For discussion
on 13 April 1999

The Legislative Council
Panel on Financial Affairs

Year 2000 Readiness of the
Financial Services Sector in Hong Kong


This paper updates members on the progress which the financial services sector in Hong Kong has made to tackle the year 2000 (Y2K) problem.

Supervisory Initiatives of Financial Regulators

2. We last briefed members on the Y2K readiness of the financial services sector in Hong Kong at the meeting on 7 December 1998. Since then, the three financial regulators in the financial services sector, namely the Hong Kong Monetary Authority (HKMA), the Securities and Futures Commission (SFC) and the Office of the Commissioner of Insurance (OCI) have continued to closely monitor the progress of Y2K work in their respective industries. Major measures taken by the regulators include submission of regular progress reports by the financial institutions under their supervision, on-site inspection, review by independent parties and issue of guidance notes or circulars.

Readiness of Financial Institutions

3. The HKMA, the SFC and the OCI have asked all the financial institutions under their respective supervision (over 1,800 in total) to submit regular returns on the progress of their Y2K programmes. The position of these institutions based on the latest returns available in respect of system rectification 1 work completed and target compliance date for mission critical systems 2 are summarised in Table 1 and Table 2 below.

Table 1 : Progress of Y2K Rectification Work for Mission Critical Systems
(Position as at 31 December 1998)

% of Rectification Work Completed
Banking Industry 31% 17%82%
Securities and
Exchange Members1%17%82%
Insurance Industry-7% 93%

Table 2 : Target Compliance Date for Mission Critical Systems

End 1998
Feb 1999
Banking Industry 85%94%100%-
and Futures
Exchange Members65%N/A100% -
54%N/A 88%95%
Insurance Industry78%83% 90%100%

Overall progress

4. The compliance position of the financial institutions as at end December 1998 was satisfactory although some slippage has occurred as expected. The financial regulators have followed the exception cases closely and stepped up supervisory measures.

5. According to the HKMA, the banking sector has largely achieved compliance in respect of their critical systems although a few loose ends need to be tied up. As regards the securities and futures industry, members of the Stock Exchange and the Futures Exchange expected to achieve full compliance before end March 1999. Non-Exchange firms under the direct supervision of the SFC are subject to a compliance deadline at 30 June 1999. According to the SFC, the lines of business for the registered intermediaries under its direct supervision are much more diverse than those for the Exchanges members, covering securities and futures dealing, fund management, leveraged forex trading, financial planning, investment advisory services, etc. The SFC has confirmed that the majority of the non-Exchange members which showed slower progress are investment advisers not holding any assets for their clients. The SFC is following up closely with those firms which have failed to make satisfactory progress, taking into account potential systemic risks to the market and the impact on their client's asset portfolio.

6. As regards the insurance industry, most of the insurers which expect to achieve compliance in the second quarter of 1999 are branches of large overseas insurers. These insurers will only confirm compliance after having been adequately tested by project consultants from their head offices in accordance with their global time schedules.

7. The satisfactory Y2K progress of the financial services sector in Hong Kong is recognised by the international financial community. For instance, the Global 2000 Co-ordinating Group 4 recently rated positively the overall Y2K readiness of financial services firms and clearing and settlement organisations in Hong Kong.

Assistance to Small and Medium Sized Firms

8. While the financial regulators generally regard the responsibility of achieving Y2K compliance to rest with the institutions themselves, they have been making best efforts to offer assistance via information packages, guidance notes and test kits as appropriate to the institutions under their supervision to help them achieve compliance. Seminars and talks are held to share experience and knowledge. Further assistance is provided through on-site visits and examinations. In view of the heavy reliance on system/service vendors to achieve compliance on the part of the smaller institutions, the Stock Exchange of Hong Kong has compiled a list of vendors or consultants which the institutions may turn to for assistance if necessary. The two Exchanges have also taken the initiative to form special review teams to meet with system/service vendors to better understand the problems faced by the smaller institutions and offer assistance where appropriate.

Enforcement of Compliance

9. The financial regulators are prepared to exercise more stringent supervisory measures against financial institutions which fail to meet the established compliance milestones. For example, the HKMA has issued formal warning letters to the authorised institutions (AIs) failing to meet the original compliance deadline of 31 December 1998. In the most serious cases of non-compliance, the HKMA will consider using its statutory power under the Banking Ordinance to enforce compliance and will consider restricting the business of those AIs which may pose systemic risks to the banking industry.

