How to approach managing payment-channel and banking-access risk
Managing payment-channel and banking-access risk. A practical guide for in-house counsel. The Hong Kong angle in focus. Write to info@lockhartyip.com.
A payment instruction that clears in one jurisdiction can be blocked, flagged, or reversed at the next correspondent node. For groups operating across Greater China, the principal offshore centres, and the Middle East or CIS corridors, that gap between expectation and execution is where real commercial disruption begins. The question is not whether to manage the risk – it is how to sequence the steps before a transaction is already in motion.
Managing payment-channel and banking-access risk means identifying, before funds move, every compliance gate that a payment will pass through – from the originating bank's policy, through correspondent and correspondent-of-correspondent relationships, to the receiving institution's own screen. The governing instruments in Hong Kong are the Anti-Money Laundering and Counter-Terrorist Financing Ordinance and the United Nations Sanctions Ordinance, together with the regulators' AML guidelines issued by the Hong Kong Monetary Authority and the Securities and Futures Commission. The starting point is a documented review of the counterparty, the payment route, and the source of funds – conducted before the first instruction is issued.
This guide sets out the decision the in-house team faces, the steps in sequence, the gate at each stage, and the single most common structural mistake that causes payment channels to fail at execution. It is written for general counsel, compliance officers, and principals whose cross-border transactions flow through or are denominated in a currency cleared through Hong Kong.
What decision does the in-house team actually face?
The core decision is not a legal one. It is an operational one with legal consequences. A group with a Mainland operating entity, a BVI or Cayman holding vehicle, and counterparties in sanctioned or high-scrutiny jurisdictions is not choosing whether to comply – it is choosing how to build a payment architecture that will hold up at the correspondent-bank layer, not just at the originating institution.
Banks in Hong Kong are regulated by the Hong Kong Monetary Authority. They implement United Nations sanctions as a matter of law under the United Nations Sanctions Ordinance. They do not give domestic legal effect to unilateral measures imposed by other states – the US Office of Foreign Assets Control, the EU restrictive-measures regime, or the UK sanctions lists do not bind Hong Kong banks as a matter of Hong Kong law. That is the formal position.
The commercial reality is different. Most major correspondent banks clearing US dollars, euros, or sterling operate under the supervision of regulators whose unilateral sanctions do carry legal weight. A Hong Kong bank instructing a US-dollar correspondent sends a payment into a system where OFAC rules apply. The in-house team must therefore manage two overlapping risk profiles: the legal requirements of Hong Kong and the de facto gatekeeping role of foreign-regulated correspondent institutions.
The options on the table at the planning stage are not simply "proceed" or "stop." They are: (a) proceed with the existing route and full documentation; (b) restructure the payment chain to remove the correspondent-layer conflict; (c) use an alternative settlement currency or mechanism; or (d) seek a specific written position from the banking institution before moving. Each option has a different time cost, documentation burden, and residual risk profile. The job of the compliance file is to make that choice defensible in writing, before the fact.
Step 1: Map the full payment chain before any instruction is issued
The first step is a complete map of the payment route – not the intended route, but the route as it will actually run through correspondent and intermediary banks. Most in-house teams know their originating bank. Fewer know the correspondent-of-correspondent relationship through which their US-dollar instruction will clear, or the screening system that correspondent uses.
A payment-chain map covers: the originating institution and its governing regulatory regime; every correspondent bank in the chain and the jurisdiction of their primary regulator; the receiving institution and its AML policy as publicly disclosed; the currency and the clearing system through which it settles; and the identity, ownership, and sanctions-list status of the ultimate beneficial owner on each side of the transaction.
In our cross-border practice, the gap between what the originating relationship manager says is possible and what happens at the correspondent layer is the single most frequent cause of payment disruption. A Hong Kong bank may be comfortable with a transaction. Its US-dollar correspondent may not be. The map makes that gap visible before the instruction is sent.
