range of negative past conduct and findings by regulators or courts are considered. Executive officers should hold the highest ranking position among those engaged in the regulated activity, or no more than one rank below the chief executive.
• Controllers: The MA assesses controllers based on their influence on the institution's affairs. Those exercising close control need knowledge, experience, competence, soundness of judgment, and diligence comparable to executive directors. Probity is also critical. Prospective majority and minority shareholder controllers must submit detailed plans for the institution. The MA considers potential contagion risk from the controller's financial position or conduct. A long-term commitment and willingness to contribute capital if required are generally expected. Majority shareholders are typically expected to be well-established banks or supervised financial institutions. A letter of comfort committing to capital and/or liquidity support is generally required for minority and majority shareholder controllers of Hong Kong-incorporated institutions.
• Paragraph 6: Financial Soundness: The MA must be satisfied with the applicant's financial soundness, considering capital adequacy, liquidity, and profitability.
• Capital Adequacy: The MA's requirements are based on the Banking (Capital) Rules, aligning with Basel III framework. This includes risk-weighted capital ratios.
• Liquidity: Institutions must maintain adequate liquidity to meet obligations. The MA monitors liquidity through various metrics and may require specific ratios to be met.
• Profitability: Sustainable profitability is assessed through financial projections and the underlying business model.
• Paragraph 7: Adequacy of Financial Resources (other than Capital): This relates to ensuring sufficient resources beyond regulatory capital, including robust liquidity management and the ability to withstand financial shocks.
• Paragraph 8: Adequacy of Systems of Control and Risk Management: Institutions must have adequate systems for managing all material risks, including credit, market, operational, liquidity, interest rate, and country risk. Specific requirements are detailed in various SPM modules (e.g., IC-1 for Risk Management Framework).
• Paragraph 9: Adequacy of Provisions: The MA assesses the adequacy of provisions against potential loan and other asset impairments. This includes reviewing the loan classification system and provisioning policies, aligning with IFRS 9 which requires recognizing expected credit losses.
• Paragraph 10: Adequacy of Accounting Systems and Systems of Control: Institutions need robust accounting systems and internal controls to ensure prudent operations, asset safeguarding, fraud prevention, risk monitoring, and regulatory compliance. Expectations are detailed in SPM module IC-1 and related modules.
• Resolution Planning: Institutions must maintain systems to support resolution planning and orderly winding up in case of failure.
• Internal and External Audit: An effective internal audit function is mandatory, proportionate to the institution's size and complexity (SPM module IC-2). External auditors play a role in assessing accounting systems and internal controls, with mandatory reporting requirements under sections 63(3) and 63(3A) of the Ordinance. Ad hoc reports may also be required (section 59(2)). Guidance is in SPM module IC-3.
• Prevention of Money Laundering and Terrorist Financing: The MA places high importance on risk-based internal controls. The Guideline on Anti-Money Laundering and Counter-Financing of Terrorism (For Authorized Institutions) provides detailed guidance. For overseas applicants, the MA considers their home jurisdiction's standing with the Financial Action Task Force (FATF).
• Regulated Activities: Institutions involved in securities, derivatives, insurance, and MPF intermediary activities must have comprehensive risk management systems and senior management understanding. Segregation of duties is critical. Compliance with margin and risk mitigation standards (e.g., SPM module CR-G-14) is essential. Institutions wishing to operate booking centres for derivative trades must discuss plans with the MA and demonstrate adequate risk management.
• Wealth Management/Private Banking: Institutions must record customer activities and positions in Hong Kong. Adequate and timely access to records outside Hong Kong must be ensured if applicable.
• Overseas Operations: Hong Kong-incorporated institutions require MA approval (sections 49 and 51A) for establishing overseas branches, representative offices, or subsidiaries. Financial capacity, parent bank control, and internal control adequacy are assessed (SPM module CG-4).
• Paragraph 11: Requirement to Make Adequate Disclosure of Information: Hong Kong-incorporated institutions must disclose adequate information about their affairs (profit and loss, financial resources) in annual accounts and reports. The Banking (Disclosure) Rules set minimum standards, applicable to most institutions except for certain small RLBs and DTCs. Larger overseas-incorporated institutions are also expected to comply with relevant disclosure standards. Resolution entities and material subsidiaries must comply with LAC Rules regarding loss-absorbing capacity disclosures using standard templates.
• Paragraph 12: Business to be Conducted with Integrity, Prudence, and Competence: The MA must be satisfied that the institution's business is conducted with integrity, prudence, and professional competence, and is not detrimental to depositors' interests.
• Prudence and Competence: Assessed by compliance with prudential requirements, strategy, track record, resistance to fraud, operational error avoidance, general reputation, risk governance, compliance culture, staff quality, and computer systems. The feasibility and credibility of orderly failure handling are also considered.
• Integrity: Refers to ethical standards in business conduct, sound corporate culture, and avoiding circumvention of laws and regulations. Breaches of law or codes of conduct (e.g., Code of Banking Practice, Treat Customers Fairly charter) are reviewed, considering seriousness, intent, and potential detriment to depositors. Open and cooperative dealings with the MA and other regulators are expected.

