Effective date: 26th September 2023
Last Updated: 10th Nov 2025
Lexim Trading (HK) Limited (“Lexim”) is committed to best corporate governance practices. The Lexim board is responsible for establishing policies and procedures to enable compliance within its operational business. Each director of Lexim’s board shall exercise independent judgment and act honestly and in the best interests of Lexim. Lexim’s board is also committed to exercising effective governance over Lexim’s affairs and to balance the respective interests of Lexim’s stakeholders (including its shareholders, employees and customers).
1.2 Statement Policy and Principles
1.2.1. Lexim is incorporated and operates in Hong Kong, Special Administrative Region of China. Lexim is a Category A registrant as licensed by the Hong Kong Customs & Excise Department (“HK Customs”) and is thereby permitted to trade precious metals via non-cash transactions with total value at or above HKD$120,000.
1.3 Legal and Regulatory Framework
1.3.1 The principal requirements, obligations and penalties are contained in the following laws and regulations (collectively, the “HK AML/KYC Rules”):
(a) Anti-Money Laundering and Counter-Terrorist Financing (Financial Institutions) Ordinance;
(b) Drug Trafficking (Recovery of Proceeds) Ordinance;
(c) Organised and Serious Crimes Ordinance;
(d) United Nations (Anti-Terrorism Measures) Ordinance; and
(e) Weapons of Mass Destruction (Control of Provision of Services) Ordinance.
1.3.2 In compliance with HK AML/KYC Rules, Lexim will:
(a) establish and maintain risk-based Customer Due Diligence (“CDD”), identification, verification, including Enhanced Due Diligence (“EDD”) for those customers presenting higher risk, such as Politically Exposed Persons (“PEPs”);
(b) establish and maintain risk-based systems and procedures to monitor and control ongoing customer activity and transactions;
(c) establish procedures for reporting suspicious activity internally and to the relevant supervisory and law enforcement authorities, as appropriate;
(d) establish procedures for identifying individuals or entities subject to government or United Nations ("UN") Security Council sanctions, avoiding or terminating any business relationship with such individuals or entities, and making reports to law enforcement authorities as appropriate, as well as identifying individuals or entities subject to other sanctions regimes and appropriately risk assessing any business relationship with such persons;
(e) maintain appropriate records;
(f) provide regular training and awareness for all relevant employees;
(g) make provision for appropriate management information and for reporting to senior management; and
(h) ensure appropriate internal and external audit of Lexim’s compliance systems and controls.
1.3.3 CDD is undertaken on Lexim’s customers on a proportionate and risk assessed basis.
1.3.4 EDD is conducted on any of Lexim’s customers or prospective customers assessed as presenting a high money laundering/terrorist financing risk. EDD will automatically be conducted on PEPs or Special Interest Persons (“SIPs”). SIPs may pose a higher risk of money laundering and terrorist financing, as these individuals may have a previous involvement in criminal activity; may be transacting large amounts of money from foreign high-risk countries; or may be a disqualified director or bankrupt.
1.3.5 Lexim must monitor on an ongoing basis, its business relations with each customer and observe the conduct of each customer’s transactions to ensure that the transactions are consistent with Lexim's knowledge of the customer, its business and risk profile and where appropriate, the customer’s source of funds.
1.3.6 Where Lexim observes transactions that are complex, large or unusual, or patterns of transactions which have no apparent economic or lawful purpose, Lexim should examine the background and purpose of the transactions. The findings and outcomes of these examinations should be properly documented in writing and be made available to assist the relevant authorities. Proper records of decisions made, by whom, and the rationale for the decisions will help Lexim demonstrate that it is handling unusual or suspicious activities appropriately.
Risk Assessment and Customer Due Diligence
Lexim’s aim is to ensure that, by using a risk-based approach and a proportionate level of due diligence, it assesses the potential money laundering and terrorist financing risk posed by each of its customers, in compliance with current legislative requirements and regulatory guidance.
