News
News //
Submitted by // K Bowers, Partner / Solicitor Advocate
24 May 2017


For individuals and organisations alike, cybersecurity threats come from all angles 

Cybercrime transcends all platforms, from university admission boards to airport security units to state-election committees, and affects victims ranging from large financial institutions to mid-sized service providers to individuals. The recent 'WannaCry' ransomware attack, which has raised serious concerns about cybersecurity, infected an estimated 230,000 computer systems worldwide, including hospitals systems and transport networks. Cybercrime also conceals itself in increasingly sophisticated forms, including cyber surveillance, Trojan viruses, phishing emails and even malicious QR codes. Regulatory bodies and law enforcement around the world regard cybercrime as a rising security issue, and in May 2016, this concern prompted the Hong Kong Monetary Authority to implement the Cybersecurity Fortification Initiative, which assists Hong Kong banking institutions in improving their cyber resilience capabilities.

As the scope and number of cyber threats continue to grow in Hong Kong, organisations and individuals outside of the banking industry should also adopt more robust cybersecurity measures. This Alert emphasises the importance of vigilance on the cyber domain by drawing on two examples of recent cyberattacks.

Falling hook, line and sinker for a 'phishing' scam

'Spear-phishing' (a technique in which fraudsters impersonate trusted senders to send spoof emails which induce recipients into revealing confidential information) has become so advanced that even a cybersecurity services company has fallen prey to a spear-phishing scam. In March 2017, Defense Point Security, a company in Virginia which provides cybersecurity services to the US Government, announced that it was the victim of a targeted spear-phishing email that resulted in the external release of its employees' confidential tax information. Unfortunately, the sensitive information disclosed by Defense Point Security contained essentially all of the data the culprit needed to fraudulently file the employees' taxes and request a large refund in their names.

In Hong Kong, the HK Police Force's Commercial Crime Bureau has also reported an increase in the number of unauthorised fund transfers resulting from phishing email scams. In these situations, the fraudsters often purport to be reputable companies (such as well-known financial advisors) in order to deceive victims into transferring money into the culprits' own bank accounts.

Can you differentiate between a legitimate and malicious QR code?

A QR code (quick-response code) is a bar code which contains information that can be conveniently deciphered by smartphones. In recent months, China has seen an upsurge of transactions whereby individuals make payments by scanning QR codes with their smartphone cameras. As QR codes are composed of a seemingly random arrangement of black and white squares and cannot be verified as genuine by the naked eye, they can be manipulated. This has allowed cybercriminals to gain access to the confidential information of unsuspecting purchasers.

China's multibillion dollar bike-sharing industry is particularly susceptible to QR code scams and fraudsters have tricked purchasers into transferring money into their own bank accounts simply by replacing the original QR code on the share-bikes with fake ones. This problem is compounded by the fact that fraudsters can easily create fake QR codes via do-it-yourself websites. In the face of a lack of regulation governing the use of QR codes in China, Alipay and WeChat Pay (popular third-party payment processors in China) have frequently shouldered the loss whenever QR code scams have occurred.

Prevention is key in staying a (virtual) step ahead of today's cyber criminal

In 1993, Hong Kong passed legislation to combat the increasing role of technology in crime. The legislation amended criminal provisions under the Telecommunications Ordinance, Crimes Ordinance and Theft Ordinance by extending the definition of certain crimes to the virtual domain. For instance, burglary under the Theft Ordinance was expanded to include "unlawfully causing a computer to function other than as it has been established" and "unlawfully altering or erasing" or "unlawfully adding" any computer program or data held in a computer. In recent years, the HK Police's Cyber Security and Technology Crime Bureau and the Joint Financial Intelligence Unit ("JFIU") have also stepped up its efforts in handling cyber security issues. Where fraudulent transfers are discovered at an early stage, lawyers and the JFIU can collaborate to freeze the fraudster's bank account and recover the victim's assets.

In spite of concerted attempts to counteract cybercrime in Hong Kong, the reality is that prosecuting cybercriminals is difficult. Even where there is an effective legal regime and a progressive regulatory framework in place, identifying and apprehending cybercriminals is a complex task. Furthermore, where the fraudster did not carry out the fraud in the victim's resident country, jurisdictional issues appear. In an environment where the nature and methodologies of cybercrime are constantly evolving, individuals and organisations should adopt and implement updated IT security applications and risk-management protocols, which are crucial to avoid falling victim to cybercrime.