10. In the securities and futures industry, supervisory actions might be taken against those registered intermediaries failing to resolve the Y2K problem and posing threats to investors and the market. These actions may include appointment of external consultants, restriction of business and suspension or revocation of registration or membership. The SFC is also considering more stringent disclosure requirements on the part of institutions with less satisfactory progress.

11. In the insurance industry, the OCI requires all insurers and insurance brokers who failed to achieve compliance by end December 1998 to submit monthly instead of quarterly returns on their Y2K readiness. The OCI will consider issuing interventionary notice to limit the business volume of those insurance institutions failing to achieve compliance by June 1999.

Readiness of Shared Financial Systems and External Testing

12. In the banking industry, all the interbank payment systems are already Y2K compliant. Hong Kong Interbank Clearing Limited, as operator of the interbank payment systems, is co-ordinating participation of Hong Kong banks in the Global Financial Industry Year 2000 Test organised by the New York Clearing House in June 1999. A high level test plan has been submitted to the New York Clearing House in December 1998. About 17 banks in Hong Kong have registered their interest in taking part in the test.

13. In the securities and futures industry, all the trading, settlement and clearing systems are already Y2K compliant. Members of the industry recently completed two rounds of Y2K street-wide testing, one in January 1999 and the other in March 1999. Another round of tests will be conducted in June 1999 if necessary.

14. The SFC co-ordinated the tests and participants included the Stock Exchange of Hong Kong (SEHK), Hong Kong Futures Exchange (HKFE), the HKFE Clearing Corporation, the Stock Exchange Options Clearing House, Hong Kong Securities Clearing Company (HKSCC), Exchange members, clearing house participants and designated banks, as appropriate. All Exchange members and relevant parties are required to participate in at least one of the street-wide tests. Many information vendors including the HSI Services Limited have also taken part in the tests.

15. The objective of the tests is to provide facilities for all Exchange members and relevant parties to verify the Y2K compliance status of their business operations and back office systems, including hardware and software and their interfaces with the shared financial systems operated by the two Exchanges and the clearing houses. Major shared financial systems tested included the Automated Order Matching System (AMS) and Traded Options System (TOPS) of the SEHK, the Automated Trading System (ATS) and clearing and settlement systems of the HKFE, and the Central Clearing and Settlement Systems (CCASS) of HKSCC. Participation rate and testing results of the tests are summarised in Table 3 and Table 4 below.

Table 3 : Participation Rate for the Street-wide Testing

Total number of members/participants 48552121 56057
First Round (January 1999)
Number of participants enrolled 4073884 46652
% of total 84%73% 70%83%91%
Second Round (March 1999)
Number of participants enrolled 1001940 9017
% of total 21%37% 33%16%30%
Aggregate for both rounds 5
Number of participants enrolled 48248115 55057
% of total 699%92% 95%98%100%

Table 4 : Testing Results of the Street-wide Testing held in January 1999

% of total
Firms declaring no major exceptions 95%99%94% 94%
Firms needed to re-test due to : Y2K problems- Other operational problems 75% 1%6%6%

16. According to the SEHK, HKFE and HKSCC, testing results for both rounds of testing are generally satisfactory with no major problems identified in the major shared financial systems of the Exchanges and the clearing houses, and the interfaces with members and parties concerned. Some minor incidents not related to the Y2K problem were identified and resolved during the tests.

17. Regarding the testing results of individual institutions for the first round of testing, 94% of them have declared no major exceptions in their test results. The Exchanges and clearing houses are following up the progress of the institutions which demonstrated unsatisfactory results. The full testing results for the second round of testing will be analysed and submitted to the SFC in early May 1999.

Contingency Planning

18. We recognise that irrespective of the amount of rectification work and testing conducted or planned, adequate contingency plans should be put in place to deal with possible disruption due to the Y2K problem.

Contingency Planning for Individual Organisations

19. All the financial regulators and operators of major shared financial systems have completed their own high level Y2K contingency plans by end March 1999. The above organisations will continue to review and refine the plans and aim to finalise all testing and rehearsal arrangements of their individual contingency plans by end June 1999. These will form important building blocks for the sector-wide Y2K contingency plans.

