Stopping rolling bad apples: the new Hong Kong mandatory reference checking scheme

Financial services regulators across the globe have been focused for a number of years on the need to address ‘Rolling Bad Apples’.  This is where individuals engage in misconduct during their employment at a financial institution, but are nonetheless able to obtain subsequent employment elsewhere without disclosing their earlier misconduct to the new employer. The Hong Kong Monetary Authority (HKMA) has recently published its consultation conclusions on a proposed Mandatory Reference Checking Scheme (MRC Scheme).


The MRC Scheme will be implemented in two phases and will apply to all authorised institutions (AIs) in respect of their Hong Kong business. In Phase 1, any individual who is to perform the role of a director, chief executive, alternate chief executive, manager, executive officer or responsible officer will be subject to the MRC Scheme. Phase 2 will (it is expected) expand the scheme to cover all staff carrying out regulated activities under the Securities and Futures Ordinance, the Insurance Ordinance or the Mandatory Provident Fund Schemes Ordinance.

An MRC Information Template (i) will require all AI employers (AI Referees) to provide basic employee information, (ii) contains questions that must be answered by an AI Referee to a recruiting AI and (iii) provides a disclaimer stating that the recruiting AI takes full responsibility in relying on the information provided by the AI Referee and that the AI Referee is not liable in the absence of negligence and bad faith. 

The MRC Scheme proposals are not generally controversial. There are similar schemes in other jurisdictions, such as the Senior Managers and Certification Regime in the United Kingdom.

Timing for implementation has not yet been confirmed. To assist with the development and implementation of the MRC Scheme, the HKMA has requested that the Hong Kong Association of Banks (HKAB) set up an industry working group (IWG) to formulate operational details within six months from the date of the Consultation Conclusions. The IWG will also confirm the transition period for implementing Phase 1 – a period that will run from when the HKMA has endorsed the IWG operational plans.


AI Referees may face difficult decisions when establishing a framework and protocols to comply with the MRC Scheme.

For example, how should AI Referees deal with a reference request when there are ongoing (and continuing) investigations into potential misconduct involving the employee subject to the request? Where should AI Referees draw the line between employee conduct and conduct within private life, which is a line that is becoming increasingly hard to identify.  Read our paper on the MRC Scheme where we have considered these and other issues that may arise.


Despite there not yet being a confirmed date for implementation, AIs should start to take the necessary steps to ensure that they are ready to comply with the MRC Scheme once introduced. In particular, AIs should consider the following:

  • Gathering historical records of current and past employees in the last seven years;
  • Ensuring that they maintain sufficient internal records to allow future compliance with the MRC Scheme;
  • Reviewing existing internal systems, controls, policies and procedures for information collected and ensuring they meet the requirements of the MRC Scheme; and
  • Ensuring their Personal Information Collection Statement (PICS) is fit for personal data collection under the MRC Scheme; and
  • Ensuring compliance with a data correction or access request from an applicant or from a current or former employee.


In Australia, the Financial Sector Reform (Hayne Royal Commission Response) Act 2020 reformed the breach reporting and remediation regime for Australian Financial Services (AFS) licensees and holders of Australian Credit Licenses (the Subject), targeting the problems created by ‘rolling bad apples’. It aims to strengthen and broaden a Subject’s existing reporting obligations to self-report to the Australian Securities & Investments Commission (ASIC). An ASIC consultation paper released in April contains draft regulatory guidance reflecting the reforms to the breach-reporting regime. The consultation introduces obligations on financial advisers and mortgage brokers to report, investigate, and remediate misconduct or breaches of regulatory requirements. ASIC intends to publish its final guidance regarding reporting obligations before 1 October 2021, ie the effective date of the legislation’s reporting provisions.

Meanwhile, the Monetary Authority of Singapore (MAS) has proposed that all financial institutions and entities regulated by the MAS be required to carry out reference checks for all prospective hires for senior managers and employees in specified key functions. The proposal set out in its 14 May 2021 consultation paper is a significant expansion on MAS's current expectations which only apply to representatives and broking staff of holders of capital market services licences, licensed financial advisers, registered insurance brokers and persons exempted from licensing to carry out these activities. In addition, standardised practices for carrying out reference checks earlier proposed by the MAS in 2018 for such representatives and broking staff are now proposed to be applied industry wide to all financial institutions and regulated entities. These standardised practices include a mandatory list of information to be requested in reference checks, and a mandated time limit of 21 days to respond to reference check requests. The broader focus is intended to deal with persons 'sanitising' their records by moving across different roles and industry segments and is in line with the increasing global focus on 'rolling bad apples'. The development fits in neatly with the current narrative of the importance of strengthening governance frameworks to deter and prevent the perpetuation of representatives’ misconduct. The MAS has proposed a transitional period of six months upon the publication of the finalised notices to implement the system. 

Partner, Allen & Overy

Matt Bower is a partner in Allen & Overy's litigation and dispute resolution team in Hong Kong. Matt advises financial institutions and corporates in connection with internal and regulatory investigations as well as litigation before the High Courts in Hong Kong and England and Wales.  
Matt has substantial experience of advising clients on the conduct of regulatory investigations across Asia-Pacific, having advised on some of the most high profile benchmark investigations in the region concerning financial services conduct and competition issues and a number of investigations regarding the assessment of client suitability for financial products.

Partner, Allen & Overy

Charlotte Robins is the Head of Allen & Overy’s Hong Kong regulatory practice. She acts for a wide range of national and international financial institutions including investment and private banks, asset and wealth managers (including hedge fund and private equity managers and advisors) and insurance companies.
Her practice includes advising on setting up regulated businesses in Hong Kong, on-going compliance with regulatory laws, codes and guidelines and the impact of regulatory change. Some selected areas of expertise include licensing, product offering, regional and global cross border issues, regulatory corporate governance, ESG, anti-money laundering and data privacy. She has been actively involved in responding to regulatory consultations; recent examples include client suitability requirements, manager in charge regimes, amendments to the SFC Fund Manager Code of Conduct and the HKMA regulation and supervision of Trust Business.