With its continued focus on cybersecurity, the Hong Kong Securities and Futures Commission (SFC) recently issued a circular to all its licensed corporations (LCs) identifying key areas of concern and suggesting cybersecurity controls.

Hong Kong does not have any overarching cybersecurity legislation, and industry-specific regulatory activity in relation to cybersecurity has been limited to date. The Hong Kong Monetary Authority and the SFC have been the most active regulators on the topic. The SFC’s circular is the most comprehensive statement on cybersecurity by a Hong Kong regulator to date.