Compliance & Risk Control

Compliant operations, steady growth, and a robust risk defense line.

Compliance Framework

Compliance Management Framework

Shuimu Group has established a compliance management framework under the leadership of its Board of Directors, appointing a Chief Compliance Officer and establishing a dedicated Compliance Department. Each business unit designates a Compliance Liaison, creating a comprehensive compliance network across the entire group.

Compliance Policy Framework

The Group has established a comprehensive compliance policy framework, including core policies such as the Compliance Management Basic System, Code of Conduct for Employees, Anti-Fraud Policy, and Conflict of Interest Management Measures.

Compliance Review Mechanism

Establish compliance review mechanisms for investment projects, contracts, and major decisions to ensure all business activities comply with laws, regulations, and regulatory requirements.

Core Compliance Policy

Basic Compliance Management Policy
Code of Conduct
Anti-Fraud Policy
Conflict of Interest Management Policy
Insider Information Management Policy
Anti-Money Laundering Management System
Data Privacy Protection System
Whistleblower Protection System

Risk Control Principles

Comprehensiveness Principle

Risk management covers all businesses, departments, and personnel, spanning the entire decision-making, execution, and oversight process.

Principle of Independence

The Risk Management Department operates independently from business units and reports directly to the Board's Risk Committee.

Principle of Checks and Balances

Establish a risk management mechanism with separated front, middle, and back ends, clear responsibilities, and mutual checks.

Adaptability Principle

The risk management system is aligned with the group's strategy, business scale, and complexity, and is dynamically adjusted.

Risk Control Process

01

Risk Identification

The system identifies various risks, including investment risk, market risk, credit risk, operational risk, and compliance risk.

02

Risk Assessment

Quantitatively and qualitatively assess identified risks to determine risk levels and priorities.

03

Risk Mitigation

Develop risk response strategies, including avoidance, mitigation, transfer, and acceptance.

04

Risk Monitoring

Establish a risk indicator system, continuously monitor risk status, and provide timely alerts.

05

Risk Report

Report risk status to management and the Board regularly; report significant risks immediately.

Compliance Culture

Compliance Training

The Group regularly organizes compliance training, including onboarding sessions for new hires, annual mandatory training for all employees, and specialized topic-based training, to ensure staff understand and adhere to compliance requirements.

  • 100% of new hires completed onboarding compliance training
  • All staff must complete at least 8 hours of compliance training annually.
  • Management leads compliance training and awareness initiatives.

Compliance Promotion

The group promotes compliance through various initiatives to foster a culture where "everyone complies, and every action is compliant."

  • Conduct the "Compliance Awareness Month" campaign annually
  • Regularly publish compliance case studies and alerts
  • Establish compliance knowledge assessments and competitions

Confidential Reporting Channel

Whistleblower Protection Policy

The Group strictly protects whistleblowers' legal rights, keeps all reporting information confidential, and prohibits any form of retaliation. For anonymous reports, we protect the whistleblower's identity through coding.

Report Online

Other reporting options

Report Hotline

+852 51691058

Working Hours: Monday to Friday 9:00-18:00

Report Email

whistleblowing@shuimu.hk

We will keep your email content strictly confidential.