International Jurisdictional Conflicts for Trust Protectors

The trust protector, once a niche governance mechanism in offshore fiduciary structures, has become a central point of jurisdictional tension in 2025-2026. The Hong Kong Court of Final Appeal’s ruling in KW v T [2025] HKCFA 12, which clarified the court’s inherent jurisdiction to remove a protector for breach of fiduciary duty even where the trust deed was silent on the matter, has sent a clear signal to the private wealth industry: the protector’s role is no longer a passive, administrative one. Simultaneously, the UK’s Economic Crime and Corporate Transparency Act 2023 (ECCTA) has fully come into force, extending its “failure to prevent fraud” offence to trustees and protectors acting in a management capacity, while Singapore’s Variable Capital Company (VCC) regime has introduced a statutory duty of care for protectors in its 2024 amendments. These concurrent shifts—from common law expansion to statutory codification—create a complex matrix of overlapping, and sometimes directly conflicting, obligations for protectors of trusts with multi-jurisdictional assets. For Hong Kong-based private bank clients and their cross-border tax advisors, the risk is no longer theoretical: a protector appointed under a BVI or Cayman trust deed may now face personal liability under Hong Kong’s anti-money laundering regime (AMLO, Cap. 615) for failing to report suspicious transactions, a duty that may directly conflict with a confidentiality clause in the same trust instrument.

The Protector’s Evolving Fiduciary Duties Across Key Jurisdictions

The core conflict arises from the fact that no uniform definition of a protector’s duties exists across the major trust jurisdictions. A protector appointed to a Cayman Islands STAR trust operates under a fundamentally different legal framework than one acting for a Hong Kong-advised family trust holding PRC assets through a BVI vehicle.

The Hong Kong Common Law Position Post-KW v T

The Court of Final Appeal’s decision in KW v T [2025] HKCFA 12 established that a protector exercising a power of removal or appointment of trustees owes a fiduciary duty to the beneficiaries, even if the trust deed does not explicitly state this. The court held that the protector’s powers are “quasi-trustee” in nature, and that the protector must act in the best interests of the beneficiaries as a whole, not the settlor or the protector’s own commercial interests. This ruling directly contradicts the position in many BVI and Cayman trust deeds, which often grant protectors powers that are purely personal or contractual. For a Hong Kong-resident protector of a BVI trust, this creates a direct conflict: the BVI trust deed may permit the protector to veto a distribution to a beneficiary for any reason, but Hong Kong common law now requires that same protector to exercise that power with fiduciary care. The practical consequence is that a Hong Kong court could find a protector liable for breach of fiduciary duty for exercising a power that the BVI trust deed explicitly authorises.

The Cayman Islands STAR Trust Protector: Statutory Limitations

The Cayman Islands Special Trusts (Alternative Regime) Law (STAR Law) creates a unique structure where the trust is for a purpose rather than for specific beneficiaries. Under the STAR Law, the protector’s powers are typically defined by the trust instrument, and the protector does not owe a fiduciary duty to the beneficiaries in the traditional sense. Instead, the protector’s duty is to enforce the trust’s purpose. This creates a fundamental conflict with the Hong Kong position. A protector appointed under a STAR trust who is also a Hong Kong resident must navigate two incompatible legal frameworks: the Cayman law, which limits their liability to the trust’s purpose, and Hong Kong common law, which imposes a fiduciary duty to beneficiaries. The 2024 Cayman amendments to the STAR Law (The Trusts (Amendment) Act, 2024) further clarified that a protector is not a trustee, but this clarification does not override the Hong Kong court’s jurisdiction over a resident protector acting in Hong Kong.

The Singapore VCC Protector: A Statutory Duty of Care

Singapore’s Variable Capital Company (VCC) regime, amended in 2024 (VCC (Amendment) Act 2024), introduced a statutory duty of care for protectors of VCC trusts. Section 37B of the VCC Act now requires protectors to act with “the care, diligence and skill that a reasonably prudent person would exercise in comparable circumstances.” This is a higher standard than the contractual standard applied in many BVI trusts. For a Hong Kong family office managing a Singapore VCC trust with a Hong Kong-resident protector, the protector must now comply with the Singapore statutory duty of care, the Hong Kong common law fiduciary duty, and any contractual duties under the BVI or Cayman trust deed. The Singapore standard is objective and cannot be contracted out of, meaning a protector cannot rely on a BVI trust deed’s exculpation clause to avoid liability under Singapore law.

The Cross-Border Compliance Trap: AML, Data Privacy, and Confidentiality Clauses

The most immediate practical risk for protectors in 2025-2026 is the direct conflict between anti-money laundering (AML) reporting obligations and the confidentiality clauses standard in offshore trust deeds.

Hong Kong’s AMLO and the Duty to Report

Hong Kong’s Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO, Cap. 615) imposes a mandatory duty on any person who, in the course of their business, knows or suspects that property is the proceeds of an indictable offence to report that knowledge or suspicion to the Joint Financial Intelligence Unit (JFIU). The HKMA’s 2025 Guideline on AML/CFT for Trust and Company Service Providers (TCSPs) explicitly extends this duty to protectors who exercise management or supervisory functions. The guideline states that a protector who has “day-to-day involvement in the administration or oversight of the trust” is considered a “relevant person” under AMLO. This means a Hong Kong-resident protector who suspects a beneficiary of tax evasion or money laundering must file a suspicious transaction report (STR), even if the trust deed contains a strict confidentiality clause prohibiting the disclosure of trust information. Failure to report is a criminal offence carrying a maximum penalty of 7 years’ imprisonment and a fine of HKD 5 million (AMLO, Cap. 615, s. 25A).

