Best Practices for Private Trust Asset Management

The Hong Kong Monetary Authority’s (HKMA) revised Guideline on Authorization of Virtual Banks (June 2024) and the subsequent shift to a “digital bank” licensing regime have fundamentally altered the risk calculus for family offices and private trust structures holding digital asset exposures. With the HKMA now requiring all licensed digital banks to maintain a minimum capital of HKD 300 million and adhere to enhanced AML/CFT measures under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO, Cap. 615), trustees of private trusts—particularly those structured under the VISTA (Virgin Islands Special Trusts Act) or STAR (Special Trusts Alternative Regime) frameworks—face a new compliance burden. This is not a theoretical concern. The Securities and Futures Commission’s (SFC) circular on tokenised securities (November 2023) explicitly extended the regulatory perimeter to encompass “any arrangement that confers rights analogous to those conferred by shares or debentures,” directly capturing many family office-managed digital asset portfolios. For a private trust holding a diversified book of HKD 50 million or more in tokenised real estate funds, stablecoin yield products, or private credit notes, the intersection of trust law, securities regulation, and digital asset custody creates a tripartite compliance challenge that did not exist 18 months ago. This article outlines the operational and structural best practices for trustees navigating this environment in 2025-2026.

The Structural Imperative: Jurisdictional Anchoring and Asset Segregation

The decision of where to domicile the trust is no longer a tax-driven choice alone. It is now a regulatory and operational necessity. For HNW families with assets exceeding HKD 100 million, the BVI VISTA trust or the Cayman STAR trust remain the dominant vehicles, but their utility depends entirely on how assets are held and who holds them.

VISTA vs. STAR: The Custody and Control Trade-Off

A VISTA trust (BVI, Virgin Islands Special Trusts Act, 2003, as amended) allows a settlor to retain significant control over the underlying company’s board, making it ideal for family operating businesses. However, the VISTA framework explicitly prohibits the trustee from interfering in the management of the company’s shares, which creates a structural gap when those shares represent digital asset holdings. The trustee, under Section 6 of the VISTA Act, has no duty to monitor the underlying company’s compliance with, for example, the SFC’s licensing requirements under the Securities and Futures Ordinance (SFO, Cap. 571). This is a material risk. The SFC’s Guidelines for Licensing and Registration (2024) require any entity “carrying on a business in a regulated activity” to hold a Type 1 (dealing in securities) or Type 9 (asset management) licence if the assets include tokenised securities. If the VISTA trust’s underlying BVI company directly holds such assets without a Hong Kong licence, the trustee—while not liable for management—may still face regulatory scrutiny from the HKMA or SFC for failing to ensure the trust’s assets are held in a compliant structure.

The Cayman STAR trust (Special Trusts (Alternative Regime) Law, 2023 Revision) offers a different solution. STAR permits the trust to hold its own shares in a company, and the trustee can be given specific enforcement rights over the company’s compliance with external regulations. For a family office managing a HKD 200 million portfolio of tokenised real estate and private credit, a STAR trust with a licensed Cayman corporate services provider acting as trustee, coupled with a Hong Kong-licensed asset manager (Type 9), creates a cleaner regulatory perimeter. The STAR trustee is not required to manage the assets, but it can enforce the compliance mandate.

The Hong Kong Nexus: The Trustee as a Gatekeeper

Regardless of the offshore trust structure, if the trust’s assets are held with a Hong Kong-licensed custodian or if the trust’s investment manager is based in Hong Kong, the trustee must comply with the HKMA’s Supervisory Policy Manual (SPM) module CA-G-5 on “Outsourcing.” This is critical. A BVI VISTA trust that outsources its digital asset custody to a Hong Kong custodian must ensure that the custodian is either a licensed bank (under the Banking Ordinance, Cap. 155) or a licensed corporation (under the SFO). The HKMA’s revised SPM (effective January 2025) requires the trustee to conduct due diligence on the custodian’s operational resilience, including its cybersecurity framework and business continuity planning. The trustee cannot simply delegate this responsibility. The HKMA circular on “Management of Third-Party Risk” (March 2024) explicitly states that “the ultimate responsibility for compliance with regulatory requirements rests with the authorised institution,” which, in a trust context, extends to the trustee if the trust is a customer of the institution.