The gate at this step is simple: if any node in the chain is subject to a sanctions regime that the relevant regulator enforces against the counterparty, the transaction will not clear. No documentation fixes a sanctioned counterparty. The map tells you whether this is a documentation problem or a counterparty problem. They require entirely different responses.
Step 2: Build and maintain the source-of-funds and counterparty file
Once the chain is mapped, the compliance file must be assembled before the payment moves. Hong Kong-licensed banks conducting customer due diligence under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance will ask for source-of-funds documentation. The same regulators' AML guidelines require enhanced due diligence for higher-risk relationships, which in practice means any counterparty with a connection to a high-risk jurisdiction, a politically exposed person, or a complex ownership structure.
The file has four components. First, ownership: a clear, verified corporate chain from the operating entity to the ultimate beneficial owner, with no gaps at the intermediate holding layer. Second, source of funds: documented evidence of the commercial or investment origin of the specific funds being transferred – not a general description of the group's business. Third, purpose: a clear commercial rationale for the transaction, expressed in writing and consistent with the contractual documents. Fourth, ongoing monitoring: a dated record showing the counterparty was screened against the applicable lists at the time of the instruction.
The gate at this step is the bank's own risk appetite. A well-constructed file does not guarantee acceptance. It does mean that a refusal is a policy decision by the bank, not a compliance failure by the client. That distinction matters for regulatory purposes and for any subsequent dispute about the transaction.
For cross-border transactions between Hong Kong, the BVI, and Mainland China – the corridor our desk sees most frequently – the file must address the BVI beneficial-ownership register position, the Mainland entity's foreign-investment status, and the specific funds pathway from the Mainland operating account outward. Each of those elements requires its own documentary layer.
See our analysis of building an AML source-of-funds file for a BVI counterparty for the specific documentation sequence in that structure.
Step 3: Screen against the correct list – and document which list you used
Screening a counterparty against the UN consolidated sanctions list is required under Hong Kong law. Screening against OFAC's Specially Designated Nationals list, the UK financial sanctions list, or the EU restrictive-measures register is not required by Hong Kong law – but it may be required by the correspondent bank's home regulator, and a Hong Kong entity transacting through foreign-regulated infrastructure is exposed to those requirements de facto.
The common mistake here is screening once, at onboarding, and treating the result as durable. Sanctions lists change. A counterparty that was clean at contract signature may not be clean at the payment date. Our desk sees this problem particularly in long-cycle infrastructure transactions and in relationships where payment is structured in tranches over 12 months or more.
The practical answer is a screening protocol that runs at three points: before the contract is signed; before each payment instruction is issued; and before any amendment or renewal of the commercial relationship. Each screen is dated, the list version is recorded, and the result is filed. This is not a theoretical requirement – it is the specific evidence a compliance officer will produce if the relationship is later reviewed by a regulator or a correspondent bank's compliance team.
The gate at this step is whether the screen has been run against the right list for the payment route being used. A screen against only the UN list, for a dollar-clearing transaction running through a US correspondent, is incomplete from the correspondent's perspective. The file should reflect both.
Step 4: Engage the bank proactively – and in writing
Where a transaction involves a counterparty, jurisdiction, or ownership structure that is outside the bank's standard risk appetite, the most effective step is a proactive written submission to the bank's compliance team before the instruction is issued. This is not a common practice among in-house teams accustomed to transactional banking relationships. It is, in our experience, the single most reliable way to avoid a payment being blocked at the correspondent layer without explanation.
The submission is not a request for legal advice from the bank. It is a presentation of the compliance file: who the parties are, what the commercial purpose is, what the source of funds is, and what screening has been conducted. It invites the bank to raise any concern before the instruction moves, rather than discovering the concern at the point of a block or a request for information.
Banks operating under the Hong Kong Monetary Authority's oversight have their own regulatory obligations. A well-presented file reduces the bank's internal compliance burden and gives the relationship manager a basis on which to take the transaction to the approval layer. That changes the dynamic from reactive to planned.