2.1.1 When dealing with customers on individual, corporate and institutional levels, Lexim should assess a customer's risk profile based on:
(a) country risk (countries or jurisdictions it is exposed to, either through its own activities or the activities of customers, especially countries or jurisdictions identified by credible sources, with relatively higher level of corruption or organised crime, and/or not having effective AML/CFT regimes);
(b) customer risk (target markets and consumer segments);
(c) delivery/distribution channel risk (the extent to which Lexim deals directly with the customer, the extent to which Lexim relies on (or is allowed to rely on) third parties to conduct CDD, the extent to which Lexim uses technology, and the extent to which these channels are vulnerable to money laundering/terrorism financing (“ML/TF”) abuse; and
(d) product/service risk (nature, scale, diversity and complexity of its business including the size of its transactions and the extent to which it is prone to ML/TF abuse).
2.1.2 The scale and scope of ML/TF risk assessment should be commensurate with the nature, size and complexity of Lexim’s business. The appropriate extent of due diligence conducted on each customer should also be tailored to the risk profile of each customer.
2.1.3 Generally, CDD should be carried out all the time. However, based on the risk-based approach, if a customer is categorised as “low to medium risk", CDD is enough. On the contrary, if a customer is categorised as "high risk", additional measures are required on top of CDD measures.
2.1.4 The appropriate steps to conduct the above risk assessment should include:
(a) documenting the risk assessment process which includes the identification and assessment of relevant risks supported by qualitative and quantitative analysis, and information obtained from relevant internal and external sources;
(b) considering all the relevant risk factors before determining what the level of overall risk is, and the appropriate level and type of mitigation to be applied;
(c) obtaining the approval of senior management on the risk assessment results;
(d) having a process by which the risk assessment is kept up-to-date; and
(e) having appropriate mechanisms to provide the risk assessment to the relevant authorities when required to do so.
2.2 Customer Due Diligence (“CDD”)
Individual Customer Identification
2.2.1 Before accepting the customer, satisfactory evidence of the identity of the customer must be obtained. Positive identification of a customer must be obtained from documents issued by reliable sources and file copies should be retained and reference numbers and other relevant details recorded.
2.2.2 The following documents and information should be obtained:
(a) full name (can be obtained from passports or identity cards);
(b) permanent address and residential address, if different (can be verified against recent utility or rates bill);
(c) date of birth (can be obtained from passports or identity cards);
(d) nationality (not mandatory for HKID card holder);
(e) identity document type and number;
(f) occupation;
(g) identification document and written authority of the person purporting to act on behalf of the customer (if any); and
(h) information on the purpose and intended nature of the business relationship (if any) established with Lexim unless the purpose and intended nature are obvious.
2.2.3 If Lexim cannot obtain adequate verification of a customer's identity, it may, with the consent of the customer, approach another person (e.g. a banker) specifically for the purpose of verifying the identity of the customer.
2.2.4 Where the original identification documents are not physically sighted by a Lexim staff, Lexim should only rely on copies of such identification documents only if it has been certified as a true copy by any professionally licensed persons such as a Justice of the Peace, a certified public account, a qualified practising lawyer or notary public.
Corporate Customer Identification
2.2.5 In respect of corporate or partnership customers, it is important to identify the directors or partners, the authorised signatories and the nature of the business.
2.2.6 Where the customer is a financial institution authorised and supervised by the Hong Kong Monetary Authority (the “HKMA”), the Securities & Futures Commission of Hong Kong (the “SFC”), the Office of the Commissioner of Insurance, Hong Kong Customs and Excise Department or an equivalent authority in a jurisdiction that is a Financial Action Task Force (“FATF”) member or that applies standards of anti-money laundering equivalent to those of the FATF, it will generally be sufficient to obtain copies of the following documents and information:
(a) the full name and address of the customer;
(b) the country of incorporation of the customer;
(c) a copy of the certificate of incorporation or other constitutive documents (such as memoranda and articles of association, partnership agreements or sole proprietorship agreements);
(d) a copy of the customer's licence certificates from the local regulatory body; and
(e) an authorised signatories list.