---

This Guideline supersedes the previous version issued on July 22, 2022. While the provided text does not explicitly detail the changes from the July 2022 version, it represents the current iteration of the MA's interpretation of the licensing criteria. Key areas that are consistently emphasized and updated in such guidelines typically include:

• Enhanced focus on corporate governance: Specific requirements for independent non-executive directors on boards.
• Strengthened prudential requirements: Aligning with international standards such as Basel III.
• Updated risk management expectations: Comprehensive coverage of various risk types and the need for robust control systems.
• Emphasis on prevention of financial crime: Detailed requirements for anti-money laundering (AML) and counter-terrorist financing (CTF) controls.
• Clarity on responsibilities: Defining roles and expectations for directors, senior management, executive officers, and controllers.
• Inclusion of Resolution Planning: Explicit expectations for institutions to prepare for orderly resolution in case of failure.
• Disclosure Requirements: Updates related to loss-absorbing capacity (LAC) disclosures.

---

• Effective Date of Superseded Guideline: July 22, 2022.
• This Guideline Supersedes: "Guideline on Minimum Criteria for Authorization" issued on July 22, 2022.
• Reference to IAS39 Replacement: Effective from January 1, 2018, IAS39 was replaced by IFRS 9, impacting provisioning requirements.

*Note: The provided document does not specify an explicit effective date for this *new* superseding guideline. However, as it supersedes a previous version, it is implied to be the current operational standard.*

---

This Guideline has a broad impact across the Hong Kong banking and deposit-taking industry:

• Applicable Parties:
• All applicants seeking authorization as a bank, restricted licence bank (RLB), or deposit-taking company (DTC) in Hong Kong.
• Existing authorized institutions (licensed banks, RLBs, and DTCs) in Hong Kong, as the criteria are ongoing.
• Branches and subsidiaries of overseas institutions operating in Hong Kong.
• Affected Institutions:
• Local incorporated banks, RLBs, and DTCs.
• Overseas incorporated banks, RLBs, and DTCs operating in Hong Kong.
• Degree of Impact:
• High Impact: For new applicants, this Guideline sets out the complete set of requirements that must be met for authorization.
• Significant Impact: For existing institutions, it reinforces ongoing supervisory expectations and can influence strategic decisions, governance structures, risk management practices, and compliance frameworks. Non-compliance can lead to supervisory actions, including the revocation of authorization.
• Indirect Impact: Companies seeking to become controllers of authorized institutions are also directly affected by the "fit and proper" assessments.

---

Institutions must demonstrate compliance with the Guideline in the following ways:

