In regard to certain news reports on the implementation of the inspection arrangements for the Companies Register, a spokesman for the Financial Services and the Treasury Bureau today (March 31) responded as follows:
 
     Upon the implementation of the new inspection regime, all searchers (including the media) will continue to be able to access the information of directors on the Companies Register, including their personal correspondence addresses (in place of the current residential addresses) and partial identification numbers (IDN) (the alphabet(s) and three digits in the case of Hong Kong identity card). The availability of other information currently available for inspection on the register will not be in any way hindered. Such information, together with the name of a director, should be sufficient to enable searchers to ascertain the identity of the director concerned.
 
     The new inspection arrangements are comparable to those adopted in other overseas common law jurisdictions. When we consulted the public on the relevant new arrangements in 2009, we have made reference to the practices of the United Kingdom (UK) and Australia, where no personal identification numbers are required to be filed on their respective public registers. On residential address of directors, the UK company law gives every director the option to provide a service address for the public record, with his/her residential address kept on a separate record to which access is restricted to specified public authorities. There are also jurisdictions allowing directors to file "alternate addresses" in place of their residential addresses.
 
     The Companies Ordinance (CO) stipulates that post office box numbers are not allowed to be used as the correspondence addresses by company directors. The correspondence addresses filed by company directors must be specific addresses that can be used for service of documents. In case there is a situation where service of documents to a director by way of the correspondence address is not possible, the CO also provides that the Court has the authority to make an order instructing the Companies Registry to disclose the residential addresses of the directors concerned for communication purpose. The Registrar of Companies may also make available the residential address of a director for public inspection if the correspondence address is no longer valid. Therefore, the new inspection regime will not impede the necessary service of documents. On conducting customer due diligence, searchers will have access to the correspondence address and partial IDN of a director, and they may also apply to the Companies Registry for inspecting the residential address and full IDN after obtaining authorisation from that director.
 
     Specified persons to be defined by the relevant subsidiary legislation can apply to the Registrar of Companies for access to full personal information on the register. The specified persons include shareholders of a company and public officers or public bodies (including law enforcement agencies), trustees in bankruptcy, liquidators, and inspectors under the Trustee Ordinance, the CO and the Anti-Money Laundering and Counter-Terrorist Financing Ordinance, etc.
 
     The new inspection regime is indeed stipulated in the yet-to-commenced provisions in the CO which have undergone extensive consultation in 2009. At the time, the majority of respondents to the consultation supported masking of the residential addresses and full IDN of directors and company secretaries due to privacy and risks of misuse of information. Many also supported following the arrangements adopted in other jurisdictions, for example allowing access to residential addresses only by certain institutions such as public authorities, upon application. In fact, unregulated disclosure of personal information such as personal full IDN and residential addresses may potentially increase crime risk, such as fraud. The new inspection regime was passed by the Legislative Council in July 2012. However, since some stakeholders held diverse views over how the arrangements should be brought into operation, the Government decided to first implement the provisions for company secretaries to provide correspondence addresses instead of residential addresses under the new inspection regime in 2014, while deferring commencement of the remaining provisions of the new inspection regime in order not to delay the implementation of other major parts of the CO.
 
     In recent years, there has been rising community concern over whether personal information contained in public registers are adequately protected, especially in the light of increased reported cases of doxxing and personal data misuse. In its report issued in 2015, the Office of the Privacy Commissioner for Personal Data suggested, amongst other things, the Government to implement the previous proposal to limit the disclosure of identification numbers and residential addresses of company directors filed with the Companies Registry. 
 
     Implementation of the new inspection regime would involve substantial modifications of the Companies Registry's information system. We therefore propose bringing the provisions into operation by phases to enhance personal data protection. We respect that the community will take time to understand how the new inspection regime will work in practice. We therefore will consult the Legislative Council (LegCo) Panel on Financial Affairs next Friday (April 9) on the entire plan to implement the regime by phases to enable LegCo members and the public to better understand the proposed arrangements.
 
     We would like to reiterate that the new inspection regime has struck a reasonable balance between continuing to allow public access to the necessary personal information to ascertain the identity of directors and other major officers of companies, and protecting personal privacy.

Ends/Wednesday, March 31, 2021
Issued at HKT 23:29

NNNN