The gate at this step is the bank's internal policy. Some institutions will decline categories of transaction regardless of documentation quality. That decision, if made in writing in response to a proactive submission, gives the group the information it needs to assess whether an alternative banking arrangement is required – again, before the transaction is committed.
The sequence above describes the standard position. Your matter turns on the documents, the jurisdictions actually engaged, and the order of steps – which is where the route is won or lost. For a structured assessment of your payment-channel position across the relevant jurisdictions, write to us at info@lockhartyip.com.
Step 5: Address the currency and clearing-system dimension
Payment-channel risk is partly a function of currency. A US-dollar payment routes through CHIPS or Fedwire and is subject to OFAC jurisdiction regardless of where the originating bank sits. A euro payment routes through TARGET2 or EBA Clearing and is subject to EU jurisdiction at the clearing layer. A Hong Kong dollar payment clears domestically through the RTGS system operated under Hong Kong Monetary Authority oversight.
For groups whose transactions involve counterparties or jurisdictions subject to US or EU unilateral measures, the currency question is therefore a structural one. It is not a question of preference – it is a question of which regulatory regime the correspondent infrastructure imports into the transaction.
In our cross-border practice, we regularly advise holding-structure clients whose operating flows are denominated in US dollars by contract convention, where a change in the settlement currency or the introduction of a non-dollar payment leg would remove the US-regulated correspondent from the chain entirely. That restructuring is a compliance decision, not an evasion decision. The distinction is in the documentation: the change must be genuinely commercially motivated, implemented at the contract level, and supported by a paper trail that makes clear the commercial – not regulatory-arbitrage – rationale.
This is also where the interaction with the holding-structure layer becomes material. A BVI holding entity paying into a Mainland operating account in renminbi, through a Hong Kong bank, operates in a different risk profile than the same payment in US dollars through a US correspondent. The currency, the correspondent, and the jurisdiction of the ultimate clearing system each add or remove a layer of third-party regulatory exposure. See our related Sanctions & AML practice overview for the broader compliance context.
The common structural mistake: conflating the legal position with the commercial position
The most frequent error our desk sees is an in-house team that has correctly identified the Hong Kong legal position – that Hong Kong implements UN sanctions only, that the instruction is clean under Hong Kong law – and has stopped there. The legal analysis is right. The commercial exposure is not addressed.
A payment that is legal in Hong Kong can still be blocked by a US-regulated correspondent. It can still trigger a suspicious-transaction report by the receiving bank in a third jurisdiction. It can still result in a relationship review by the Hong Kong bank's own global compliance function, which may apply group-level policies beyond the local legal minimum.
The mistake is treating the legal compliance file as a complete answer to the commercial risk. It is not. The compliance file answers the question of what the law requires. The payment-chain analysis, the proactive bank engagement, and the currency and correspondent mapping answer the question of what will actually happen when the instruction is sent.
A micro-scenario from our practice illustrates the point. An Asian manufacturing group with a Hong Kong treasury entity needed to make a series of payments to a supplier in a jurisdiction subject to US and EU unilateral measures but not to UN sanctions. The payments were legal under Hong Kong law. The group's US-dollar correspondent flagged the beneficiary jurisdiction at the screening layer and placed a hold on the initial transfer. The group had a clean compliance file but had not mapped the correspondent's own screening policy. The resolution required a reassessment of the currency and correspondent chain, a supplementary source-of-funds submission, and a revised payment structure using an alternative settlement route. The process took several weeks and delayed a commercial supply commitment. A pre-instruction chain map and proactive correspondent engagement would have identified the hold point at the planning stage.
If an earlier filing, structure, or payment attempt has produced a blocked or stalled result, a second review can identify the point of failure and the routes still available. Write to us at info@lockhartyip.com to discuss the position.
