Our services

In Luxembourg, the AML laws and regulations set out that each investment fund and each Management Company must appoint an RC. The role of the RC is defined in detail and includes a plethora of regular duties for each mandate. 

As such, each investment fund and each Management Company must complete regular annual tasks and reporting, including but not limited to: 

• Updating AML/CTF Policies and Procedures.

• Updating AML/CTF Risk Appetite.

• Updating AML/CTF Business Wide Risk Assessment.

• Updating and executing their AML/CTF compliance monitoring plan.

• Updating due diligence questionnaires.

• Performing AML delegation oversight of Transfer Agents; distributors, or Portfolio managers.

• Ensuring AML/CTF SLAs are up to date.

• Reporting to the Board of Directors each quarter and on an annual basis.

• Providing AML/CTF internal trainings with appropriately tailored and up to date Luxembourg AML/CTF regulatory content.

• Replying to CSSF/AED Surveys and Data Calls.

• Ensuring that investor and asset due diligence is in place and kept up to date.

• Ensuring investors, distributors and assets are AML risk scored, and KYC and Due Diligence is in place and kept up to date. 

• Ensuring accuracy and completeness of data.

• Proposing and tracking remediation plans and implementation.

• Assessing changes to laws and regulations to evaluate their impact on policies and procedures as well as business processes.

• Being the contact liaison with the authorities (CSSF, AED, FIU, Ministry of Finance).

• Overseeing the AML external audit of the Investment Fund, or the Investment Fund Managers, according to CSSF 21/790 combined with Art 49 of the CSSR Regulation 12-02 as amended or the CSSF Circular 21/788.

The AML Responsible du Respect (RR) must make sure that the RC has sufficient knowledge, time, and systems in place to fulfil their role appropriately. Performing these duties for each investment fund and/or Management Company means that talent must be paired with time, needs and systems. 

PwC can provide you with a dedicated account team. At the onset of working with our RC Support Services, we define together how we can best align our talent and advisory expertise to your needs, as and when you need it, throughout the year. We can support you in the production and completion of any of the above tasks. Depending on your operational and people set up, we are confident that we have the experience to support you in achieving your regulatory requirements. 

We pride ourselves on providing exceptional added value. Whatever your needs – specific, nuanced, urgent – you can be confident in our capabilities. PwC becomes an extension of your team, and in doing so we will support you throughout the year with agreed tasks or ad-hoc hotline conversations. We have developed a suite of digital tools that help the RC in their role, such as a tool to support the AML/CTF Business Wide Risk Assessment, to understand the inherent and residual risks of your company, or tools to score your assets for UCITS or Alternative funds (all strategies). 

Our RC Support Services are designed to help you be efficient, cost effective and compliant. 

Top

The future of AML compliance will require moving from defense to offense. Today’s model too often focuses on defensive, reactive tasks. We believe a paradigm shift towards value creation and compliance enhancement is required to enable efficient and effective implementation of risk mitigating measures. 

Too many clients are suffering from fragmented, inefficient processes. It is time to start building trust again via a revamped client experience with greater transparency, more effective communication and more efficient procedures supported by the relevant technology.  

It is no secret that finding and retaining competent AML analysts is a challenge. We view the combination of right governance, relevant training, simplified documentation and adequate technology as a catalyst to motivate and retain human capital. 

Are you ready to build the future of AML compliance?

It’s becoming increasingly difficult to navigate the ways in which AML is changing, while also dealing with existing challenges such as:

• Increased complexity of regulations at EU and local levels.
• Rising costs of compliance. Sub-optimal KYC quality. 
• Data volume, breadth, quality, and reporting.
• Insufficient resources, confusion or overlaps of roles and responsibilities. 
• Lack of specialist knowledge.
• Increased regulatory pressure and heavy remediation loads.
• Increased number of backlogs throughout the AML process.
• Compliance duties impacting business growth, and 
• Reliance on systems that are constantly being upgraded but that are still not state-of-the-art and lack of automated processes.
• Static or difficult to adapt methodologies to risk scoring.

It’s clear that in order to keep up, you will need to transform the way in which you approach AML within your organisation. That means moving away from value preservation and a focus on regulatory compliance, to a more forward-looking strategy of value creation and enhancements to AML compliance and operations supported by technology.

PwC can assist you by focusing your AML Transformation on 4 key pillars: 

1. Process and Organisation - Find an AML/KYC approach that works

• Understand where the issues are: analyse current indicators (e.g. QA results) and identify common pitfalls. 

• Adapt the organisation and Target Operating Model (TOM): set up a Quality / Management Framework and re-organize teams. 

• Better define requirements: align requirements and their criticality between 1st and 2nd line, and ensure adequate use of a RBA.

• Improve documentation management: clarify and rationalise guidelines and centralise documentation access.

