Financial crime risk policies

HSBC is committed to high ethical standards. Our policies on anti-money laundering, sanctions, and anti-bribery and corruption aim to ensure that risks identified by the bank are appropriately mitigated.

HSBC (all wholly owned or controlled HSBC Group of companies) is committed to implementing minimum control standards across all jurisdictions for which it operates.

HSBC established a Global Anti-Money Laundering Policy (“AML Policy”) for this purpose. The objective of the AML Policy is to identify and appropriately manage money laundering risks identified by HSBC. This is achieved by establishing and implementing appropriate processes, systems and controls to protect HSBC, its customers, shareholders, employees, and the communities it serves from money laundering. The AML Policy sets out the minimum control standards to all HSBC group entities and employees, requiring them to conduct business in accordance with applicable AML laws, rules, and regulations.

The AML Policy is informed by applicable laws, regulations, regulatory guidance and best practice from the United Kingdom, European Union, Hong Kong and the United States of America. In cases where material differences exist between the rules and regulations of these authorities or countries, the AML Policy adopts the highest standard; while acknowledging the primacy of local law.

The Policy includes:

  • The appointment of a Global and Country Money Laundering Reporting Officer (“MLRO”) or alternative position as required by local regulation
  • Minimum Customer Due Diligence (“CDD”) requirements, incorporating Customer Identification and Verification (“ID&V”) and Know Your Customer (“KYC”) principles
  • Conducting enhanced due diligence (“EDD”) on customers assessed as higher risk; such as Politically Exposed Persons (“PEPs”) in senior positions, their relatives and close associates
  • Establishing processes and systems designed to monitor customer transactions for the purpose of identifying suspicious activity
  • The investigation and subsequent reporting of suspicious activity to the appropriate regulatory and/or law enforcement bodies
  • Mandated regular AML training of employees and contractors
  • The prohibition of the following products, services and customer types:
    • Anonymous accounts or numbered accounts or customers seeking to maintain an account in an obviously fictitious name
    • Shell banks, i.e. banks with no physical presence or staff
    • Hold Mail, i.e. where the customer has instructed all documentation related to the account are to be held on their behalf until collection
    • Payable-through-accounts, i.e. HSBC does not allow domestic or foreign bank customers to provide payable-through-accounts to their customers on their HSBC accounts
  • Mandated regular independent testing by second line assurance function and third line audit function; and
  • Any relevant additional local requirements

HSBC is a member of the Wolfsberg Group, an association of thirteen global banks that aims to develop financial services industry standards for KYC, AML and Counter Terrorist Financing.

HSBC has prepared a Global Certification for use by any financial institution that believes it requires a USA Patriot Act Certification from an HSBC Group company.

HSBC is committed to combatting financial crime and complying with all applicable sanctions laws and regulations in the jurisdictions in which we operate. One of the ways in which we meet this objective is through HSBC’s Global Financial Crime Policy (the “Policy”). Subject to the primacy of local law and considering broader financial crime risk, the Policy seeks to establish a globally consistent standard to effectively manage sanctions compliance risk across all HSBC wholly or majority-owned or controlled legal entities, helping us to protect the global financial system, our reputation and to best serve our customers. The Policy generally prohibits relationships or transactions involving sanctioned individuals and entities or comprehensively sanctioned countries, territories and their governments.

In compliance with our regulatory requirements and our Policy we may be required from time to time to reject transactions, freeze assets or refuse to provide services. It also means that at times, our Policy and sanctions risk appetite may be stricter than our legal obligations, and we may choose not to support certain customer relationships or business activity even if it is legally permitted. HSBC may, in its sole discretion, agree to process certain transactions prohibited or restricted under the Policy that are authorised by a licence from an appropriate authority or are otherwise permitted under applicable laws and regulation, such as those which relate to humanitarian aid. These transactions will be considered by HSBC on a case-by-case basis.


HSBC operates a zero tolerance approach to Bribery and Corruption and considers such activity to be unethical and contrary to good corporate governance. HSBC, its Staff and associated persons are prohibited from engaging in Bribery and Corruption.

The AB&C Policy sets out the Key Principles and minimum control requirements that enable HSBC to mitigate Bribery and Corruption risk and comply with all laws and regulations, including the UK Bribery Act, US Foreign Corrupt Practices Act, HK Prevention of Bribery Ordinance and France Loi Sapin II, as well as other similar laws and regulations in the countries where we operate.

Minimum Standards

The AB&C Policy defines the minimum standards which all HSBC Group Entities must comply. This include the AB&C Key Principles, which requires that all activity:

  • must be conducted without intent to bribe or corrupt;
  • must be reasonable and transparent;
  • must not be considered lavish or disproportionate to the professional relationship;
  • must be appropriately documented with business rationale; and
  • must be authorised at an appropriate level of seniority.

The AB&C Policy facilitates these Key Principles, by further setting minimum standards under four AB&C pillars:

  1. Staff
    All Staff (Staff means HSBC permanent and fixed term employees, contractors and consultants (including those on assignment or secondment to HSBC)) must ensure their interactions or relationships do not induce, or can be seen to induce, improper action in order to obtain or retain a business advantage. This covers the giving and receiving of Additional Benefits, which refers to:

    • Gifts and entertainment;
    • charitable donations and giving;
    • sponsorships and brand partnerships;
    • training;
    • speaker fees; and
    • hiring.

    The AB&C Policy sets out clear recording, approval and escalation requirements for Additional Benefits, together with any prohibited activity.

  2. Associated Persons
    The AB&C Policy requires that all HSBC associated persons must be identified, recorded and have appropriate due diligence completed.

  3. Customer
    Customers must not use HSBC products and services to facilitate the payment or receipt of bribes or funds from corrupt activity. In order to comply with the letter and spirit of applicable AB&C laws and regulation, the AB&C Policy requires risk-based controls are in place to prevent HSBC products and services being used for bribery or corruption. This includes customer due diligence, transaction monitoring and customer exit requirements.

  4. Strategic
    All HSBC strategic activity is required to identify and mitigate any bribery or corruption risk. The AB&C Policy sets these minimum standards, which includes due diligence and integration of AB&C controls, for:

    • strategic and proprietary investments and disposals;
    • new products and services design; and
    • corporate real estate transactions.


HSBC's AB&C compliance programme and AB&C Policy are overseen by the HSBC Holdings plc Board. HSBC requires all Staff, Board of Directors and Associated Persons comply with the principles in the AB&C Policy and annual mandatory AB&C training is provided to all Staff, with additional targeted training, tailored to the roles of individuals.

HSBC carries out regular, risk assessments, monitoring and testing of its AB&C programme, with any applicable findings included within the AB&C Policy. HSBC also maintains clear whistleblowing policies and processes, to ensure that individuals can confidentially report concerns. To view the statement on HSBC's whistleblowing arrangements see the Environmental, Social and Governance (ESG) update published on the ESG and responsible business page.

HSBC is an active user of Know Your Customer (“KYC”) data exchange platform SWIFT KYC Registry in support of a more intelligence-based approach to identifying and managing financial crime risks. Third-party banks or vendors seeking HSBC AML or KYC due diligence information, including the detailed Wolfsberg Correspondent Banking Due Diligence Questionnaire (CBDDQ), should use this service in the first instance to collect relevant data and documents.

As supplements to the HSBC AML statement we also make available the Wolfsberg Financial Crime Compliance Questionnaire (FCCQ) and the ISSA (International Securities Services Association) Questionnaire, which give an overview of basic information about HSBC’s policies and processes relating to financial crime risk management.