Decision checklist: the six gates before a payment instruction is issued
The checklist below is a practical self-assessment tool for in-house teams. It is not a substitute for legal analysis of a specific transaction – but it identifies the six points at which payment-channel transactions most commonly fail, and the question to be answered at each point before moving to the next.
Gate 1 – Counterparty identity: Has the ultimate beneficial owner on each side of the transaction been identified and verified? Is any entity in the ownership chain on the UN consolidated sanctions list, or on the sanctions list applied by the correspondent bank's home regulator?
Gate 2 – Payment-chain map: Has the full correspondent chain been identified, including the correspondent-of-correspondent relationship for the settlement currency? Is any node in that chain subject to a sanctions regime that applies to the counterparty?
Gate 3 – Source-of-funds file: Is the origin of the specific funds being transferred documented? Does that documentation cover the immediate source and, where relevant, the intermediate holding layer?
Gate 4 – Screening currency and date: Have the applicable sanctions lists been screened – both the UN list and any list required by the correspondent bank – at a date proximate to the instruction? Is the screen result dated and filed?
Gate 5 – Bank engagement: Where the transaction is outside the bank's standard risk profile, has the compliance file been submitted to the bank proactively and in writing, before the instruction is issued?
Gate 6 – Currency and clearing system: Has the settlement currency been assessed against the regulatory regime of the correspondent clearing infrastructure? Where a US-dollar or euro clearing route imports foreign regulatory exposure that is not present under Hong Kong law, has the commercial basis for that choice been assessed and documented?
A group that can answer yes at each gate, with contemporaneous documentation, has built a defensible payment-compliance position under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance and the United Nations Sanctions Ordinance. It has also addressed the commercial risk at the correspondent layer – which is where, in practice, the disruption occurs.
For specific guidance on how the compliance review process applies before entering a new commercial relationship with a cross-border counterparty, see our related analysis of compliance review before contracting with a Singapore entity.
What "compliance only, never circumvention" means in practice
The framing of this guide bears a brief explanation, because the distinction matters both legally and commercially. Managing payment-channel risk in the way described above – mapping the chain, building the file, engaging the bank, assessing the currency – is compliance work. Its purpose is to ensure that the group understands and meets its obligations under the applicable legal regimes, and that transactions are structured and documented so that they can be presented and defended to the relevant regulators and institutions.
That work is entirely different from structuring a transaction to defeat a sanctions regime. Choosing a non-dollar settlement route because it removes a US-regulated correspondent from a chain where the counterparty is on the OFAC list is not compliance – it is evasion. Lockhart & Yip does not advise on that question, and neither this guide nor any other material from this firm addresses it.
The distinction in practice is in the documentation and the purpose. A currency or correspondent change that is commercially motivated, documented at the contract level, and consistent with the group's pre-existing payment architecture is a legitimate structural decision. A change that is made specifically to avoid a screen, without commercial rationale, for a counterparty that is subject to legally binding sanctions, is not.
In-house counsel should be aware that this distinction is one that regulators – and in some circumstances, enforcement authorities in multiple jurisdictions – will examine carefully if the transaction is later reviewed. The file that documents the compliance basis for each step in the payment chain is, in that context, the primary line of defence.
Related practices
- Sanctions & AML – cross-border compliance, counterparty review, and AML source-of-funds advisory
- Holding Structures – BVI, Cayman and Hong Kong holding-layer analysis for cross-border groups
Frequently asked questions
Do I need a Hong Kong adviser for managing payment-channel and banking-access risk?
Which jurisdiction's law applies to managing payment-channel and banking-access risk?
What is the first step in managing payment-channel and banking-access risk?
Speak with Lockhart & Yip
For a scoped view of your matter, contact info@lockhartyip.com. Discuss your matter →
Related
- Sanctions Aml
- Compliance Review Before Contracting Singapore Entity Singapore Analysis
- Aml Source Funds File Bvi Counterparty Bvi Analysis
This publication is general information and does not constitute legal advice. For advice on your situation, contact info@lockhartyip.com.