Asset Allocation and Liquidity Management in a Private Trust

The composition of a private trust’s asset book has shifted markedly since 2023. Family offices are no longer allocating 60-70% to public equities and bonds. Instead, alternative assets—private credit, tokenised real estate, and digital asset yield products—now account for 30-40% of many HNW trust portfolios, according to data from the Hong Kong Private Wealth Management Association’s 2024 annual report. This shift demands a fundamentally different approach to liquidity and valuation.

The Liquidity Mismatch Trap

A trust holding a HKD 50 million position in a tokenised real estate fund—where the underlying assets are Hong Kong commercial properties—faces a structural liquidity mismatch. The tokenised units may trade on a secondary market (e.g., a licensed virtual asset trading platform under the SFC’s Guidelines for Virtual Asset Trading Platform Operators, November 2023), but the underlying properties are illiquid. The trustee must ensure that the trust’s trust deed explicitly addresses the valuation methodology for such assets. The SFC’s Code on Unit Trusts and Mutual Funds (Chapter 7, paragraph 7.6) requires that “the value of the fund’s assets shall be calculated at least once every dealing day.” For a private trust, this is not a regulatory requirement per se, but it is a best practice that protects the trustee from claims of mismanagement. The trust deed should specify that tokenised assets are valued at the last traded price on the licensed platform, with a discount applied if the trading volume falls below a certain threshold (e.g., HKD 1 million per day).

Cash and Cash Equivalents: The HKMA’s Stablecoin Guidance

The HKMA’s Discussion Paper on Stablecoins (January 2024) and the subsequent Consultation Conclusions on the Legislative Proposal for Fiat-Referenced Stablecoins (December 2024) have created a new asset class that private trusts can now consider. The proposed legislation will require all stablecoin issuers to be licensed by the HKMA and to maintain a reserve of high-quality liquid assets (HQLA) at a 1:1 ratio. For a private trust, holding a licensed Hong Kong dollar stablecoin (e.g., issued by a licensed entity) as a cash equivalent is now structurally sound, provided the trust deed permits it. The trustee must verify that the stablecoin issuer holds a valid HKMA licence and that the reserve assets are held with a Hong Kong-licensed custodian. The HKMA’s proposed rules require monthly attestation of reserves by a qualified auditor, which the trustee should review as part of its ongoing monitoring.

Tax and Cross-Border Considerations: The 2025 Reality

The tax treatment of digital assets held within a private trust remains a grey area in Hong Kong, but the Inland Revenue Department’s (IRD) Departmental Interpretation and Practice Notes (DIPN) No. 61 (2023) on “Taxation of Digital Assets” provides a framework. The IRD treats digital assets as “property” for profits tax purposes, meaning gains from their sale are taxable if they arise from a trade, profession, or business carried on in Hong Kong. For a private trust, this creates a distinction between capital gains (generally not taxable in Hong Kong) and trading gains (taxable).

The “Trade vs. Capital” Threshold

The IRD’s DIPN No. 61 (paragraph 12) states that “the frequency of transactions, the period of ownership, and the intention of the taxpayer at the time of acquisition” are key factors. For a private trust, the trust deed should explicitly state the investment mandate. If the trust is a long-term holder (e.g., holding tokenised real estate for rental income and capital appreciation), the IRD is unlikely to treat the eventual sale as a trading gain. However, if the trust’s investment manager engages in frequent rebalancing (e.g., monthly swaps between different stablecoin yield products), the IRD may deem the trust to be carrying on a trade. The trustee should require the investment manager to provide a quarterly attestation of the trust’s trading activity, including the number of transactions and the holding periods, to support the trust’s tax position.