About Us
 
Howse Williams Bowers is an independent law firm which combines the in-depth experience of its lawyers with a forward thinking approach.

Our key practice areas are corporate/commercial and corporate finance; commercial and maritime dispute resolution; clinical negligence and healthcare; insurance, personal injury and professional indemnity insurance; employment; family and matrimonial; property and building management; banking; financial services/corporate regulatory and compliance.

As an independent law firm we are able to minimise legal and commercial conflicts of interest and act for clients in every industry sector. The partners have spent the majority of their careers in Hong Kong and have a detailed understanding of international business and business in Asia.

Disclaimer: The information contained in this article is intended to be a general guide only and is not intended to provide legal advice.  Please contact pr@hwbhk.com if you have any questions about the article.

› read more
› minimize
News //
Submitted by // K Bowers, Partner / Solicitor Advocate
24 May 2017


Mutual Taking of Evidence in the Mainland and Hong Kong - A Positive Step Forward! 

Introduction

"The Arrangement on Mutual Taking of Evidence in Civil and Commercial Matters between Courts of the Mainland and HKSAR" ("Arrangement") recently came into effect on 1 March 2017. The Arrangement aims at assisting Mainland and HKSAR litigants to obtain evidence in civil and commercial matters with enhanced efficiency and greater certainty. It provides for the terms on which the relevant Mainland and HKSAR authorities, upon request, will provide mutual assistance to each other in the taking of evidence in civil and commercial matters.

Arrangement

Pursuant to the Arrangement, the party requesting assistance must first submit a letter of request ("Letter of Request") and all relevant material (in Chinese or with a Chinese translation) through its designated liaison authorities (i.e. the Higher People's Courts in the Mainland and the Administration Wing of the Chief Secretary for Administration's Office of the HKSAR Government in the HKSAR). Moreover, the Supreme People's Court may make such request directly through the designated liaison authority of the HKSAR.

Upon receipt of the Letter of Request, the relevant designated liaison authority will transfer all documents received to the relevant court or other authorities for processing, or carry out the processing itself. The requested party shall then, to the extent possible, process and complete the request within 6 months from the date of receiving the Letter of Request.

The Arrangement will not bring any change to the law in the taking of evidence in civil and commercial matters, as it will be in accordance with the provisions of the law of the requested party. Furthermore, the evidential material obtained may only be used in the relevant proceedings mentioned in the Letter of Request.

Scope of Assistance

Interestingly, it is notable that the scope of assistance that may be requested by the Mainland and HKSAR courts under the Arrangement is not mirrored.

In seeking the taking of evidence, the People's Court of the Mainland can ask for (1) examination of witnesses; (2) obtaining of documents; (3) inspection, photographing, preservation, custody or detention of any property; (4) taking of samples of any property or carrying out of any experiments on any property; and (5) medical examination of any person.

On the other hand, a Court of the HKSAR can ask for (1) obtaining of statements from parties concerned and testimonies from witnesses; (2) provision of documentary evidence, real evidence, audio-visual information and electronic data; and (3) conduct of site examination and authentication.

Conclusion

Needless to say, the new regime for the mutual taking of evidence is a much welcomed development, especially given the increased number of cross-border disputes in this day and age, and can be seen as another step forward following the arrangement on mutual enforcement of arbitral awards (in 1999) and the reciprocal enforcement of judgments (in 2006) in civil and commercial matters between HKSAR and the Mainland.

The Arrangement provides clear guidance as to the requirements and procedures in place (for instance, what is required to be included in the Letter of Request and to where it should be sent). Not only should the new regime facilitate efficient evidence gathering, it should also enhance efficiency by reducing Court time and legal costs for parties involved in cross-border disputes between HKSAR and the Mainland.

 

About Us

Howse Williams Bowers is an independent law firm which combines the in-depth experience of its lawyers with a forward thinking approach.

Our key practice areas are corporate/commercial and corporate finance; commercial and maritime dispute resolution; clinical negligence and healthcare; insurance, personal injury and professional indemnity insurance; employment; family and matrimonial; property and building management; banking; financial services/corporate regulatory and compliance.

As an independent law firm we are able to minimise legal and commercial conflicts of interest and act for clients in every industry sector. The partners have spent the majority of their careers in Hong Kong and have a detailed understanding of international business and business in Asia.

Disclaimer: The information contained in this article is intended to be a general guide only and is not intended to provide legal advice.  Please contact pr@hwbhk.com if you have any questions about the article.

