SFC reprimands and fines Credit Suisse Limited, Credit Suisse Securities Limited and Credit Suisse AG $39.3 million for regulatory breaches

The Securities and Futures Commission (SFC) has resolved its concerns with Credit Suisse (Hong Kong) Limited (CSHK), Credit Suisse Securities (Hong Kong) Limited (CSSHK) and Credit Suisse AG (CSAG) (collectively, Credit Suisse) over internal control failures.

Under the resolution, the SFC reprimanded and fined Credit Suisse a total of $39.3 million for regulatory breaches, including failures in segregating client securities, reporting direct business transactions, complying with short selling requirements, electronic trading requirements and contract notes rules as well as failures in internal controls designed to ensure that investment products sold to customers were suitable (Notes 1 & 2).

The SFC’s disciplinary action followed independent reviews agreed by the SFC and Credit Suisse and an SFC investigation, which found that (Note 3):

CSHK had:

• failed to segregate client securities from house securities from February 2010 to May 2016, and used client securities on 672 occasions to settle proprietary transactions;
• failed to ensure compliance with short selling requirements following the restructuring of certain trading books, resulting in 159 oversold transactions between December 2014 and July 2015, of which 94 transactions were uncovered short sell orders;
• failed to ensure that a pre-trade control for its electronic algorithm trading systems was properly configured for all of its execution dealers; and
• failed to comply with the short position reporting requirements, which resulted in a failure of itself and three affiliate companies to report over 1,200 reportable short positions to the SFC between June 2012 and October 2014.

CSSHK had:

• failed to segregate client securities from house securities from February 2010 to May 2016, and used client securities on 171 occasions to settle proprietary transactions;
• failed to comply with the direct business transactions reporting requirements in respect of trading on 30 November 2010, resulting in the late reporting of over 120 transactions to The Stock Exchange of Hong Kong (SEHK) on 1 December 2010, and the failure to report or duplication of reporting of nearly 200 transactions to the SEHK between 2010 and 2015; and
• unnecessarily reported 78 cross trades to the SEHK from January 2015 to August 2015.

CSAG had:

• failed to ensure compliance with all regulatory requirements pertaining to the sale of investment products and ensure the effective operation of controls governing transactions where investment product risk classification exceeded client risk profile, in particular through the exclusion of transactions from post-trade risk mismatch supervisory reports between January 2010 and March 2016 and through insufficient policies, procedures and supervision;
• failed to ensure the suitability of six risk mismatch transactions for clients over the period between January 2010 and January 2013 (Note 4); and
• failed to provide and disclose certain information to clients pursuant to the contract notes requirements between April 2003 and April 2017.

The SFC considers that Credit Suisse’s systems and controls were inadequate and failed to ensure compliance with the Securities and Futures (Client Securities) Rules, Securities and Futures (Short Position Reporting) Rules, Securities and Futures (Contract Notes, Statements of Account and Receipts) Rules, short selling provisions of the Securities and Futures Ordinance, Trading Rules of the SEHK, and various provisions of the Code of Conduct (Notes 5 & 6).

The SFC’s Executive Director of Enforcement, Mr Thomas Atkinson, said: “In this instance, Credit Suisse’s prompt and extensive co-operation have significantly expedited the effective resolution of the issues that caused the SFC’s concerns.  Otherwise, the sanctions for similar failures would have been substantially higher.”

In reaching this resolution, the SFC took into account all circumstances, including:

• Credit Suisse self-reported their regulatory breaches and failings to the SFC and involved their senior management to address the SFC’s regulatory concerns at an early stage;
• Credit Suisse’s engagement of independent reviewers to conduct investigations into the SFC’s regulatory concerns and to review their respective internal controls and systems;
• Credit Suisse’s remedial actions to strengthen their internal controls and systems following the self-reported breaches;
• CSAG’s agreement to fully compensate the affected clients (in a total amount of around $7.6 million) in respect of 10 transactions that were found to be either unsuitable or inconclusive as to their suitability for the clients;
• Credit Suisse’s full co-operation with the SFC to resolve the SFC’s regulatory concerns; and
• CSHK and CSAG have no disciplinary record with the SFC.

End

Notes:

1. CSHK is licensed under the Securities and Futures Ordinance (SFO) to carry on business in Type 1 (dealing in securities), Type 2 (dealing in futures contracts), Type 4 (advising on securities), Type 5 (advising on futures contracts), Type 6 (advising on corporate finance) and Type 9 (asset management) regulated activities.  CSSHK is licensed under the SFO to carry on business in Type 1 (dealing in securities), Type 4 (advising on securities) and Type 7 (providing automated trading services) regulated activities.  CSAG is registered to carry on business in Type 1 (dealing in securities), Type 4 (advising on securities), Type 6 (advising on corporate finance) and Type 9 (asset management) regulated activities.
2. In respect of CSAG, the failures in question concerned the business activities of the Hong Kong branch of CSAG.
3. The SFC and Credit Suisse jointly engaged independent reviewers in the last quarter of 2016 in light of self-reports submitted by Credit Suisse and a referral from the SEHK.  Prior to the engagement of the independent reviewers, the SFC had also investigated concerns in relation to CSHK’s failure to report reportable short positions to the SEHK from June 2012 to October 2014.
4. As part of the independent reviews, the suitability of 123 risk mismatch transactions excluded from CSAG’s monitoring reports which resulted in a loss to clients was reviewed.  Six transactions were found to be unsuitable for the relevant clients while the suitability of four other transactions were inconclusive because CSAG failed to maintain adequate documentation of the sales process.
5. Details of the relevant regulatory requirements are set out in the Statement of Disciplinary Action.
6. Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission (Code of Conduct).