(ii) HKEX’s disciplinary action against Starjoy Wellness and Travel and 15 named directors (including executive directors and independent directors) of the company and/or (its then listed controlling shareholder) Aoyuan China. (Announcement; Statement of Disciplinary Action)

This case concerns the provision of RMB3.3 billion financial assistance by the company to its then listed controlling shareholder, China Aoyuan (Controlling Shareholder), without complying with the Listing Rules.

The financial assistance was provided through 147 transactions between Jan 21 and Mar 22, when Controlling Shareholder was facing an imminent liquidity issue.

Former Chairman of the company (also being former Vice Chairman of Controlling Shareholder) masterminded the transactions. Together with 2 named former directors, the transactions were approved without informing the board. Defendants accepted the sanctions.

Our focus is on the following aspects of directors’ duties breaches:

• Common directors of the company and Controlling Shareholder: failed to avoid or manage conflicts of interest and duty, and put the interests of the latter above those of the company

• All directors: failed to ensure that the company and/or its controlling shareholder had in place adequate and effective internal controls

What you should watch out for

HKEX key messages in announcement

• Directors must act in good faith and in the interests of the issuer, but not its controlling or any specific shareholder. Where an individual is a director of both the issuer and its shareholder, he/she must avoid conflicts between the entities

• To safeguard against abuse of powers, directors must ensure the issuer to have in place adequate and effective risk management and internal controls

• When approving a transaction, a director must exercise own judgement on whether it is in the issuer’s interest. A director rubber-stamping a decision based on another management member’s prior approval without independent judgment is a clear dereliction of director duties

(iii) HKEX censures Sterling Group Holdings Limited and 3 current or former executive directors. (Announcement; Statement of Disciplinary Action)

The case concerns the provision of financial assistance to a customer and 2 executive directors, and failure to comply with the disclosure/shareholders’ approval requirements under the Listing Rules.

It provided (i) 4 letters of support to the customer, agreeing to continue supplying inventories to the customer and not to collect any trade receivables from it until its successful IPO, (ii) Interest-free and unsecured advances of US$4.2m, without written agreement or fixed repayment dates.

The customer has been a customer for decades. Its owner was a director of the company within 12 months before the transactions.

The defendants explained that the customer encountered liquidity issues. The transactions were intended to provide financial support (including supporting its IPO application) for the customer to raise the necessary capital and in turn, enhance the company’s recoverability of outstanding receivables.

The company also paid US$700k for subscribing the customer’s shares in the names of 2 executive directors. The payments together with interest were fully repaid around a week thereafter.

Defendants accepted the sanctions.

What you should watch out for

HKEX key messages in announcement

• Whilst financial assistance may be considered justified with commercial reasons and/or intended only to serve a short-term financing purpose, this does not override the obligations of issuers and their directors to strictly comply with the Listing Rules

(iv) In some recent cases, HKEX imposed “Director unsuitability statement” on directors (the most serious type of sanction) who failed to co-operate. (Jiayuan Services case, Regal Partners case)

• Directors are reminded that their obligation to cooperate does not lapse after their resignation

• Directors must respond completely and promptly to all of HKEX’s investigations and enquiries. Selective or partial cooperation will be considered as a failure to cooperate

• Directors must provide up-to-date contact information for HKEX investigation purposes

(v) HKEX published updated FAQs

(A) the revised public float regime. (Updated FAQ 7, Q2)

It explains that issuers which are still in compliance with the “initial prescribed threshold” (i.e. 25% public float) cannot change to the alternative “market value based” threshold. It expects an issuer to change to the alternative threshold only if, upon completion of corporate actions/events, its public float falls below the initial prescribed threshold. HKEX’s objective is to provide issuers that have a large market capitalisation with greater flexibility to manage their capital structure, such that a transaction can be conducted even if it results in the public float percentage falling below the initial prescribed threshold.

(B) Expectations regarding the maximum number of appointments a company secretary can take on. (Updated FAQ 1.2, 17.1, consequential update of Corporate Governance Guide)

While HKEX does not prescribe a maximum number and will assess each situation based on its individual facts and circumstances, reference is made to guidance published by The HK Chartered Governance Institute (HKCGI). As a matter of good practice, HKCGI recommends that its members should not hold more than 9 named company secretary appointments for listed issuers without satisfying disclosure requirements set out in the Guidelines.

(vi) Privacy Commissioner for Personal Data (PCPD) reported on (A) its work done in 2025 (B) 3 data breach incidents involving employers (Press release)

(A) Work done in 2025

Noteworthy trends:

• Compliant cases: Up 23% (2025: 4228 complaints)

• Personal data breach incidents

  • Data breach notifications up 21% (2025: 246 notifications)

  • Nature: hacking accounted for 33% (2025: 81 cases)

(B) Data breach incidents involving employers

Useful summaries of the 3 incidents are set out in the press release, involving areas that might be easy to overlook.

E.g. head of the security department of a hotel stored annual performance appraisal forms of departmental staff members in a desk drawer. As the desk was shared among staff members of the department and the department head did not lock the drawer in accordance with the hotel’s guidelines, the complainant (an employee of the hotel’s security department at that time) inadvertently read the appraisal forms that contained the personal data of all the departmental staff members stored in the drawer while searching for other documents.

PCPD’s recommendations:

• Introduce a Personal data privacy management system

  • formulate clear data security policies that embed personal data privacy protection into its core values

• Develop robust workflows and procedures

  • Regular reminders to staff, ensuring compliance

• Implement ongoing monitoring mechanism

• Training to employees

• Actively engage with employees, work with them to examine the relevant workflow

  • Understand their concerns and challenges

  • Develop policies/procedures/training tailored to daily operations and needs