2.2.7 In the case of other non-regulated corporate counterparties, Lexim should in addition obtain:
(a) a copy of the Business Registration Certificate or equivalent;
(b) a copy of the Board of Directors resolution (or equivalent document) authorizing the transaction or equivalent;
(c) a list of the directors of the customer and copies of the identification documents of the directors;
(d) identification documents for all shareholders of the customer who/which hold 25% or more of the voting rights or share capital of the customer and in high-risk circumstances, the figure to be used is 10% instead of 25%;
(e) confirmation as to whether the account is beneficially owned by the customer and/or a third party (if applicable);
(f) for a customer incorporated in Hong Kong, a company search report from the Hong Kong Companies Registry; and
(g) for a customer incorporated overseas, a similar company search/enquiry of the registry in the place of incorporation to obtain a company report; a certificate of incumbency or equivalent issued by the customer's registered agent in the place of incorporation; or a similar or comparable document to a company search report or a certificate of incumbency certified by a professional third party in the relevant jurisdiction (issued within the last 6 months).
2.2.8 Lexim should understand the ownership structure, the nature of the customer’s business, and determine the source of funds. It should also take reasonable steps to verify the information obtained. Special care should be exercised in dealing with companies that have nominee shareholders and companies which have a significant proportion of capital in the form of bearer shares.
Enhanced Customer Due Diligence
2.2.9 When dealing with high-risk situations, Lexim should take additional measures to mitigate the risk of money laundering and terrorist financing. Additional measures may include:
(a) obtaining additional information on the customer e.g. if self-employed, nature of business; if employed, details of employer/industry and position held; if it is a corporation, identities of all members of the board of directors, etc.;
(b) obtaining additional information on the intended nature of the business relationship, the source of wealth and source of funds;
(c) obtaining the approval of senior management to commence or continue the relationship; and
(d) conducting enhanced monitoring of the business relationship, by increasing the number and timing of the controls applied and selecting patterns of transactions that need further examination.
Politically Exposed Person
2.2.10 A ‘Politically Exposed Person’ (“PEP”) is defined in the HK AML/KYC Rules as being a natural person (and includes, where relevant, a direct family member (i.e. the PEP's spouse, child, spouse of a child or parents) or close associate) who is or has been entrusted with a prominent public function (in Hong Kong or elsewhere), including but not limited to, a head of state or of government, senior politician, senior government, judicial or military official, ambassador, senior executive of a state owned corporation, or an important political party official, but not middle ranking or more junior individuals in these categories.
2.2.11 Known close associates include any individual who is known to have joint beneficial ownership of a legal entity or legal arrangement, or any other close business relations with a PEP. It also includes any individual who has sole beneficial ownership of a legal entity or legal arrangement which is known to have been set up for the benefit of a person of a PEP.
2.2.12 An ‘International Organisation PEP’ is defined in HK AML/KYC Rules as being a natural person (and includes, where relevant, a direct family member (i.e. the PEP's spouse, child, spouse of a child or parents) or close associate) who is or has been entrusted with a prominent function by an international organisation including but not limited to members of senior management, i.e. directors, deputy directors and members of the board or equivalent functions, but not middle ranking or more junior individuals in these categories.
2.2.13 Enhanced due diligence measures must be undertaken on PEPs. After obtaining the identification documents of the customer and the ultimate beneficial owner (“UBO”), Lexim will conduct a PEP check through a professional PEP search company to ascertain if the customer is a PEP. When Lexim is aware that a particular customer or UBO is a PEP, it should, before (i) establishing a business relationship or (ii) continuing an existing business relationship, apply all the following measures:
(a) obtain approval from its senior management;
(b) take reasonable measures to establish the customer’s or the UBO’s source of wealth and the source of the funds; and
(c) conduct enhanced ongoing monitoring of a business relationship with a customer/the UBO of the customer is a PEP.
Former Politically Exposed Person
2.2.14 A former PEP is defined as a natural person (and includes, where relevant, a direct family member (i.e. the PEP's spouse, child, spouse of a child or parents) or close associate) who had been entrusted with a prominent public function in Hong Kong or elsewhere but is not currently entrusted with a prominent public function in Hong Kong or elsewhere.
2.2.15 Lexim may decide not to apply, or not to continue to apply, the measures set out in paragraph 2.2.13 to the former PEPs who no longer presents a high risk of ML/TF after stepping down.