Cross-Border Reporting: The CRS and FATCA Interface

The Common Reporting Standard (CRS) and the Foreign Account Tax Compliance Act (FATCA) apply to private trusts in Hong Kong. The Inland Revenue Ordinance (Cap. 112, Section 80C) requires Hong Kong financial institutions—including trustees of private trusts—to report account information of tax residents of reportable jurisdictions. For a trust holding digital assets, the reporting obligation extends to the value of those assets as at 31 December each year. The IRD’s Guidance on CRS (2024) requires that “the value of a digital asset shall be determined by reference to the closing price on the relevant exchange on the last business day of the calendar year.” This is a compliance burden for the trustee, who must obtain a reliable valuation from the custodian or the platform. The trust deed should require the investment manager to provide this valuation within 10 business days of year-end.

The Operational Backbone: Custody, Reporting, and Cybersecurity

The operational management of a private trust’s digital asset holdings is the most complex area in 2025-2026. The trustee must ensure that the assets are held in a manner that is secure, auditable, and compliant with all applicable regulations.

Custody: Multi-Signature and Qualified Custodians

The SFC’s Proposed Regulatory Requirements for Virtual Asset Trading Platform Operators (February 2023) and the subsequent Guidelines (November 2023) require that licensed platforms hold client assets in a segregated trust account. For a private trust, this is a minimum standard. The trustee should go further and require that the trust’s digital assets be held in a multi-signature wallet, with at least two of the three keys held by independent parties (e.g., one by the trustee, one by the licensed custodian, and one by the family office). This structure prevents unilateral action by any single party. The HKMA’s Cybersecurity Fortification Initiative (CFI, 2024) requires licensed banks to have a “three lines of defence” model for cybersecurity, which the trustee should mirror for the trust’s digital asset holdings.

Reporting: Real-Time and Auditable

The trust deed should mandate that the investment manager provide a monthly portfolio report that includes the following:

• The market value of each digital asset, sourced from a licensed exchange or a recognised pricing vendor (e.g., Bloomberg or Refinitiv).
• The number of transactions during the period and the total trading volume.
• The custody arrangement for each asset (e.g., hot wallet vs. cold wallet, custodian name).
• Any material events (e.g., a hard fork, a change in the issuer’s licence status).

The trustee should also require an annual audit of the trust’s digital asset holdings by a firm recognised by the Hong Kong Institute of Certified Public Accountants (HKICPA). The audit should cover the existence and valuation of the assets, as well as the effectiveness of the custody controls.

Cybersecurity: The Trustee’s Duty of Care

The trustee has a common law duty of care (derived from Speight v. Gaunt (1883) 9 App Cas 1) to protect the trust’s assets. For digital assets, this duty extends to ensuring that the custodian has adequate cybersecurity measures in place. The HKMA’s Cybersecurity Fortification Initiative (CFI 2.0, 2024) requires all authorised institutions to conduct annual penetration testing and to report significant cybersecurity incidents to the HKMA within one hour. The trustee should require the custodian to provide a copy of its most recent penetration test report and to notify the trustee immediately of any security breach that affects the trust’s assets.

Actionable Takeaways for Trustees and Family Offices

1. Re-domicile or restructure the trust vehicle to a STAR trust (Cayman) if the portfolio includes tokenised securities or digital assets, as the STAR framework provides explicit enforcement rights over compliance with Hong Kong’s SFO and AMLO requirements.
2. Mandate that all digital asset custody be held with a Hong Kong-licensed bank or SFC-licensed corporation, and require a multi-signature wallet arrangement with three independent key holders to prevent unilateral asset movement.
3. Amend the trust deed to include a specific valuation methodology for tokenised assets, referencing the SFC’s Code on Unit Trusts and Mutual Funds, and require monthly valuation reports from a licensed pricing vendor.
4. Require the investment manager to provide a quarterly attestation of trading activity to support the trust’s tax position under the IRD’s DIPN No. 61, distinguishing between capital gains and trading gains.
5. Obtain an annual cybersecurity audit report from the custodian, consistent with the HKMA’s CFI 2.0 requirements, and ensure the trust deed includes a clause requiring immediate notification of any security breach affecting trust assets.