 

› read more
› minimize
News //
Submitted by // K Bowers, Partner; M Withington, Partner
24 May 2017


Hong Kong's Insurance Regulatory Reform Closer to Completion

The Financial Services and the Treasury Bureau have announced that the newly established Insurance Authority (IA) will take over the statutory functions of the Office of the Commissioner of Insurance (OCI) starting 26 June 2017, which marks the commencement date for the second stage of the three stage regulatory reform. 

The OCI currently regulates insurance companies and three self-regulatory organisations (SROs), namely the Insurance Agents Registration Board, the Hong Kong Confederation of Insurance Brokers and the Professional Insurance Brokers Association. SROs will continue to be self-regulated for the time-being (for another two years), allowing time for the IA to prepare the necessary tools and guidelines for regulating insurance intermediaries.

At the final stage of the regulatory reform, the Insurance Companies (Amendment) Ordinance 2015 (ICO 2015) will be renamed the Insurance Ordinance. The IA will then begin to exercise its statutory powers as an independent regulator to license and regulate insurance intermediaries (taking over the supervisory function from the three SROs), and introduce further requirements.

Enforcement of Provisions in ICO 2015

A majority of provisions in the ICO 2015, not previously in force, will come into effect on 26 June 2017 (except provisions concerning insurance intermediaries). Some include provisions relating to the appointment of key persons in control functions; regulatory, investigatory and enforcement powers; and pecuniary penalties.

• Key Persons in Control Functions

The appointment of key persons in control functions will require the IA's prior approval as a pre-condition to ascertain that the potential appointee is fit and proper. Key persons are individuals who hold positions that are likely to exercise a significant influence on the insurer's business, such as individuals performing financial control compliance or actuarial functions.

• Regulatory, Investigatory and Enforcement Powers

The IA may appoint an investigator to conduct an investigation if it has reasonable cause to believe an individual has carried out insurance business in a matter that is not in the interests of the policy holder / public, or in contravention of the ICO 2015.

An investigator may enter an authorised insurer's premises and make copies of business records at any reasonable time and without the need for a warrant. During an investigation, the Insurer's employees should fully cooperate and provide all necessary assistance to the investigator. A person commits an office if he / she fails to comply with a requirement imposed by the investigator, and may be liable to a maximum fine of up to HK$200,000 and one year imprisonment.

• Pecuniary Penalties

The IA will have powers to impose pecuniary penalties for the misconduct of directors and controllers of an insurer. The IA will take into account the following factors when imposing penalties: (i) the nature, severity and impact of the relevant misconduct; (ii) the insurer's conduct in response to the breach; (iii) any prior breach; and (iv) the financial consequence of the breach.

Enforcement of Subsidiary Legislation

The following existing subsidiary legislation will also come into effect on 26 June 2017:

(a) Insurance Companies (Actuaries' Qualifications) (Amendment) Regulation 2017;
(b) Insurance Companies (Register of Insurers) (Prescribed Fee) (Amendment) Regulation 2017;
(c) Insurance Companies (Authorization and Annual Fees) (Amendment) Regulation 2017;
(d) Insurance Ordinance (Amendment of Schedules) Notice 2017;
(e) Insurance Companies (Determination of Long Term Liabilities) Regulation (Amendment) Rules 2017;
(f) Insurance Companies (Margin of Solvency) Regulation (Amendment) Rules 2017;
(g) Insurance Companies (General Business) (Valuation) Regulation (Amendment) Rules 2017; and
(h) Insurance Companies (Actuaries' Standards) Regulation (Amendment) Rules 2017.

• Fees

The subsidiary legislation will enable the IA to collect authorisation fees from insurance companies and user fees on specific services. Insurers currently pay the OCI a fixed rate for the annual authorisation fee. Under the new regime, the annual authorisation fee will comprise two parts - a fixed fee and a variable fee, calculated on the insurer's insurance liabilities.

A user fee will also be introduced for services including applications for the approval of controllers, directors, key persons in control functions or appointed actuaries; updates to the insurer's information on the register of authorised insurers or obtaining a duplicate certificate of authorisation. It is aimed that the IA will be financially independent of the Government in the long run.