2.2.16 To determine whether a former PEP no longer presents a high risk of ML/TF, Lexim should conduct an appropriate assessment on the ML/TF risk associated with the previous PEP status while considering various risk factors, including but not limited to:
(a) the level of (informal) influence that the individual could still exercise;
(b) the seniority of the position that the individual held as a PEP; and
(c) whether the individual’s previous and current functions are linked in any way (e.g. formally by appointment of the PEP’s successor, or informally by the fact that the PEP continues to deal with the same substantive matters).
Timeframe
2.2.17 Verification of the customer's identity should be concluded within a reasonable timeframe.
2.2.18 Lexim should complete such verification no later than 30 working days after the establishment of business relations.
2.2.19 Lexim should suspend business relations with the customer and refrain from carrying out further transactions (except to return funds to their sources) if such verification remains incomplete after 30 working days from the establishment of business relations.
2.2.20 Lexim should terminate business relations with the customer if such verification remains incomplete after 120 working days from the establishment of business relations.
Reliance on Third Parties
2.2.21 The HK AML/KYC Rules permit Lexim to rely on third parties, in certain conditions, to undertake the required CDD measures. CDD will include identification and verification of customers. UBOs, beneficiaries or controlling persons of legal entities or arrangements, as well as the investigation and assembly on behalf of the supervised institution of other relevant customer documents, information and data, as per the statutory CDD and record-keeping requirements.
2.2.22 Lexim will ensure that any third party it relies on, including but not limited to solicitors, auditors, or bankers, is regulated and supervised by a competent authority, and is subject to the CDD measures and record-keeping provisions of the HK AML/KYC Rules, or equivalent rules in a jurisdiction outside HK that meet the standards set out in the FATF Recommendations.
2.2.23 Lexim will implement adequate means, in keeping with the nature and size of its business, to ensure the third party’s adherence to the requirements of the HK AML/KYC Rules or equivalent in relation to CDD. This includes, but is not limited to:
(a) clearly defined procedures for determining the adequacy of a third party’s CDD measures, including: (i) the evaluation of such factors as the comprehensiveness and quality of its policies, procedures and controls; (ii) the number of personnel dedicated to CDD; and (iii) its audit and/or quality assurance policies in regard to CDD;
(b) ensuring that identification data and other relevant documentation relating to due diligence is available promptly on request;
(c) service-level agreements, clearly setting out the roles and responsibilities of the parties and specifying the nature of the CDD and record-keeping requirements to be fulfilled; and
(d) protocols for the certification by third parties of documents and other records pertaining to the CDD measures undertaken.
2.2.24 Any third party engaged by Lexim for the purpose of outsourcing CDD shall be one which is subjected to a similar if not more stringent AML/CFT regulatory and supervisory framework than the HK AML/KYC Rules.
2.2.25 Notwithstanding the above, Lexim will not rely on any third party for ongoing monitoring purposes and will independently discharge its ongoing monitoring obligations.
Appointment of Compliance and Money Laundering Reporting Officers
3.1 To ensure proper implementation of AML/CTF policies and procedures, Lexim should:
(a) ensure effective senior management oversight; and
(b) appointing a director or senior manager of Lexim as Compliance Officer ("CO"); and
(c) appoint a director or senior manager of Lexim as Money Laundering Reporting Officer ("MLRO").
3.2 Lexim is to ensure the CO and MLRO are:
(a) equipped with sufficient AML/CFT knowledge;
(b) familiar with the HK AML/KYC Rules;
(c) of a sufficient level of seniority and authority within Lexim;
(d) capable of accessing, on a timely basis, all available information (both from internal sources such as CDD records and external sources such as circulars from the SFC, the HKMA and the United Nations);
(e) fully conversant with Lexim’s statutory and regulatory requirements and the ML/TF risks arising from Lexim’s business; and
(f) provided with regular contact with, and when required, direct access to senior management to ensure that senior management that can satisfy itself that Lexim’s statutory obligations are being met and that Lexim is taking sufficiently effective measures to protect itself against the risks of ML/TF.
