Subsidiary legislation for implementation of inspection regime under Companies Ordinance gazetted
The Government published in the Gazette today (June 18) the Companies Ordinance (Commencement) Notice 2021, the Companies Ordinance (Commencement) (No. 2) Notice 2021, the Companies Ordinance (Commencement) (No. 3) Notice 2021, the Companies (Residential Addresses and Identification Numbers) Regulation, the Company Records (Inspection and Provision of Copies) (Amendment) Regulation 2021, the Companies (Non-Hong Kong Companies) (Amendment) Regulation 2021 and the Companies Ordinance (Amendment of Schedule 11) Notice 2021.
The Companies Ordinance (CO) passed by the Legislative Council (LegCo) in 2012 contains provisions stipulating that the Companies Register (the Register) of the Companies Registry (CR) is to make available for public inspection correspondence addresses of directors in place of their usual residential addresses (URAs), and partial identification numbers (IDNs) of directors, company secretaries and other relevant persons in place of full IDNs, but have not commenced. The above pieces of subsidiary legislation are made to implement the new inspection regime concerned.
"In recent years, there has been rising community concern over whether personal information contained in public registers is adequately protected. The Government has reviewed the situation and considered it appropriate to implement the new inspection regime under the CO now, with a view to enhancing protection of personal information while ensuring that the public could continue to inspect the Register under the CO," a spokesman for the Financial Services and the Treasury Bureau (FSTB) said.
"The FSTB briefed the LegCo Panel on Financial Affairs in April 2021 on the arrangements for the new inspection regime. We have also maintained close liaison with relevant stakeholders to listen to their views and refine the implementation details, including the coverage of 'specified persons' who could access URAs and full IDNs (Protected Information), as well as other administrative measures that will allow searchers to effectively ascertain the identity of company directors," the spokesman added.
"Specified persons" will include the data subjects and their authorised persons; members of the company; public officers, public bodies and persons/organisations who need to use Protected Information for execution of statutory functions; lawyers practising in law firms and practising accountants; banks; and financial institutions and designated non-financial businesses and professions regulated under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (Cap. 615).
The new inspection regime will be implemented in phases:
(a) Phase 1 – from August 23, 2021, companies may replace URAs of directors with their correspondence addresses, and replace full IDNs of directors and company secretaries with their partial IDNs for public inspection on their own registers;
(b) Phase 2 – from October 24, 2022, Protected Information on the Index of Directors on the Register will be replaced with correspondence addresses and partial IDNs for public inspection. Protected Information contained in documents filed for registration after commencement of this phase will not be provided for public inspection. "Specified persons" could apply to the CR for access to Protected Information of directors and other persons; and
(c) Phase 3 – from December 27, 2023, data subjects could apply to the CR for protecting from public inspection their Protected Information contained in documents already registered with the CR before commencement of Phase 2, and replace such information with their correspondence addresses and partial IDNs. "Specified persons" could apply to the CR for access to Protected Information of directors and other persons.
The above pieces of subsidiary legislation will be tabled at the LegCo for negative vetting on June 23.