Comment

It remains uncertain how some of these amendments will be implemented in practice. Insurers and stakeholders should consider the changes coming into effect during June 2017 (including subsidiary legislation and future guidance notes), and implement compliance policies and internal controls to comply with the new assessments / procedures to respond to the IA's new requirements and powers. Adequate preparation is necessary so that insurers have the ability to mitigate the potential impact and to minimize the risk of being the subject of an IA investigation or disciplinary action.


About Us

Howse Williams Bowers is an independent law firm which combines the in-depth experience of its lawyers with a forward thinking approach.

Our key practice areas are corporate/commercial and corporate finance; commercial and maritime dispute resolution; clinical negligence and healthcare; insurance, personal injury and professional indemnity insurance; employment; family and matrimonial; property and building management; intellectual property; banking; financial services/corporate regulatory and compliance.

As an independent law firm we are able to minimise legal and commercial conflicts of interest and act for clients in every industry sector. The partners have spent the majority of their careers in Hong Kong and have a detailed understanding of international business and business in Asia.

Disclaimer: The information contained in this article is intended to be a general guide only and is not intended to provide legal advice.  Please contact pr@hwbhk.com if you have any questions about the article.


› read more
› minimize
News //
Submitted by // K Bowers, Partner / Solicitor Advocate; P Yeung, Senior Associate
24 May 2017

 

No gratuity for unsatisfactory service

In the recent case of Chok Kin Ming v Equal Opportunities Commission [2017] HKCU 688, the Hong Kong Equal Opportunities Commission ("EOC") successfully appealed the Labour Tribunal's decision that it had wrongfully failed to pay a former employee his end-of-contract gratuity. 

In allowing the appeal, the Court of First Instance held that, on the terms of the employment agreement, the gratuity was only payable on the "satisfactory completion" of employment. Completion required not only the employee "sitting out the appointment" until the end of his term but also, in the opinion of the employer, the employee has satisfactorily discharged his duties and obligations.

In this case, the Court found that the EOC was entitled to withhold the gratuity due to Mr. Chok Kin Ming's ("Mr. Chok") conduct during a private forum which amounted to a conflict of interests and impeded the satisfactory completion of his employment.

Decision

Mr. Chok's contractual employment terms included the EOC's Code of Conduct which required that he avoided situations involving any conflict of interests. During 2014, the EOC held a public consultation on Discrimination Law Review ("DLR") and Mr. Chok was a key member of the DLR taskforce.

During August 2014, Mr. Chok was invited to a private event organised by a church in his personal capacity to introduce the DLR consultation. At the event, Mr. Chok appealed to the audience to object to the EOC's proposal to expand the same-sex partnership protections proposed by the EOC. He also made disparaging remarks about the EOC and the way in which the EOC had handled the DLR.

The event was recorded without Mr. Chok's knowledge and was subsequently reported in the media. As a result of his conduct, the EOC refused to pay Mr. Chok the end-of-contract gratuity on the basis that he had failed to satisfactorily complete his employment.

The Court upheld the Labour Tribunal's decision and rejected Mr. Chok's argument that "satisfactory completion" only referred to the dimension of time. The Court stated that the fact that Mr. Chok's employment agreement expressly envisaged acts which may affect the grant of the gratuity, suggests that the employer may refuse payment. The Court allowed the appeal and the case was remitted to the Labour Tribunal for determination.

Practical Consideration

1. To avoid similar disputes on the interpretation of gratuity or bonus terms, such provisions should be clearly drafted to provide that the payment of the gratuity or bonus is subject to conditions and, where appropriate, the discretion of the employer.

2. An employee's conduct in relation to his/her employment is not limited to his/her working hours. An employee is subject to the implied terms of mutual trust and confidence and has a general obligation to avoid conflict between his/her personal interests and those of the employer. In practice, employers should have in place corporate policies which expressly state that the employee is subject to these obligations.


About Us

Howse Williams Bowers is an independent law firm which combines the in-depth experience of its lawyers with a forward thinking approach.

Our key practice areas are corporate/commercial and corporate finance; commercial and maritime dispute resolution; clinical negligence and healthcare; insurance, personal injury and professional indemnity insurance; employment; family and matrimonial; property and building management; and financial services/corporate regulatory and compliance.

As an independent law firm we are able to minimise legal and commercial conflicts of interest and act for clients in every industry sector. The partners have spent the majority of their careers in Hong Kong and have a detailed understanding of international business and business in Asia.

Disclaimer: The information contained in this article is intended to be a general guide only and is not intended to provide legal advice.  Please contact pr@hwbhk.com if you have any questions about the article.

› read more
› minimize