• Application Process: Applicants must submit comprehensive documentation detailing how they meet each criterion. This includes business plans, financial projections, organizational charts, information on directors, controllers, and senior management, and details of internal control frameworks.
• Ongoing Compliance: Existing authorized institutions must continuously meet the criteria. This is monitored through:
• Regular Prudential Returns: Submission of financial and prudential data to the MA.
• Auditor Reports: Regular and ad hoc reports from external auditors as required under sections 63(3), 63(3A), and 59(2) of the Ordinance.
• Supervisory Engagements: The MA conducts on-site examinations, off-site reviews, and discussions with management and boards.
• Internal Audit Function: Maintaining an effective internal audit function that reports to the board and senior management.
• Risk Management Frameworks: Demonstrating robust systems and processes for identifying, measuring, monitoring, and controlling all material risks.
• Disclosure Compliance: Adhering to the Banking (Disclosure) Rules and LAC Rules, as applicable.
• Fit and Proper Assessments: Ensuring that all directors, chief executives, executive officers, and controllers meet the fitness and propriety standards on an ongoing basis.
• Reporting: Timely and accurate reporting of any material changes or breaches to the MA.
• Implementation Guidance:
• The Guideline references numerous modules within the Supervisory Policy Manual (SPM), which provides detailed guidance on specific areas such as risk management (IC-1), internal audit (IC-2), reporting (IC-3), corporate governance (CG-1, CG-4, CG-5, CG-6), country risk management (CR-G-5), and others. Institutions are expected to consult and implement the practices outlined in these SPM modules.
• The MA may conduct face-to-face meetings with proposed candidates for key positions.
• Institutions are expected to foster a strong compliance and ethical culture.

---

• Key Legislation: Banking Ordinance (Cap. 155), Securities and Futures Ordinance (SFO) (Cap. 571), Companies Ordinance (Cap. 622).
• Key Definitions:
• Monetary Authority (MA): Refers to the Hong Kong Monetary Authority.
• The Ordinance: Refers to the Banking Ordinance.
• The Schedule: Refers to the Seventh Schedule to the Banking Ordinance.
• Controller: Defined in section 2 of the Ordinance, includes indirect, minority shareholder (10-50% voting power), and majority shareholder (>50% voting power) controllers.
• Authorized Institution: A bank, restricted licence bank, or deposit-taking company licensed under the Banking Ordinance.
• Home Supervisor: The banking supervisory authority in the place where an institution is incorporated.
• Basel Standards: International banking supervisory standards developed by the Basel Committee on Banking Supervision.
• Financial Sector Assessment Programme (FSAP): International Monetary Fund (IMF) program for assessing financial sector stability.
• Regulatory Consistency Assessment Programme (RCAP): Basel Committee program to assess implementation of Basel standards.
• Financial Action Task Force (FATF): Intergovernmental body that sets standards for combating money laundering and terrorist financing.
• International Financial Reporting Standard 9 (IFRS 9): Standard for accounting for financial instruments, including expected credit losses.
• Key Ratios and Thresholds:
• Board Composition (Systemically Important Institutions): At least one-third of the board, or three members (whichever is higher), must be independent non-executive directors (INEDs).
• Controller Voting Power: Minority controller (10% to 50%), Majority controller (over 50%).
• References to Supervisory Policy Manual (SPM) Modules:
• CG-1: Corporate Governance of Locally Incorporated Authorized Institutions
• CR-G-5: Country Risk Management
• IC-1: Risk Management Framework
• IC-2: Internal Audit Function
• IC-3: Reporting Requirements Relating to Authorized Institutions’ External Auditors under the Banking Ordinance
• CG-4: Establishment of Overseas Banking Subsidiaries: S51A
• CG-5: Guideline on a Sound Remuneration System
• CG-6: Competence and Ethical Behaviour
• CR-G-12: Credit Risk Transfer Activities
• CR-G-14: Non-centrally Cleared OTC Derivatives Transactions – Margin and Other Risk Mitigation Standards
• CA-D-1: Guideline on the Application of the Banking (Disclosure) Rules
• Key Circulars and Documents:
• Guideline on Minimum Criteria for Authorization (superseded version issued July 22, 2022)
• Circular on "Corporate Governance" (December 15, 2021)
• Guideline on Anti-Money Laundering and Counter-Financing of Terrorism (For Authorized Institutions)
• Banking (Disclosure) Rules
• Loss-Absorbing Capacity (LAC) Rules
• Code of Banking Practice
• Treat Customers Fairly Charter

---
This summary provides a comprehensive overview of the HKMA's Guideline on Minimum Criteria for Authorization, designed to equip executives with the necessary understanding for strategic decision-making and compliance planning.