2. Governance and new ways of assessing risk - Keep your organisation compliant, simplify procedures and enhance efficiency

• Roles and responsibilities: review and reassess and adapt to current regulatory requirements. 

• Data: data management (input), sanity checks, maintenance and access rights. 

• Visualising AML risks and client portfolio structures .

• Better define requirements: ensure consistency with the current regulations.

• Policy and procedures: update and simplify, centralise access to relevant stakeholders. 

• Reporting: appropriate risk metrics, tools and systems to follow up and escalate as appropriate.  

3. Tech and Innovation - Drive compliance efficiency, effectiveness and productivity at scale

• Assess digitisation opportunities and smart technologies: Critically review the compliance process landscape with an appraisal of the frequency and structure of tasks and available smart technologies, leading to categorization and prioritisation of needs. 

• Adopt a dynamic technology-enabled approach to risk management: 

• Automate and streamline compliance processes into intelligent compliance operations for more efficiency and to best manage the costs of compliance. 

• Build a strong technology and data foundation generating insights at pace and at scale for faster and better-informed decision-making.  

• Build your next-generation compliance capabilities: reshape the future of compliance with emerging technologies, harness the power of technology in a regulatory environment and prepare organisations to embrace these changes.

4. Outsourcing - Change your operating model to be competitive

• Assess the current situation: Analyse the current situation and assess a new operational set up (inhouse vs outsourcing vs hybrid solutions). 

• Provide expertise: Provide resources for backlogs (i.e., framework contract) and provide a Managed Service.  

• Assess the current IT landscape: Optimise the operational set up with IT-solutions to enable different set ups and propose Managed Service with high end technology (i.e., client outreach functionality). 

Top

AML Controls used by Financial Institutions can vary for many different reasons (e.g., products offering, internal process and tools, governance) but there are certain challenges that are common, such as:

• Inefficient processing of customer onboarding and payments. Demonstrating to internal and external stakeholders that its AML programs and processes deliver effective management of risks.

• Programs and processes that are not aligned to the risk-based approach.

• Poor oversight of programs and processes due to unclear role and responsibilities between the lines of defense.

• AML controls from international groups that do not comply with local regulations leading to ineffectiveness.

• Lack of available trained, expert staff to swiftly tackle the backlog risks or specific points (e.g., Tax AML). 

Fundamentals of a successful remediation should include technical skills, process and policy experience, enabling harmonisation of first- and second-line teams in implementation of business tailored risk-based programs and added-value when returning to a BAU set-up. This can be achieved by:

• Quicker and smoother onboarding of customers to promote a competitive business model, while at the same time protecting the institution from ML risks. 

• Strongly aligning programs and processes to your risk appetite and risk strategies.

• Creating customer due diligence measures that are commensurate (and transparent for regulators) to the AML risk identified.

• Embedding a holistic view, by promoting an assessment of risk factors and deployment of proportionate (and business specific) additional due diligence measures.

• Hands-on experienced professionals working with first line and second line teams to propose solutions that deliver increases in quality and efficiency. 

• Training relevant staff and reviewing current process and procedures to achieve BAU efficiency at the handover. 

• Utilizing third line of defense to test and improve the effectiveness of AML controls.

• Applying a holistic approach and optimising the process rather than having “silo” approaches.

• Enhancing your team with specialist staff and managing tasks for you.

• Leveraging technology and automation.

Top

The investment fund, which is required to understand its AML/CTF asset risk, needs to receive the asset scoring results in a coherent, compliant, and understandable manner on a regular, at least annual, basis. The Responsible du Contrôl (RC) of anti-money laundering compliance is required to have a process in place, collect data and execute the scoring in line with Luxembourg AML/CTF regulations. The key challenges are:

• Ensuring that a methodology for inherent and residual risk is in place and up to date with the evolving regulatory guidance,

• Ensuring that the updated AML/CTF risk-based approach of the company is reflected, 

• Ensuring that data required to do the assessment is collected and collated accurately into the model,

• Ensuring that the calculation is accurate and in line with the company’s risk appetite, 

• Producing regular reports that are relevant and telling for the company’s management, the Board of Directors, and the Luxembourg AML regulators (CSSF and AED).  

At PwC we have developed a digital solution that allows to follow a process, which is compliant, efficient, and effective.  With the help of our digital solution and the support of our AML/CTF experts, you can get this right. Our team helps you to

• Ensure that the risk factors are kept up to date with regulations, considering the data available at your company and working on a must-have basis,   

• Incorporate your AML/CTF risk-based approach and AML/CTF risk appetite into our digital solution, 

• Support you in collecting and inserting the required data accurately and completely, 

• Give you access on a continuous basis to the asset risk assessment via the PwC platform, and

• Help you to tailor the output to your specific reporting requirements.

Top