3.3 The responsibilities of the CO include:
(a) disseminating updated news/circulars/regulations covering money laundering and terrorist financing to Staff;
(b) monitoring, testing the AML/CTF policies, procedures and controls ("AML/CTF systems") and conducting AML/CTF self-assessment;
(c) identifying and rectifying deficiencies in the AML/CTF systems;
(d) mitigating ML/TF risks arising from business relationships and transactions with persons from countries which do not or insufficiently apply the FATF recommendations;
(e) communicating of key AML/CTF issues with senior management, including significant compliance deficiencies (if any);
(f) ensuring that all staff adhere to this policy and procedures; and
(g) providing or arranging training to Staff on AML/CTF matters.
3.4 The responsibilities of the MLRO include:
(a) performing regular independent review on transactions concluded with customers/counterparts, on a random basis, in order to identify any transaction/customer activity which may give rise to suspicions of money laundering;
(b) reviewing, analysing and conducting further investigation on suspicious transactions reported by staff;
(c) reporting suspicious transaction(s) to the Joint Financial Intelligence Unit ("JFIU");
(d) maintaining a register to keep all records of reports made to the JFIU and those made by staff together with the reasons for the report; providing guidance on how to avoid "tipping off" if any disclosure is made to the JFIU in the event of suspicion of money laundering and terrorist financing; and
(e) acting as the main point of contact with the JFIU and any other competent authorities in relation to AML/CTF.
Identifying and Reporting of Suspicious Transactions
4.1 Examples of suspicious transactions include but are not limited to:
(f) large or unusual settlements of transactions in cash;
(g) purchase of precious metals through multiple cash transactions over a short time period and the cumulative amount exceeds HKD$120,000;
(h) the customer appears to be in a hurry to complete the transaction and/or does not care about the value, size and/or specification of the precious metal;
(i) any transaction in which the counterparty to the transaction is unknown or where the nature, size or frequency appears unusual;
(j) the transaction is inconsistent with the profile of the customer (for example, the customer claimed to be a student or a domestic helper, but pays a large amount of cash for the transaction);
(k) the customer requires the precious metal to be shipped through or to a country or territory that is designated as ‘high risk for money laundering or terrorism activities’ for no apparent economic reason;
(l) the transaction involves third parties either as payers or recipients of payment or products for no apparent business purpose;
(m) the customer appears to be related to a high-risk country or territory or entity that is associated with money laundering or terrorism activities or a person that has been designated as terrorists; and
(n) adverse news from the media or other open sources indicate that the customer is suspected of being involved in illegal activities, in particular, cases related to ML/TF.
4.2 The protocol for identifying suspicious transactions is as follows:
4.2.1 If a staff receives instructions from a customer to carry out a transaction with any of the suspicious indicators listed above, the staff should request an explanation for the transaction from the customer.
4.2.2 Requests for an explanation for the transaction should be done tactfully to avoid leading the customer to conclude that the staff is suspicious of him/her as “tipping off” of a customer is an offence.
4.2.3 The staff should consider if the customer has provided a reasonable and legitimate explanation of the financial activity. If not, the matter can be discussed with the MLRO for further action.
4.2.4 If the customer is unwilling or refuses to answer questions or gives replies that appear to be untrue, the staff may refer the matter to the MLRO as these may be a further indication of a suspicious transaction.
4.3 If a staff identifies any of the types of transactions listed above, he/she must report it immediately to the MLRO. The MLRO will then initiate the following course of action:
(a) consider appropriate questioning of the customer;
(b) review information already known about the customer to decide if the apparently suspicious activity should be expected from that customer;
(c) make a subjective decision about whether the customer's activity is suspicious or not; and
(d) if decided that the activity is suspicious, report the transaction appropriately.
4.4 If the MLRO opines that a STR needs to be filed, a STR can be filed via the e-reporting system, STREAMS or by emailing the JFIU at the following email address: jfiu@police.gov.hk.