20. The financial regulators have all issued guidelines to the financial institutions under their supervision in drawing up Y2K contingency plans. The financial regulators require all the supervised organisations to complete their individual contingency plans before end June 1999.

Contingency Planning for the Financial Services Sector

21. We will co-ordinate the development of sector-wide contingency plans to prevent, mitigate and handle systemic risk scenarios. The financial regulators and operators of major shared financial systems have identified the systemic risks scenarios which might arise due to the Y2K problem. Our target is to complete the detailed sector-wide contingency plans and the necessary rehearsals by early September 1999.

22. As part of the sector-wide contingency plans, we have started preparatory work for setting up an emergency co-ordination centre to co-ordinate information exchanges within and outside the financial services sector during the millennium transition and other Y2K risk dates. The centre is also expected to play an important role in facilitating timely and effective response to be made when required.

23. We will continue to maintain a close working relationship with the Working Group on Y2K Contingency Planning set up by the Information Technology and Broadcasting Bureau under the Central Steering Committee on Year 2000 Compliance, and contribute most constructively, from the perspective of the financial services sector, to any community-wide contingency plans to be developed.

Communication Strategy

24. We fully appreciate the importance of putting in place an effective communication strategy in the run-up to year 2000 and will continue to encourage information disclosure and sharing. This will enable the public to better understand the impact of the Y2K problem and how they can prepare themselves for a smooth and orderly transition.

25. As a first step, the financial regulators have prepared a set of answers to some frequently asked questions to address the common concerns relating to the Y2K readiness of the financial services sector in Hong Kong. These answers will be posted onto the website of the Financial Services Bureau (FSB) ( and the Government Y2K website (

26. All the financial regulators, the two Exchanges and the clearing houses have maintained dedicated Y2K websites to enhance the transparency of their work in tackling the Y2K problem. These websites are accessible from the FSB's Y2K website.

27. The HKMA will soon start a publicity programme which will, among other things, encourage the banking institutions to better inform their customers and members of the public about their Y2K status. A circular to this end has been issued on 8 April 1999. This will help enhance public confidence in the banking and monetary systems in Hong Kong.

28. The OCI has also obtained the consent of the registered insurers to publish their Y2K compliance status on the OCI's website. The information on the website is updated monthly. For insurance brokers, the two insurance broker associations, namely the Hong Kong Confederation of Insurance Brokers and the Professional Insurance Brokers Association maintain an updated register of the Y2K readiness of their members. The OCI is consulting the two broker associations on the disclosure of the register for public information.

Readiness of Departments under the Purview of the Financial Services Bureau

29. The FSB has been overseeing the progress of the Y2K compliance programmes in the Departments under the Bureau's purview. They include the OCI, the Census & Statistics Department (C&SD), the Companies Registry (CR) and the Official Receiver's Office (ORO).

30. All the mission critical systems in the OCI, ORO and CR are already Y2K compliant by March 1999. As regards C&SD, 68% of the mission critical systems were compliant as at 15 January 1999. The department expects to achieve full compliance by end June 1999. This is in line with the guideline promulgated by the Secretary for Information Technology & Broadcasting.

31. The operation of the FSB does not involve mission critical systems.

Financial Services Bureau
April 1999

1.Rectification work means modification or replacement of hardware and software to achieve Y2K compliance, including internal testing of individual systems and interaction of modified systems with the organisation's other systems with which they interface directly.

2.A system is considered mission critical if it causes substantial loss (either in terms of money or time) or serious disruption of business when it is in default.

3. Internal testing completed as at end November 1998.

4. The Global 2000 Co-ordinating Group is an informal group of international banks, securities firms and insurance companies to share experience and to improve the readiness of the global financial markets to deal with the Y2K problem. More information on the Group and its work is available on its website (

5. The number of participants enrolled in the first and second rounds of the street-wide tests do not add up to the aggregate number because some firms participated in both rounds of testing having (i) failed in the first test; or (ii) opted to rejoin the second test voluntarily.

6. According to the Exchanges and clearing houses, except those which are exempted, registered intermediaries and participants required to join the tests have already taken part in the tests. Exempted firms are those which are either regarded as inactive or do not use any computer systems in their operations.

7. These include instances where the participant did not show up or had not followed the test script closely enough.