Rifa Futures Co., Ltd. was reprimanded and fined 9 million yuan by the China Securities Regulatory Commission for violating regulatory requirements
The Securities and Futures Commission (SFC) has reprimanded and fined Rifa Futures Limited (Rifa) $9 million for failing to comply with know-your-client regulations between May 2016 and October 2018, Anti-money laundering and terrorist financing regulations and other regulatory requirements (Note 1). The SFC’s investigation found that Rifa allowed 310 clients to use the clients’ own systems to issue trading instructions at critical times, but failed to conduct sufficient due diligence on these clients’ own systems. As a result, Rifa failed to properly assess and manage the money laundering and terrorist financing risks and other risks associated with customers' use of these systems. In addition, since the relevant regulatory requirements came into effect in April 2018, Rifa has not implemented two-factor authentication on the procedures for customers to log in to their own Internet trading accounts through the customer's own system (Notes 2 to 4). The SFC further found that Rifa failed to adequately and continuously monitor the client’s funds transfers to ensure that they were consistent with the client’s business nature, risk profile and source of funds. In particular, the SFC identified amounts deposited into five client accounts that were not commensurate with the declared financial positions of the clients. The China Securities Regulatory Commission believes that Rifa's behavior violated the "Anti-Money Laundering and Terrorist Financing Regulations", "Guidelines for Combating Money Laundering and Terrorist Financing", "Guidelines for Reducing and Reducing Hacking Risks Related to Internet Transactions" and "Conduct Guidelines" (Notes 5 and 6). In deciding to take the above disciplinary action against Rifa, the SFC has taken into account: Rifa’s failure to monitor its clients’ activities diligently and conscientiously, and its failure to establish adequate and effective anti-money laundering and terrorist financing systems and monitoring measures is serious deficiencies, as this may damage public confidence in the market and undermine the integrity of the market; the need to send a strong and deterrent message to the market that the deficiencies are unacceptable; Disciplinary action by the SFC for similar failures (Note 7). End Remarks: Rifa (formerly known as Zhengxing International Futures Limited) is licensed under the Securities and Futures Ordinance to carry on Type 2 (dealing in futures contracts) regulated activity. Client-created systems are trading software developed and/or specified by third-party suppliers or clients to enable them to conduct electronic transactions via the Internet, mobile phones and other electronic means. The customer's own system is connected to Rifa's brokerage's own system through the API. APIs provide a set of functions that allow different applications to read data and interact with external software components or the operating system. Broker-hosted systems are trading facilities developed by exchange participants or suppliers so that exchange participants can provide electronic trading services to investors through the Internet, mobile phones and other electronic means. Paragraph 1.1 of the “Guidelines on Reducing and Mitigating the Risks of Hacking Related to Internet Trading” issued by the SFC on 27 October 2017 stipulates that licensed corporations should implement two-factor authentication for the login procedures of clients’ Internet trading accounts. The regulations came into effect on April 27, 2018. Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission. See the Disciplinary Action Statement for regulatory requirements. Please refer to the SFC press release dated 12 April 2017. The disciplinary action statement is available on the SFC website. Last updated on 25 July 2022
View original