The CSSF Regulation, published on August 20, 2020, amends the former 12-02 Regulation ("the Regulation") of December 14, 2012, on the fight against money laundering ("ML") and terrorist financing ("TF").
The amendment was made following the publication of the new Anti-Money Laundering (AML) law of March 25, 2020, ("the Law"). Changes set out in the amended Regulation are effective immediately.
After being under discussion for several months, and following the transposition of the AML5D into the Luxembourgish law in March 2020, the Regulation was eventually finalised in order to provide clarity to professionals on certain key aspects of the new law.
This amended Regulation will apply pressure on the Luxembourgish market with a set of new requirements, covering mainly the risk-based approach, the client-acceptance process, the expected documentation at client file level, the identification of the beneficial owner and the ongoing due diligence.
Summary of the impact
To be aligned with the Law, professionals supervised, authorised or registered by the CSSF, including branches of foreign professionals notified to the CSSF and professionals established under the laws of foreign countries notified to the CSSF, who supply services in Luxembourg without establishing any branch in Luxembourg are now under the scope of the present regulation (art. 2 (1)).
Risk based approach
Customer due diligence – client acceptance
Due diligence on transfers of funds
Customer due diligence – identification and verification of the identity for standard due diligence
Individuals are required to provide professionals with the full address of their main place of residence (art. 16 1.) (except where simplified due diligence can be applied).
Customer due diligence – identification and verification of the identity for individuals or legal persons acting on the behalf of the client
The applicable criteria for an individual or legal entity acting on behalf of the client are the same as those described in article 16. However, where simplified due diligence can be applied, the risk based approach has been refined.
Customer due diligence – identification and verification of the identity for beneficial owner
Evaluation, understanding and obtaining information about the purpose and nature of the business relationship
The professional now needs to collect, record, analyse, understand and record information on the source of funds of the clients. In the case of high-risk business relationships, the professional may ask for corroborative documents (art. 24).
Enhanced, Simplified Due Diligence and non face-to-face business relationships
Cross border correspondent relationships and other similar relationships
Politically Exposed Person (“PEP”)
The Regulation details the minimum set of measures to take to detect PEP. In addition, the screening to detect PEP has to be done every 6 months at least (art. 30).
Ongoing monitoring of transactions
The economical background of abnormal, complex or unusual transactions must be analysed by the professional in connection with the client risk profile in order to get reasonable comfort over them. This can include requests for relevant corroborative supporting documentation (art. 32 (2)).
Blacklist and sanction list screening
Activities requiring particular attention
As part of the investment activities monitoring process, professionals must perform an assessment of the risks linked to the investments and adapt their due diligence in line with the conclusion of the assessment. It is required to document the analysis. The assessment of the risk of the investment must be reviewed at least annually (art. 34 (2)).
Periodic update of client files
Execution of due diligence measures by third parties
Monitoring system for business relationship and transactions
Cooperation with authorities
Controls done by an external function
AML/CTF is high on the Luxembourg regulatory agenda and swift actions are recommended in line with the above amendments, including:
The PwC AML/CTF Services team is ready to support you with its industry specialised teams for banking, AWM (UCITS and Alternatives), insurance and virtual currency and asset providers.
1. PwC Luxembourg (www.pwc.lu) is the largest professional services firm in Luxembourg with 3,000 people employed from 75 different countries. PwC Luxembourg provides audit, tax and advisory services including management consulting, transaction, financing and regulatory advice. The firm provides advice to a wide variety of clients from local and middle market entrepreneurs to large multinational companies operating from Luxembourg and the Greater Region. The firm helps its clients create the value they are looking for by contributing to the smooth operation of the capital markets and providing advice through an industry-focused approach.
2. The PwC global network is the largest provider of professional services in the audit, tax and management consultancy sectors. We are a network of independent firms based in 157 countries and employing over 276,000 people. Talk to us about your concerns and find out more by visiting us at www.pwc.com and www.pwc.lu.
Partner, Forensic Services and Financial Crime Leader, PwC Luxembourg
Tel: +352 49 48 48 4153
AML Services Partner, Asset and Wealth Management, PwC Luxembourg
Tel: +352 49 48 48 5687
AML Services Director, PwC Luxembourg
Tel: +352 49 48 48 5617
AML Services Partner, Bank and PFS, PwC Luxembourg
Tel: +352 49 48 48 2451