Databases and Sanction Lists
5.1 To avoid establishing business relationships or conducting transactions with any terrorist suspects, sanctioned parties or parties involved in money laundering, Lexim should do the following:
(a) screening customers and any UBOs of the customers against current publicly and commercially available databases at the establishment of the relationship; and
(b) screening its customers and any UBOs of the customers against all new and any updated designations to the database as soon as practicable
5.2 When possible, name matches are identified during screening, Lexim should conduct enhanced checks to determine whether the possible matches are genuine hits. In case of any suspicions of terrorism financing, money-laundering or sanctions violations, Lexim should make a report to the JFIU. Records of enhanced checking results, together with all screening records, should be documented, or recorded electronically.
5.3 Lexim should include in its database: (i) the lists published in the Hong Kong Companies Registry’s Gazette and the websites of the Hong Kong Commerce and Economic Development Bureau and the HK Customs; and the (ii) the United Nations Sanctions Lists. The database should also be subject to timely update whenever there are changes and should be made easily accessible by relevant staff.
Periodic Monitoring and Internal Audit
6.1 Lexim is required to monitor on an ongoing basis, its business relations with customers and observe the conduct of its customers’ transactions to ensure that the transactions are consistent with Lexim's knowledge of its customers, their business and risk profiles and where appropriate, their source of funds.
6.2 Where transactions that are complex, large or unusual, or patterns of transactions which have no apparent economic or lawful purpose are noted, Lexim should examine the background and purpose, including where appropriate the circumstances, of the transactions.
6.3 The findings and outcomes of these examinations should be properly documented in writing and be available to assist the relevant authorities. Proper records of decisions made, by whom, and the rationale for the decisions will help Lexim demonstrate that it is handling unusual or suspicious activities appropriately.
6.4 Lexim should establish an independent audit function which should regularly review its AML/CTF systems to ensure effectiveness. The review should include, but not limited to:
(a) adequacy of Lexim’s AML/CTF systems, money laundering and/or terrorist financing risk assessment framework and application of risk-based approach;
(b) effectiveness of suspicious transaction reporting systems;
(c) effectiveness of the compliance function; and
(d) level of awareness of staff who have AML/CTF responsibilities.
6.5 The independent audit function should review Lexim's AML/CTF system at least once a year.
6.6 The role of the independent audit function can be assumed by internal staff members or external third parties, such as the independent auditor of Lexim. The audit function should have a direct line of communication to the senior management of Lexim and be independent of the functions/parties that are subject to review. The independent audit function should have sufficient expertise and resources to enable Lexim to carry out its responsibilities, including independent reviews of Lexim's AML/CTF systems.
Staff Training
7.1 Training on AML/TF will be provided for new staff during orientation to ensure that they are aware of their personal obligations under relevant legislation and guideline and that they can be personally liable should they fail to report as required.
7.2 Refresher training will be provided regularly to generate and maintain a level of awareness and vigilance to enable suspicious transactions to be recognized and reported.
7.3 The frequency, content and techniques used for the purpose of the ongoing training needs to be determined by the CO based on the needs of the business at the time. The effectiveness of the training must be monitored by testing and monitoring compliance with the relevant systems and internal reports, so that further training needs can be identified.
7.4 Lexim should monitor and maintain records of staff who have been trained, when the staff received the training and the type of the training provided. Training records of each staff shall be kept throughout the term of the staff’s employment and for at least a year commencing from the date of the termination of the staff’s employment
Record Keeping
8.1 The JFIU needs to ensure a satisfactory audit trail for suspected laundered money and must be able to establish a financial profile of the suspect.
8.2 To satisfy these requirements Lexim is therefore required to retain the following information for a period of at least five years beginning on the date on which the business relationship ends:
(a) all CDD information of the customer including information on the UBO where relevant;
(b) the specifications of each transaction including the type, quantum, weight and price of the precious metal;
(c) originals/a copy of the documents and related information obtained in connection with each transaction
(d) the origin of the customer’s funds;
(e) the form in which the funds were offered or withdrawn, e.g. cash, cheques, etc.;
(f) the identity of the person undertaking the transaction;
(g) all correspondence with the customer/UBO of the customer; and
(h) the form of instruction and authority.
8.3 In situations where the records relate to on-going investigations or transactions which have been the subject of disclosure, they should be retained until it is confirmed that the case has been closed.
