Hong Kong Mandatory Provident Fund Schemes Authority reports eMPF Platform Company temporarily suspends eKYC registration following forged identity card impersonation

The Hong Kong Mandatory Provident Fund Schemes Authority published an update from the eMPF Platform Company Limited on a fraud and money-laundering case in which a criminal syndicate allegedly used high-quality forged identity cards to impersonate MPF scheme members and open eMPF Platform and bank accounts via electronic identity verification (eKYC). Pending a detailed risk assessment, the eMPF Company has suspended the use of eKYC for eMPF registration, while “iAM Smart” registration remains available and additional identity checks have been introduced for MPF withdrawal applications. The eMPF Company reported that it has contacted affected users and arranged to fully restore the fund unit balances of the impacted accounts, and that no other users are affected beyond those identified by the Police. It has also proactively reviewed all eMPF accounts registered via eKYC in addition to routine operational checks, and stated that the incident did not involve the security of the eMPF platform. The eMPF Company is exploring alternative identity verification methods to replace eKYC and will announce arrangements as soon as practicable. A comprehensive review of authentication and anti-counterfeiting measures is under way with the Financial Services and the Treasury Bureau, the Hong Kong Police Force, the Digital Policy Office, the MPFA and other relevant financial regulators.