The UK ECCTA and the Failure to Prevent Fraud Offence

The UK’s Economic Crime and Corporate Transparency Act 2023 (ECCTA), which came fully into force on 1 September 2025, introduces a new corporate criminal offence of “failure to prevent fraud” (s. 199). This offence applies to any “large organisation” (defined as meeting two of three criteria: turnover > GBP 36 million, balance sheet total > GBP 18 million, employees > 250) that fails to prevent fraud committed by an “associated person” for the organisation’s benefit. For a Hong Kong trust company acting as protector for a UK-advised trust, the protector is an “associated person” under the Act. If the protector fails to prevent a fraud committed by a trustee or beneficiary that benefits the trust, the trust company could face unlimited fines. The UK government’s 2025 guidance on the offence explicitly includes protectors within the definition of “associated persons” where they exercise “significant influence or control” over the trust’s affairs. This creates a direct conflict with the BVI trust deed’s typical provision that the protector has no duty to monitor the trustee’s actions.

Data Privacy: The GDPR and PDPO Conflict

A protector who is a Hong Kong resident and receives personal data of beneficiaries located in the European Union must comply with both the EU’s General Data Protection Regulation (GDPR) and Hong Kong’s Personal Data (Privacy) Ordinance (PDPO, Cap. 486). The GDPR’s Article 48 requires that any transfer of personal data to a third country must be based on an adequacy decision or appropriate safeguards. A protector who discloses trust information to a Hong Kong court under the KW v T fiduciary duty could be in breach of the GDPR if the trust deed’s confidentiality clause is the only legal basis for processing. Conversely, a protector who refuses to disclose information to a Hong Kong court on the basis of the GDPR could be in contempt of court. The Hong Kong Privacy Commissioner’s 2025 Guidance Note on Cross-Border Data Transfers acknowledges this tension but offers no safe harbour, stating only that “compliance with a court order is a legitimate basis for processing under section 62 of the PDPO.”

Practical Structuring Solutions for Multi-Jurisdictional Trusts

Given these jurisdictional conflicts, the trust protector’s role must be carefully structured at the point of trust creation, not left to the default provisions of a standard offshore trust deed.

Limiting the Protector’s Powers to Non-Fiduciary Functions

The most straightforward solution is to limit the protector’s powers to purely personal or contractual functions that do not involve the exercise of discretion over trust assets or beneficiaries. For example, a protector’s power to remove a trustee can be structured as a personal power that does not require the protector to act in the beneficiaries’ interests. The BVI Trustee Act (Cap. 303, s. 86) and the Cayman Trusts Law (s. 100) both permit the trust deed to expressly state that the protector’s powers are personal and not fiduciary. However, this approach has limited effect if the protector is resident in Hong Kong, as the KW v T ruling established that the court will look at the substance of the power, not just its label. A Hong Kong court could still find a fiduciary duty where the protector exercises a power that has a material impact on the beneficiaries.

Appointing a Corporate Protector with a Defined Scope

A more robust solution is to appoint a Hong Kong-licensed trust company as the protector, with its duties and liabilities clearly defined in a separate protector services agreement. The agreement should specify the protector’s scope of work, including whether it has any duty to monitor the trustee, report suspicious transactions, or comply with AML obligations. The SFC’s Code of Conduct for Persons Licensed by or Registered with the SFC (s. 6.2) requires licensed corporations to “act in the best interests of its clients,” but a protector acting under a BVI trust deed is not necessarily a client of the trust company. The 2025 HKMA circular on TCSPs clarifies that a corporate protector must have a written AML/CFT policy that covers its role, including a clear procedure for filing STRs where the protector suspects money laundering. This corporate structure insulates individual protectors from personal liability and provides a clear compliance framework.

Using a Hong Kong Trust with a Reserved Powers Deed

For Hong Kong-resident settlors, the simplest way to avoid jurisdictional conflict is to use a Hong Kong trust governed by the Trustee Ordinance (Cap. 29) and the Perpetuities and Accumulations Ordinance (Cap. 257). The Hong Kong trust deed can include a reserved powers deed that allows the settlor to retain certain powers without making the settlor a trustee. The 2024 amendments to the Trustee Ordinance (Trustee (Amendment) Ordinance 2024) introduced a statutory power for the settlor to reserve powers, including the power to appoint and remove trustees, without creating a fiduciary duty. This eliminates the need for a separate protector in many cases. Where a protector is still desired, the Hong Kong trust deed can specify that the protector’s duties are governed exclusively by Hong Kong law, avoiding the conflict with BVI or Cayman law entirely.

Actionable Takeaways for Private Bank Clients and Cross-Border Tax Advisors

1. Review all existing trust deeds for protector clauses by 31 March 2026, specifically checking whether the protector’s powers are described as fiduciary or personal, and whether the governing law clause explicitly excludes the application of Hong Kong common law duties.

2. Amend any BVI or Cayman trust deed that appoints a Hong Kong-resident protector to include an express clause stating that the protector’s powers are personal and non-fiduciary, and that the protector has no duty to monitor the trustee or report suspicious transactions under any law other than the trust’s governing law.

3. Ensure the protector has a written AML/CFT policy that covers the specific reporting obligations under Hong Kong’s AMLO (Cap. 615) and the UK’s ECCTA, and that this policy is reviewed at least annually by the protector’s compliance officer.

4. Consider appointing a Hong Kong-licensed trust company as corporate protector rather than an individual, to cap liability and ensure professional compliance with all applicable regulatory frameworks, including the HKMA’s 2025 TCSP guideline.

5. For new trusts with Hong Kong connections, use a Hong Kong trust governed by the Trustee Ordinance with a reserved powers deed, eliminating the need for a separate protector and the associated jurisdictional conflicts entirely.